pt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f00000004c0)={@remote, @broadcast, 0x0}, &(0x7f00000001c0)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@mcast1, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@dev}}, &(0x7f0000000300)=0xe8) ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000180)={0x10000, 0x5000, 0x4, 0x0, 0x101}) setsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000340)={{{@in=@multicast1, @in6=@remote, 0x4e22, 0x0, 0x4e22, 0x0, 0x2, 0xa0, 0x80, 0x2e, r3, r4}, {0x1ff, 0x1000, 0x7ff, 0x75b, 0x80000001, 0x401, 0x5, 0x2}, {0xd18, 0x1ff, 0x7f, 0xff}, 0x130, 0x6e6bbe, 0x2, 0x0, 0x3, 0x1}, {{@in6=@mcast1, 0x4d3, 0x33}, 0xa, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x2, 0x3, 0xf07e689, 0x8, 0x7f, 0x8}}, 0xe8) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffffffffffffffff) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000480)={&(0x7f0000000040), 0xc, &(0x7f0000000440)={&(0x7f0000000140)={0x1c, r6, 0x308, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x12}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4008ae89, &(0x7f0000000080)={0x7b, 0x0, [0x4000000000004d0]}) [ 654.768655] [drm:drm_mode_legacy_fb_format] *ERROR* bad bpp, assuming x8r8g8b8 pixel format [ 654.785284] binder: 24474:24489 unknown command 0 [ 654.797129] binder: 24474:24489 ioctl c0306201 20000380 returned -22 18:43:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x400, 0x0) ioctl$SCSI_IOCTL_DOORUNLOCK(r2, 0x5381) 18:43:35 executing program 1: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 654.949826] audit: type=1400 audit(1566758615.901:262): avc: denied { map } for pid=24494 comm="syz-executor.3" path="/dev/sg0" dev="devtmpfs" ino=15648 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:scsi_generic_device_t:s0 tclass=chr_file permissive=1 [ 654.980735] binder: 24499:24503 unknown command 0 18:43:35 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 655.003924] binder: 24499:24503 ioctl c0306201 20000380 returned -22 [ 655.106826] binder: 24499:24514 unknown command 0 [ 655.119037] binder: 24499:24514 ioctl c0306201 20000380 returned -22 18:43:36 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) close(r0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000100)={0x6, 0x7, 0x4172, 0x1a0, 0x200}, 0x14) socket$vsock_stream(0x28, 0x1, 0x0) io_setup(0x4, &(0x7f0000000500)=0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bpf$MAP_CREATE(0x2, &(0x7f0000000040)={0x0, 0x0, 0x77fffb, 0x0, 0x0, 0x0}, 0x2c) io_submit(r1, 0x38, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0}]) 18:43:36 executing program 1: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:36 executing program 4: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x300, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0xf3, &(0x7f0000000200)}, &(0x7f0000000140)=0x393) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000001c0)={r1, 0xfffffffffffffffc}, 0x8) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r3 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:36 executing program 3: r0 = socket$caif_stream(0x25, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='erspan0\x00', 0x10) r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x210900) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cachefiles\x00', 0x200200, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x101040, 0x0) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000040)={0x40000000, 0x200, 0x13}) 18:43:36 executing program 2: openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) fstatfs(r0, 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="f123e170fc516aa7f8b4999fe89590f5ce4ce5a685bedc46c3126debe899654de32459e1d7e298a70acf64e8b379e631f824629c6f43dcb0e90005517a3ac6aa2d4f29e1b1a3d6650080000000000000ca025c1adb03a2c808e5d00d9a264de1a38977cec5271311858af518ea0800f7"], 0x70) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f00000000c0)='./bus\x00') sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) creat(&(0x7f0000000100)='./file1\x00', 0x0) write$rfkill(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x8}, 0x8) getpgid(0xffffffffffffffff) fstat(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ff8, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000080)={0xf97cff8c, 0x8, 'SE Linux'}, 0x10) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080), 0xfffffffffffffffd) socket$inet(0x2, 0x0, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000080)={@initdev}, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xb2) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:43:36 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 655.397790] SELinux: failed to load policy [ 655.439139] binder: 24526:24532 unknown command 0 18:43:36 executing program 1: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 655.462644] binder: 24526:24532 ioctl c0306201 20000380 returned -22 18:43:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="05630440800000002ddd050a3dad79433b8eb9b51dfb9504c501980205ba15d992120000"], 0x232, 0x2, 0x0}) 18:43:36 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:36 executing program 0: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f0000000180)={{0xfffffffe}, {}, 0x0, 0x0, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000000)={r0, 0x0, 0x40, 0x2, 0x2000}) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f00000000c0)={{0x8, 0x3}, {0xff, 0x5}, 0x1f, 0x2, 0xfffffffffffffffc}) 18:43:36 executing program 3: r0 = epoll_create1(0x0) preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/137, 0x89}, {&(0x7f0000000240)=""/255, 0xff}], 0x2, 0x0) r1 = syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0xc0000) r2 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x9, 0x42600) ioctl$VIDIOC_OVERLAY(r2, 0x4004560e, &(0x7f00000001c0)) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000200)) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000000)=0x6) [ 655.582445] binder: 24546:24547 unknown command 168156461 18:43:36 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 655.669506] binder: 24546:24547 ioctl c0306201 20000380 returned -22 [ 655.709169] binder: 24546:24559 unknown command 168156461 18:43:36 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:36 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x2, 0x80000, 0xa4, &(0x7f0000000000)) sendmsg$nl_generic(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x28, 0x1, 0x0, 0x0, {0x1}}, 0x14}}, 0x0) [ 655.742819] SELinux: failed to load policy [ 655.752588] binder: 24546:24559 ioctl c0306201 20000380 returned -22 18:43:36 executing program 3: r0 = socket$inet(0x2, 0x2, 0x2200000088) bind$inet(r0, &(0x7f0000000040)={0x2, 0x1004e20, @local}, 0x10) recvfrom$inet(r0, 0x0, 0x1b0, 0x0, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x3e60) sendto$inet(r0, 0x0, 0x0, 0x8084, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000300)="da", 0x1, 0x0, 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) 18:43:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) [ 655.921917] binder: 24577:24582 unknown command 0 [ 655.953016] binder: 24577:24582 ioctl c0306201 20000380 returned -22 18:43:37 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r1 = socket$bt_bnep(0x1f, 0x3, 0x4) getsockname(r1, &(0x7f0000000080)=@generic, &(0x7f0000000000)=0x80) r2 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x1f, 0x8151e952885b1e4c) setsockopt$RDS_CANCEL_SENT_TO(r2, 0x114, 0x1, &(0x7f0000000140)={0x2, 0x4e22, @local}, 0x10) ioctl$LOOP_SET_FD(r0, 0x40081271, r0) 18:43:37 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@getspdinfo={0xd4, 0x25, 0x1, 0x70bd25, 0x25dfdbfb, 0x0, [@extra_flags={0x8}, @policy={0xac, 0x7, {{@in6=@remote, @in=@empty}, {0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x800}, {0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x2}}, @offload={0xc}]}, 0xd4}}, 0x0) 18:43:37 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:37 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) fcntl$notify(r0, 0x402, 0x2a) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:37 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:37 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x2, 0x0) socket$l2tp(0x18, 0x1, 0x1) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, 'syz0\x00', 'syz1\x00', 'syz0\x00', 0x0}, 0x120) [ 656.330676] FAT-fs (loop2): error, invalid access to FAT (entry 0x00006500) [ 656.338081] FAT-fs (loop2): Filesystem has been set read-only 18:43:37 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:37 executing program 3: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$UI_SET_PHYS(r0, 0x4008556c, &(0x7f0000000000)='syz0\x00') ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'ip_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r1}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000001e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18a66a11d6be8c337d625bd2fc38952b"], 0x10}}], 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vga_arbiter\x00', 0x200, 0x0) r3 = syz_open_procfs(0x0, 0x0) r4 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f00000002c0)={@local={0xfe, 0x80, [0x3]}, 0x3b, r1}) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000300)={0xaa, 0x10}) r5 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r4, 0x6) ioctl$DRM_IOCTL_GET_STATS(r3, 0x80f86406, 0x0) setsockopt(r5, 0x10d, 0x800000000d, &(0x7f0000000380)="dff60003", 0x4) connect$inet(r5, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) ioctl$UI_END_FF_ERASE(r2, 0x400c55cb, &(0x7f0000000400)={0x6, 0x3, 0x2}) syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x0) r6 = accept(r4, 0x0, &(0x7f0000000080)=0xfe0f) bind$bt_rfcomm(r0, &(0x7f0000000340)={0x1f, {0x8d95, 0x80000000, 0x84, 0x9, 0x6, 0x175a}, 0x1}, 0xa) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)={0x0, 0x8}, &(0x7f00000001c0)=0x8) r8 = getegid() ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000440)=""/13) getgroups(0x1, &(0x7f00000003c0)=[r8]) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000200)={r7, 0x40}, &(0x7f0000000240)=0x8) sendmmsg(r5, &(0x7f0000005700)=[{{&(0x7f0000003900)=@pptp, 0x80, &(0x7f0000003b80), 0x3a5, &(0x7f0000003bc0)}}], 0x3a6, 0x0) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000100)='erspan0\x00', 0xfc) sendmmsg(r5, &(0x7f000000a080)=[{{&(0x7f0000005440)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2, {0xa, 0x0, 0x0, @ipv4={[], [], @local}}}}, 0x80, &(0x7f0000005640)=[{&(0x7f00000097c0)="bf", 0x1}], 0x1, 0x0, 0x0, 0x1}}], 0x1, 0x0) 18:43:37 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:37 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@getspdinfo={0xd4, 0x25, 0x1, 0x70bd25, 0x25dfdbfb, 0x0, [@extra_flags={0x8}, @policy={0xac, 0x7, {{@in6=@remote, @in=@empty}, {0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x800}, {0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x2}}, @offload={0xc}]}, 0xd4}}, 0x0) [ 656.445740] binder: 24596:24605 unknown command 0 [ 656.464820] binder: 24596:24605 ioctl c0306201 20000380 returned -22 [ 656.533403] dccp_close: ABORT with 1061 bytes unread 18:43:37 executing program 3: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$UI_SET_PHYS(r0, 0x4008556c, &(0x7f0000000000)='syz0\x00') ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'ip_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r1}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000001e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18a66a11d6be8c337d625bd2fc38952b"], 0x10}}], 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vga_arbiter\x00', 0x200, 0x0) r3 = syz_open_procfs(0x0, 0x0) r4 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f00000002c0)={@local={0xfe, 0x80, [0x3]}, 0x3b, r1}) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000300)={0xaa, 0x10}) r5 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r4, 0x6) ioctl$DRM_IOCTL_GET_STATS(r3, 0x80f86406, 0x0) setsockopt(r5, 0x10d, 0x800000000d, &(0x7f0000000380)="dff60003", 0x4) connect$inet(r5, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) ioctl$UI_END_FF_ERASE(r2, 0x400c55cb, &(0x7f0000000400)={0x6, 0x3, 0x2}) syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x0) r6 = accept(r4, 0x0, &(0x7f0000000080)=0xfe0f) bind$bt_rfcomm(r0, &(0x7f0000000340)={0x1f, {0x8d95, 0x80000000, 0x84, 0x9, 0x6, 0x175a}, 0x1}, 0xa) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)={0x0, 0x8}, &(0x7f00000001c0)=0x8) r8 = getegid() ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000440)=""/13) getgroups(0x1, &(0x7f00000003c0)=[r8]) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000200)={r7, 0x40}, &(0x7f0000000240)=0x8) sendmmsg(r5, &(0x7f0000005700)=[{{&(0x7f0000003900)=@pptp, 0x80, &(0x7f0000003b80), 0x3a5, &(0x7f0000003bc0)}}], 0x3a6, 0x0) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000100)='erspan0\x00', 0xfc) sendmmsg(r5, &(0x7f000000a080)=[{{&(0x7f0000005440)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2, {0xa, 0x0, 0x0, @ipv4={[], [], @local}}}}, 0x80, &(0x7f0000005640)=[{&(0x7f00000097c0)="bf", 0x1}], 0x1, 0x0, 0x0, 0x1}}], 0x1, 0x0) 18:43:37 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)) openat$ppp(0xffffffffffffff9c, &(0x7f0000002800)='/dev/ppp\x00', 0x400003, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x80000, 0x0) getdents(r0, &(0x7f0000000880)=""/188, 0x84d505b74ae32da) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000006c0)='./sgro\x95?\xc4\x0f\xd8\\up/s\x87z1\x00', 0x200002, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/netstat\x00') write$selinux_validatetrans(r1, &(0x7f00000009c0)=ANY=[@ANYBLOB="73797374656d5f756dd925d90000745f723a7661725f741f59b1e5360e18f0141eb77b833a7330208179ffff656d5f75ad91626a6563745f7218c9c1fb885e944bfab757cf3e733e6465766963656b69743f061dfa7ac485e0830583f7d55f65686563703a75574862302030037a5430f93a62e9bf77db0510018c0069073a78ca2f92ec35ceb2f96d01bbde75e3ffdef1292570f23c3949bce47910ae40162674f7c0a001caa7131cc82a0b1a7dcb240da0f54e1222ba4bf4d4a610d45bf76a9b17f9ef85830600e07f1cd8fedc7922b2ef559a1d80e7fece6f7f42da3fb9637b680e16116c204082720f3bbcfce2a334bb102fdd6609a8c1a378bd586b801fe0868507000000000000009f60f5cb0f5e7e7cf9cff2b0905104b1775ebe46dfe27afbe36e27e3c1ec7004c355d747d351989e77e941a1c20e8037be6e9dda4c598a1dd7aa9e4ff08d11c12c1bc97ee3c9545136957b98e0e8898dd4f21262b7d752b18408118e6e8875d2a5984ae0be02a60000000000fafc0d187a0000000000000000d98daf8b1cd13f67f88f5010c0a83aff82ae15457a368e0706935dd57247c1ea01a53cc8162c317b8709bcd370b220dbb47ee6f3de4dba11d338000000000000004f34f0b2d4443af50da740216f68847373acdec5274202000000d300d698f75f620ca084794f99b56a16f6e7f22e9b6f673765ebf057585ea3f8c3b65b095b9e1f8e7f47dba9478e9d16889ef930db40bffc628d02cf2d53f82f01eaea8e10bf33b74ea1fd4e81af323468c3a749035051a5538c6b7815274858b80601000000f5ca3d871836461db7287e93de1840af817573526800"/614], 0x1fa) accept$unix(0xffffffffffffff9c, &(0x7f0000000340)=@abs, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) clone(0x2902001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000440)='/selinux/policy\x00', 0x0, 0x0) rt_sigtimedwait(&(0x7f00000005c0)={0x200}, 0x0, &(0x7f0000000200)={0x0, 0x1c9c380}, 0x8) ioctl$UI_DEV_CREATE(r0, 0x5501) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f0000000100)) write$FUSE_BMAP(r1, &(0x7f0000000240)={0x18, 0x0, 0x6, {0x7fffffff}}, 0x18) getpeername$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, &(0x7f00000001c0)=0x10) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000680)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f0000000300)={0x4, 0x7, 0x0, 0x6}) prctl$PR_CAP_AMBIENT(0x2f, 0x400000007, 0x20) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000002c0)={r1, &(0x7f0000000940)="725f3be526811246b0cb312c95e41358c46fa2c7b6387ab9a815a7459115b6e4018eee175c213530ee5787a1693f77a14fcbf1e51be6fd9f47272c8c242a15ce2ef4241c6b52fde6bc5bb6a2565c190ec7d31ed6e6d3da60baf782935250818a9dbb68d58bef572f018dc423", 0x0}, 0x18) ptrace(0x10, r2) getsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000002680)={@remote}, &(0x7f00000026c0)=0x8) sched_getparam(0x0, &(0x7f0000000080)) ptrace$pokeuser(0x6, r2, 0x388, 0xffffffffffffffff) symlinkat(&(0x7f0000000540)='./file0\x00', r1, &(0x7f0000000580)='./file0\x00') add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000480)={'syz', 0x0}, &(0x7f0000000c80)="ca6ed21f1a65e72684c2d77b1aa8a6abb5c0a4cc6ff33d21a43913ac1e591fcd3779aa719f6f16f998e3eb202101610ddfcf45bd82279e55ec19694a7feb665d1d26b5285dbc20ecbd023da446f6f1f18e8ea8d6d8f698d8445b3f9cadfd884d795fd824c3743441badeadd69b7850d4c8c93a2574c49906575e0bfea6b3259043c78390", 0x84, 0xfffffffffffffffd) ptrace$cont(0x7, r2, 0x2, 0x18000000000) 18:43:37 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="058204a47491e402e7592b89efa0fe4047e486578335596bee"], 0x232, 0x2, 0x0}) 18:43:37 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:37 executing program 1: socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:37 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 656.698366] binder: 24632:24639 unknown command -1543208443 [ 656.732994] binder: 24632:24639 ioctl c0306201 20000380 returned -22 18:43:37 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:37 executing program 1: socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:37 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 656.832293] ptrace attach of "/root/syz-executor.2"[24634] was attempted by "/root/syz-executor.2"[24642] 18:43:37 executing program 1: socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:37 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) r2 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x1000, 0x0) setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f0000000040)={{0xfffffffffffff000, 0x1}, 0x2}, 0x10) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) [ 656.895458] binder: 24632:24657 unknown command -1543208443 [ 656.904655] binder: 24632:24657 ioctl c0306201 20000380 returned -22 18:43:37 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 657.028318] binder: 24666:24670 unknown command 0 [ 657.046666] binder: 24666:24670 ioctl c0306201 20000380 returned -22 [ 657.056491] binder: 24666:24674 unknown command 0 [ 657.062536] binder: 24666:24674 ioctl c0306201 20000380 returned -22 18:43:38 executing program 3: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$UI_SET_PHYS(r0, 0x4008556c, &(0x7f0000000000)='syz0\x00') ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'ip_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r1}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000001e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18a66a11d6be8c337d625bd2fc38952b"], 0x10}}], 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vga_arbiter\x00', 0x200, 0x0) r3 = syz_open_procfs(0x0, 0x0) r4 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f00000002c0)={@local={0xfe, 0x80, [0x3]}, 0x3b, r1}) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000300)={0xaa, 0x10}) r5 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r4, 0x6) ioctl$DRM_IOCTL_GET_STATS(r3, 0x80f86406, 0x0) setsockopt(r5, 0x10d, 0x800000000d, &(0x7f0000000380)="dff60003", 0x4) connect$inet(r5, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) ioctl$UI_END_FF_ERASE(r2, 0x400c55cb, &(0x7f0000000400)={0x6, 0x3, 0x2}) syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x0) r6 = accept(r4, 0x0, &(0x7f0000000080)=0xfe0f) bind$bt_rfcomm(r0, &(0x7f0000000340)={0x1f, {0x8d95, 0x80000000, 0x84, 0x9, 0x6, 0x175a}, 0x1}, 0xa) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)={0x0, 0x8}, &(0x7f00000001c0)=0x8) r8 = getegid() ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000440)=""/13) getgroups(0x1, &(0x7f00000003c0)=[r8]) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000200)={r7, 0x40}, &(0x7f0000000240)=0x8) sendmmsg(r5, &(0x7f0000005700)=[{{&(0x7f0000003900)=@pptp, 0x80, &(0x7f0000003b80), 0x3a5, &(0x7f0000003bc0)}}], 0x3a6, 0x0) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000100)='erspan0\x00', 0xfc) sendmmsg(r5, &(0x7f000000a080)=[{{&(0x7f0000005440)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2, {0xa, 0x0, 0x0, @ipv4={[], [], @local}}}}, 0x80, &(0x7f0000005640)=[{&(0x7f00000097c0)="bf", 0x1}], 0x1, 0x0, 0x0, 0x1}}], 0x1, 0x0) 18:43:38 executing program 2: sync() syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000540)=[{&(0x7f0000000040)="f9aee740330d46c377ba276372c3cabd8eb11026479ca410e649f193bf9e4a2ded0c545299e1a69a3f7a099e671dd5aad8a1a832c5ad173249fb4d2d32c56ce3f0feffac891b5daebf974443e34ff9baa5f1a65e049e2b3d39ae5581e77ed5c3c39ecc3bb13f133d2844e4f6f7dd95b61ca0819179bf3c760abeefcc9e819593cfecf7c354ca023312a190140f2c32b3ddd4e405d91134c0a7de22fd5e93bdc88ec941eb41a73de2f3a8bf786b", 0xad, 0x6}, {&(0x7f0000000240)="5190d5c3e7296bfe2d180345ab0e92dec26db01f5d8da126e294ff8efc85b4398313b6ffeca5a9246ce407c9d47d90c2f7440cb437a3bc5048927248d4e5b79bde6c8abdec3ca80114b6f9e0fcf2e100990c03e9a4a141581869d01c17875af61c828970aef7e09554a383b326ce57be6e9e2b0e655c867017e39e0dec5a34ddb0b7ac1ca906b3ecd4ce410c126fdb261f09b7782ec50febf8317c2d16ff4c4a57a44101b8b911fb615ee73ab3ab2e51696a026d8215246dd505d99a720098a2f80d", 0xc2, 0x2}, {&(0x7f0000000140)="091800d36249563762d6de37c1419914acbbdb28761395243fbf7697aaf8a59c0992a0446b6f80e1454fb77648cf49f976346099778fd969123961e8a6a144ab8137a3ef59111605359465c80d643c6ab27a318c17612767b6662208c6b4ce21d0280da56a2dd4c2f32a4a39975709dc57bd087ef514f9d90dc6", 0x7a, 0xfffffffffffffffd}, {&(0x7f0000000340)="9bd26f045bc2a7615cd2b64502508b3b226a9b218b074ddda283c1b09b3a9264b38b3e6a1be28c864cc5863e8fcbf24455247e7bad11ad259a8945dba24816c017309f4a8a77cd379486ba605a93bf4ac4b15f508c6b729855e20f9c0206b1df75dbfe3f7f579d67b9bbdf1d83be2c1b75ecc4d275ee0e7be8b674a9e30b2032c7a6c65232849ea75e80cb11104e50b4f1a27b950e044e941fda85ee735f818facd928239cb182ed7f0edbeedcf496c43891ebc9", 0xb4, 0xaf}, {&(0x7f0000000400)="c7cf3af8fe66b341197d4f61a5cc9d98214138544470ea8bd542ac9e23b7d902be00454a1d84dab6f169ea78c398dbc4fa538406e18a7007e6f7b4d1295b95b69c9a1f4bd2c0e156a117efb9baa7a3a70ca7dca5fd683156eb976b48863db4731b53d1e630fc7ae3f8b76c3b2f24e8932f3a2160393f77ee2f998c73f26fabab74d3bb18d2b44172f21e625d3d45962335bb5f94fce83a29f7028b24d02ebb74118d9f46b69360e9996e5c3cf72467b56cd6cdf6fd36", 0xb6, 0xf557}, {&(0x7f00000001c0)="42e04243448240141a1ce0453ce4c1c7a92d1e21dba403e931bb506533b8e6de8f5cc6607ea1b4", 0x27, 0x7}, {&(0x7f00000004c0)="e7a5dbaea6ab26737a40f383a5381fd7503bdbd177e4bf3d33de227b059e8a39a0bca069adf89709ab4e388311d44dfe17a23a420bb68dc721edac20e35f6551edaf79db6ec0311afff5b1e08123bc3e77cd8df4c971510b524c35ae2a1af8a58f2dd1fab9c3619a4a68db78d8605beb", 0x11, 0x7}], 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000001800)={{{@in, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@initdev}}, &(0x7f0000001900)=0xe8) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000001ac0)='/dev/dlm-control\x00', 0x80080, 0x0) ioctl$VIDIOC_OVERLAY(r1, 0x4004560e, &(0x7f0000001b00)=0x3f) getresuid(&(0x7f0000001940), &(0x7f0000001980)=0x0, &(0x7f00000019c0)) socket$inet_sctp(0x2, 0x1, 0x84) syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f0000000600)='./file0\x00', 0x1, 0x3, &(0x7f0000001780)=[{&(0x7f0000000640)="3ae259e4c50b4978870332db3a0ee6ae1b80b8304a8879cab1b3ea5731040143fcd0585e5dda16300b004caf09e2d71e67377710dffea7bfa248d08a58356852d7e8882dd39cee2b41646b9704c0bff294ee39b4a62620df2dd787c15ebd6b651cd021c6410bc58e4ba528530e26b10b0d27b111a9d281ed779984518aa4eba6cb18a8ac3e8555a3967c5751be3cb6352b41590b3279486d45c0ee6810744bc98d4af59704dce55e4c67562be5864b9ccb7082cbfb694ed8b06e3f25b597e3cdcb81e330ee5d1198330e91c585b43bc42a60cfbe14f6e4af6d5e67c9f92076a3b3c8b73c1da4fdf40d9161978e3ce89a5578371e21eb2fed381f6be0a3e2d848154b84d79d0ddda8ed5de85e29513c6ef931962a0e21a0001422227eaefaef3d4f326f72eaf12c21d7588f8f549a36572e943ca1e59b8f8a4c5fd232e0065cba171fa4b23f04e73befdc6931c398ac56817175fc2043489aa0141f8469b80231e4b25097f2ebbd4414e9361cbe46f8945d1e5c45976fc63aa0d9446f09a1879ba47b84ed08ce3a36594e667b4ec19947a8ac26be5cdafbc7cbd85d999402bff749465e3a506e5e0934efee0d89eb184eb3bf0546fc3894cb3cdcc41d8c632800b5873745b0e6da357e8b1de5d1dc0a5e0ebe0489690e3562d30fdf09aa45f16fa34ddbd55d9f30856c0ec814c2912922f1eb4bc8116ba3159648d36c4e1c04098701991b7e863c1d9db2fbd9a1d4fcd73dc62c06fb5a4c54757b51b2cf7a5c8fba2fdfc14506c62f2de51cdc4110953aa52baa48d346dd7c4a1aa25b8d63196de3ae916ff7d015aeafe2e4303072293e5476f818b423f7f09f472430fd2aabe638da563a0769bbd09dd2f05a9250671db19de29a206bb66ef7fe406820bf89f465b57db920aea0d23bec884e52e1c0efd21b8c63ecb08ddc7f2ad8bfb0b613703031dafa5b4b053c2b366f615a53f453e682fa0460714e8be1bcb04ccbf551351fd4854751c2c7e0706530d2433e6e35286698e11832d351cf02dca88abc82d576b66a430ebfb2cbde2b609d46607a1db0fc580d4ea50c75455b76d8880e5bb76ce7824fa5f6c9f07dec74b8f299b8cf7a0acc9585cc5eec8cddd8b07184a1c85920f71b640df37f630741d7660b3f86ef8aeef4b82ab6338e94af16fcb8b348025d67c8ecd13aeb0dabb1319876fd6ee51acdb25b27bd4ece1bc2871309ba3e8ad94e962691cbe54e87a54d813998a418cf05645ba86ad0f2c0509e55818db74f2110cd8c4d8c8dc7878e94025717b888a1576254af38ec320d1f6854ae9bd80e76cecb68d3eb7cb9e85c9b575d0d95e2a52dfa3da3e5a5504abad81a5c85d906361aecf01eb5637518d96f93c389ae547b1a1db618fd67b9b5d53a74cbd913b1ac54a1af52692d9f357d2a6923042b829c75c71d09867da33cc4f49f0557c3630e36a87cadae41653468ffc3a15c0e76722d7e8839c206cc4109001c1b9a6d56b14f7d7b5f02dc78aac3a98d7be2b0865eaa6029996fc78e4211eb1c587ae2d3cb5f4b93e8af224256a972a726daa5334d26793390e6d133e117ff4e9c80856f7f364b3997445b00c9f4635c0fe1f805b6df49f073e64160a03975c8ddc953d4f7904a6b22d797b60e9c91afeabb33e2fa69e3146ac9d7a86ae21bf81bc4fa671a114f336a5ee7ce163d4fdb7dedf04f078f82ef5fc48ac3dd1859c60344457038df3564f973837740a54d29817a3776e8d13a58a68dad62b580f92f1cb8ef64d2343acb57eb38534103271b35baac2e3d1040523c2ee85777f52ee17d94345d5c96d1132245b1b3129d1f4894583d465e129719cb398ffe168034f515d67ce3fcb97f414f19336cfd134d3e8a50c3d4ef9268b04fb0d1df54524d6610515867f1a1b81fdc644ef2efe0574c96762bde2cd9adf0a05ef57db82f328003dd468cb59dcb70fd8063bea7990a99066bfa8f3c15bb179884d038d97a66e8fdd83b19fcd14356e3f24949a277a0800764b8ddc2ec49752156662c6625994a6232bd914ac256b44f56d782599c7b92f68aaa1534cd6c76f0b82d02919e505996bc77c99d9db613ba451312682b9a935ea75c15759c3bddceca6543c8dffaceb739c95986b65e87e5345434f04a825046d54191bb3589ea03431d4572aa58d6b70dc823fc0979143db9e7d0b3134d8bee1277d98b57d375f9c896fc6eebb87bcd6d5e74604b02b5cf2eaea7d78513f87ec32bf7fe1970973eb6d2e841378818189e0170289042ba197c50075d7fbc716a3bd4f5dcb9bec2a659088ab6e4805ca459da3915d5555b9fe1c329e6b8f3d3dd1154b9ba34250432044ca5c8a8b6253474c2abdfba911a1a74fc7bfb8308e2caae5e99c35dfbdcc6aa818c5a8d93f9fbea38843c0d8031244498bcd5d9cdc02407650bb7c3f6e69b2089b89a59ea17127bf9294b7f0604ba4cb9f7f7f4fa603b8ec12ea8e78e29fafca6b34cddf3775cb17c54a5c0075eb5658074e05a8ee48aea1bc4c26acac950bcdcbf170c429e15413c5ba20b68f348eb123383c285d5c3a75ccfb27ff8d9d8c87cc5e90dda50cf3482afb9c0bbcde97c40d7a1bb1539f504e447469aa3a9437c916328d0b430b06e27fd2c38e4c783760914ec6953bdd3c4cc3e8069e27fe802d4c7fd8b6039069f99318baecce107570d1b27d52c14b5e29f394cacef20942fdfd9aa1bad08aa59f450733a75741e66704ab916e74176f749b13e476ae0cbeb5450cd49e918342315503a7c7dd741149d716cb2da2a7027c9645deafe209019c250ec085ad09d6a941ba98233f366ffde3152a5f3f1820c0b353f07979e898b8492715eddf83876a8be00ec3e721c4445482bed5efbdb148f3e40ee3529b41b91e79a7aa4f116487c6587191e191f283f365b929e3928bf5670290f8159ab76eea3d2d31c1b923a70fa6d6993b31eecdbe5f083a039f82b49f84cf49e89974fbf08b69b8acc72bf5d6bfda52189de98b081aeaa21fb05f1ffe332b523e80ba0bc7bbe443f0acb9be7c947f97d2038d0d387db4a174f4c7d7824885f23c5a99e547b07df51f9821356ff844f62be4f42d7b65fbd132ccbd651f269e3d2b32af14eb281412effdf776771428002845d1bf3b2d08abb54530818f209f93e2331499e5355ec0e7e844b60de39b2459e025442a909dfdb37e2f1244f4fcf8766f7b3a4a7da08cb276645b8ebf0d022b113860680157940a8a6970f6c1cfcc9041d9ed0a0d6bfe75ae61399cb4cc1205a6e4dd867c0673ac8f87b5433297d00ba3aa9e0da9045a9b1b422e8a2ef2f143ca5656de698cc3457aa536919e1fc938dafc49f28c3e4fbfceb7480efb9545353ef17c3a062457f15b78e8420d5c86e7245ba57c88ef148363c424da2ee9ba96cd31dd43f3e431a02b1276b9a4840d356e9b595bc94b59be783ce2d31e5432c0c41ea75f5371c1947fe665b9d9a28f8a53be0a6ff8713eec49af3d37e2b4eab552a34053b1bd4ff01c4abb6e8db2500ea8631e3f03d30c3c1f3ed39a4a1d5da467b3e65c6298101c4602384ad8b29d3d9cee22decc4b6e78691d7419789c543a6cc68fe5dbdc14a411faff6f7335ab0ee9d68d6d4c9ff9274cbbce84ae999d30a18ba0f3d52b0e95881af78f6b54ae2b173319ec46f1a38d7338d96fdb65c7167b919db337f83362cbec05728a987ce9ec82af7de4475c56cce53126905206eafd1f50ccb1622dfd7117ab3c0deee7d086e81ff5e1a0736965d33f40b3af4e28e9a84f1b25a2d2a71f592b276b270f455e2c1c1a6125a5fac3d2222d803dbf4f142c59b864035ee9413cdc7792683cdc35b01f22c91c2e98c065cd15842bbb1d63dec6254aaa90ff4b69ad706344f36b6f5e6b0c4805adeca9dab75fee2584538bb59b9bf3b557f103f6b11c103c49b84e4cfb96ca67b7b83d7b72308fcede8231ba5998caad8e2b35ce3caab7b5b786e971b1a7f9eecc129b98720397835de0d09901aa75f8553e57ce4aff14327bd0454b70e6529612e6ea3e28eb2a9fae9e405b6daa7a34b521ac957dce6cc3ec2691b5dc0b53c4bab9c7176ac47f8cc38e224cfaa0d58841d6b04debf2e65ce248c4ea195e28afd7cc5eaaa45ff82ff49ec5546e9bfc555cf2f11b1661d893aae1c377a5e81f803dedf93de35a2a6c7ac99ba4fa7597346b20900a63c03d49668a4b5e2ed5e6a3c31da0893bc80cd7ad6bddb1fa2557111d7a01b8b7da721b12ef69194b4f146f3e04b36033cc6a1ddbb09d4ca25ee089a5c90f20846bd3fb5ae2fee50164e75d73c03de6c9df6052fd1dd6e5ac5f188bfc27ae93254be31f4932304c2a521a0999d7ca73061f5fa26b0a3a39c5635549eee85d5706ffb5e7820643fed8157d7234646d2b68950c71e6e3842b97e38e62b258f91278f19db7cd4b7c733a29f5d8bd2e4f10bef65ab10e48ed119bb7d76868cca4b686ddfa2a9bad54afba3740cebf9e928ec29a9c839d93d475edfe8937455fe7563a0fb4964b0bc1df40a59dafe2c02bca8ae1d79fba2683512aede052e309ca0eb07de29756575c3b12eeccf38b3805c1310412343463a99c2ad03814a134354bb549a6f4b82453eda7dbd5ca7a734d30f96b79c033fc87b82470e1e7164d6dee97aef3695329dcb9570384867479ab314e1499933a6f1f489d65783646b4fd0a5e6c479d2f32ddf618656b3714cc8d6bb8b977ae2cbd00f671750cbb08d53167e36954431dda68a5361d69033688b314a6e5254a4b1dbbef9adbdad573386b2e4778c1563a35208fc2524b362aefd46b5308b06c3a0f05d61c04d783f3f2fc7bbb76ac0247f7ba9ec99596937af46526ca1e51480b6c46664a202f960d076ced7de6dd0863e2df555c30849c2e2f9e1031549f53349b572f89baea42c18f65a998f7b5b3c64bdc5f6c7ea29b0cba1134c33ffaa625789446ebf8771eda4b85e1c42751048cf95dc2fa53801fe0ffeed99bad69ab837d78b289a43122bd7b9e53a2c20f24b1f7643da043f12fd50f8b5138c21b6e32fecec73efe47ffa714740ef17b5e002d75cd3e1e84193b53e74e28d26b43e508fce4d81b6f7678a1267545462ac49a8d95c65c4585d43abfbc4575345d773003bb270b0416971edc45a947708ad0703d39f2cd4472294e95b12f250db7dbce64011accdeeaee375dc97309b73618099e7a5b2028261e615bce65f28b1b19071c722180022edf858bd84b6c268ff5d34e5f6b1e8bc792640a7a32c5727a68b3fbe81e7738eaa336f517421701cf1c6caea10e91597f93977100a0149fe3a8b40ca36d781743e70b67b1709812bd5a86538a184e8e2cc726ad7cca487c50aafea8517f3bb1738ac57fc85618e94043a4a7555cc968174423f2e93629458a61b94b35589f1b9096e429af0e3bcf2b6971b58f29e1a5fbe1c337bcd5b51313bf9273c701f81e5698ba6f9923036289500c195cea9cb3e129f0fbfe676ea0bfeb0887055dfacd377cfa881daadd2437b6da69d0647e1e98ad0b887776e75c1a1e1aef4c829032ccb86ff392bb8d915544faf141f723323a120303eb353bc33ee444b6af60cca524d117468d36596bef6e36e18527579d7b22160e3eecf2514bca30f10a4ef5ea569d159c65988a4e43c092f91c67e0d97410ce26c972a52fc23b467ba4771a9630f3879a6d8c6b8b3bf5e0abb742270dbde761ffcce83aa6640565f299e0626ebdc2c43e0a5a483f59690ed187b6cb6c460fa8f50dd8877d88a378300e74d674426a15a35892df110b4e28052794c50dbe2ba39e4ad3c17bb", 0x1000, 0x3}, {&(0x7f0000001640)="a2d0abc1ebdaea9dc64184c9bc189fc4b9e6679ba5e72ceb0dc24d389921f7440e513e76c8a520a30bfe4acfffb42fe4ece5741fa037ee3af3f95f9c928a7937c568854100c866862aa1a3b80bc8a91144c080c4731cb8de8e54a5df7e61", 0x5e, 0x1}, {&(0x7f00000016c0)="9207b6687c961da8d0bb652896f90d38c027aa6e32f61e208802b7e2499fe5bb7765d7d31cc077ae3d79368139532c6bb9aa6321a1234a403e946cbb7bb7e9799c339eb47dbd9b0c6d4af40a4a25f55f0601776a4431262dd475445ed33633a4b390ecaac4753c55db86c2a0111cd3e70cfdcc2a80d54f6effeefa60f8cf4c04724ea4689f552294e9fde4607e9db26537d22b2b9bf4ad", 0x97, 0x91d2}], 0x200000, &(0x7f0000001a00)={[{@fat=@nfs='nfs'}, {@shortname_winnt='shortname=winnt'}, {@numtail='nonumtail=0'}, {@shortname_winnt='shortname=winnt'}], [{@fsname={'fsname', 0x3d, 'btrfs\x00'}}, {@subj_type={'subj_type', 0x3d, 'vboxnet0'}}, {@pcr={'pcr', 0x3d, 0x28}}, {@fowner_eq={'fowner', 0x3d, r0}}, {@uid_eq={'uid', 0x3d, r2}}]}) 18:43:38 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x141004) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfff, 0x1fffff) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000b55000)={0x2, 0x2, @broadcast}, 0x10) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000001c80)=0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f0000000040)=r3) ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0x100000000000006) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f00000001c0)) sendto$inet(r2, 0x0, 0x0, 0x900000020000000, &(0x7f0000000000)={0x2, 0x2, @loopback}, 0x10) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000240)={r0, &(0x7f00000008c0)="7e46dffd4867b764bcccd5545106e65d499b3dcf266ddece929eeba74213056c0110159eda6817486e493fc7da16e8855b28a11cb158f91988fe11cf926c71c4bc358af9e9b33f9c3e9232665e362fb60a860d33ca77651fd65d5f53062e99780dc677364007c45e69575cfe18fa915ad28763922e7cb7d655dac172a99e044221e97e74434f3edb34a9769917a3703625c2a95b080c765334f14377d31d251d1358689c35c92f2ad4dfa1f1f0baf448721decd80986bfbd00f266833f97c2040f865a33087a7f12c4a5464b218dd0c3a710a9e9bf3e28f33403d5e0529fa7140f5aea4fd864d1bdf211dfdd01797a9bba88dea99c7aa9b3f771e5a8", &(0x7f00000009c0)=""/167}, 0x18) io_getevents(0x0, 0x4, 0x2, &(0x7f0000000580)=[{}, {}], 0x0) fcntl$setsig(r1, 0xa, 0x40000040020) sendto(r2, &(0x7f0000000880)="c5", 0x1, 0x4000051, 0x0, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000280)={0x0, @pix={0x0, 0x0, 0x37303250, 0xb, 0xffffffffffffffe0, 0x8, 0xb, 0x2, 0x1, 0x6, 0x1, 0x7}}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e23, @multicast1}}, [0x5, 0x4, 0x81, 0x5, 0x0, 0x3, 0x1, 0xffff, 0x1, 0x8, 0x7fff, 0x2, 0x2, 0xd14b, 0x7ff]}, &(0x7f0000000500)=0x100) ioctl$NBD_SET_TIMEOUT(r0, 0xab09, 0x101) socketpair(0x4, 0x80000, 0x9, &(0x7f0000000540)={0xffffffffffffffff}) getrandom(&(0x7f00000005c0)=""/198, 0xfffffffffffffeb0, 0x3) lgetxattr(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)=@known='trusted.syz\x00', &(0x7f0000000700)=""/48, 0x30) bind$rds(r5, &(0x7f0000001c40)={0x2, 0x4e23, @empty}, 0x10) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000001c00)) ustat(0x3f, &(0x7f0000000040)) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0x9, 0xf, &(0x7f0000000a80)=ANY=[@ANYBLOB="18000000060000000000042126f30d89a3f1505f", @ANYRES32=r0, @ANYBLOB="00000000000000006f17e0ff3643409a00faff000700000018100000", @ANYRES32=r0, @ANYBLOB="000000000000000085000000660000000f5afcff04000000d54210000100000042a7f8fff0ffffff73a8010004000000850000006c0000009500000000000000"], &(0x7f00000006c0)='GPL\x00', 0x8, 0x1000, &(0x7f0000000b00)=""/4096, 0x0, 0x1, [], 0x0, 0xb6c0571a8428e2f0, r0, 0x8, &(0x7f0000001b00)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000001b40)={0x1, 0x2, 0x5, 0x3}, 0x10}, 0x70) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, 0x4, 0x2, 0x2, &(0x7f0000ff9000/0x4000)=nil, 0x9}) ioctl$DRM_IOCTL_RES_CTX(r5, 0xc0106426, &(0x7f0000001d00)={0x1, &(0x7f0000000140)=[{}, {0x0}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000200)={r6, &(0x7f0000000740)=""/197}) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000840)={r4, 0x7}, 0x8) msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4) 18:43:38 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:38 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl(r0, 0x1000008912, &(0x7f0000000600)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0xdba, 0x400000) ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000000400)={0x7, &(0x7f0000000140)=""/187, &(0x7f0000000540)=[{0x7fffffff, 0x27, 0x8000, &(0x7f0000000080)=""/39}, {0x8, 0x13, 0x7, &(0x7f00000000c0)=""/19}, {0x4, 0xfb, 0x8f5, &(0x7f0000000200)=""/251}, {0x8, 0x12, 0x1, &(0x7f0000000300)=""/18}, {0xffff, 0x94, 0xb293, &(0x7f0000000480)=""/148}, {0x5, 0x1, 0xe17, &(0x7f0000000340)=""/1}, {0x92a, 0x36, 0x5, &(0x7f00000003c0)=""/54}]}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) [ 657.540989] binder: 24682:24687 unknown command 0 18:43:38 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x141004) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfff, 0x1fffff) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000b55000)={0x2, 0x2, @broadcast}, 0x10) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000001c80)=0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f0000000040)=r3) ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0x100000000000006) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f00000001c0)) sendto$inet(r2, 0x0, 0x0, 0x900000020000000, &(0x7f0000000000)={0x2, 0x2, @loopback}, 0x10) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000240)={r0, &(0x7f00000008c0)="7e46dffd4867b764bcccd5545106e65d499b3dcf266ddece929eeba74213056c0110159eda6817486e493fc7da16e8855b28a11cb158f91988fe11cf926c71c4bc358af9e9b33f9c3e9232665e362fb60a860d33ca77651fd65d5f53062e99780dc677364007c45e69575cfe18fa915ad28763922e7cb7d655dac172a99e044221e97e74434f3edb34a9769917a3703625c2a95b080c765334f14377d31d251d1358689c35c92f2ad4dfa1f1f0baf448721decd80986bfbd00f266833f97c2040f865a33087a7f12c4a5464b218dd0c3a710a9e9bf3e28f33403d5e0529fa7140f5aea4fd864d1bdf211dfdd01797a9bba88dea99c7aa9b3f771e5a8", &(0x7f00000009c0)=""/167}, 0x18) io_getevents(0x0, 0x4, 0x2, &(0x7f0000000580)=[{}, {}], 0x0) fcntl$setsig(r1, 0xa, 0x40000040020) sendto(r2, &(0x7f0000000880)="c5", 0x1, 0x4000051, 0x0, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000280)={0x0, @pix={0x0, 0x0, 0x37303250, 0xb, 0xffffffffffffffe0, 0x8, 0xb, 0x2, 0x1, 0x6, 0x1, 0x7}}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e23, @multicast1}}, [0x5, 0x4, 0x81, 0x5, 0x0, 0x3, 0x1, 0xffff, 0x1, 0x8, 0x7fff, 0x2, 0x2, 0xd14b, 0x7ff]}, &(0x7f0000000500)=0x100) ioctl$NBD_SET_TIMEOUT(r0, 0xab09, 0x101) socketpair(0x4, 0x80000, 0x9, &(0x7f0000000540)={0xffffffffffffffff}) getrandom(&(0x7f00000005c0)=""/198, 0xfffffffffffffeb0, 0x3) lgetxattr(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)=@known='trusted.syz\x00', &(0x7f0000000700)=""/48, 0x30) bind$rds(r5, &(0x7f0000001c40)={0x2, 0x4e23, @empty}, 0x10) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000001c00)) ustat(0x3f, &(0x7f0000000040)) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0x9, 0xf, &(0x7f0000000a80)=ANY=[@ANYBLOB="18000000060000000000042126f30d89a3f1505f", @ANYRES32=r0, @ANYBLOB="00000000000000006f17e0ff3643409a00faff000700000018100000", @ANYRES32=r0, @ANYBLOB="000000000000000085000000660000000f5afcff04000000d54210000100000042a7f8fff0ffffff73a8010004000000850000006c0000009500000000000000"], &(0x7f00000006c0)='GPL\x00', 0x8, 0x1000, &(0x7f0000000b00)=""/4096, 0x0, 0x1, [], 0x0, 0xb6c0571a8428e2f0, r0, 0x8, &(0x7f0000001b00)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000001b40)={0x1, 0x2, 0x5, 0x3}, 0x10}, 0x70) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, 0x4, 0x2, 0x2, &(0x7f0000ff9000/0x4000)=nil, 0x9}) ioctl$DRM_IOCTL_RES_CTX(r5, 0xc0106426, &(0x7f0000001d00)={0x1, &(0x7f0000000140)=[{}, {0x0}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000200)={r6, &(0x7f0000000740)=""/197}) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000840)={r4, 0x7}, 0x8) msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4) 18:43:38 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x141004) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfff, 0x1fffff) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000b55000)={0x2, 0x2, @broadcast}, 0x10) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000001c80)=0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f0000000040)=r3) ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0x100000000000006) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f00000001c0)) sendto$inet(r2, 0x0, 0x0, 0x900000020000000, &(0x7f0000000000)={0x2, 0x2, @loopback}, 0x10) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000240)={r0, &(0x7f00000008c0)="7e46dffd4867b764bcccd5545106e65d499b3dcf266ddece929eeba74213056c0110159eda6817486e493fc7da16e8855b28a11cb158f91988fe11cf926c71c4bc358af9e9b33f9c3e9232665e362fb60a860d33ca77651fd65d5f53062e99780dc677364007c45e69575cfe18fa915ad28763922e7cb7d655dac172a99e044221e97e74434f3edb34a9769917a3703625c2a95b080c765334f14377d31d251d1358689c35c92f2ad4dfa1f1f0baf448721decd80986bfbd00f266833f97c2040f865a33087a7f12c4a5464b218dd0c3a710a9e9bf3e28f33403d5e0529fa7140f5aea4fd864d1bdf211dfdd01797a9bba88dea99c7aa9b3f771e5a8", &(0x7f00000009c0)=""/167}, 0x18) io_getevents(0x0, 0x4, 0x2, &(0x7f0000000580)=[{}, {}], 0x0) fcntl$setsig(r1, 0xa, 0x40000040020) sendto(r2, &(0x7f0000000880)="c5", 0x1, 0x4000051, 0x0, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000280)={0x0, @pix={0x0, 0x0, 0x37303250, 0xb, 0xffffffffffffffe0, 0x8, 0xb, 0x2, 0x1, 0x6, 0x1, 0x7}}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e23, @multicast1}}, [0x5, 0x4, 0x81, 0x5, 0x0, 0x3, 0x1, 0xffff, 0x1, 0x8, 0x7fff, 0x2, 0x2, 0xd14b, 0x7ff]}, &(0x7f0000000500)=0x100) ioctl$NBD_SET_TIMEOUT(r0, 0xab09, 0x101) socketpair(0x4, 0x80000, 0x9, &(0x7f0000000540)={0xffffffffffffffff}) getrandom(&(0x7f00000005c0)=""/198, 0xfffffffffffffeb0, 0x3) lgetxattr(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)=@known='trusted.syz\x00', &(0x7f0000000700)=""/48, 0x30) bind$rds(r5, &(0x7f0000001c40)={0x2, 0x4e23, @empty}, 0x10) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000001c00)) ustat(0x3f, &(0x7f0000000040)) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0x9, 0xf, &(0x7f0000000a80)=ANY=[@ANYBLOB="18000000060000000000042126f30d89a3f1505f", @ANYRES32=r0, @ANYBLOB="00000000000000006f17e0ff3643409a00faff000700000018100000", @ANYRES32=r0, @ANYBLOB="000000000000000085000000660000000f5afcff04000000d54210000100000042a7f8fff0ffffff73a8010004000000850000006c0000009500000000000000"], &(0x7f00000006c0)='GPL\x00', 0x8, 0x1000, &(0x7f0000000b00)=""/4096, 0x0, 0x1, [], 0x0, 0xb6c0571a8428e2f0, r0, 0x8, &(0x7f0000001b00)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000001b40)={0x1, 0x2, 0x5, 0x3}, 0x10}, 0x70) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, 0x4, 0x2, 0x2, &(0x7f0000ff9000/0x4000)=nil, 0x9}) ioctl$DRM_IOCTL_RES_CTX(r5, 0xc0106426, &(0x7f0000001d00)={0x1, &(0x7f0000000140)=[{}, {0x0}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000200)={r6, &(0x7f0000000740)=""/197}) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000840)={r4, 0x7}, 0x8) msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4) [ 657.630816] FAT-fs (loop2): Unrecognized mount option "fsname=btrfs" or missing value [ 657.641269] binder: 24682:24687 ioctl c0306201 20000380 returned -22 18:43:38 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40200, 0x0) ioctl$PPPOEIOCDFWD(r2, 0xb101, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x840, 0x0) 18:43:38 executing program 0: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x141004) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfff, 0x1fffff) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000b55000)={0x2, 0x2, @broadcast}, 0x10) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000001c80)=0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f0000000040)=r3) ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0x100000000000006) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f00000001c0)) sendto$inet(r2, 0x0, 0x0, 0x900000020000000, &(0x7f0000000000)={0x2, 0x2, @loopback}, 0x10) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000240)={r0, &(0x7f00000008c0)="7e46dffd4867b764bcccd5545106e65d499b3dcf266ddece929eeba74213056c0110159eda6817486e493fc7da16e8855b28a11cb158f91988fe11cf926c71c4bc358af9e9b33f9c3e9232665e362fb60a860d33ca77651fd65d5f53062e99780dc677364007c45e69575cfe18fa915ad28763922e7cb7d655dac172a99e044221e97e74434f3edb34a9769917a3703625c2a95b080c765334f14377d31d251d1358689c35c92f2ad4dfa1f1f0baf448721decd80986bfbd00f266833f97c2040f865a33087a7f12c4a5464b218dd0c3a710a9e9bf3e28f33403d5e0529fa7140f5aea4fd864d1bdf211dfdd01797a9bba88dea99c7aa9b3f771e5a8", &(0x7f00000009c0)=""/167}, 0x18) io_getevents(0x0, 0x4, 0x2, &(0x7f0000000580)=[{}, {}], 0x0) fcntl$setsig(r1, 0xa, 0x40000040020) sendto(r2, &(0x7f0000000880)="c5", 0x1, 0x4000051, 0x0, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000280)={0x0, @pix={0x0, 0x0, 0x37303250, 0xb, 0xffffffffffffffe0, 0x8, 0xb, 0x2, 0x1, 0x6, 0x1, 0x7}}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e23, @multicast1}}, [0x5, 0x4, 0x81, 0x5, 0x0, 0x3, 0x1, 0xffff, 0x1, 0x8, 0x7fff, 0x2, 0x2, 0xd14b, 0x7ff]}, &(0x7f0000000500)=0x100) ioctl$NBD_SET_TIMEOUT(r0, 0xab09, 0x101) socketpair(0x4, 0x80000, 0x9, &(0x7f0000000540)={0xffffffffffffffff}) getrandom(&(0x7f00000005c0)=""/198, 0xfffffffffffffeb0, 0x3) lgetxattr(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)=@known='trusted.syz\x00', &(0x7f0000000700)=""/48, 0x30) bind$rds(r5, &(0x7f0000001c40)={0x2, 0x4e23, @empty}, 0x10) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000001c00)) ustat(0x3f, &(0x7f0000000040)) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0x9, 0xf, &(0x7f0000000a80)=ANY=[@ANYBLOB="18000000060000000000042126f30d89a3f1505f", @ANYRES32=r0, @ANYBLOB="00000000000000006f17e0ff3643409a00faff000700000018100000", @ANYRES32=r0, @ANYBLOB="000000000000000085000000660000000f5afcff04000000d54210000100000042a7f8fff0ffffff73a8010004000000850000006c0000009500000000000000"], &(0x7f00000006c0)='GPL\x00', 0x8, 0x1000, &(0x7f0000000b00)=""/4096, 0x0, 0x1, [], 0x0, 0xb6c0571a8428e2f0, r0, 0x8, &(0x7f0000001b00)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000001b40)={0x1, 0x2, 0x5, 0x3}, 0x10}, 0x70) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, 0x4, 0x2, 0x2, &(0x7f0000ff9000/0x4000)=nil, 0x9}) ioctl$DRM_IOCTL_RES_CTX(r5, 0xc0106426, &(0x7f0000001d00)={0x1, &(0x7f0000000140)=[{}, {0x0}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000200)={r6, &(0x7f0000000740)=""/197}) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000840)={r4, 0x7}, 0x8) msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4) [ 657.814928] binder: 24720:24724 unknown command 0 [ 657.830182] binder: 24720:24724 ioctl c0306201 20000380 returned -22 [ 657.848792] binder: 24720:24727 unknown command 0 [ 657.854972] binder: 24720:24727 ioctl c0306201 20000380 returned -22 18:43:39 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:39 executing program 3: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$UI_SET_PHYS(r0, 0x4008556c, &(0x7f0000000000)='syz0\x00') ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'ip_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r1}, 0x14) sendmmsg(0xffffffffffffffff, &(0x7f0000001e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18a66a11d6be8c337d625bd2fc38952b"], 0x10}}], 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vga_arbiter\x00', 0x200, 0x0) r3 = syz_open_procfs(0x0, 0x0) r4 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f00000002c0)={@local={0xfe, 0x80, [0x3]}, 0x3b, r1}) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000300)={0xaa, 0x10}) r5 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r4, 0x6) ioctl$DRM_IOCTL_GET_STATS(r3, 0x80f86406, 0x0) setsockopt(r5, 0x10d, 0x800000000d, &(0x7f0000000380)="dff60003", 0x4) connect$inet(r5, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) ioctl$UI_END_FF_ERASE(r2, 0x400c55cb, &(0x7f0000000400)={0x6, 0x3, 0x2}) syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x0) r6 = accept(r4, 0x0, &(0x7f0000000080)=0xfe0f) bind$bt_rfcomm(r0, &(0x7f0000000340)={0x1f, {0x8d95, 0x80000000, 0x84, 0x9, 0x6, 0x175a}, 0x1}, 0xa) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)={0x0, 0x8}, &(0x7f00000001c0)=0x8) r8 = getegid() ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000440)=""/13) getgroups(0x1, &(0x7f00000003c0)=[r8]) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000200)={r7, 0x40}, &(0x7f0000000240)=0x8) sendmmsg(r5, &(0x7f0000005700)=[{{&(0x7f0000003900)=@pptp, 0x80, &(0x7f0000003b80), 0x3a5, &(0x7f0000003bc0)}}], 0x3a6, 0x0) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000100)='erspan0\x00', 0xfc) sendmmsg(r5, &(0x7f000000a080)=[{{&(0x7f0000005440)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2, {0xa, 0x0, 0x0, @ipv4={[], [], @local}}}}, 0x80, &(0x7f0000005640)=[{&(0x7f00000097c0)="bf", 0x1}], 0x1, 0x0, 0x0, 0x1}}], 0x1, 0x0) 18:43:39 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:39 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 18:43:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/relabel\x00', 0x2, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm_plock\x00', 0x200000, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r2, 0xc040564a, &(0x7f0000000200)={0x3, 0x0, 0x2007, 0x7f, 0x53a, 0xcea0, 0x3, 0x1}) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000000c0)={0x1, 0x9}, 0x8) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x8dab78c70d2654f4, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r3, 0xc05c5340, &(0x7f0000000040)={0xbe, 0x6, 0x3, {0x77359400}, 0x0, 0x3}) 18:43:39 executing program 2: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x141004) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfff, 0x1fffff) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000b55000)={0x2, 0x2, @broadcast}, 0x10) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000001c80)=0x0) ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f0000000040)=r3) ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0x100000000000006) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f00000001c0)) sendto$inet(r2, 0x0, 0x0, 0x900000020000000, &(0x7f0000000000)={0x2, 0x2, @loopback}, 0x10) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000240)={r0, &(0x7f00000008c0)="7e46dffd4867b764bcccd5545106e65d499b3dcf266ddece929eeba74213056c0110159eda6817486e493fc7da16e8855b28a11cb158f91988fe11cf926c71c4bc358af9e9b33f9c3e9232665e362fb60a860d33ca77651fd65d5f53062e99780dc677364007c45e69575cfe18fa915ad28763922e7cb7d655dac172a99e044221e97e74434f3edb34a9769917a3703625c2a95b080c765334f14377d31d251d1358689c35c92f2ad4dfa1f1f0baf448721decd80986bfbd00f266833f97c2040f865a33087a7f12c4a5464b218dd0c3a710a9e9bf3e28f33403d5e0529fa7140f5aea4fd864d1bdf211dfdd01797a9bba88dea99c7aa9b3f771e5a8", &(0x7f00000009c0)=""/167}, 0x18) io_getevents(0x0, 0x4, 0x2, &(0x7f0000000580)=[{}, {}], 0x0) fcntl$setsig(r1, 0xa, 0x40000040020) sendto(r2, &(0x7f0000000880)="c5", 0x1, 0x4000051, 0x0, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000280)={0x0, @pix={0x0, 0x0, 0x37303250, 0xb, 0xffffffffffffffe0, 0x8, 0xb, 0x2, 0x1, 0x6, 0x1, 0x7}}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e23, @multicast1}}, [0x5, 0x4, 0x81, 0x5, 0x0, 0x3, 0x1, 0xffff, 0x1, 0x8, 0x7fff, 0x2, 0x2, 0xd14b, 0x7ff]}, &(0x7f0000000500)=0x100) ioctl$NBD_SET_TIMEOUT(r0, 0xab09, 0x101) socketpair(0x4, 0x80000, 0x9, &(0x7f0000000540)={0xffffffffffffffff}) getrandom(&(0x7f00000005c0)=""/198, 0xfffffffffffffeb0, 0x3) lgetxattr(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)=@known='trusted.syz\x00', &(0x7f0000000700)=""/48, 0x30) bind$rds(r5, &(0x7f0000001c40)={0x2, 0x4e23, @empty}, 0x10) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000001c00)) ustat(0x3f, &(0x7f0000000040)) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0x9, 0xf, &(0x7f0000000a80)=ANY=[@ANYBLOB="18000000060000000000042126f30d89a3f1505f", @ANYRES32=r0, @ANYBLOB="00000000000000006f17e0ff3643409a00faff000700000018100000", @ANYRES32=r0, @ANYBLOB="000000000000000085000000660000000f5afcff04000000d54210000100000042a7f8fff0ffffff73a8010004000000850000006c0000009500000000000000"], &(0x7f00000006c0)='GPL\x00', 0x8, 0x1000, &(0x7f0000000b00)=""/4096, 0x0, 0x1, [], 0x0, 0xb6c0571a8428e2f0, r0, 0x8, &(0x7f0000001b00)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000001b40)={0x1, 0x2, 0x5, 0x3}, 0x10}, 0x70) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, 0x4, 0x2, 0x2, &(0x7f0000ff9000/0x4000)=nil, 0x9}) ioctl$DRM_IOCTL_RES_CTX(r5, 0xc0106426, &(0x7f0000001d00)={0x1, &(0x7f0000000140)=[{}, {0x0}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000200)={r6, &(0x7f0000000740)=""/197}) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000840)={r4, 0x7}, 0x8) msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4) [ 658.444243] binder: 24730:24733 unknown command 0 [ 658.449244] binder: 24730:24733 ioctl c0306201 20000380 returned -22 18:43:39 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 658.485977] binder: 24730:24733 unknown command 0 18:43:39 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) lstat(&(0x7f0000000140)='./bus\x00', &(0x7f00000003c0)) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x0, 0x0) bind$bt_rfcomm(r2, &(0x7f0000000040)={0x1f, {0x3, 0x6, 0x80000001, 0x0, 0x1, 0x8}, 0x2}, 0xa) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, 0x0, 0x0) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000000440)={0xf000, 0x0, 0x4, 0x1000, 0xfffffffffffffffa}) openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000480)='/selinux/create\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000200)={0x0, 0x100000000, 0x1}) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0xa, 0x2034}, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc) ftruncate(r3, 0x200004) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r3, 0x800448d3, &(0x7f0000000300)={{0x5, 0x5, 0x0, 0x8, 0x8ceb, 0x11}, 0x0, 0x6, 0x9, 0x8, 0x7, "5b1a98f6f8837f3f37d323a310c625567409b83e4c742ea364cb1398faef6f793cbe1078dad1016a915435cc09b9edbb269107efae8cb65d1efb4e3f6481c2b7fb9b04e5d653cf5f7476ceb0529d3c52a24a0b9db8e03a852f42950f4140706b1835d152eeac2b98cee74e8c944a620ff711ad9c026c78475ba8a997bfd0cd38"}) r4 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r4, 0x80045300, &(0x7f0000000500)) ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, &(0x7f00000000c0)=r2) sendfile(r0, r3, 0x0, 0x80001d00c0d0) sendmsg$inet(r1, &(0x7f0000000dc0)={&(0x7f0000000540)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000900)=[{&(0x7f0000000580)="9140bd06e8c127d29040ce0ebb4025bebdec5ed26ef58528025431035baa277dda66f3ec80989d47963f3c7d2224e30c5463434eb167653ea28579d6a8a0c10b6c03c1923f38b98dd331b926", 0x4c}, {&(0x7f0000000600)="80873e2bf05231baabd00dff644952d2407674601b0dd83453d93cf66138690291cca0c57ff524ce370d2a139fb1a0a3bb5f6b6272b69e005a6b7fdef9dd6082fbb8e42ade9680111ef5054ca7b670a47aa9fd371baba345bf2233f836d55438fab1fa90139c89cc6850fec252f9c6674aadef8c1651bec9af920da0fa4ad7d03b780d16160b70e63b2671b15ba06b19e8c9e87912f799486e81dc5a70ed62c2b6bc6071efde4d26da06063ff3a7fe3dad2abff65f7583302a060f23393cd1fe46fca315", 0xc4}, {&(0x7f0000000700)="07ec7eab829469d67f4e374400bc68f539d6e9bcc5e3a04935bdddfcc4dd7f0cc2df400fa4ef0a2add6dcbc559bee723472768198a8ed722ed9537014af5278c561690ff9f6d74da170224deb2c603651875ec3313c125a3cd7843d13d0bdeb5c777bce338c2e286002d3705c27a5984643b02c6e3c639a286f842cb861d08a50c00f6997fe927d808c24ecfc2122ef19b46e168bbf2ca612b59d0009b7dedf8e9c7daae07ba831a045ada0e3fdc026362", 0xb1}, {&(0x7f0000000800)="56a46be6280bd5fcefe5de0bf88181dac3f06ccab7be3d45669af7d0e1a732cb427322bc8abc3f73931676f297cba38a25b88d065688c6c967b62e1b39f0edc343e78359742296d4668c2aff0b8260a7a94a1ab8a8e7994a1747ac5224601d641c117e18e530a3c91f0195dc8bd29f479b02600c2c6f91e34a86dacda7148cbd461a051a415d0f6a82480b993bc754ba923ef10f", 0x94}, {&(0x7f00000008c0)="668f76067f81f777", 0x8}], 0x5, &(0x7f0000000d00)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @local}}}, @ip_retopts={{0x18, 0x0, 0x7, {[@timestamp={0x44, 0x8, 0x6, 0x0, 0x1, [{[], 0x9}]}]}}}], 0x50}, 0x4000000) [ 658.527346] binder: 24730:24733 ioctl c0306201 20000380 returned -22 18:43:39 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x20}) r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000140)={0x0, 0xc55}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f0000000200)={r3, @in={{0x2, 0x4e20, @remote}}}, 0x84) r4 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x1, 0x2) ioctl$TCGETX(r4, 0x5432, &(0x7f0000000040)) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05638b0dc9e200000563044000000000"], 0x232, 0x2, 0x0}) 18:43:39 executing program 2: socket$inet_udp(0x2, 0x2, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f00000000c0), 0x4) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x5c832, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) fcntl$getown(r1, 0x9) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) syz_genetlink_get_family_id$tipc(0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket(0x200000000000011, 0x80000000000003, 0x0) fcntl$setstatus(r4, 0x4, 0x2400) pipe(&(0x7f0000000280)) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14) r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x0, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000080)={0xffffffff}) ioctl$VHOST_SET_VRING_NUM(r6, 0x4008af10, &(0x7f0000000140)={0x3}) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000380)=0x595, 0x4) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) fstatfs(0xffffffffffffffff, 0x0) r7 = syz_open_dev$video4linux(0x0, 0x0, 0x2000000000001) ioctl$VIDIOC_S_AUDIO(r7, 0x40345622, &(0x7f00000002c0)={0xffffffff, "0ef7273a95c61c60a4e2ab1ce86e892bba36074e4e4856110a75c4f0dfb4bcc3", 0x3, 0x1}) ioctl$VIDIOC_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f00000000c0)={0x0, 0x0, 0x0, [], 0x0}) 18:43:39 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 658.718320] binder: 24762:24766 unknown command 227238661 [ 658.727304] binder: 24762:24766 ioctl c0306201 20000380 returned -22 [ 658.782636] binder: 24762:24771 unknown command 227238661 [ 658.797239] binder: 24762:24771 ioctl c0306201 20000380 returned -22 [ 658.826281] audit: type=1804 audit(1566758619.781:263): pid=24772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.0" name="/root/syzkaller-testdir080379406/syzkaller.NqglUi/608/bus" dev="sda1" ino=17169 res=1 18:43:40 executing program 3: r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1005, 0x1) ioctl$int_in(r0, 0x5421, &(0x7f0000000000)=0x100000) 18:43:40 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:40 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05630440002375000000000000000000"], 0x232, 0x2, 0x0}) ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000000)=""/55) 18:43:40 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) lstat(&(0x7f0000000140)='./bus\x00', &(0x7f00000003c0)) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x0, 0x0) bind$bt_rfcomm(r2, &(0x7f0000000040)={0x1f, {0x3, 0x6, 0x80000001, 0x0, 0x1, 0x8}, 0x2}, 0xa) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, 0x0, 0x0) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000000440)={0xf000, 0x0, 0x4, 0x1000, 0xfffffffffffffffa}) openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000480)='/selinux/create\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000200)={0x0, 0x100000000, 0x1}) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0xa, 0x2034}, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc) ftruncate(r3, 0x200004) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r3, 0x800448d3, &(0x7f0000000300)={{0x5, 0x5, 0x0, 0x8, 0x8ceb, 0x11}, 0x0, 0x6, 0x9, 0x8, 0x7, "5b1a98f6f8837f3f37d323a310c625567409b83e4c742ea364cb1398faef6f793cbe1078dad1016a915435cc09b9edbb269107efae8cb65d1efb4e3f6481c2b7fb9b04e5d653cf5f7476ceb0529d3c52a24a0b9db8e03a852f42950f4140706b1835d152eeac2b98cee74e8c944a620ff711ad9c026c78475ba8a997bfd0cd38"}) r4 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r4, 0x80045300, &(0x7f0000000500)) ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, &(0x7f00000000c0)=r2) sendfile(r0, r3, 0x0, 0x80001d00c0d0) sendmsg$inet(r1, &(0x7f0000000dc0)={&(0x7f0000000540)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000900)=[{&(0x7f0000000580)="9140bd06e8c127d29040ce0ebb4025bebdec5ed26ef58528025431035baa277dda66f3ec80989d47963f3c7d2224e30c5463434eb167653ea28579d6a8a0c10b6c03c1923f38b98dd331b926", 0x4c}, {&(0x7f0000000600)="80873e2bf05231baabd00dff644952d2407674601b0dd83453d93cf66138690291cca0c57ff524ce370d2a139fb1a0a3bb5f6b6272b69e005a6b7fdef9dd6082fbb8e42ade9680111ef5054ca7b670a47aa9fd371baba345bf2233f836d55438fab1fa90139c89cc6850fec252f9c6674aadef8c1651bec9af920da0fa4ad7d03b780d16160b70e63b2671b15ba06b19e8c9e87912f799486e81dc5a70ed62c2b6bc6071efde4d26da06063ff3a7fe3dad2abff65f7583302a060f23393cd1fe46fca315", 0xc4}, {&(0x7f0000000700)="07ec7eab829469d67f4e374400bc68f539d6e9bcc5e3a04935bdddfcc4dd7f0cc2df400fa4ef0a2add6dcbc559bee723472768198a8ed722ed9537014af5278c561690ff9f6d74da170224deb2c603651875ec3313c125a3cd7843d13d0bdeb5c777bce338c2e286002d3705c27a5984643b02c6e3c639a286f842cb861d08a50c00f6997fe927d808c24ecfc2122ef19b46e168bbf2ca612b59d0009b7dedf8e9c7daae07ba831a045ada0e3fdc026362", 0xb1}, {&(0x7f0000000800)="56a46be6280bd5fcefe5de0bf88181dac3f06ccab7be3d45669af7d0e1a732cb427322bc8abc3f73931676f297cba38a25b88d065688c6c967b62e1b39f0edc343e78359742296d4668c2aff0b8260a7a94a1ab8a8e7994a1747ac5224601d641c117e18e530a3c91f0195dc8bd29f479b02600c2c6f91e34a86dacda7148cbd461a051a415d0f6a82480b993bc754ba923ef10f", 0x94}, {&(0x7f00000008c0)="668f76067f81f777", 0x8}], 0x5, &(0x7f0000000d00)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @local}}}, @ip_retopts={{0x18, 0x0, 0x7, {[@timestamp={0x44, 0x8, 0x6, 0x0, 0x1, [{[], 0x9}]}]}}}], 0x50}, 0x4000000) 18:43:40 executing program 2: socket$inet_udp(0x2, 0x2, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f00000000c0), 0x4) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x5c832, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) fcntl$getown(r1, 0x9) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) syz_genetlink_get_family_id$tipc(0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket(0x200000000000011, 0x80000000000003, 0x0) fcntl$setstatus(r4, 0x4, 0x2400) pipe(&(0x7f0000000280)) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14) r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x0, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000080)={0xffffffff}) ioctl$VHOST_SET_VRING_NUM(r6, 0x4008af10, &(0x7f0000000140)={0x3}) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000380)=0x595, 0x4) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) fstatfs(0xffffffffffffffff, 0x0) r7 = syz_open_dev$video4linux(0x0, 0x0, 0x2000000000001) ioctl$VIDIOC_S_AUDIO(r7, 0x40345622, &(0x7f00000002c0)={0xffffffff, "0ef7273a95c61c60a4e2ab1ce86e892bba36074e4e4856110a75c4f0dfb4bcc3", 0x3, 0x1}) ioctl$VIDIOC_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f00000000c0)={0x0, 0x0, 0x0, [], 0x0}) [ 659.366036] binder: 24783:24789 unknown command 0 18:43:40 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 659.386338] binder: 24783:24789 ioctl c0306201 20000380 returned -22 18:43:40 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 659.445008] binder: 24783:24797 unknown command 0 [ 659.471722] binder: 24783:24797 ioctl c0306201 20000380 returned -22 18:43:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@broadcast, @remote}, 0x8) 18:43:40 executing program 3: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000010000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb0}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x1800000000000060, 0xe, 0xffffffffffffffc4, &(0x7f0000000000)="b90703e6680d698cb89e15f02cea", 0x0, 0x100}, 0x2e) 18:43:40 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 659.659062] binder: 24808:24811 unknown command 0 18:43:40 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 659.680979] binder: 24808:24811 ioctl c0306201 20000380 returned -22 18:43:40 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200)={0xffffffffffffffff}, 0x13f, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f0000000280)={0x9, 0x108, 0xfa00, {r6, 0x70, "8118c6", "d850f274d21b43a505fcb4087627b735eca22299158f51417d627f7b55116fb117a3ce8bbf2931182cde008b78710be5c55820fb80ec863901bb94be10a5e0138a062e73b5e57b98e72c7bc8781c70434c0bc93bbfc042568143e010ba0edb4ec640e1a74372d684b90914b84bd19fb90ca680379bc0144375899c470971732567ed97317424b43071c2fbda7936992df695172a582c9a26c81314cdbbdbcf02958b952e1f72b5e13e83a2696bde2ebad9ff3465ce42884b3f14cd7bb683574e1d12d2fe01ce27a818e79648e27213afd745472da5e3e513a4d01e7efcf1b063241c01c7641d9780f1819d8298aaadca60a19b2ae853219f5cb74b1a7aae78d9"}}, 0x110) setns(r5, 0x0) [ 659.754890] binder: 24808:24816 unknown command 0 [ 659.759939] binder: 24808:24816 ioctl c0306201 20000380 returned -22 18:43:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x800, 0x2000) ioctl$RTC_RD_TIME(r1, 0x80247009, &(0x7f0000000040)) r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:40 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:40 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 659.998470] binder: 24827:24831 unknown command 0 18:43:41 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 660.032412] binder: 24827:24831 ioctl c0306201 20000380 returned -22 [ 660.097001] binder: 24827:24837 unknown command 0 [ 660.126822] binder: 24827:24837 ioctl c0306201 20000380 returned -22 18:43:41 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) pipe(0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) mprotect(&(0x7f0000ff0000/0xd000)=nil, 0xd000, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) stat(&(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)) mount$bpf(0x0, 0x0, &(0x7f0000000a40)='bpf\x00', 0x80, 0x0) syz_mount_image$msdos(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x2f3, 0x0, 0x0, 0x0) syz_open_dev$dmmidi(&(0x7f00000004c0)='/dev/dmmidi#\x00', 0x0, 0x1) getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0xa, 0x0, &(0x7f0000000480)) openat$ashmem(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x50) 18:43:41 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200)={0xffffffffffffffff}, 0x13f, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f0000000280)={0x9, 0x108, 0xfa00, {r6, 0x70, "8118c6", "d850f274d21b43a505fcb4087627b735eca22299158f51417d627f7b55116fb117a3ce8bbf2931182cde008b78710be5c55820fb80ec863901bb94be10a5e0138a062e73b5e57b98e72c7bc8781c70434c0bc93bbfc042568143e010ba0edb4ec640e1a74372d684b90914b84bd19fb90ca680379bc0144375899c470971732567ed97317424b43071c2fbda7936992df695172a582c9a26c81314cdbbdbcf02958b952e1f72b5e13e83a2696bde2ebad9ff3465ce42884b3f14cd7bb683574e1d12d2fe01ce27a818e79648e27213afd745472da5e3e513a4d01e7efcf1b063241c01c7641d9780f1819d8298aaadca60a19b2ae853219f5cb74b1a7aae78d9"}}, 0x110) setns(r5, 0x0) 18:43:41 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:41 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_UPDELAY={0x8, 0xd}]}}}]}, 0x3c}}, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x22000, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000080)=0x2, 0x4) syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x9, 0x400) 18:43:41 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$KVM_NMI(r1, 0xae9a) r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000000000000000000000e253aba417229093a20c5c54f569e17dd22c06f2b8ceca45a91bce1e7a6e25349fb414f50606b65e08d6dd536c7cd51895e928ca9a97e835508e84598f40445f01e9e7857abb326661cec9"], 0x232, 0x2, 0x0}) 18:43:41 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 660.224141] binder: 24844:24849 unknown command 0 18:43:41 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 660.262206] binder: 24844:24849 ioctl c0306201 20000380 returned -22 18:43:41 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200)={0xffffffffffffffff}, 0x13f, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f0000000280)={0x9, 0x108, 0xfa00, {r6, 0x70, "8118c6", "d850f274d21b43a505fcb4087627b735eca22299158f51417d627f7b55116fb117a3ce8bbf2931182cde008b78710be5c55820fb80ec863901bb94be10a5e0138a062e73b5e57b98e72c7bc8781c70434c0bc93bbfc042568143e010ba0edb4ec640e1a74372d684b90914b84bd19fb90ca680379bc0144375899c470971732567ed97317424b43071c2fbda7936992df695172a582c9a26c81314cdbbdbcf02958b952e1f72b5e13e83a2696bde2ebad9ff3465ce42884b3f14cd7bb683574e1d12d2fe01ce27a818e79648e27213afd745472da5e3e513a4d01e7efcf1b063241c01c7641d9780f1819d8298aaadca60a19b2ae853219f5cb74b1a7aae78d9"}}, 0x110) setns(r5, 0x0) 18:43:41 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'irlan0\x00', 0x3}, 0x18) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="056304400000000005631e4000000000f2b12abc2cd064a65677f448fb15f6cd654877e38de0c1b8e01b9b58ce5a9d85693cc3e72db37ed3f0f2cb070000000000000066d128ccd93520abb34e6f719ea702b9"], 0x232, 0x2, 0x0}) [ 660.358336] binder: 24844:24862 unknown command 0 [ 660.377148] binder: 24844:24862 ioctl c0306201 20000380 returned -22 18:43:41 executing program 3: r0 = socket(0x10, 0x803, 0x0) fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video0\x00', 0x2, 0x0) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000080)={0x5, 0x8, 0x4, 0x100000, {0x77359400}, {0x5, 0x0, 0x8, 0x1000, 0x1000, 0x9, "5b0a37f4"}, 0x9, 0x1, @fd, 0x4}) 18:43:41 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:41 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:41 executing program 2: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xd58d, 0x1, &(0x7f0000000100)=[{&(0x7f0000000080)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') r0 = open(&(0x7f0000000000)='./file0\x00', 0x141042, 0x0) ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000040)={0x101, 0x6, 0x1, 0x20}) write$UHID_INPUT(r0, &(0x7f0000000580)={0x8, "c0c814a55b6300d28afc61ac7dd1ffb869b761e8e53ee36e4be89e9fea175523e4468dec44bf8b5473c7a5062b4ede67dcb24cb9484ccfff2b3a70befc56e8ab2eee3483f5bf78c16beac035b700eb84e2216f268d02b717d2046c273814475b412437f7dc08a13a55d3c02132999dfd9fe80b750eff4d7c1da975b3835602728ae09e72527fcee19377e29c6c19e1ccce0f75e0e54001e3e83e473fa3d37eca8be1b3de565571e0e84f310c11fa8616068113b038aaa5c69967699fc2aa41c6f26fc22cf68e3577242c9b4ca20fab9de5885e0648fbd7af089b05f38f152d2f8144461608733c567b6dc5d2a07022c3764565c85abcfd99dd7a85e58939278235d50e8b321be7dbaa5141e097c28364fad2f713d666ca94f4e429687fcabb72aceeaf8abe5b506d98dc393b6e97492d785ead0ca2953f92c4d2b2c9f616e3d98b36be55a923fc5892413f7a3b615cec89b52e0ecdcee0aa5af72bcbb91b4bade7435dd8b529feaf13f8b48fcaca5952235d2e909f8831d8ca05a0daa3f6c581f388e0c1879b41fe63ef3d122bd0c5acd4fb07b96797918791075ae7383bb1bbdea574b31301ff37ecc45671ee2e7fc55bf6244025d1fd82dca56a42a23aa826a0b1e102bd87893ddc05649304eb1866c796e46e0d57f552bd572891ef892918bb2e7f2c6bcf68f388ea0c50f48c06de1b46b1434cdf25ca1288ebabe2a33d1c6effb77f91ef75471e93952caeda8ac2b2677e46d62b8366922d093832bccb949e177b4417864812d22972d81d89158288b5318d017329d4e8f66273abf74c434f318ebf32c7629342a85336387231b1e579d57cff0b125bef9dddf0fc33f71cb59d5a8972cda06ba6bba4a89cb8d3b465492c431698984998b2979ea61fed3d99b049724f2bdda5a0700ccb28825da1343f41290e569a6d38d4ae3968147cf39b097efd78e058fc71523c12e724bf93dc4ecc02b5cb18d13b59ec8f85368ac1ea93ed0149c60c53569dc69cdb3f37470eab26ef010b03a7e651b9e8e9065da347660836eddb3988c9a0f394aad055f727310f646d6cb35131d02aaf24735792bfce250798bebf0d1a4495fca568b9449e81afef2937b50faf873257d7efa07d31759474d50ca2a7922e79ab47dd59b11dfd1ec43fef3551aed81d01ee4ab997c6cecc39013dcaa442aec803e4cebbc288b4f9e87b30613f0ec88ddc6f60f56787f4040897e6e6bdac317d74b27f97f2efadb031f03c61954fd0232373582b7fa315d3eb9f67053126d2ed0636f04d669c47bdeb078fbda177533902e20b5ce9d8f395ea4c0aaf2cae774fe99bc40105a9ca184bcb598ab2f49c1df62d32d1a6d73a26812cb47a2ccaf0e9b759df89ad1e18238d897b9fd658f6786a92a0c12bd0ee6dad8a430a67962363e5b9afb3329e4f1f6fcd7e63cb8f24872bcf5b8c349d9ce423666ca39f16884219dea338b388e40f4ad996419cb3858637364d8e5af67f846d77b2749115131a3642ef56681315e4a2cbca5e60febabf693570f515e09c2a8994a8e2be3cba28118ef429d4de781118182607dd2c2d5aaba621ea29c140338bd8f1787fd2a3f43bb7fa22a8ce053adb331a4c78eab569af317e14360a6bf1c8b7394f34bfc1a941ac88dab334d5a2d45fc83bee28884698fd82339c972a06efb369220049ca89727513bd4262ad6f94f55f659ec98b684b1d92e1b6a303548a196cc5316e9845baaf01e737ef047d3d1ac4fe13de618e8fd6471c225e688b73b866213f4765c1a1ecf041f66a11177b0425b0423c455dccfa35a34f3b1c4c9850267bd41dcc366f4f8fef6982699e9aee7f3edff90217c84f6865234676e65911e5e99739792161766e959d061d6e86797b595ae3cffc043da0929dce1b4bd27e04532800f14f69398a681d46f00197f547fa138e676a4c84e586e9a2037faad7d7342221c229ff13606688ab70305dc28d01270604fbcb2b5777541e637a10e7d6c2dfa76461b18c8b303234282f31b7ed8afd0cdcc3978c6520a182000ea312296c7d9df08c2a67b944bc519113822014a831c8d6a7f8d26a7a443666b6077bdc1c11cf47001bcbb484d163543445c77a02140191bbb813da818b4dc3ef1ca420f624e5cb67c48024aeb8691b549202750899938067a3ad49da19e9fffc6486b3525fba8b2ff991fb3b4c1a536818f2dad96f713ac264a22136c6a3a9eacb4f69ab08cfe2b971a7d916833c6a0370d4b0bc428db2e4b4013899668b73caf9c983e2f07e46b4b5b4f0d231edee8b1951e1d0e34c881d1fc5c6be05b92b13680398e7109bd18048f0bd980fceb24e59411873e7a8a7f95f4da2ba5c082fdda710361e163a213a3dbb82c08a69020545da4636c09a67cd962182a011cf5eb1c3d999abc7b834ee518bb53afe19941927ca190699abf79c334c52e206fc851deb7398947ad5bd125ef3f51349497142e921c85506c739f6319ae0eb8e3c551ceb7e16afc2d6aad36841ed8eb560ef984ee5e00f1ead2c646546b3c145e3700b07fc257551641cf3dcb76a8b3cc75994f2c3eb521cea22d64c8b72b2de506fde8185b70b4707b7f571668a5925ca21e605904d7c896a5d7290b9c4fc75ecc7ddbbd7f6f003a74f53d1a5432e0377a3efce1e7ac61e36dc13aeea57400d4d3986db3fccb6edaf83f86daeb42f416f58c502e74178e013b399d0b155e0df86b40b5f3f2ab0ad61c90870cee340c07977b55622699101e5372677dd4e208fa6b5d4834a2d6f37b2ead107218aa0e702d1f6a60bd4ad3a2e22807237129fdc02993ef1fffe3c285bd4f7b093b2da8d772ce2df7874bf9b7fd0893eb66a4931acc38129bfe4a8fc6b28ea83bcca1220b66c86d4d90914bb9e9a425fce618f11b66f93aa78515eac0f3956cb1e8b6f12d7f6f22c1ca5563e280b15c64732aec2a37d6010cee0fd2263ea3ea2011043153284b4a5fc87cc0dd8c36f084ce715a6e9ba3e8b2586726255d122f2b5677d6590405ae031df8f83840ef3011a7f5d18037407758270d980aa65d5a4aa26a35a61b65178b6183b282771e89a8fe47bd3ea5a23146b924a47c3cc2540a9c8d91d4a8924e010fb6d3e60457e0aa86749cc3444707fda055a0f489aecda68af7f0d7d31cf25641a10bcc0d00996cddf9059121639fa3ff2e5490bae6b702fcf226d8e50f27f0973e5e4cf543445524d0fe3bd55d3f215978bfabcba0d44c076f5b333b2095c70f6a5426338bf0c065ddce27f6730606d84d1ccef8cebcd15085fa8a5d0975dc47eeb09a4ab6da21d01916c97f4e266c4b01f2bfb3b6a08bb5a7cf834e56782d824e7c55b591cd883ed9e806a4f7033bbab49a2b8ab2cb0f6da9d76968208236b35a51f8eba3769a676ad60d69c475706a630f3a078ebaa6ba5bc25719867cb61d48cc3a381b261165c04f3c93f37d72fc15f43df1de34e24e80a46f5d15fb362e71cb4a5365dde04a53dc5e42745fbd601ff148db416244dd76ac16f24138ef9a02491eb5b48d731a8bdcd46040d0ff11a07c040b83db84bfd21ffb1d818203cb7d3f8fca47f1dc510afa8219ab031aaba2147aed7c50228930e895a72abf55ca6997131e231ea92e0059b680735548adf2d572c3540e096a644deb3750e3b341bbeffee70ff22e0b4e56142e4c1965c01a646dd9b5b0055f88f08987ad45adb844b9ffc84792073048c28bcb60f2666802052ee45dcd9a2950d55ecf0234a3dcf67e83cfa0bfb1285eb54e6292d8075c9e1b459e48556f416898557c9c864fc5de459feb53e33dd1a6860a2d1a836ab5ff6efaee123b3715a7137787ee4345efbce38074e262f363a8ff400345c8539d44a7286c7291246810bce063f0877db6585842380b530a4aaef6e36779a95fed220cef6c1fff2fdd5031f83987dc3282d432f322852cc9dc6d00c59d5ed83b386ff97c521e528e59f2df932467ac02d17f8818c2de26d69725f42cecaf186fab7b6e10b1ebd9a9a12ed83cd382d9a6f9a9bed2736cb0ec0260057f5ec704d2e1a64caad59e02ff2022174b23564cb0942e6769b12e0ae4d65dc4c5e6b6ceaf2667e085909c93a9768b7bfdac612801c0bc3848bad51e2367f788cbd1c5091ce0e9c567528c72003712e91247d87f1ff60d3865fc687a35886822079392f8d151b89e09469bef98e59139c460a53805a93245148cbb9a6a010dadc87e9b1a0e0a89e87e433ff1c0ad4b125760858c8badff4d82cbd31cf88f3e2e16a4e960e1e0b5825fc0f2b21d660cf60069d43fb6a8a96c44fa922164f02c9cd5ebb6fad848871224d157777b5a70dc6deb988506bd03aa4ce2200e9ce23641221784250c22d2c8635a3512f45d433cf66e158eb261f48a23d54f5ef4358df3487da471eb5775bdba565ee170be126b2300d0dad050212606f2d77a63fa2ab430e62670e852b89944e611509415bee36bf0961c8918bd8b0eb8af45b1a9d0420c7101a9c5f4a63efb9cc8de7897b5e2b02cb5885ad8d0d8ac7754ba8d4e9d37175e614e3f3a6a7b122bbc6dd9ce78f1b9a4e940a1160bb85650d8932fe1a82d0525630ba017be5129625a45c3cae66c7cdaa33ee704791db81ef2e11a2f528974fa388cd929c934dbdb21425e6117839ab33b2926b036457db3a43083c3ec17231aed4ee5b607a45a5735c9470c03a424b43efcea953c078717344aeb1449c0dfa3a3ec224b542c16cf735466bdaf26b522aef1db547b14f07ebd4f5da34426a46007757be47ed3f643c47f2c4467762cd049d6f4cf8a78d04f8318bdedcee80871e91c0330499d88254555c456d9bde8a892394267eac15c230cf7e7ba19ebc01b1905c80476de3cea8258f6d0820d159f4aa8a37fb378b2685da4e0e89d253187219869f1157bbe4a8a43eabf65e86a6d9b21e25d91c43c3036914427833ed87073886719069148e2e47219bb5da5d9664d64dc5c4ff71c0e808dadbb53a23e41e3c02fd0c9e0704490f3283d1864d15d795882e6522f31445556cab6832f273dac0c7aef4e3f8c09a34d1624fdb087d852f2e827fb2c3105f1afda54b9dc12cfde3cf7747daa5ac70904e82636a13155303f9a1198d6e7f9dc7be394ebc5db9e8380e290e6cae5f320caa56aa94490789fce2e2540b3de8865396f58e14d61d3cb122f7bd1af5a27c6fe733eba3cc39106efc906ea967fb833e2480aa80bd56ccd9e5c25304e2b8135f1453af70059e599cb67bc8eaaa38c39768e74d3da8aba0135f0192d7ddf0149ce62f353b0360251f1f88b272c6e85b4ee4e0563a6de80de83749af6e6aa4d80cab7031aff3f7e8d0c9114940549f828a62be9fd6a16db001369728b4b93d4ecf91563ae03def3ca4e9900a97657c4ff1e41c5742fb3329ba882ed61645aedb22f2543b83cd4007e5d228697a48064acc32ece41f2d5ead3f31a9689249e8b4bb57ac0b136b6c60ec531708235b94db823344aafbb9b79e21959635664b2193c3add0b28767906b7ba4118e6548e9a23b49e9181dc6f7dc7857425c9ab1b1451bc4572fd060190d0b5a76b8368b68e72a212bd0f89d0778d293b1d32f155f30c9aafe7215d2e746ea8f2c73a30bcd8c093a489519b60616b15afe69074ee77fb65caf5faf0aad49106057a91fdcd622a07ac21eb5c221f2e65323228af41b3eb894517c34c4f60ba20fb6f6c4309a7357884c0eeeb0a4874550107f2d0ffdc412f86bdf712f96183b3932cfb4da3f179cde1a288df9af09c243fae8c67b0d208d9cdb7adde8d5e548e0624b19da4818ef656b88280a", 0x1000}, 0x10000005c) fadvise64(r0, 0x2000, 0x0, 0x4) [ 660.544950] IPVS: Unknown mcast interface: irlan0 18:43:41 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200)={0xffffffffffffffff}, 0x13f, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f0000000280)={0x9, 0x108, 0xfa00, {r6, 0x70, "8118c6", "d850f274d21b43a505fcb4087627b735eca22299158f51417d627f7b55116fb117a3ce8bbf2931182cde008b78710be5c55820fb80ec863901bb94be10a5e0138a062e73b5e57b98e72c7bc8781c70434c0bc93bbfc042568143e010ba0edb4ec640e1a74372d684b90914b84bd19fb90ca680379bc0144375899c470971732567ed97317424b43071c2fbda7936992df695172a582c9a26c81314cdbbdbcf02958b952e1f72b5e13e83a2696bde2ebad9ff3465ce42884b3f14cd7bb683574e1d12d2fe01ce27a818e79648e27213afd745472da5e3e513a4d01e7efcf1b063241c01c7641d9780f1819d8298aaadca60a19b2ae853219f5cb74b1a7aae78d9"}}, 0x110) setns(r5, 0x0) 18:43:41 executing program 3: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x20500, 0x0) set_mempolicy(0x4003, &(0x7f0000000040)=0x9, 0x1) syz_mount_image$minix(&(0x7f0000000080)='minix\x00', &(0x7f00000000c0)='./file0\x00', 0x400, 0x5, &(0x7f0000001400)=[{&(0x7f0000000100)="191808b56180aa668939cca92a416e7ce36d320661e9f44adbc9eca770e1dd347a9bf3d58de84d6bef8c0720c4fda82162bad49887d2bea4c0d0ab", 0x3b}, {&(0x7f0000000140)="6e7abddb79c08c34b173860e167d265f0c95641ee5837b3f2d6842f576c411d004798561919ca154b18ac4262be3ef394a846cf5d8a8cab22b5c53746cf1a8a507cbcf5725ea9056ba78622c693c4d26f9540cbceb784b2819f1aeafb7db14043d3874ca0774384bf921f086bd97ea130febb2be009b523ac7d6e035dd0c839f526b8f481a57358b7d84f2d733b425e0b7287088ea4eb1b0db4b5774e273685cd76d9f02807269ae69b6994be4b7f73b2a33a4637d77cfaa4e7f53c710598b33ad0b7089fa03c79d910912f51adc8f5e037aa12fae1afef23b1b", 0xda, 0x737}, {&(0x7f0000000240)="75b3b820cc966b1ce57ade0a5f7a2718ebcf1789763a68c07dfa2a4b417b12b8baab84682f1ad9fba9c34ca5c201bba26c0b560cd1a7020ae297fc288c02c15feedcaa75c501bf53c9fc187937f0ca2d17a240532d6741b82ecf106d3ba80538cfe849d8ea00aef660c420c349990e23445fda6f97e79104d956af242ec96bfe0dc4187b7407b1b4b563eb26cba9281eb81cd733a053585eb7acd76ccf4a8397d313d8844bdffb7060c99f001357df02b76951344e8d86bcf11618eda69f121c8ebbbb247546a5", 0xc7, 0x6}, {&(0x7f0000000340)="f04c7750da4a4bd752fb10dc849434ba578a510ddffcedc8027a338fbc526018d46acbc9efba5c68c3a4301e389a96f8f8363a96f0072f5fed2417a9e39d165b4215ea51ee88f51cf0188f5d2c7a5bd22167ed3415e070f4f7ccbf58672447d23207126bf6c142f756f214b278ae256d6845dc38b5814d4024e677159e5e11814c9d29db831b57a3353aefbcd2a661845bb9ba1fc20451d689a37203679840f94dc609", 0xa3, 0x81}, {&(0x7f0000000400)="9f8f3e077587e4d1948ce31ef5a782ffb5bcb992e85082890445e4b6fc2778c633f09f510ab9ba597089bd647a8341a6e521f13c3f5c409ec604e19e546861096fa7cbe2af05ed47bf0cacb1baf0f93e3d1242b25cfe94dae4d51524f65c429ab98ff2ba6ef7c1af9bd36b3c5d0f93faf0937fe6795826a347a7d2cefde087b62e0fbdef60efc101556d3e4f3ff75956feefc30680e284eb47cb5287d4d0978005ba0ab55ec28853ff573f8f68d4cf869857aeff359fdfbcde645fc3bb08254a8c142fb85c2c0ad90887ca54ed71cfa4107c29c79c165fda2bf09ced94044de5eb17cf0248c250e2fb50b1c2bf1bb4cdc63120899c4688d1a8393fb996079d9c4ea91352b207728de33d12fea201b968926190faa9e1923bdd6534e628d73f7e2742be7bf2d72c2cffc946a30ac52491406ae0697e225cfaad9ef1ff1da853521421c9f6750e448a77b0048f95b42d82cdb841d906f364c8b757f33db69346a9626bdbadb16ac2ac5558ddc7d8acbf2dc184381ad8261398e23b27c49a15bc6a67c0dd037e4c6cfe279287ce3e5ea927b741669df217581236a4fac50b310d7143a58fd6220f9e4010bc12f8ee5a84ea3a4c5efa02d512629d4b2f918a78b1531acc11058a86acbfb9cc2d613eee97e29ded2d032228f6fa9365ef8ef81d8f073ea67421fdd7ad50e25a508a12abad30820173111732133e6af16da1da4f78e147220341f18a7b9eb1182d3685556005c1967c4559c472684f253568f1b7b33217b8cef93f861a48bc2aa559cd9feddddc38c30b181cb2b047566d7cddf982f637a1ef3c2339421efffe747aa28fabbaea541a16bc7e8951819c575c86b1a1cd120cc0b760ebc5f9549b75e8e53892fc651cfec4fe34f4c6f23a0fd9ef5172f31e61d543d4937f8422a0a0a147dbbba18b58fc1d5fbeeb32020931db37a06719cf832415a2e05f171ee355b4b5056f4a838557ebd4b7e9821625e1095530f43d792c06ccf2c484ad3509888da11d73a1e79ab38b5eb12af4678c9a2a41c6a5c5f25bdd8df2e3294b67d2b42f8551738df702adf50481c2f41c35e2245aaa2cb3eb8db7d1d3a0861396a980d576a9d51038f52238e0d0465a0311dce83eaba0ec1af04ed872649d7bef1a7922d9c15cc4af407f6b109f60453958183a5d1a85d8f4ab3b0ccd69feae00f9182d9792c64928582b8c83ac0aea573eb70a82402cfa64fea6cc1e2e0c6c8e949bf95e3f1a342fa3066a98f326a25e88819dc024b7b93e2398f09b2a60f39039dd199e13e2b35efeca5466308e2c22139fbd4a9b2ed0c2554e722ca34862e20799c790642335d2105c2a0907a8176f12200b48fcaed2b65f33095596643fdaf3edb9b5155eb6c2b247dff2065d67e95dcd22a25d88db61c59e31d8caaf5286ee5ad989ebed5d0659f8d0a54bf65fef6198c06093c3b73286d8cf04a2c2d3b12e2dd07edf9467004987baa7e602245fc53b0a4e27fdf0dd4afbadbf8d90002630721bd7d58d3eda47f47000695e31e0dea8723f69c89b6a23627d42bdef439f89e22ae60b4a08da68bd533ee1a7699f6d9bf37c10730e6b2b9a1c16fe4abc0385753d60e245ee90e044009090965b92c4fd8db1117231edfd9c46f0b33ce2cc04e14e3dad0293f2012eb10d4ddaa849fdb5ba13210a1a544e3bee8da84f8e2b968d424df6561924dd6c0bf0b5f5caff39641f783231364192c7bd16ce00fcb2e4fa0644dbf813efb423323d495d5679eaccdc0a28097c1798f51c73728a7f0889fe15fe5eff14335ee2fdf0c3fcb25bb7ca917af105bce02b6f9bb00562154245164dc5d0de473d8a71ac87ee25d8f992378301731d0d930616797e2c94382de752dd28c2c8e58b91d55a5ee981f78cc15bb4e17d9b7f99b7d4e65429b4c503950d2dc4b3f7c09d171967fe05b20b7882ad3dd412be3595923991f3c5f43d122043119d5221ab048e647bed5d584dcde06eb4e801cf5fdedeb9b6642e0c86750ce6d64e0dd521716c69ace551f8753ae53e3f68c286f73f2d0dfc1a0bfcdba2622a4d4cda6a327280dabe9a9893a7cde3a110837af0ba17cbaa8a3afc22845e9a33c25f926760d948fc60b13c715f853482ba2bfb95363788a5bf5c9e3dee8f57036bf0eddb677be2ec5b4d019fad92a84749b12c2ec26982d00ea13826dfbaf47e5bf69e26d7cd3d5578a2581cd12763515f4a73a394a77094c743eb2effcbe64bed986029dfbfdbe60880db947d95fb09f53bb19d2aaa29c2ad240e3c07e6e69ae4a0cedaa1d992877a314a89a4279b556dc1886b2a4675e71e0ac1d8633aa6522c1c6979bf7f1d4ce177f5e954024e2a91399a42fff6ff3b24087d5d7f7e40fb4689763fa9a7d34eb920c25fed641d7e263f17a84045d4e9ac6ad59498fe1d10244ab3cb605ffc814cddc1749b493e56a75dc0e8d65d0d9cf0bde455962d422002f2c968809a5bcb3a1bd158b4485b27e5d3d1c3545e758eed13ee1e3e646682bf682d8f87386639b20d374786ec4511178cfa0730b5b6d079039c8fca4420eb953f074552a0d68ec0c4970225191e14f78e28d4676994fb6c47a355cfb6216a953a42879249cba3d211a041a8ea98c25615a1dc4077b5f7597b0a5a9c07941107533bc5d1888c27b27121c197bfb17815d5a58bbacc482d387f945fcbe93ee91a3e9fd0a8b4b8226e0d2f99d1f6722953a039760dc59597ca0d0b2e173c552b5353017fce90cb599a0e8974e940d9f5ddc324f6d8617bbaa2e3d5886382724b43da36d746575e3be8b21de10d1aac5ae53709e861f3998d7412d1ff87bb8c4ff3f97e6cec64c2888a4d153222779bf60903c229475e53122f692757cec02e3275f2a9f235c1c822743e0b635923a3a5eb82ee24ceb5466253be0913eae917925ef2f62d7ab08f756a1296445daee5306e0f2fc15d1e4a60c8bde61b61c04de1738af588adaf66f5aca8b803da0338dc9690cf79bf1aef8aff714e8fd1ffed03b243f00958226410445b1ab7ed454fddc23481fd2f54599bc8eb97007b8c3e0c6eb4fb7c58f722c0d0909c66862f3b9d338ee1347719497f65593c2f64b8425fc2b3ca1936e8ac9e17a6a189c413454a6705f12c2af752797ea84a915bd0dbbe96ac9dc6cf6be9f6eced6d79afffd7e00ccc45601dbb3f7d45a98a801bb46cd9774eb0c8677e3f7a056afb2602d6e61d888e3b7e62eca0e69007aa95b16373e18080426cd01aad0d33f2c914bbeb3f55728c9be93709aa748d49d3a4627734c7f09e4d4f84cb36933f1533a55c283fbef01fdacc8b874d80324e672d719fcfe7233778b05cb9e9857c99169b64bde732b5454e49e7233e53089bc7f7674086f744c32056b22554a29837b8d57b16110590ad4b20be0ff3dd14e1eae5fb0d30e41cc979d49e05e21a6060eebd1a9aa0369b968863e6edf28e0873e56b1ca899d0d77616747e43bc1c90069be419fc7a987564900b91ebe0051922013d9158244d9da2cac2b5b61f05ea9f6ae1510c48f0933b37589317982175804c3963ede9f21eac9ced15d6deae8a74435c778dddc079b0c5be8efd160a871098136257013a718a0e090e2e453af41a7c94d58a5850a4a5771bcd4cd550f1087a2c972e37822fa864e14196459326aa2ae1be0fd119fff987ae421d59aba61114bb61e97833b76f8bc7314d10d7cd48818aa50c96d9ebe560bf0fb0cc19eea3f0e45b93ef5d255e37830bb045b29214fe201a0ae6717932e8ee0cf988a761a14ba2be92a970f787dac6d14e845df0ab254893e13d9ef34c8bd7f2e865aad7477b4f7d677b14c0911f36134ce29f37c176c06f55842f61a7efd58e6dcebc8ddf956de407002ddc656de92ef5fc256034daee83e035e7821fa0f9160e52e8f082a0e66e9019b7a48fb88f4fb6d868b212e7d3689f8b1d81ffe014065f554307c6a3a714b9eda07344cafba63a9b2eb1289a5c26a8a2693f62b7380160a7c4e33facd764b149effc426c4686b742c13e5e822a2c6f0e444e7409829d81138a3db12b46952ae84867afc1ef2d82985e15a1381691480701c1f2edeeb4d134a0de78dd32ed18ee17592e5130dabcbeff0bb7b8accf9be861eac1486f8db524d2fc65b860984ed2d610c6826dba438dc8bc9447a8cbfe50998fd254654e1eceb7ac57d997e762c961d66cfde790dc6de144eee2df0c659a30590eda075951a0eb3afeb8de00f54cc9f381fea2fbe31066f446b41183f60c90da28862cf821d311074b19d6fbb3c452b1fbf43efef928b248df40ba800fc6b44e2df39f7c4245e1dc987e047c026f629397735e57c37be64aa3abbda48f526204044f5be78740b550b2662bb54bf6400b0a256cef206692634d20fde3ada2dd2a349aff5e1fd8b8428b97e51815612cf0eb611f587b2f9dfe800da2d473eb62f92c6d4fec438d1f6faeb59a6e9383788bcffcfb1cfa0c29bb5a0cb3bd466992bdd04a1f7caf0daf0786e44fdb071d170a4ea38a06d2494b7d2746776f6968d1d09775c58b13ee33dad04fa891433107091b9a85b35ef59cff2de17ea37e3bb446362c0c985cf55c8535d23e73fcc2bf8f9192e5b79e0332ff391fd3e9e767c6fcdc700a9b838a71083fe973a42d660417b5ee577a7d7ec3bd2d93adb73952b89f3cd3e72664a400fac42ebd21fc2387456d6306eb5ee27ca25358ed590131d109836d02cc267f08c5e01090c4a4bc2fc872ed7d50e4ada1e92aa0e90beb337860ab033c7b4208571404338f8efc65476ce3c4eab637888bca295e0084a333e32bd0ff687eaebf3764a228225cc1135ea6c428148a88713e48090bdb4211fcc3db4308fe5cc3bef06867327164073566d52917d0d6bf714b0e89b111bee94b6c8c14d0400b195d87fca86ddca258b2d0819187a247237204d412e7e0f19944f3faf6094e57e7ffd414dc60cf97929695e3986706c8565c01133ee2a2d95b5ead81d7011f9bdc71ff98b89ab722bbbe788d7e492a4d284c46054fe7b471f4c6f6d66b1b3c7549342a1b97c47b10819a28249c2463c39446e8eedca43b23bc2c7d952075bc578c4a1d7a5a3159e3a6ca2553072568e5dc8d734e7af19486d03597574e9ee59e23f6b4ed03009c9dd03ee47354ea0235a4f5513655beb49e54b1b3745f82402cfb186424482edb02f406c67b9f2f572bfa9409da0f5fccb1ae241863f51f109cca3dc1f0af35c027385107cd00aff71fc256223d8865151e07e4609a6f2976f0af77b3d6a66fc92720153c57ed3329bc3ab75b070a4a424f8dbaacfcefe173e5d443e1b28aad56737412d0c3f7f125486410ba2f21901e15012553662db8e4b6d6066387f88dbda9f77369fb246207f2e527ee26df2f0a218a8d8e0f0243d43e3c5b261755f879f7a3fcd01170f1ce9a6be53358fc1668fa4c36e15f50a8bdc0b9f0cb1ec01b1738e67bbc0f27062c5b5abf4a569a2e1b404b6cc602c412c1ec6f4d95b237ed95c1edd44d4d46a619621de7b3e181b0b8d6ef89dd21473c1166d9a4ef156513e0b0c1dbf621d8656e9f0f77bab87c3688dc34c6104ae8a1fb7daa035ae9eaa023716edeec8a507370f4496b27ec919940ab5ab0b1b3d03c2a39281a6b267118f312844e51435e59e0ae783a41dd35a7f46d5a03410d5756b2d77b721bfe2f2da60362ec607025036bfc56138cebbe65f0687037ed13cbf64ee9065478216192f5264b67fa7d7efe8ea3272215ed39094ca6f564ff7dcc646d214f6c249794bbd162d45a0f1f97a48bf8b0403039ff36ea123c97f7c61bbf48b5", 0x1000, 0x3ff}], 0x800, 0x0) r1 = syz_open_dev$cec(&(0x7f0000001480)='/dev/cec#\x00', 0x2, 0x2) ioctl$KVM_S390_UCAS_UNMAP(r1, 0x4018ae51, &(0x7f00000014c0)={0x9, 0x9, 0x7}) write$smack_current(r1, &(0x7f0000001500)='minix\x00', 0x6) getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000001540)={0x0, 0x2, 0x7fffffff}, &(0x7f0000001580)=0x10) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f00000015c0)={0x0, 0x29, "361294eafe582aec2e3611ea3f24069ed372ce2e7950c0e426b647c337c2b0c69f86dbc6dd5e8a0b11"}, &(0x7f0000001600)=0x31) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000001640)={r2, 0x0, 0xfffffffffffffff7, 0x8, 0x100000000, 0x4, 0x3, 0x51e0, {r3, @in6={{0xa, 0x4e21, 0x749, @ipv4={[], [], @empty}, 0x7}}, 0x6, 0x9, 0x122aa13e, 0x5, 0x1}}, &(0x7f0000001700)=0xb0) getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000001740), &(0x7f0000001780)=0x8) ioctl$void(r0, 0x5451) sendto$rxrpc(r1, &(0x7f00000017c0)="e2d60a5f1c8057fe010b8a5f3b91f3bae656aa5e240d5aeeb84107adc6546e1ba0d8e2ae1fe4484632ab0e481a8042", 0x2f, 0x20008004, &(0x7f0000001800)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x24) fanotify_mark(r1, 0xd, 0x1000, r1, &(0x7f0000001840)='./file0\x00') ioctl$sock_inet_udp_SIOCOUTQ(r1, 0x5411, &(0x7f0000001880)) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f00000018c0)=""/28) ioctl$RTC_EPOCH_SET(r1, 0x4008700e, 0x16) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000001a80)={0xbd6, 0xb1b, &(0x7f0000001900)="537ce243992f7b9ee0d9daa504269ac8616b43af394c731d8fb5d3c5d67823ba589b16343f95538196dbc093eddeb0846b6782372c2cb0c66e37cb826e4d3315069fc9002ae9a1600495d5612ae8da6b2bd62bedfc3e2aab4e04197a89354a5bef61c387a367785db72e6351708b71fd3e134364cd9c1af4aaa45c88da6d4b7df17c026c07e072c87db220d6be1a96122025e5062a0e013e76d0ad96fe2d161962c644c14f356a306d7b07e464024fe47d5b85633989f4555315f3045d473573ac6aa11319dddd7698cddfc826209a7e1e10dbf3ecb7c743da5acb0e0988ee88cd3d56951887749a82e1b7db4270af152d5fe0c0", &(0x7f0000001a00)="113674de94dc152895b3a7cd8b1b76ad78866b7621fbc8f874adbbfffea630787de886d69bde753d4842a7164354e60e07e948560961b3b794d2ef30d32f28c2459780b1dac29538ca9cdbb9090f374a029b49b6f276155369512fd5dc9414e7f98bf1c40b721527ff72c9a99dbc2bb87b6b", 0xf4, 0x72}) ioctl$SIOCRSACCEPT(r1, 0x89e3) getsockname$netlink(r1, &(0x7f0000001ac0), &(0x7f0000001b00)=0xc) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000001b40)=0x1d) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000001b80)=r1, 0x4) recvfrom$unix(r1, &(0x7f0000001bc0)=""/129, 0x81, 0x2000, &(0x7f0000001c80)=@file={0x1, './file0\x00'}, 0x6e) r5 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000001d00)) ioctl$VT_DISALLOCATE(r1, 0x5608) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000001d40)={0xf15, 0x3, 0x6, 0x6, 0x1, 0xbf8}) socket$inet(0x2, 0x6, 0xa1) ioctl$SIOCX25GDTEFACILITIES(r1, 0x89ea, &(0x7f0000001dc0)) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000001e00)={r4, 0x1}, 0x8) sendmsg$nl_route_sched(r1, &(0x7f0000002000)={&(0x7f0000001e40)={0x10, 0x0, 0x0, 0x10008040}, 0xc, &(0x7f0000001fc0)={&(0x7f0000001e80)=@gettaction={0x12c, 0x32, 0x20, 0x70bd2c, 0x25dfdbfc, {}, [@action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x100000001}, @action_gd=@TCA_ACT_TAB={0x3c, 0x1, [{0x14, 0x18, @TCA_ACT_KIND={0xc, 0x1, 'vlan\x00'}}, {0x10, 0x5, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0x14, 0x9, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_gd=@TCA_ACT_TAB={0x38, 0x1, [{0x10, 0xe, @TCA_ACT_INDEX={0x8, 0x3, 0x5ab0}}, {0x10, 0x18, @TCA_ACT_INDEX={0x8, 0x3, 0x7fffffff}}, {0x14, 0x6, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_gd=@TCA_ACT_TAB={0x74, 0x1, [{0x14, 0x15, @TCA_ACT_KIND={0xc, 0x1, 'vlan\x00'}}, {0x14, 0x1b, @TCA_ACT_KIND={0xc, 0x1, 'vlan\x00'}}, {0x10, 0x1, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0x10, 0x1e, @TCA_ACT_INDEX={0x8, 0x3, 0x20}}, {0x14, 0x2, @TCA_ACT_KIND={0xc, 0x1, 'skbmod\x00'}}, {0x14, 0xe, @TCA_ACT_KIND={0xc, 0x1, 'mirred\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x101}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x53f}]}, 0x12c}, 0x1, 0x0, 0x0, 0x40040}, 0x40000) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r5, 0x84, 0x6c, &(0x7f0000002040)={r3, 0xdb, "d443cefe13c0389a486374329eff04c6170ced9abc86b1a53d52cf093c6dcc99a4b44f653350e2d805d86d49002ca67bbe0040fe6c4adfd44e33d57448589f5697d696f29cfcc4087184e1d113ac5ba0d58f7a650fb07fdf5efa93b9b06f61de68f3b73c7753296eadad5e88037eb6c0feb5b762e532199f848d9b4eaa01753e6f55203081f9cdc8f837338f88485ab4ff7adab5d8f61968a1fc825b648319c224b705f41169c2253cc49bd955de0025dc7c691e0f7915f1733d2defd0e47171bdd855871ac88e10f1bd81b9c229391e01e9717f7a90f4c8e04eaf"}, &(0x7f0000002140)=0xe3) [ 660.602945] binder: 24871:24880 unknown command 1075733253 [ 660.610520] binder: 24871:24880 ioctl c0306201 20000380 returned -22 18:43:41 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:41 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_ifreq(r1, 0x89fb, &(0x7f0000000040)={'bond0\x00\x00Z\x02\x00', @ifru_ivalue=0x20b17d7b}) [ 660.657063] IPVS: Unknown mcast interface: irlan0 18:43:41 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x10000, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x4}) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0x4) set_robust_list(&(0x7f0000000240)={&(0x7f0000000140), 0x8, &(0x7f0000000200)={&(0x7f00000001c0)}}, 0x18) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000580)={{{@in6=@loopback, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in6=@dev}}, &(0x7f00000002c0)=0xe8) sendmsg$nl_generic(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x210000}, 0xc, &(0x7f0000000300)={&(0x7f0000000680)={0x1804, 0x2e, 0x4, 0x70bd26, 0x25dfdbfd, {0x3}, [@nested={0x12e8, 0x9, [@generic="5403cf2d8f871896577764ae58b9b50d85d50e04452c6b2b5f636e106b56fd3e6ad3e7ed9da697345fd45e4048e9fe1069b0a578e40c6b5dd94dd69b69bfe04f95260ddda35cd1610c25af99ab3367e0507942852e2a01d8afda6685a69925", @generic="1a33d76a163bb154b20cdfb3fce27268f0d0faa7c3fa0f993a5cdf96b911c2abd8a51aa47afc9230ad4549a05f2d5c11557b4d24f9d099991ae64e7a150240a1e7ae96913f585ce6c391a78f49aa31ac5e96b95960c50527c05079c73e09bcf1aa4d0859e5ba8e5c2b6822223d7d85143abc9ef517e94ef1f86f749f769c88b63b6d9cfde5fdfb2daf19b4d35083b414fc85e110ae72e5d02867aa130cad5b6c43575143b8ec47f96d44776479162a0524a57ba1fd9a89566d67691ca3e5a1bb44dadb480659ccb06bc37c4dce2f12bcb4ca5ab88f1c1b5a21ec2fc494b1366e178b29ab54b481e24b946954d3be5fa867c88d1d7008412b17bf458f14d063d46f081c3534cc251c9bf6260778e8e1366a2a13c9e5c09b96c3feb51e0caf84b658e0f82630e1dc22c0022d3e940c892475d5549298b551dd01d721fada5f7f62cd60d9a401aa8fb32f62cdec89f751ee99da5037aaff75f8e61fc4cf433d660de1df099ad75afe27bf914570f5d10997d3d382a48b1ac4fa0d1544d6bb50b31be3c1eafd4cac1e312e7b94d95bddbd650f5b434db214616ea259d5eba2abeeb9ae90cc89a1972e99f0487df0b9025c28563ff9f430ad115037af51bad2862490f877e1bc37e5eec397bcd4682fd029057fc2b124850dce9bcd17bb4d47aebfc53dc13220e17aff9449c81615bc21bd6df40178f1ff773edbb142f213b427c22ed5f64fa5b3c880a5da7079fa9d9aa571d8b43588609430942d064c2445e3bcc92308d0aafd4495fad70be7b42e7660292f3dec6384092fb3be29c10e8d29329601193125f4a5db0076ad0b88db2ad8c1e7fc8bdb7cb084f639d6fbf37ee4fd6c22704567725b542804c6d2c0b2b5a656dddb87cd95e7f439839f28ff81b77ce23dee78fda11d4a714056b5a3031861089731e6e3cde54538177cf6aadb9b7ea413a6ed82a60efa25ff49e91f96d4574d4f67e92c4fa7beefe96910bbf975f406765e98deaebf093db859d28f37589a5f4c976cf8a586d7e7320c5c4b05b88765721bbf9721803a7eb482eb0cd0fcc3bc4b1ed1e192c64b27fcf4dc23c3178d01c5454531dd4771ac2029a76b29df2ce7d351984d403c1eed0c438d1ce03f55ea4cb3fd3ce12c459c57aa531a5458a070937ec060c7199fb6e706d07c6565e577b558e8401706eb7a47277e95cdedd1995e8e36a12e35d1f2c0bb3d1f583fff47ca0431bfa7a2cc20ec60dd74db601a6896353a2a280ef21726bae4df70366cfe37d502b7ae7209b53cb1ddbc0b0adcf2b7918010b2f3fa4c4861518f02827b2f6970d5e78d5d99749be5687fa12d8a187f64dd97821c06e144c3192c5cfce1382d5902c1874ece7d812fda058d030dc7daf80324f872b91652fc2f8edfeb737e203795b9a4c3b70562c7e5b828c21d96c1b56972ab83efddd78a6e8db7bfb5714c17a87378c15f3b7079e495261f40e340be3976deef97a85c71e379f24d6f255eb40dcf322f00b5aae1acbced0a44d4acfed78249b0c812b313f79bc9131ddd32c69ea2dbc6aee97ffd1c8d9d23d2d9792d49e8b856e19dbd3a3a32bc8f1ba78fae34e96aafdbab6339b6dab9feb1d7fcff8c9154d836fa263885235898293e7067e0386fbd08c9230e6f1355d1609b3c233887c1de25c8defec06be63ea1dd0be8b774b68df370f954e92cbadb44622bf44b52971253d34a97d8e7639e99ad88c4cb50f3d7440ba71784cce20253be14b42797a87b87521da92e5bbd0ae54ab552f5a44143e3f96d08a033a641f30ab0071a629feafccf815972c054a767303dae380f80a6a8ee26c1aa04610f0c05d93644f81b37b049a58035de0b1a26b642d89de735e82c50012e001bd18dacbcbccbadb3550a1633c2072cb2747470b6f06c95f903842e7d959f1fc7988dd069fc03a7306826edaadd5b20dfa42b24981fbf5f2730290301c764a66412e977eff828fc7426889de7eff05696190fe8fd8afa3b6ebe99748ea47a53d97bf808bdbd31c7a7510f73efd0f38bd4783b4815f32564508dad596cef5d938d58b7d7006c418ae6a98780b42c3673416bb9230e675db4f3f564323f33280cb4487e0630e3c3eff45fe6ee6bc58bf7f5024e018a94176cd509b230c403fa663a6699fc9cdc3662a8983c8f2c5abe97a2b621715d7b85eea8bf385f97b4ead813eedfbfe6941b46bb2b8687edb240ed070142483a5fdbf7cb46e9b531787f86c3e118e100af45fc965aeffe7e4d31bce006450bcdf3528451760c0f79fba7bf5474910b316c59de417cf2610607032cd7874dfe1c81a57720f2c8615e24c1f046ffe40e645658353d16c8d16073abde98b2820ed5a406f72fa4263e47c99cac43a15ee395fc627c851e87ac28a29b161ded99d63a835bd3a26efff8f3edec8029f84b14c2433d0e1da76e4a16a72a8f4f1d735f67afa02bf4958532e3ede3112d401c911f0ef4ee08cb2c5e5878b94c644c71bd7798c3fb5fb168af117a359f4dc663e93eaecd9e2eb32f7a0fc2c3654c780876078594aa19358bad898044ea527dfa849d51c7d886ba120caa2e8dd23cb2888c48aa606b3a9270912e05360cd00a54015cef8673a047ce3bd2dba7db43cdc6639752a4ea3ed93ee86b86ed646322fa4fbbd40eb4233c73db91d26d6814fcdbc248dfa5695ee724e187c7b2078de69452d853c59d9257a21106de5a9ffb60259b513df4406b254318d38e74c6af255f3ecba151b94d39ba5a004ff54e21b81114d301915b80094d0441c7c163aeaabd02d33e2b8c3bc95ba9d64e0dcc25541de33381a2643e46ab70127b4e8ea2399463588fab15517c326c22d3447a2b3d291a1b194962ada240ba02d3cc92c75d552f7ba85f6b4c6e25577f05050a17880f79dd63131e2bdb0d9b6a6c5550be045008e2490f7a54a0b640d9c0f485560ba108ecfa05bbcdebec5240d23a411abbb9b96f0b9954cb2080db57bafc2c0f1e0bdf96745c5c7d5378923fcc41e241dcc9633fceb54d827a696b432a1e901a859357cb41c3b6745c9b0a907cab8056f3bbc25663256094e56f1293c7b5b909d02fceb2b34a91e37c0cd48a86641d801442264a963a8a9b5a24c266044b54cdf4312d321d25a3305a483455a70f4ac2b3c342812ddfd3d7736a540c45f499eafba9da8378b64c7f032abace973f54cb0a63823a8cb6e07b06180be3bd59e64024476a075f87dbb978bb7935be80871b8920be167e96ce81344f685c9ee9e980613390b3d77b02d94b6718456c862e02639dd1bd1a7130c69a26234394fca56e3263b8b78374040fd9d3992ebcd222c6739cc016e0e90e87f94a45cbf91e9f8e8c7930513306f80533cf92568c5949f27308498e63128a0facce875402328e5b4952d0e8d378ce820e27f3ec8715700e140a31a993194971876845391d4ee833de7f046cb6cf60f204779e18cad385c35dd18bbd3827ebd8b1b7dfaf3261a7ea4777da79ee817863d94390495369af76c844ed0141d149dfa436d906c21023469e750c2226963ebbfc54f11cbe4d82807e4e812d491549a32215319829373bb5f1a5b4c02ecd2106be1feb9a5784080ca063120b5819d41474d2bbc92b0ca23f2d9ef4bfa8da17d8cf39902f1e0198943e6406cfdf63b6cb35f53d675338ab831f46d152607fb077710b389e91229ede0295bc486398c5804146f56d7236fd5fef8eb8da604397b1c7b44c19978ce6fce4bcf4d8b19f53672b8b4f985b9671d201ece6ada1823e661d4838f4aa53f192ab523519f84ecd6f384e01b3e00d6b7caf1df62cae4ee7345ed9a818745f69a3ec98ef0f060b9a8073e0ce5914f6e3a4cf3d67001994a43f5044f6acf014a284b4abb7a82e3c04f3cd4486ba68e483340a1f102fc5f746a57aafc655b24366160161cc6f48872b232a0fe8b9d1775652af4c013578daf9c5b0f69fb7fd46b84ff717ef4bfab8687c2b8185f0e6ac51fd3ecd962f31fb4a2e5da82863d875cf55036f20229e7bb18a422345d623b8ec943d19e87e862be3baf6efc4d5a6a704b5e6a2815d0941fab6907ceff5f87863c2266d9d1bcf3e513e3bbb7cb3edf9528780ada437712fc5cc002f11eb02810c482f746fcb53b3789ecf43d0bb1e8a99d46fd3aa001ed248d98c408bcdf050c123f6640ab88dfc5da742d27cbd8503d3df197034d715bdd5e07ea3a5a13614edf61c1ce92316ff10cd4f06375bb25ee956ac18cbcb12a4a4510ed898f9de7e6fecd784948b21fdbe131ac0300ecfd9f2983f3cc9a3480e69cd0dbfe9e3a49a76459606cd833fa87a2f9ac927b28d573bb4243b0a395d64b3aa7d8fa5d118a531ffc7d291ddcc731c41bfbccad959952319412bcfd7017adbee6437afea73fbbc6ecb0f9146b8dd37aede34400323a5386ae2bf473194cfcf05cf2888ed0ce25cf65a9a62af2b2b47b9d67c164779008504263878f534a353c611f784a8c090397f25756d4d1188079505915f30ec9a154bad36444e2f0a7fae940dab23f4c90db91b40250a7fce49b9e4c5df1def8f2ec4b8b2ac6d51537d9eed373feff48363c36dd24b941bac6e9d95cbbd3c2d1d10d1b211f49ac269673b599e9e93f22431eb4292c66d4d510ac19946cc434cd0111b3f0c9e8cd9ef6cf7621b74111b3b55a1b6356877f12f43c7a7b6d75d430d3d62dd8515d48eda28ee1069223ca970fb0af18c3b24ce02a404ee743b96e6bb29e5aa7f7bbf1ad166ea86467632bdddca2e39515a94cf481f559d2a8d612dda12bdcf977fdacee30061bdc6ee117b7af8e8b7e4f5bf0c8d957ffb6edf8533c531540e49e55d6894a7733a5b6cfcf3cbfec3d1bc68a9f17ed1b06e395a5c1d90e53def45970cc8c31249b94a6782e8d92e536495b5ca7912c4759e58e251caf87ff35b9c9e2f4b7a85d935d3bbd7955351543155ce7baba392b9596aeb2de9470ae3711209bcc4e0786fcca7b7bfbd3a66404621dc474e3b08367f295abc1d8bf8a0beed93e43f952a96022513bd930ef3078049c52c893696afcadfd9f914ef1b6f11ea0d7d35c710c26b4c570e7231035a7ec6a82cd39ea878f447c4d49a92c6a823bd584ec87253b2dc876d1a1556a8006a3f0a9cbdd8e481aab754460baf76096a02f4a3a238162d15860e31fba31fa8c49d1abf8248139a2ae5797b69b72e1c23c21d5224bf38120fa140f82b65c4f9279f27b2d085d6662f0535c69217e53fefa0936a24cc6c36e71d23ce58daffb14d818c4fe9ff71f17df94e8b2821431112abc749994917949e2645ef3327eed98ebe4cca5a93335b554c1a35d81a57778daa4b021fff69a3b1de12acbd23c63059de5f1b45cb767d002bd7a35ad28513768a700c52cde99c432a4c4e862b4513e1e4f813b2894e0e5ce142034cc2d3acba2cb6178007d584e609cece7d78b389425c7f282aa464a68e2889852c8203b66c72616b963bda011793dab7f9cc7d093be92aa59fd234ecf8a9cabaea2772e70d09cbe48b2ad0469d1ec8708261512c3fd27ae6d3e6ffbee3ece4513f3905fd2ed971a899ab3724034d2122ec64c120a95fe6eb54c8c327874b3826b3554b6f78a25f4184376f5caca638f3a45c451f914a3462b244220a60757f51a86a97cf48cd5b5b33e9612fb86c0bca052009fbf5086bd3d72fc813027dac79b4657cfd23731bb55e01066eb7c2490e00d6de2934f5543d81f0afd8dc0c3a303da360b675f0ea28de58152fc868aec07d8926eaa82c54ea1e164388f4267c1747051fa1b08013438d386284e217b9d8579e16040288a862", @generic="2feed236b715875b249b4c194309a313314d45e846c092c349d748baafa69e715a2a714ff842f16d3bf7cece693bca6936120c665dc9de2ff230d335551b22d99a267618dd609ed163174c50b0aee4a96a0b3bfb5683439484c4d606454741232b6cc821bcb4b30de5dd01adae5ea77aa0aef5654d7d5c55b5ae833f1d1a68b91a1301ec44a31a65af2186edd79ac87137916fa67bf4c8125c6c638cdda446848c1431e77481333d2dbd135a8f930f42d8b44376d7df795fa39c4b26ec3a3468", @generic="89db25e516cdc9c75f780aee2697f6ffda930a3c54ad370240d4285049932816f3d6e1c19b39956f75ee3336aae1ae3a16b03f36dfad5ffc4b6dd7c193b8d1fc4c92f3af16a4af4e8bc76124b5710d017ef3dadcb8b403fb675e0f7f21145d24e9431946a639d447540c7c903bb58577c0d52388054e1fefe180f28ad8c5185510b31f9c8be91ee6eab65cf0a6c0a4f4459555132713c096747b54138a379294c128d986f900f725429c8022423bbe477f1a8831bd48ce08a64d819294734a79af5074ef4363bf7a68cb47ebaf5638dc716fa5f446a4829c6cc1be9a86552375c1e5b4fac54035de0c2589db", @generic="3654d4d84353e68ca4ffae585736c923ec6a2a2c2ae9d846fb8daa24a99015dcacdf2d386b05a718fe2a12bc2cf8870d755082fda20b9d7a925d73bd8a7f02ff33e1f8f7ebbc914101434d1dfc4aad5f5bb4cb16bb3302217ab1a96fde2f4a7b1b0b4d68d1d84a9a038b0cb811fc917d4832bb973b922ea5ee2346b624aeea7c0be566cc40304f6629317323c01830dc018e07db4329b5cf32336fb9550fbbdcd12d675136a18d72c648a5c81d209593dbab5a1db138c260d9da7e1e6744d77c7adb82ba9cd0d049b1d5e83bf27d6cac0e3fc20cf56db4169c"]}, @typed={0x1c, 0x37, @str='/proc/capi/capi20ncci\x00'}, @nested={0xb8, 0x2e, [@typed={0x8, 0x3e, @fd=r1}, @typed={0x98, 0x23, @binary="901fcc4429497e8a173c245467ac06d751fbf20888e62931e839535d56d3f7e5be893ae78682e0985c8518a713ddc3a416c8f083479d1a272d06d6c5da2e6389f7b3f0454a10fe7800077001ba42169434e7a7632b34187aa59b90d65c60d4fff1d5339344755fcf4e4767ecddd814a33704f631337f9fa212fa7b95fadfa9f29157db3df8ebe9ca30e5c24c9600b7d701"}, @typed={0x14, 0x80, @ipv6=@mcast1}]}, @nested={0x3ac, 0x8e, [@generic="f088b21aa00a304c0ee0b82964211667db50dcfe8eaac97e8e2d9711ce8637d5663bbec738e9fe407ca1fc66bdf5c861d6a4189ebe517977a802e46de4634a12448ca3f81d656cf0b0e0fc9064f615ba8e005922ab2c7494e22aca12e60fe5348b17f4654ea12e2f9e97255147a6ca224975af5ad9a577a9e7c51ed0167b3a452ef7398f86d4efeb46425e6ed9afd6c9e69f12c4506093c234fc81883896778e429dc39ac7945f608387ffb899a540105134560d2cf9dd25cbf0", @generic="80a67f1ba51ea44ae92e9329f7ec5bff60bd2e4da5cbdbf28b966eedf05017312e9c3826b7a13c0c38c2f367b667e2dad9df0388645c8e597fd61503b70ae267d9b2e4fabac702293661f47b01221fbec88970bd110364c40fe9609789fbc376ccf2efb27553670b46bbc6100c76c9cd65c1ca040b29e10dee0dad2af8ade2cc8a35f9b03cce4a11e21292a784047274bfa674c814bfd667d7ba7bab8db229f8b52db64800c7a2c7734994297505766d04c11ef7ebf1cee46d0872", @typed={0xc, 0x39, @u64=0x7}, @typed={0x1c, 0x68, @str='/proc/capi/capi20ncci\x00'}, @typed={0x8, 0x1d, @u32=0x6}, @generic="e3473e821998014d3b5a460dcfec337010b66cfc64f213a6ccfdc2eebf9a69717a6193a6e4fc1cecbd914366cfb003de7202a0bc2678e880264385e29dc6a92be38305685a1304b9409a78ccb75f54be7702e666257d5e69582825eade7b896bcd9013c2edaa379eb245930ecb5ea05558d9869635f36dd655b2023ee9400b596a51a1e7fd04cf8df2f4a94c9291c46fcffd0525", @generic="645206c651ab9434f1ec2ea4efc5842b678fa9f4f3aebf6f18e6afbcb0b4591277b641b17997fd7a2e5fe19723c95c63b6164b0f1c080624ff554c91f2d8c1c087d4fca4da2759b5b329b7e2ad84140481cff69c63193f0b30e6d6bc8c40f6fa01b8c2de35b5359e3cb210dd8e6f988e58562bfdc3e1b896403f0fbbd264436213344b407a99e6e099beb1e49c9afb1865ee73c8e437344ac34a20d83d8ea91aed", @generic="8994c7e9926546f28b0268d6575ad61a4ec93dd96e7c4416c89c56948df1d612060e5422ef850c6147e9ac7c1603fd68353b13d29698c76d388dde75c05a32ec132a707d449f410719c02ddfc8d6b56f308b8e0be64bf6e710d5ee54e6bf2190e1724a32007c08c0f88c1b20843e2ce6cad90ff1c34a6c05b9f27c8f0ecf695bd8ee688771421c11b02cb57c31357eca2236a901dff26fcbf7bb5357272de33effcf7d598c0a9c085702e4388a553abe6fde338397c118c58fd87dc1e64e5a2b9513560d5642c8e94e33c4fa"]}, @typed={0x8, 0x35, @uid=r3}, @typed={0xc, 0x12, @u64=0x21}, @generic="f0b663d7ca5ccf065fb7cc53237d798025a97483d95c95030406aa1dc95b0b3e632ad28be7d2bcb5bac62f619ea4cfe737e4e1f242c533a5f1", @generic="fd534913c6eb27d0a4844df72c6e5135a9ca32519d99bcc42d4fef4740fd2d92a8ae060b5b980df735b9ee69515f4123d9a7948137ed4840c708"]}, 0x1804}}, 0x40) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="05630440520ff0756a8cc4a70000000014cf8e0f0a71392c872ecca3fef502a26417685ede2e2c85580d015c93f25a9af77be25a118084081700000001c6f99fdc744025bf1b4ecc671c4340848f66a9092aa46b8b804f66d32409000000aac65cdd8e1198113896b842e32afd5bda9e55d110fd0433f41c4331502f99e0962e99def9a5957bda5f22ea7f7110503ef54c8418d8cb387b465f60fba3d998b68379c3fe20e50100cb714203e40412f6ef9d843ac6d13c7269a6a7b75f1e31e68d736351f39220c61a1d733f039b59a728c322673bc91e5d4317a0670560e4e0303b18072c56aba3dba8b90aa4343203daeea05008556ce985e6fb4d8eee7caab2250566e5b0c74849233f000000eb13de0f1241bab0791437df1ef210ace3e0090083f5c6970609cb4d6dc08fa061dfc24edb640fdff27ba960e56e4ba93e59b3a144f0f0272c881ee21326c7d15efd537761c9fcae77f43a554bd129dbb139005105bc0a5e56dcb0bf1a9648e79d0ee14faef7f3a2a018c01d9b005b3328b3f3bbdb3580"], 0x232, 0x2, 0x0}) 18:43:41 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 660.758671] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop3. 18:43:41 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:41 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:41 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200), 0x13f, 0x3}}, 0x20) setns(r5, 0x0) 18:43:41 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x80, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(r1, 0x5382, &(0x7f0000000200)) r2 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x40000) ioctl$BLKTRACESTOP(r2, 0x1275, 0x0) ioctl(r0, 0x200001000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") clock_adjtime(0x0, &(0x7f00000000c0)={0x8001}) r3 = getpgrp(0xffffffffffffffff) ptrace$pokeuser(0x6, r3, 0xce57, 0x3) ioctl$PPPIOCSNPMODE(r0, 0x4008744b, &(0x7f0000000040)={0xfd, 0x2}) [ 660.836164] binder: 24896:24902 unknown command -1480291222 [ 660.864244] binder: 24896:24902 ioctl c0306201 20000380 returned -22 [ 660.928022] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop3. [ 660.942760] binder: 24896:24914 unknown command -1480291222 [ 660.987919] binder: 24896:24914 ioctl c0306201 20000380 returned -22 18:43:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000107, 0x6031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4000, 0x0, 0x5, 0x2000000000002) 18:43:42 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:42 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x10, 0x0, &(0x7f0000000000)=[@acquire, @acquire], 0x0, 0x2, 0x0}) 18:43:42 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:42 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x100) ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f0000000080)) ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f0000000040)={0x9, {0x77, 0x5e, 0x84, 0x200}, {0xfa9, 0x1f, 0x6, 0x1f}, {0x4755, 0x1}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05637e40000000000563044000000000"], 0x232, 0x2, 0x0}) 18:43:42 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:42 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:42 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) [ 661.326856] binder: 24942:24946 unknown command 1082024709 [ 661.335330] binder: 24942:24946 ioctl c0306201 20000380 returned -22 18:43:42 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:42 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 661.421598] device bridge_slave_1 left promiscuous mode [ 661.442616] bridge0: port 2(bridge_slave_1) entered disabled state [ 661.528419] device bridge_slave_0 left promiscuous mode [ 661.553499] bridge0: port 1(bridge_slave_0) entered disabled state [ 661.649188] device hsr_slave_1 left promiscuous mode [ 661.678672] device hsr_slave_0 left promiscuous mode [ 661.698937] team0 (unregistering): Port device team_slave_1 removed [ 661.713405] team0 (unregistering): Port device team_slave_0 removed [ 661.747423] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 661.779222] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 661.863057] bond0 (unregistering): Released all slaves [ 663.349057] IPVS: ftp: loaded support on port[0] = 21 [ 663.423054] chnl_net:caif_netlink_parms(): no params data found [ 663.457319] bridge0: port 1(bridge_slave_0) entered blocking state [ 663.464096] bridge0: port 1(bridge_slave_0) entered disabled state [ 663.471488] device bridge_slave_0 entered promiscuous mode [ 663.478200] bridge0: port 2(bridge_slave_1) entered blocking state [ 663.484956] bridge0: port 2(bridge_slave_1) entered disabled state [ 663.492359] device bridge_slave_1 entered promiscuous mode [ 663.507626] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 663.517083] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 663.536512] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 663.544775] team0: Port device team_slave_0 added [ 663.550337] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 663.557405] team0: Port device team_slave_1 added [ 663.562799] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 663.570283] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 663.587651] device hsr_slave_0 entered promiscuous mode [ 663.593476] device hsr_slave_1 entered promiscuous mode [ 663.599272] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 663.609109] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 663.622153] bridge0: port 2(bridge_slave_1) entered blocking state [ 663.628540] bridge0: port 2(bridge_slave_1) entered forwarding state [ 663.635266] bridge0: port 1(bridge_slave_0) entered blocking state [ 663.641628] bridge0: port 1(bridge_slave_0) entered forwarding state [ 663.667535] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 663.673959] 8021q: adding VLAN 0 to HW filter on device bond0 [ 663.683170] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 663.691896] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 663.699233] bridge0: port 1(bridge_slave_0) entered disabled state [ 663.722699] bridge0: port 2(bridge_slave_1) entered disabled state [ 663.732972] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 663.739073] 8021q: adding VLAN 0 to HW filter on device team0 [ 663.747616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 663.755222] bridge0: port 1(bridge_slave_0) entered blocking state [ 663.761612] bridge0: port 1(bridge_slave_0) entered forwarding state [ 663.771487] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 663.779079] bridge0: port 2(bridge_slave_1) entered blocking state [ 663.785585] bridge0: port 2(bridge_slave_1) entered forwarding state [ 663.801348] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 663.809031] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 663.817083] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 663.826792] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 663.839030] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 663.852746] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 663.858966] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 663.866326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 663.879186] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 663.891065] 8021q: adding VLAN 0 to HW filter on device batadv0 18:43:44 executing program 2: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0x0, 0x802) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05630440000000056304400000000000"], 0x232, 0x2, 0x0}) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='net\x16\x80\x02m\xc4\xba>\x90f\x00\x00X\x94\x94\xf2g0x0}, &(0x7f00000001c0)=0x1c65e9dcabb95e19) setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f0000000200)={r4, 0x1, 0x6, @local}, 0x10) 18:43:44 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) setns(0xffffffffffffffff, 0x0) 18:43:44 executing program 3: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:44 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:44 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:45 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) setns(0xffffffffffffffff, 0x0) [ 664.018511] binder: 24983:24991 unknown command 4195427 [ 664.036971] binder: 24983:24991 ioctl c0306201 20000380 returned -22 18:43:45 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200), 0x13f, 0x3}}, 0x20) setns(r5, 0x0) 18:43:45 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:45 executing program 3: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) [ 664.112045] binder: 24983:24996 unknown command 4195427 18:43:45 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) setns(0xffffffffffffffff, 0x0) [ 664.174714] binder: 24983:24996 ioctl c0306201 20000380 returned -22 18:43:45 executing program 2: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) setns(0xffffffffffffffff, 0x0) 18:43:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x7fff, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05630440000000000563044000000040"], 0x232, 0x2, 0x0}) 18:43:45 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200), 0x13f, 0x3}}, 0x20) setns(r5, 0x0) 18:43:45 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:45 executing program 3 (fault-call:7 fault-nth:0): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:45 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:45 executing program 2: r0 = syz_init_net_socket$ax25(0x3, 0x2000000000000003, 0x0) setsockopt$ax25_int(r0, 0x101, 0x1, &(0x7f00000000c0)=0x2, 0x4) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x8, 0x84000) ioctl$SIOCRSACCEPT(r1, 0x89e3) [ 664.413152] binder: 25018:25022 unknown command 0 [ 664.419297] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 664.432705] binder: 25018:25022 ioctl c0306201 20000380 returned -22 [ 664.464330] FAULT_INJECTION: forcing a failure. [ 664.464330] name failslab, interval 1, probability 0, space 0, times 0 18:43:45 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) [ 664.546479] CPU: 0 PID: 25027 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 664.553722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 664.563103] Call Trace: [ 664.565703] dump_stack+0x138/0x197 [ 664.569356] should_fail.cold+0x10f/0x159 [ 664.573535] should_failslab+0xdb/0x130 [ 664.577617] kmem_cache_alloc_node+0x287/0x780 [ 664.582383] ? get_pid_task+0x98/0x140 [ 664.586297] copy_process.part.0+0x17d5/0x6a00 [ 664.590907] ? save_trace+0x290/0x290 18:43:45 executing program 2: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) [ 664.594721] ? proc_fail_nth_write+0x7d/0x180 [ 664.599232] ? proc_cwd_link+0x1b0/0x1b0 [ 664.603309] ? __f_unlock_pos+0x19/0x20 [ 664.607296] ? find_held_lock+0x35/0x130 [ 664.611363] ? __cleanup_sighand+0x50/0x50 [ 664.615615] ? lock_downgrade+0x6e0/0x6e0 [ 664.619781] _do_fork+0x19e/0xce0 [ 664.623246] ? fork_idle+0x280/0x280 [ 664.627068] ? fput+0xd4/0x150 [ 664.630303] ? SyS_write+0x15e/0x230 [ 664.634033] SyS_clone+0x37/0x50 [ 664.637414] ? sys_vfork+0x30/0x30 [ 664.640969] do_syscall_64+0x1e8/0x640 [ 664.644876] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 664.649741] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 664.654943] RIP: 0033:0x459879 [ 664.658141] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 664.665890] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 664.673163] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 664.680577] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 664.688015] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 18:43:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0) r3 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x400000000000013, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x2bcd6e02ab1c6fbe) listen(0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x0, 0x440) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_open_dev$ndb(0x0, 0x0, 0x0) ioctl$SIOCX25SCUDMATCHLEN(0xffffffffffffffff, 0x89e7, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00') sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000380)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000002c0)={0x40, 0x0, 0x8, 0x63715adc, 0x0, {}, [@FOU_ATTR_TYPE={0x8}, @FOU_ATTR_PORT={0x8}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0xa}}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x2e}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @multicast1}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000cfc000/0x18000)=nil, 0x0, 0x0, 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_DEL(r3, 0x0, 0x484, &(0x7f0000000480)={0x2, @remote, 0x4e21, 0x2, 'lc\x00', 0x1, 0xfffffffffffffffb, 0x5e}, 0x2c) r7 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(0xffffffffffffffff, 0x40bc5311, &(0x7f0000000200)={0x20, 0x2, 'client0\x00', 0x1, "c18119d7285ffeb9", "5569c4169bfb850f3af44d1072b8921025aa823d7e7a23bcc4b0c016d39f307a", 0x7, 0x7ff}) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(r7, 0x29, 0x2d, &(0x7f0000000500)={0x80, {{0xa, 0x4e24, 0x7a2c, @dev={0xfe, 0x80, [], 0xb}, 0x1c}}}, 0x88) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000002980)={{{@in6, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @loopback}}, 0x0, @in6=@mcast2}}, &(0x7f0000002a80)=0xe8) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000002ac0)={@remote, 0x3, r8}) 18:43:45 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:45 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:45 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0xff3c380d317523e5, 0x0) getpeername$packet(r0, &(0x7f0000000040), &(0x7f00000000c0)=0x14) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="4a0000006f01000500db0400000000000000000000023101000000030000000000000001010000000600000000f400000002000000080000000000000008010008000400000000000000ef0276e36b0c60838e60a3c1c6ae5ca56c3c317b3f639039b18912ffe803baa26c69745116dfb2d620866385786b1f9e9f2f54c8f402efc3b017c81b6cd67de9e9856583cbaca9110120135d51cf9a0bdd9c433a0e4389a583c1e2221672f74d7e5f333b29f74eef6f0af2656bd4d27b5a30969665ee91874bacc068c582c25a7cbb657f9dd59bd7d2d2832c7ef0a6aa58c801f45654d817cd78c985b9137db4fa9eab1a8f574a8ba35acb1db1d384971df9a8d438104994c0435a1d7f1907761292803b2a3e2726fe3ed81b87d1437348c790e744fa01914c"], 0x4a) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0xe3b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x243}, [@IFLA_MASTER={0x8, 0xa, 0x6}, @IFLA_LINKINFO={0x18, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0xc, 0x2, [@IFLA_VTI_LOCAL={0x8, 0x4, @multicast2}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) preadv(r1, &(0x7f0000000140)=[{&(0x7f0000000200)=""/168, 0xa8}, {&(0x7f0000000380)=""/188, 0xbc}], 0x2, 0x0) ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, &(0x7f00000001c0)=""/49) syz_emit_ethernet(0x0, 0x0, 0x0) [ 664.695367] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:45 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:45 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:45 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:45 executing program 3 (fault-call:7 fault-nth:1): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:45 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) [ 665.090224] audit: type=1400 audit(1566758626.041:264): avc: denied { setopt } for pid=25040 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 18:43:46 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:46 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05630440000000010563044000000000"], 0x232, 0x2, 0x0}) [ 665.125169] audit: type=1400 audit(1566758626.051:265): avc: denied { getopt } for pid=25040 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 665.166693] FAULT_INJECTION: forcing a failure. [ 665.166693] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 665.196647] CPU: 0 PID: 25067 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 665.204141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.204148] Call Trace: [ 665.204165] dump_stack+0x138/0x197 [ 665.204183] should_fail.cold+0x10f/0x159 [ 665.223985] ? __might_sleep+0x93/0xb0 [ 665.227885] __alloc_pages_nodemask+0x1d6/0x7a0 [ 665.232583] ? __alloc_pages_slowpath+0x2930/0x2930 [ 665.237602] ? rcu_read_lock_sched_held+0x110/0x130 [ 665.237629] copy_process.part.0+0x26a/0x6a00 [ 665.237649] ? save_trace+0x290/0x290 [ 665.237659] ? proc_fail_nth_write+0x7d/0x180 [ 665.237669] ? proc_cwd_link+0x1b0/0x1b0 [ 665.247188] ? __f_unlock_pos+0x19/0x20 [ 665.247203] ? find_held_lock+0x35/0x130 [ 665.247222] ? __cleanup_sighand+0x50/0x50 [ 665.247232] ? lock_downgrade+0x6e0/0x6e0 [ 665.247253] _do_fork+0x19e/0xce0 [ 665.280228] ? fork_idle+0x280/0x280 [ 665.283966] ? fput+0xd4/0x150 [ 665.287171] ? SyS_write+0x15e/0x230 [ 665.290895] SyS_clone+0x37/0x50 [ 665.294523] ? sys_vfork+0x30/0x30 [ 665.298150] do_syscall_64+0x1e8/0x640 [ 665.302040] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 665.306902] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 665.312100] RIP: 0033:0x459879 [ 665.315277] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 665.323113] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 665.330393] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 665.337670] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:43:46 executing program 3 (fault-call:7 fault-nth:2): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:46 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) semget$private(0x0, 0x802, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:46 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 665.345032] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 665.350869] binder: 25072:25080 unknown command 0 [ 665.352603] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:46 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0xff3c380d317523e5, 0x0) getpeername$packet(r0, &(0x7f0000000040), &(0x7f00000000c0)=0x14) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="4a0000006f01000500db0400000000000000000000023101000000030000000000000001010000000600000000f400000002000000080000000000000008010008000400000000000000ef0276e36b0c60838e60a3c1c6ae5ca56c3c317b3f639039b18912ffe803baa26c69745116dfb2d620866385786b1f9e9f2f54c8f402efc3b017c81b6cd67de9e9856583cbaca9110120135d51cf9a0bdd9c433a0e4389a583c1e2221672f74d7e5f333b29f74eef6f0af2656bd4d27b5a30969665ee91874bacc068c582c25a7cbb657f9dd59bd7d2d2832c7ef0a6aa58c801f45654d817cd78c985b9137db4fa9eab1a8f574a8ba35acb1db1d384971df9a8d438104994c0435a1d7f1907761292803b2a3e2726fe3ed81b87d1437348c790e744fa01914c"], 0x4a) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0xe3b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x243}, [@IFLA_MASTER={0x8, 0xa, 0x6}, @IFLA_LINKINFO={0x18, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0xc, 0x2, [@IFLA_VTI_LOCAL={0x8, 0x4, @multicast2}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) preadv(r1, &(0x7f0000000140)=[{&(0x7f0000000200)=""/168, 0xa8}, {&(0x7f0000000380)=""/188, 0xbc}], 0x2, 0x0) ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, &(0x7f00000001c0)=""/49) syz_emit_ethernet(0x0, 0x0, 0x0) 18:43:46 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:46 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) semget$private(0x0, 0x802, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) [ 665.465801] binder: 25072:25080 ioctl c0306201 20000380 returned -22 [ 665.494039] FAULT_INJECTION: forcing a failure. [ 665.494039] name failslab, interval 1, probability 0, space 0, times 0 18:43:46 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 665.524811] binder: 25072:25077 unknown command 0 [ 665.529824] binder: 25072:25077 ioctl c0306201 20000380 returned -22 [ 665.537457] CPU: 1 PID: 25089 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 665.550912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.572636] Call Trace: [ 665.572659] dump_stack+0x138/0x197 [ 665.572677] should_fail.cold+0x10f/0x159 [ 665.572695] should_failslab+0xdb/0x130 [ 665.572705] kmem_cache_alloc+0x2d7/0x780 [ 665.572717] ? creds_are_invalid+0x48/0x110 [ 665.572735] ? __validate_process_creds+0x14c/0x200 [ 665.572750] prepare_creds+0x3e/0x380 [ 665.591201] copy_creds+0x7b/0x4f0 [ 665.591213] ? lockdep_init_map+0x9/0x10 [ 665.591227] copy_process.part.0+0x868/0x6a00 [ 665.591242] ? save_trace+0x290/0x290 [ 665.591252] ? proc_fail_nth_write+0x7d/0x180 18:43:46 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 665.591266] ? proc_cwd_link+0x1b0/0x1b0 [ 665.600597] ? __f_unlock_pos+0x19/0x20 [ 665.600621] ? __cleanup_sighand+0x50/0x50 [ 665.600632] ? lock_downgrade+0x6e0/0x6e0 [ 665.600649] _do_fork+0x19e/0xce0 [ 665.600664] ? fork_idle+0x280/0x280 [ 665.600679] ? fput+0xd4/0x150 [ 665.600695] ? SyS_write+0x15e/0x230 [ 665.621084] SyS_clone+0x37/0x50 [ 665.621094] ? sys_vfork+0x30/0x30 [ 665.621109] do_syscall_64+0x1e8/0x640 [ 665.621119] ? trace_hardirqs_off_thunk+0x1a/0x1c 18:43:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x5, &(0x7f0000000240)="f08b90cc3d46dc33ac855e20b60900a17d158869c3b7a403cf1ff3edf54606f06b27f04ed3e7f1a961d1e1e1c82696ec6b5742e11a92fa20a12466d2476783dd1a2b68946983ad3022328f9e5fdd915c35d2d8a14213b8bdf2816d0600000055925c20b2acfb77f8c2713b9620ea86900582843273e88b50b949778cdef988507d1bbea8c9563808e3c2579ddf47b458eb2b80dede6b9fe30ec54e55270ab70f29afedfd300836a933e0d0bd1dbd5270b8126e1c8f1e3307ec19c27a0c34b914aa3b9a796716e3b6deee6892a02608204239da1ec7e05da82aa49ad964d8895ae01826b5fa5f603c69c5028fb3a0f47d8b082ae0db7e29c9fca9d0dc86739519c63fbabaa356596b") r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x3f, 0x80000) getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000200)=0x8, &(0x7f00000000c0)=0xffffffffffffff5b) r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05005830"], 0x232, 0x2, 0x0}) 18:43:46 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250600000308000600ee000000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4048000) semget$private(0x0, 0x802, 0x0) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r5, 0x0) 18:43:46 executing program 3 (fault-call:7 fault-nth:3): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 665.621141] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 665.629671] RIP: 0033:0x459879 [ 665.629677] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 665.629688] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 665.629694] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 665.629699] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 665.629705] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 665.629711] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:46 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpgrp(0xffffffffffffffff) prctl$PR_SET_PTRACER(0x59616d61, r1) clone(0x4000003102041ff5, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/status\x00', 0x0, 0x0) getpeername$llc(r3, &(0x7f0000000240)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000280)=0x10) ptrace$setopts(0x4206, r2, 0x0, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000200)={'lo\x00@\x00', 0x1801}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = dup3(0xffffffffffffffff, r4, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x4}, &(0x7f0000000380)=0xc) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000002440)={0x0, 0xffff}, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0) ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, 0x0) sendto$inet6(r6, 0x0, 0x0, 0x20000001, &(0x7f0000000040)={0xa, 0x2}, 0x1c) setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000280), 0x4) fallocate(r4, 0x40, 0x0, 0x7) setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, 0x0, 0x0) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0xa, &(0x7f00000000c0)=0x5, &(0x7f0000000180)=0x4) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) symlink(0x0, &(0x7f0000000000)='.//ile0\x00') mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000003c0)=ANY=[]) open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) [ 665.763622] binder: 25104:25108 unknown command 811073541 [ 665.776744] binder: 25104:25108 ioctl c0306201 20000380 returned -22 18:43:46 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0563af84bb92045740400200000005653340"], 0x232, 0x2, 0x0}) [ 665.809210] binder: 25104:25118 unknown command 811073541 [ 665.824267] binder: 25104:25118 ioctl c0306201 20000380 returned -22 [ 665.872492] FAULT_INJECTION: forcing a failure. [ 665.872492] name failslab, interval 1, probability 0, space 0, times 0 [ 665.915540] CPU: 0 PID: 25119 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 665.922692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.932054] Call Trace: [ 665.934742] dump_stack+0x138/0x197 [ 665.938652] should_fail.cold+0x10f/0x159 [ 665.942813] should_failslab+0xdb/0x130 [ 665.946791] kmem_cache_alloc+0x2d7/0x780 [ 665.950956] ? creds_are_invalid+0x48/0x110 [ 665.955287] ? __validate_process_creds+0x14c/0x200 [ 665.960332] prepare_creds+0x3e/0x380 [ 665.964150] copy_creds+0x7b/0x4f0 [ 665.967699] ? lockdep_init_map+0x9/0x10 [ 665.971767] copy_process.part.0+0x868/0x6a00 [ 665.976435] ? save_trace+0x290/0x290 [ 665.980233] ? proc_fail_nth_write+0x7d/0x180 [ 665.984726] ? proc_cwd_link+0x1b0/0x1b0 [ 665.988781] ? __f_unlock_pos+0x19/0x20 [ 665.990661] binder: 25125:25129 unknown command -2068880635 [ 665.992789] ? __cleanup_sighand+0x50/0x50 [ 665.992801] ? lock_downgrade+0x6e0/0x6e0 [ 665.992819] _do_fork+0x19e/0xce0 [ 665.992832] ? fork_idle+0x280/0x280 18:43:46 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) [ 665.992847] ? fput+0xd4/0x150 [ 665.998768] binder: 25125:25129 ioctl c0306201 20000380 returned -22 [ 666.002789] ? SyS_write+0x15e/0x230 [ 666.002807] SyS_clone+0x37/0x50 [ 666.002817] ? sys_vfork+0x30/0x30 [ 666.002832] do_syscall_64+0x1e8/0x640 [ 666.002841] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 666.002855] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 666.002863] RIP: 0033:0x459879 [ 666.002868] RSP: 002b:00007fed359b9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 666.002878] RAX: ffffffffffffffda RBX: 00007fed359b9c90 RCX: 0000000000459879 [ 666.002883] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 666.002888] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 666.002892] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359ba6d4 [ 666.002897] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 666.116009] binder: 25125:25128 unknown command -2068880635 [ 666.126389] binder: 25125:25128 ioctl c0306201 20000380 returned -22 18:43:47 executing program 2: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:47 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:47 executing program 3 (fault-call:7 fault-nth:4): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:47 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:47 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="05633cf785df69cb9fd9fe36e0638e4deca0482d04400000000563044d2d7400"], 0x232, 0x2, 0x0}) [ 666.227375] binder: 25139:25143 unknown command -147037435 [ 666.229736] FAULT_INJECTION: forcing a failure. [ 666.229736] name failslab, interval 1, probability 0, space 0, times 0 [ 666.245009] binder: 25139:25143 ioctl c0306201 20000380 returned -22 [ 666.287473] CPU: 0 PID: 25144 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 666.294802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 666.304302] Call Trace: [ 666.306880] dump_stack+0x138/0x197 [ 666.310665] should_fail.cold+0x10f/0x159 [ 666.315245] should_failslab+0xdb/0x130 [ 666.319420] kmem_cache_alloc+0x2d7/0x780 [ 666.323696] ? creds_are_invalid+0x48/0x110 [ 666.328026] ? selinux_is_enabled+0x9/0x50 [ 666.332272] ? creds_are_invalid+0x48/0x110 [ 666.336667] __delayacct_tsk_init+0x20/0x80 [ 666.341003] copy_process.part.0+0x1a6c/0x6a00 [ 666.345653] ? save_trace+0x290/0x290 [ 666.349449] ? proc_fail_nth_write+0x7d/0x180 [ 666.354022] ? proc_cwd_link+0x1b0/0x1b0 [ 666.358097] ? __f_unlock_pos+0x19/0x20 [ 666.362276] ? __cleanup_sighand+0x50/0x50 [ 666.366521] ? lock_downgrade+0x6e0/0x6e0 [ 666.370686] _do_fork+0x19e/0xce0 [ 666.374137] ? fork_idle+0x280/0x280 [ 666.378281] ? fput+0xd4/0x150 [ 666.381467] ? SyS_write+0x15e/0x230 [ 666.385187] SyS_clone+0x37/0x50 [ 666.388905] ? sys_vfork+0x30/0x30 [ 666.392544] do_syscall_64+0x1e8/0x640 [ 666.396432] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 666.401293] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 666.406572] RIP: 0033:0x459879 [ 666.409766] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 666.417710] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 666.425006] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 18:43:47 executing program 2: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:47 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:47 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) [ 666.432271] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 666.439650] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 666.446917] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 666.483574] binder: 25139:25149 unknown command -147037435 [ 666.543288] binder: 25139:25149 ioctl c0306201 20000380 returned -22 18:43:49 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:49 executing program 3 (fault-call:7 fault-nth:5): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x210200, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000140)={0x0, r1, 0x100000000, 0x100000001, 0xc97a, 0x4}) ioctl$EVIOCGSND(r2, 0x8040451a, &(0x7f0000000040)=""/173) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:49 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:49 executing program 2 (fault-call:7 fault-nth:0): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:49 executing program 5: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x0, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000180)={0x7, @sdr}) openat$uhid(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uhid\x00', 0x2, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000880)={@dev, 0x0}, &(0x7f00000008c0)=0x14) sendmmsg$inet6(r0, &(0x7f00000040c0)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x5, @rand_addr="d244956a5e4c5eb95a11a4be179166fb", 0x2}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000280)="820c8fa92092ebe74c5715ff15695670ead0fe4d030e481eb02ee03ad8a7f6cdb524adfdaef4d2a4bc9dafddbc811f9f1c39bef89c59c26801bcfe0e36d1c376d3047639f698cafbf7f00bca70913375bd3a7f3cf430ecd58347a586848d631f70e31196755ffdc812b8c00d3b8f85d888482a735e0bb53d370e9e1b4f93e9e50a82cc4af8c1d6ff6847286b60b9fc450bb7633ece5b42a96a30cb841cad3b22544e6760ccd71f549c07b2702a9dc7eb4c8f7cc49f9da22b4d8e8a6c7211fbb9dce45e6ad65cf24e75f5022bc573fa8f234a6eb7dd1363670eb1eb2cc1f294450fb4a716141a2c54b5677b687825c0a67d55c4e6", 0xf4}, {&(0x7f0000000380)="af8592f6fde6c836d8c899cca01abce24588d39ea93c137192a79a4ab2af9249eab2c7dea3a8e060edd4d3ba13c28bad64c534d8a1746b1c87fc9ea921b713d62449b4a5d3da7603ab893bdc356fd9a8cfac2adc86041915e72773243aef5c701bf1e11e63fda0969bfb1049b89621f3d5404836655ae55f422125da73085a07d284a21c2eb5108231646bffe826eb8e5489c0a36aa6f78ed075ac277fae287b55b0cb05ec4031b24d1cf8c6c74a54d74a4242f12bc4f1dd0049ed10e17853a388c0819fab81", 0xc6}, {&(0x7f00000000c0)="c4db671da65c53c36df970798e321c3f39f11f4c3623089f24458e5f8bfc5073f8c0c95e2446e56f2a9d479748685011edc4b1b27d3fdd1303615eb09977ff7e7654379282070ec63f52dc919e5acaf153b89a06b8926e5eb442ac4fb5", 0x5d}, {&(0x7f0000000480)="695d908cb5eb9dc657ab2e245795179747a522adde0456cc1c6e2ea17a4f257e0188a692a261e61bbab412f13294d0144f48536d9c6a61fc57a2fd9b51440d97f3b71c45ccdb43bd7207e033cd5310806bfa5d4cc7df40a40421820e0c50b21566cf238968dbfec46f337fd9afd5af9f6a22639c41e9548f1188cfd93b6a6e61d4ece51d1779237346bb95767e73a66f889b34bbf737295a91e7c875b928114de45a848540761bb540818fda3b06f4aea5ee4ec6285c998bd20c15c00c781827c1053b170d0d22", 0xc7}, {&(0x7f0000000580)="b1ef1987415c2b5cff98ba66f04f9ff5226445848aa56054257d899c937a1bb6d1884e61624b0ef219d63025325c55cabe4fa39913a7d5b2227062aae1e354b66d71c3af8a2012d7146da01853", 0x4d}], 0x5}}, {{&(0x7f0000000140)={0xa, 0x4e21, 0x200, @mcast1, 0x7}, 0x1c, &(0x7f0000000840)=[{&(0x7f0000000680)="c56efd1169106badb0b2f8ba696c99ae1ce86d297eafeacff64c39afc2d7b5323e6accd716c6f58450ab89132e40e553250e20d8744305d9dcc2f67929d8aeb310f1da9d3e00487815075a4fb38039db4658d275eab800b9ed0ed3f3515196d4f926d57a88941554641f9317140ea280d154cbdcea0d6aa2c74c235a196a3272bece8ddf4848a0575daf45ebbd375819a4d775b1b6b1234b7576bbb89a488dd3e884ea3f8962d33cec39f120cbd45d54f22349ed91b032919121e7552385d39370369ed12d2454fcba6153a474be2726760fc032", 0xd4}, {&(0x7f0000000780)="55c5434d81c0d94d98f4fe58946a490629e215f86d132382e1db3539b386887d49bfdb205867fdc8ecfda13976a61f5c6e9248701dc6b96cf70b57f1051f2f50bd89425053855ac0514922a10098dd642c7b450234ab8a4012c3ca20b774dd1ea1b275031f2bc5888b76d3ed242e416073077d3d469ea7d93659a3933c835abafc8a073aef1fc8cf812eb4f53cd6e710a3b789601801e9444df13ef3b0be4506", 0xa0}], 0x2, &(0x7f0000000900)=[@rthdrdstopts={{0x38, 0x29, 0x37, {0x2f, 0x3, [], [@hao={0xc9, 0x10, @rand_addr="8e118b24d559740d2ed10295483668de"}, @jumbo={0xc2, 0x4, 0x7ff}, @ra={0x5, 0x2, 0x20}]}}}, @tclass={{0x14, 0x29, 0x43, 0x4}}, @pktinfo={{0x24, 0x29, 0x32, {@initdev={0xfe, 0x88, [], 0x1, 0x0}, r1}}}, @rthdr_2292={{0x28, 0x29, 0x39, {0x5e, 0x2, 0x1, 0x8, 0x0, [@ipv4={[], [], @remote}]}}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f00000009c0)="8b959c5998226415753c371ccc0fbbac6a864fc59ae79b52d40c0c65b7dc3053dad12e80af6f4edee074f09fa3d627726b2321a5e20d5e1d127a2bd609203b123f1b96d28012c85f10e18817387b841a7cd8e5ea662c307273b9844be27c311a9aed08b1becb9c1827306b380b20556278a28ceffa53117847ad9bf87d3a75f84aad43783c417c9fa557b5fc4cef076aaf83c1a35bb976ec6a9cde74ecc0b607eff13823efb71c82b8bd150977b4ca57c7bfac1b270de9a0abfef690ee2267ed4d1b4f824cbce1e2f470e575682684cedb3285139ad438e8d44fb6031706ffafbbee430477bdd116a08e8125f778510eae657acc7369bc2e4e548a068e818e09667e61f47a99e328fca5d5bf5d8d3ac385d0805a90f03c08eceaeeeecdef5a3122263eea0d27bb84d7be4c95c88a181c8cccf2fa540cc440022a618150d668b9935279442ab6a0ce53b04b59fb5e1cf67392c00b91a7393e6fd1130c00d8d14a5ec95aa5c3b4c52471cc4eef95e8a5142f935b1cd541ad784e60e3f2c08869153d98faf4edc23f0e1a81234118d9a80841bbcb0a31a93987f7975cd52c9dac91adffd647fe1c0abf0e0b9d765150ed324df125e3ae30c9df4dd8758ae795557ccccbdfd8e1b0985f73982325d24f966f6b8b62ee2a26f33a8687ac69cf23230ed51521a5db6a56669cc98b8cea28aab6391b0644edbb0bc255933f3f6bfe9587a69b4ca261ee069a4d6affa7959f0cb3dfc0f26f224c9c7970330eb3cc166012f9e5ea1cb7326cb9490549f4338f9c7581d54c65e72aa0748b7322b0917119ea7f4430b936b1064eee1eab786d92f0c3bf6e62dfb593e4b8c4cbc5393b6134a88b10ec582df5bcae7ba7eddf1bbb843cd1ae8ef48d5e069a317d3105cbc63b80e55e130a8c24208ded3e0087c8e8fad4395f3ddd014bdf518945572d6153ebe824d78d4b1cfa0849687fae9451b1b8296a92e93d742e8f7d7993577ff2836a881f56a3e4af4b48f110b91180aa3cf7cd1f59bad92bf329e00d0f91a0604747e11caf039e2fa6c599923b84f958d78ed29197b97d5e5156c1037a3d784da13099a7713ff6fb0a3ec37f6a9db6f435555d4652b773af4a8eb19943faeecafd8d5ace2e423e2b032f90e956a877d950e43c447ff885f1ef1b4008ff0961fa323f5764c4d9c423b84040030c991928e37fc850f910a423f2e054a3782439f9fb9c57412162dd7998bce05d998a23c67624b9780c6a7d4969fea9996995bbcf76eda7630f999b1c48e2dd587d12fa90e4e2c84cd8596817516423b74fc0515d30a18e27b2a36893a21a3302d59e538b7e4a5f7be4e21ef25538781a7c8bae6c22fc16f2c538adf139520049c882ed6797979a1b7a7278265cc39752f3abd208135235661a4da89c6b0143613050a9790950899ce7b93448682dbd30ee10b19605683bd267deb79a691164cca0f18fc83bd37d8acd55ed26c5ea8b9bf5f5844c49b22228252a982448aa0149bc69cc3d606cf8e5301c6d641f3eb51796bf789afd5fb9516625d3ef4856b809948cf38aa4e878736b09c77f2e7a95d4424c0418bd6a26649c9b72922a8d2dbea21fb9d906ae7b173391842a15122c136c4d573927881e9f632821b0b52347aee35dc84b6bec6e7db07580c6bdbd6d517b2da46caacf620c7d928f1a1d9f534163c82de44ef461fc8a9258fc785adefec80edab4c026d56f683d1014af04b31f085ba76af15fcdc580bac60bf7d3847e7bcd4eb3a3177df92f85ff9c46eab1d5527b74ba03e88c94a4f74ff37cbc8b89b95eb2fd65f274612a33d52f51b2963cde8262634f2ed3cebba553e529e78bf82420e31233c3f2d32eb104386eb7fa44ac759fc14317d17be2ff568b4d28b711da5cc914854288a7e8cf4c132ab8d0f19c8f174f28cff1500ae4842545095933470cd994ba3e90eab26105d1bef1fa0071f940396d1bb1791b0f4bbc21dc2671b991eab767607daa5a72bc8859a5fb83bce327a71e63cd9e97e81a10cbf52b46b84458fb8ac350335674983907fec17aea945688ec721f5b1d21b582fa7142cb669dc22980a535835e680cf1b859b87889ebd451d97a9fe2dae5877a12589d1cb4c32b1d5899c2dd5e1cd60eedd52c0191765e32966b645552979c500169a20195a4d8a45c91103f370d8bf20dafbf60280cea3147c46d594348252b67c9cd12c88def855f6520980668968c382a30537b11877baacedf6d46a7d761fc0609edf07f7eb313797eebc98b9bc18d918ae86284d6d2640ede70611d17b541e7e8bf024e261cb863a1592fc27eed37aad5fa24d6d5156737c95d3f9f88cbbb4a8deff5f5468aeb8f43d7a4b33493672226e3da85ce4b236045aec7c7d7dcc70fbd9142347d2407d7b534c36bd7626783ffc0d2abcffde40336bc3c1df4c6b39dd203c6eeac14f312d6bbf78fb4e010272fe5eb2077c8d7fcbc6814e3922103e56c25c5e025fcdaf719020bfb953c9d5907807a7d0e9609c6167353dee293cc5b26a72f36e20802f878e1e7e2b1b9f055ab05c9c3882799be8d9bd29009044decae876f03c1aa571d34d697545dd52f1be8d66e6ff7e1e42c2ba152cc748d60bca8ac21c9c42b9327c70ef346431e4baddb5c696439819ca00d23e3197e187e181a434615823bc4d96f08a3364c6968d724c74264b1754a8b315dfe82a7a7d4c2a2fa1b07e909d95a0bf70f44d7f782b58f3a6595b689a2bd0b26d7fa3f82bb1e34013fa39a548dac082e7e14db019498005a215984a6f3f828bf1847911d6bc1b647ccac40893c74ede81e41efb2b8ae9d43fd07281a2fa58cf2cb434cd5bd3798e977d5d7de2955a617dad16cecc7fe682908ec88435fa795b1eb250c6132c9a0bfc5d378995959f96ce7eb18e9928dd5103c86bece7b215495039d64ab2b332011a28bec09ccce41ec03de81c15d0564387344549a24f6000ebb1ecf6f2dcd389d99998c4f7ba70a89bd29db62628dbe3a227ffc5b96f77c19a58f974588eeae710041099612addf45306f0b8cc83d7942503046c9003232b351c962b43236eaed5432e910db6a2338c6940fe0d105151d0ba28293d7b8c8529ee7a5d4fd8ca37fb9e349ca0221a8d4b173bccc13460696851676ff636b1d694b95c91ce97d5703a847753c0a955258829635c8c841bcda1da2c2a8c105d22d88a60daafc469d9339439214a9727c30a5ffd6b3f8e31a726f4520fb3f6f036ddeb1ad33fc8490aa5e86118f1b14db591cc38773e43289736b94d05d9d9016368adcb2cb8764919bffe99ab1e052dc4b25b87d75d35b190b321a54c405893756cf960084a7ca2b2a1898402e923df90b09515b6cc9354eb21ba8309616911a5d68a0bca7bd8935ee700588fe530ed863fc5749889a33f378358969a255a048b1d53973587976c5e94512db9ee73408ca08ae9e92cf1b0c585c4b13ce3d060b76053a22709c7ab236e7d0cd15ba9ec6bc98e205f181d9e90ce3f365e56b10448ced308b3ae52d894dab08513bd8d374c0a098ff31f40e44996759bcc0c73cf250db293d098a6a3bd7e206ab9b03cdfde271609d8f608b800329f0cd34d1b599542be48192d12ce55a16099aada7479d8181b9b341ccfddeb104e22c048844d4f4a1ade1f2349b795620ab1e0cd28a783478798f6b7a25a88fa32703ca576d44a78e718d3aac6b4490e109f87d1aaca011273c83c7830ff33316a1db9fd628eee53016b28e356af5148693418aef10fe0248808a4e35929971742fd3041fa7a4dc01610374bbbb45960421923570968c4c9056fbd05eddae382d9aadff94e742c4e8d71ecc5f07b9a5f2e99b8e75478fc99fe09c85fd5bb5d5b6e32b640c37b86c4b30288edf304ae94eed8a78934a5575fcf9bd53785e70da7ef1d2516d0b86c68a024c3167defb98cb516a972aeb74b8e5eb0a0f0f9f88477a659a8253cc1f9cc916349a1c040b3ae673bad0557a894ac7e7b195d8d8c26a708c08fd19c4b0e9174bd69dbf230087f8791e369ada9d568ad675a934f07697f8e254df12a4b701da85248cb118b9e1d2353bad3dd49deaa76525861ec6deb3d6010437ec1d1a7ec3d4707f4c13ba51b92731f7b4b2820ba8b88a96c1bfdd61a957f1de1a064689dffb4c11b3c62e995a0fe1b457fcf3c9947fd6d6cfd5c777b058e698bea7ed5ce290dba29a8907c7d06dc83f3d8ef24c154343e802aebad44e237fb12090a5f8695c885a0e324926da3ee27f73e59bb4c394b8c3c1d3a88073b78fdf18dbfc2baf705136ca3d48b6ec598fb98676d58f7428941b4d743758e3df1fa89e36617af3075ba78ac1d66f18477a54211988b87fcf08b6730511ef2d4c5825e09a07777b532296c262256e73c2c7e0d08d855181167dcaab03bd68e1b539e5728d2b7880c8e000136fc8589ea47d57ac0f87296177158517321be2d2a06a0d62d628c9cf29f8f7b20321f4bc71afac7f8a9f9c3877163c7d2bc5be34e52cb93b88a623b989aabe323a15fd0dc764c369933abe036e66c6365c55d2c05ed938219ba4823b22ba82411466a880a9d600455fb9149965585eb28ebc1e69ac0d9f682c732362c8d27952f7c240688fad6fc11f93ed78f4abbdeda8a4be55ad43022617c29c16c609747f0669aca106ed0076a5278c81aa40af1479767550995824a1c83abe6693f5f42306192a417f6e95f02e00005a908d58023f968c5344ac878bda85d3e8a85de7e6beef60dcb8c4ec70360f037038a69af5333ca360451435ec57531053ce48e5a8a79b89b94b4d64d1e74511638ad7ef9f9cb742bd3827d023ccab513f9512318a236c02558c71bf87ec21f0b080bed1cf756e9280c56ec8712f73b7e70e14d55f7db2be38521cc794d9df30fa2f33deafa8d20de061a776682194144327fa18deef3d2807fc0c160cbe864ce760a8d8491fc73caa85e1c31e5fdd7de909e5a4726ce076469aa4c151ea381cdbec5f93382f586b98596ec87507a873e9c4055e841b41ffcd37629aff1ae1561bec9cd949467e1a05889faca863020a1d5d4ddb381c4147e319d896b394155001aa7bf7a2dedb674dc0308f2695266a5de3ea9b8b4c6670cb35c31f6d278f4968a16b1fba8f3e62186c97ddc76d61be73c26e71d83de928fdeffe9aabc1e7c839e8ea9659e0ff7f69d9f3eb9b32613919be3162b0750ccf8a388d48eaac842b20474c85369b129a4eaeb2515a8e649c43d3178133f5e4e15448a63f56f780f5ce65d8c0d81de5937371388f54c0515ff8da2f464e780170b25db95486ef4af68c59ad124afad10fc971096fed34885676e0575bdc6b1384ad5a32604dbefb16f5004562cf372a145b7354e04af80ef1a686ab91ce4e2d6633fc1cd85bb0c6abe1508b3bbadaed015da76f8336a39c1c78d56edeedafefffc4dc88e40b62779b7075bbff6af53aaaf4f1b941c226b77718d424ceef641f43f7fa30f2aeba839e5e08a1d7432f0abb1e0e38ea372fc3a50f7215ea26243ce069056d0d82eff9e369b47182ea4eb23ac15514a063e67f4d5c2edd0d9d730a40fed76fe3199c33bcc9a61733a247025f1336c019236f806dd37e2f324326fcee52129a23886a91d5d4ea6d0cb56f994426687d9297aa07d4c3174b816774a69fdfc0d609779ad1b5e9d0cacfe305babea9d92ddc2032408a8b9e8a3736b7fc279c3a31915c0e2539d735b127d14afd94491c23a390c175e3240ad5a5e082f56267783ae9b929280820d9655b39a05c0dc7da7285f9f0c50ad3dc68692af803f5fe6abd7c42bcf0", 0x1000}, {&(0x7f00000019c0)="aeb8fdb5ec9984a59fa643e8e060a4551a2e6c4a6b814498b20a2bfa4393647867", 0x21}, {&(0x7f0000001a00)="d0b79d66c2a5fa572d6c63636625f3842ed7f380a837041886de91ac4b5f31a43f426808b2157085fa1740b790aa9e2b9696549aecc734783781f8d8267fec78db57012f6796793f", 0x48}, {&(0x7f0000001a80)="b341a38008b7cd95d7552e40b2b9e80e3e9ee9c28189155be9ef6290e9280597435b46499f989634250329547e7340bdadada46167f30f79d3ac723cd9d3ea741b327a45efd544f736221889a55d61d1d724c1d348524bd64f8c8b1fc0aa680ceeb6e41cb52c51dcf05c799b10b74449fccaaec2c51669d4a0078fa90a8921e35020b4d33a100e6b802ff97443e6516380efb363fc08cd6708d9abb1ca1366", 0x9f}, {&(0x7f0000001b40)="8a23113a9af4b605ec643fffd560eab8ea65965fc7f59878fd0239ece91a100936ab2bae03b3ba3e1e56c0020fbdee9f2100e1868c7e6203dedaa034ffb4008a390f20a3031ef0edbd78e8206a8dfcb6faa0d9d58a870ddbaeeeecf04f561ca616e40bbcd35132211550fcde6498408b85d28ac4d6dbcdc18c5e0357", 0x7c}, {&(0x7f0000001bc0)="29c40eff61f21ac8f772528acc92b909c54695fcd959ec48c6660fd3cccf6f9abb4b186b", 0x24}], 0x6, &(0x7f0000001c80)}}, {{&(0x7f0000001cc0)={0xa, 0x4e20, 0x9, @mcast1, 0x51e1}, 0x1c, &(0x7f0000002080)=[{&(0x7f0000001d00)="a45d717314f5b1967f527afa6c54b6f953ba5a82f424a2e57a5c947e32236965f529aba97f297bc073f2ad2003b98df9bae7985d502bb5", 0x37}, {&(0x7f0000001d40)="eeb8256b6024a507989935bad603ea9b15fc4dd421a683b7175a95aeda2323e0368f986d5bf9c73f308131272b420dc37f6b43d6073976de263f370e1bcad6ec2657ca1a03d685f63cdf469bcb24b22062b988eefbba28a8bd9731a65949c5c0a82a22450b5b1a223a1807a9318054c8bd7aa45eb5c2593914d81b6c7e6841c8ff667e0a0162b7568405c5a5e4e2e974a6835a684d41cafbccde67f74ca10d4949b464722b922ef4d810fadf4655c5a7961aa7c3f4c2a9214e7e300515003550d22fcfdd7914e4bfd0e68ff841f1216f7eebcde971e5928e4dd303fd1eb62ec2aec0440bec4c2d79be83d67297e3a328", 0xf0}, {&(0x7f0000001e40)="991679dec8d51de658fc65348f242865f38ed1f1f00ab1e6f689169f4914af8b6dbdabfaf59424b9f6643e10d852fa1902017283741390f5a6651f6c20aae5515e83c4ce6747bf2b3cb14d255de3343f7ee715a4f60d1fb37bf46d2e56dbd9bbc722d13d8dd0e89010ae3188879cecdc992896aedfaeaafb70a52eaaaf789290b9a5d350b39a371b41951b9a65d1f425cf0db9761378322edb6f8d252f6821665f918de1195a63e066dae496e9ffdf927a0c505fbae88a575018b62f090044553e48b51a3ccf87ffe7cf96abe24eacffb380c714db4264cf2ce47a9975db58", 0xdf}, {&(0x7f0000001f40)="50f0b2815d44934f094c459942f9cc4b64005a86c0268dcab1703888f45540e54538763f2592aa3f67533ee455514b410961c6809b2c55ed99f6c0def9eaad41774ca93f4f39ef09b9f7a0547c985ca562096b68a81a6a8de4918ad3be4ed0fb542dddf607b4988ce07b019edd09bbc379ee7911c7e8a6fc243fd37ee7edcd77a1fd3d535e4a6849665d1c0f01451cebc8d8d62705a2661499cc9e84eac1fd40ac", 0xa1}, {&(0x7f0000002000)="4359d694c80fe13e11ffecb26c138035cb5f4683a2de1ad014ca2c0883979c52af4049a6457a4b87323b6a3616841ef9a0feab8b8c04f8a387", 0x39}, {&(0x7f0000002040)="34f91d511930b099dd76d734228a619962d75454d7303167245e695cf20ab476d90129b35dd14d95254298dc596202bc58a774b747", 0x35}], 0x6, &(0x7f0000002100)=[@rthdrdstopts={{0x20, 0x29, 0x37, {0x87, 0x0, [], [@enc_lim={0x4, 0x1, 0x3b8}]}}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x32, 0x4, 0x1, 0x1, 0x0, [@dev={0xfe, 0x80, [], 0x24}, @initdev={0xfe, 0x88, [], 0x0, 0x0}]}}}, @rthdr={{0x38, 0x29, 0x39, {0xc, 0x4, 0x2, 0x9, 0x0, [@local, @ipv4={[], [], @broadcast}]}}}, @hopopts_2292={{0xc0, 0x29, 0x36, {0x2e, 0x14, [], [@jumbo={0xc2, 0x4, 0x1f}, @hao={0xc9, 0x10, @remote}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, [], 0x2b}}, @pad1, @calipso={0x7, 0x58, {0x9, 0x14, 0xfff, 0xfffffffeffffffff, [0x0, 0x7, 0x3, 0xfffffffffffff000, 0xbbae, 0x100000001, 0xfffffffffffffffb, 0x3, 0x7f, 0xf3]}}, @pad1, @hao={0xc9, 0x10, @rand_addr="81d35b3f61071094a900c24e1093b242"}, @jumbo={0xc2, 0x4, 0xb44}]}}}, @dontfrag={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0x9}}], 0x180}}, {{&(0x7f0000002280)={0xa, 0x4e21, 0x3, @ipv4={[], [], @loopback}, 0xfffffffffffffffc}, 0x1c, &(0x7f0000003480)=[{&(0x7f00000022c0)="e916728c6f18c64c0289305d81c1176eeced795be13940dbbb55aab943b9f4909e7201d797addc0d0c237dd35b6fb7976ecf4857", 0x34}, {&(0x7f0000002300)="295fe1faff422bae36ed5009988621d46fabe75d95583f990d22c76c1414dd85bbef98c622f10878b4b2d8b97ad46297842e71c3b885efb06d4192771765f971e992f32e34a158af8054a00d11f377bab3cf6deddb8cc9b8299569c25fc34c0c7f03f1925ee6911cf4eb12d15727295d8d768a05ee64f71464d0522515154b89eb36ae45dde66ee8179ea017690bc7769e71028797cf4b33fc9ffae42228070435d37d7ea93cdd0b533feacd04076f759b13f2ab576a5fe526144acb5aa8f0c647a8b2988ba67e61a372a94deb21231f", 0xd0}, {&(0x7f0000002400)="cb006ab28f9c476a4b3eebb69c692b1d5a4528aeca9b068940299c2be0865507ddddf5ad", 0x24}, {&(0x7f0000002440)="bc6ba2d64238681205c605a1e9a4ec918b216287", 0x14}, {&(0x7f0000002480)="a036161d89a3c4110e41a4e0c8b789f9ce14434fa00db6730e4b7bcae56272aafe87742084f4c5d05b2790007cfed8d103223ab764ccfdc6cd0ecb65cfd82949e44de11b9b222cc3b965274716cc77bfc3b8c67af4d2d6a45345ae720005a22f6acde140354a54422c08a2a1a0a20b88b7ec1627536e384c55279191bb4d6d449176f95da7218a12e48a01e4e35744a6a7f63d050eef80d53e6391db410e1434e938786283b97c74e547d80858dbef5f4b85be46c76d26cbe38145ac56af95eab9c74b377769ee24c4d3ff7dd5df192087a8eb5b70ed63106fa3aaac45fc4b456aed6b6bd8daf07714ab454754d2e1b622ab2c21d653e963ae68c2f454841e4c7db3ea4626980e870038536eed5d1f1b3a90a1dcfab8d7ae2781ce14f88f048c83fe72c511b87ba26187a75d04263d2d00a941b7d9788463425dff27ad590ce4f480f596261b646b9516655ba39f02882bdf4c23464a591913c3fdad69eb3c23a6204e1eba8ee0f96bc05ac34f85c091c830efd348adfe071be5827703372639fa7aa49c1604db79decd3ef78b2c37ff38c0ab9bb557a1dfb2f19cf55c9e0b131495d1cacec719163f00c355284e8d17267c965ef49fad6886b79fff31b56865e95174233ddcd2f71d09965af7e09acc99fea531a560808dc5db3c0a444c7e8a230e3fbba7a4e9020a54c5d2b449321ec2e996a848e32d3061e2af4cb7ca6df5a8ce039780bc79fead7ac26ae41accc7fe153e91c4873c80314d2375920cfb0e3f05900b8e89541f1873bfbacb94f92fa9de439a73db53812ca2b14488e5ac9334dd863665c883991fadffd56ae6c21eeaba86977fca08f5f7b779ed9c7a4da2bf41fdd5c60b5c685bb8a3c665f3e40b38ea6fee2b7002ef44e68b3f26c230bf193d5073c70d7d592eabe5ff75dc09295b3431086814caa988a9320ed0b5751c4c19dc47bde11a5b45d939b2c2d45dceccda0fc69da56b6c5ced73c35acb7ef7e408bccba948e2da7129583fa23d3e20510078c7917628281eaf9b51a865252c42935c4d5330726418c7c0206288f3268160144eab287a28669c3006e0c97e1c563b4b1a61c55713783aea0827a629b97b6714ca05a7875d7ff326191a7904858f4a4cb6fab3ac005330caf955ac2d82b62b6101f8f199c4c2c22005b716da631d15491b746453682d71e906166a9bcf3f61fe5d894f2c3201e1a2545a89323fd2d401ac308e52082e4b26664abc968733601ef78e9eb984e929cd9c566a7f6809aaaf81a6a7126377ec43906564ef30685bf529ec4c70c0b62dd3925881c1fdaa51ca5724cd8060bfee05d5add33da1fc993d229116fb2e1e4287a29efff704ef1af9c9547e9ed72db6b1c3491b5d4627d4db0578a74ffebff4a05c77c876399af69c8fcc6df006f55da7267ee0655dedee2e11a4f40f2456b4bc1dbe6e9c07bb532be215c43fb92929f259556ee1a598ed9a40ba0f2edeca18391cbd900b120aef8a52a6d79fa567154d1ef9b4459e84357bf2167a4071dc903b0f45d3375090f6e609a5e2f4a4198895d44fe9359d4cb4bd92ffa294b54addbea0d0845f449e42f97f19034ddaadc44c866e265131541165c6336d0e835552c0b97345cad58dc36bac81e2bed2f7a8e498314f9928464d44235dfa283e062830cb7612f7230eee915bf270e5906db6033d791aa0abb830e84a222cc3771839dba150fb75fde3f96e032eed7f57e6c209ed96830a2fee5f092539566de3bdb8f6d78579da77837847a313f6017ea9a4f3153881f2d26dccfe05a3971778b0276b78dbf4fcb277c935ebf3be5055fe90677ef21b3d68e2cb19c98781319ba79ced4d24d365c5ad55b843899de99f072257dc59fcb05d1283b71cc8cf00bd540267f5831ee18831e082cf2289df59389db09e9839fab8b1a44491311f0a5b41498e769ecd068cd998ce1f5756b50def35e5e546f93edaabb30dfe27a161cdcdd3dd660073ace07ba1c75f79df6d62b3204b1565a0c78101efc5649d1aa7819517ae9baf0cb2b73d9069b988b06255b0ef2e473511e237850d4c1baa1ea2e7710f0a5ec6ab59727fbadd19d87434f2c23e9f265ee683a95e01f0fca2e7726881b35f5f5715eb14da9ee0b0cc4cbae4cf01495c3b74aa43d279a134ef83b6b8ac7c374c97f97e9c23382323d223f7d666b6fd194b1995f84bb5ecc602efed6e978533067ee91f2c83db946e4726595e52585f3769821a8d9a885a31ebd99ba893a77ecfa4d0354b53af12838ab8d5f51bfc29e6d6e87cce7660f226c332ad350ef5ba6e0c3540b60cdc875a5671d9338533a2e4e47f739e7973d9892e86357f252952a376520c49ca3605b4d6c646c8e31bf2d71a46113016f794dedaba514af2ef3091e99df05877e7f96a4792bfc0092becfd85e4a9ff6bfb22685b1c65ad336e90fecc955680797e8d661ff8f84facbd96788417ddae83e5801086e7f78a4483f7136b28bc106ccaad72df60ba6911654c90aff13e32611fc23daaf48bc00c00ccbf6e3398b93163d494a4d514246eafbab06637a437cd0c834650969b0f0f42584d14c11778f2b9b81ab48246d431a172c98988190e8b8d00cec5b40a16174830e5b143f99e05e12b6d28ec57444d87bdb75096a3a31752b4b61aa131861d877405dbd29af497ab4ce5e51487abc67574ad8a499d238126a50fdc870c80d07281c7b84a4520f332b7622618253ca17d05aca026af1fcd8153ce83d6849bca4b1176f6fccf431098c6b768b9138ae8a38dc8cae356a2fdbb792b8a51ed000a98a18acb8b7083973a1a7abf102a54e31854d7f80b700233877cb40780c5c623892497ec30f858504b45f9f0f44aabab8f995db433a9bd00322e4b8c87e15081c000fb9c62a87cc2cbd84aed0c4a3bb03a4802d1506a1dc77e7f7eb347bd8534790d805cc0aa24f1aa255cba85885e4eaf68b633976a7579e2b65b0226ebc7879001cade749cf3ac6b3dcd1a8098da1760a46c5a5b87cb17a7161bf1dfa503c185d355b0cf33c7dc3b7587da1278973c1aa1bf1f70cbe6a984724ed5d2831f31f97cf296aa7621fe1695ec3635e55ed830a9ea49d2d8dfa84e63a33bc1c1b9e4204ca97dd57203cedf05dd8759cc9f97f431e75f72ca45a302be8ae915ef217fa3129afd0b9a627e8416cf9c63857234ad7c850a3e2aeaf671c34901f58f4f7d35bbca2a05543a38383c537b4d48a8e116613fdefd600e4fe42a1fb4423e3d9bdb2183faa48c21a5f99c75dd4c47eb7b6ebd85e046621477e533336753ba7daa4139159727d0e49c54e49e77ac976943cbf29298396f2e0a71bbac44b20fcce146c3d4dff0a8d63f275496bcbd90fd2cd421b1bb1da7fe126ea8e8c2a640a5dbe41f139ff315b82feb3cbbf1050313b37b353a8c550600d46081c61d752288da9468b58036e9bda0629e27d11ba6b4c1a4c2057bb0b801afffe45aa1404bfca709155b2e4370dec1d4bb8c8f93060e41a2d79d402079895683961f7fb8dfea270cf90cb9fa6762f1efe8a39e71c1b597f4509ce39b2e1b882494f257a8e456e5b57434d04f5e1e1caed3e961263131cc82e25bf0da2521bc8c07bf29ffe913f4f28c573bad4071a7169c92d8c7cc27e028a4ec67504789dc1e2427c7ca4d52831cf9881051c9fa4e9260f34391a79d96fe1831200829046c1809eb1e3c72baf36762dec39191bf794f6baca08e5dbb5c7ba3770889ada9096e72e11d9e0d12bd2dd0bd1364996ac9ebb896f50ce2f1df23e7f0630a10dd37af6aef02af8b388dc1fc91fb377af8aafabd3c4ba5d37038434a9c4deaac63a056bda14ebce32e45c26ea17a18a4646ceccdffda391a635d4b7570b7b50e8885d7f0ac6b3497c79314f7886d73e856c5cc0a7032f7501c05c8cb187d85e010e6643ebd762191f2af13e6e74659bd2d311e11ca273c07bd868fa0be07a82e076c80510faa23e01651192c5f3163ddf301c16a8e19f69f810725d9ecc905f3e37465a185a8c8e94ccaf3c2a2f701b2c50ef2eec08b4d3d82ffffa203c63b3bc06b11dc61e8d3e025d252c842377543623ca86b843967e553d154a741dc249fe1a4a46f1feedfcbf8977efe9d1c94aa53a2a5e4502e658989817ab2b00475781150fd1e1fe9af8a8c3219387f1834efac311b4de19b9a18cf037f5395cb6a65846966a601ee5b72b5b6fb17298cf6c1ec8bf5ed7a5edfb9100266742abe2116b7d315d58fa51bdff5487c5f1563cc6e3e73c292e1b26e484a43c94f83dd7473bcb7479227e5547f2ab06d7e4c4e67428072858c0fd91dd6529771196297ff5b6c2d1578b20a7339afc69ceace017886efdb280ce1a3b03121b828b76c80abec337798e1e946f9e0c68d003293e63068e5d35c093ff7697d81411a8fa63d261c3beaa2e545696fa32238743473522459576e3efa3e881a04ada7b5aeb91c5c97ffee44689583227ad9465dabe2ee1c9546f8403648e6bb06ac213b6a65ee631e8672c7cdab1b7bb80ca67a02c301ce6fc6a3b0f162b1904c218a4b4b598741385bc53b076c1e0e540c37665e16265c2adfd4d41246904c16cf305a721fb33a9fca5afdd70b186bf1763dd324878e588be0a28cabca9c870dbf182f6dc21f74a9a5edddb195903da6d50b405b4abb586c1eb67483ddcdb9c4b76dfb09cc36facbe2d73026daccbc4b1b150613937a3b64c859fa1453ec24d796fb3b0ca18310000cc6cbd577163a78c536afb124df6902b200810814e09615e58f5918b018c7414f49111a8061895c2c952801d600fb534e5afb6d0c82712c2ab1d8323c1b812bc6d7c04ea561693056c6d315e01cfa5098c158d2818c23a381ff1f4a75e7e10009ac99c6de10d008d19fe4dd6266a1292d79608859f958feb70c487ec9ff3d8edad77f12d93591b51f73538d82cecaa3750331bf40d304622560dea73a3ac63ecf8343f401265b45ad4d2ff78fb45d8d42703e4e0570a1f473f1f08328fd0769dbddc0ac957927133fd851ae85f70e21dbc13bbf4d2fa90caa555fd526b520dcd6855d757138406e7bb2852596c3f8e756d7c4ab85ba85cd4e818930d2b590f337dd2e89ba6fcb1a1f135a50706df14e74ce59ad87e65e85bc8f86338e985325b9fa92a9ee685fc1c6530da567175a48b4d4d621f39d37dbf39eae8a99d65b678164d2ad7780bb20f3c79ba633b4a17007eee3a1f155938ae97f7e40958b092ec730a341187b6ce9318132b230a650c6d466b6d8be488e5149eb2f8b1b8883dd13d05ea6f1c99c7a362b41bcd1ed5894fd19d2bd9bf4393f5dd4210caade65c992b96bc743634ddda8830cc09557d00d360fb98bdabc2d0766e8b894e6f2d2e4ff0a3eea698128ae9aeef3b485f76dcd0c8cce225d26c5489e8a23ab35c63069e616c8a7dd5b84b54410b376fc83dfffb0ab97a405be4e0f9fd525a4d8d063c34154aecfc3f1acfc0b21a611bf2a407095c389f825417c8a324f801d6fe417963b517fef3ec58d3491fcead1eee60572dc2d7d6f76a72d172ec15cdadc62e33c1fe4fbb0edb0e852f1f9b24104d53a24c17b79269a9c57521b2ed43c2944b4ae37d3c35bb82bce58c19830a220ff8dbc2e4839b722af9152788a9ae2caf8e79f10e580363a47a4bae671ed068b17dcd1370e3d6b2862f6c72c0e5e7dd752191f6cbe67771f0425900531e90129a52efe8beb8ced536606cfddc7ce82a87757d9b9d0d6989cabc4fea74bc61afb871bff5d609297e3c17fe0bbe36cbcb4c28547a58c9fa858efdce5bbf118a679006aa56d", 0x1000}], 0x5, &(0x7f0000005300)=ANY=[@ANYBLOB="1400000000000000290000000800000002000000000000004800000000000000290000003700000029050000000000000401fb00010005020200072000000101064000000100008000000000080000000000000001000080000000000000000014000000000000002900000043000000040000001a0000001400000000000000290000003e00000080000000000000002800000000000000290000003700000000010000000000000401000001000502000600010000000038000000000000002900ff030000000000000000000000000502000701020000c910ff02000000000000000000000000000100000000000014000000000000002900e542bebc73a5ec0400000000000014000000000000002900000034000000bc0300000000000014000000000000002900000008000000060000000000000078000000000000002900000039000000060c011300000000fe800000000000be58820e4f1cd91b1500000000000000000000ffff0000000000000000000000000000000000000001fe8000000000000000000000000000aa00000000000000000000000000000001fe8000000000000000000000000000aa39861c365da6f8e6ec7334312ecfbb7f535eaaf88515c0de4151a07a5b30c2c18c3a7fd7c32080689e7f9a977a41721e9021b66ed5d60c63ad80b1ee41c895655e27b4ff2e87b80d21a831cab2c4c56aa81370c550a9a5eda176025789fdd539"], 0x1b0}}, {{&(0x7f00000036c0)={0xa, 0x4e24, 0x5, @local, 0x180000}, 0x1c, &(0x7f0000003780)=[{&(0x7f0000003700)="c3210d4f6058cdb28f0e0f84727f8d32d4f62f2e2da468c05038510f7afe29f83e2c4070a895e02afd0ee9d6d6e2a27e642fd0bc068360803cb50cfc9f3eaa0d578361774a3a9c922e39b9ddfec385dfc9fd5fd8df1a6cc8bf662e22e24d4580cff8bf3c807a54f76969e51562b3a72b195eaf716a0b356914", 0x79}], 0x1, &(0x7f00000037c0)=[@hopopts_2292={{0x38, 0x29, 0x36, {0x1d, 0x3, [], [@pad1, @jumbo={0xc2, 0x4, 0xe791}, @enc_lim={0x4, 0x1, 0xfffffffffffff7c3}, @hao={0xc9, 0x10, @mcast2}]}}}, @dstopts_2292={{0x70, 0x29, 0x4, {0x3a, 0xa, [], [@jumbo={0xc2, 0x4, 0x10000}, @pad1, @calipso={0x7, 0x48, {0xff, 0x10, 0x7fffffff, 0x94d, [0x0, 0x0, 0x2, 0x3, 0x5, 0x1ff, 0x81, 0x4]}}]}}}, @tclass={{0x14, 0x29, 0x43, 0x14e3}}, @flowinfo={{0x14, 0x29, 0xb, 0x40}}, @dontfrag={{0x14, 0x29, 0x3e, 0x40}}, @dstopts_2292={{0x50, 0x29, 0x4, {0x11, 0x6, [], [@ra={0x5, 0x2, 0x7}, @enc_lim={0x4, 0x1, 0xc57c}, @calipso={0x7, 0x28, {0xb96, 0x8, 0xaec3d84, 0x5, [0x80000001, 0x6, 0x4, 0x8001]}}, @padn={0x1, 0x2, [0x0, 0x0]}]}}}, @tclass={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0x6}}, @rthdrdstopts={{0x50, 0x29, 0x37, {0x32, 0x6, [], [@hao={0xc9, 0x10, @mcast2}, @ra={0x5, 0x2, 0x6}, @jumbo={0xc2, 0x4, 0xfffffffffffffff9}, @pad1, @hao={0xc9, 0x10, @local}, @jumbo]}}}], 0x1c0}}, {{0x0, 0x0, &(0x7f0000003bc0)=[{&(0x7f0000003980)="c5328073989d2dfca58ac49d5a89c895d41c2519f510b4ac2f5e3bc22b77be42094ecdb44acf647a9e65ed4bc4392d48c5d1bb211c51e45f2ca93337ea5504e02999d0e74fb338ff2c1791561590682627a80bb1f324834ca3b1f421a6cb0b3077f5b958365d85fe499caf435454b4a5ab5978c9cf526ec4eba66c2eb509458bcaa0a7e206d63359e39fc8691cde3b1824d81fe4f7625300f4fde1ad17764411f10267a2f39891bc90ce9524880d2fdee2c7bb08ba9c1396a7aff9680fa48c761bec2e3525f29872fe6306a362a4c3309007d1c451b84ff2ecec6a37ad0c3618347a54001d3e797b5db949", 0xeb}, {&(0x7f0000003a80)="a6fac21313693fd53178fcacf054e53912a121bc1bcdd031b8dd236c5a3caa0c8416902ef2d1abe9aca7fbce8303c99afa712ab4462227dfe78b8ed2dda0f1fb33c5c569ce0a6a56cc04b8487244cf25b178836263ea5bd62fe322b288fd354a2de3fa9562904d7dd61a4d7198614ed4cce8a07ca0741ad83ae6004add0e80563d763cad5fcd", 0x86}, {&(0x7f0000003b40)="36290f1843e4fe712e72f0910dbc15d89ef7b8eb551abf2a637af34445f84e149a277706d6dda36d19c2d2cfe6997652abbfb8fe7938a53af8646319d62b", 0x3e}, {&(0x7f0000003b80)="a63f059b82be99170957daabf18082a584cf72ab3689a00c362bbb7a78ac", 0x1e}], 0x4, &(0x7f0000003c00)=[@rthdrdstopts={{0x20, 0x29, 0x37, {0x32, 0x0, [], [@jumbo={0xc2, 0x4, 0x1}]}}}, @tclass={{0x14, 0x29, 0x43, 0x3}}], 0x38}}, {{&(0x7f0000003c40)={0xa, 0x4e20, 0x7, @ipv4={[], [], @remote}, 0x800}, 0x1c, &(0x7f0000003e00)=[{&(0x7f0000003c80)="0757383657d292184fda0abeb9a557261e7771df70a188483fe9756a66e428059a6dd49fecf2df1b52db5ba05407392c06a7b6c4ec87512d3c2f095bf5abc015732ec1467c490d9e0710", 0x4a}, {&(0x7f0000003d00)="c124861ec6790e0a8b6665521e35f3167b09fa2d7b7a7ba5120ef3ea176aa004c5969585cf846a443b0d08853f9846c40962a99c3ebddc9b165bdc7d114736002e11ad5fa17505472befd6aa1e9f53fd4bda93f8304e40b2b9cd1b6746c995c1cd83c20b1cc2f55db4d9a54543d5b2ee1dbb5034b04a5cbb55835aef376344718120a9fd60446d4cf1fd27b57b156aadde0dc150ab05a850f50dc1cce0f0fdcdb8434ccdb76bafade0fee143db3f6dd074fb2bb1a66cdb1e10dd5862e893189e0d1c10e61aeddfe6503ba1bcdb5125aae8db7d19b6ea6f427745eaed0319057138", 0xe1}], 0x2}}, {{&(0x7f0000003e40)={0xa, 0x4e21, 0xdb21, @remote, 0x9}, 0x1c, &(0x7f0000003f80)=[{&(0x7f0000003e80)="2acc6e0815ffeba4a7bdf26d9df3d71ab20f5dfd8ff5b8d6a49c7b65c81072d734c622094cb4e3da2375492915d88ee48995554be8be756c5a123c21dbff04b9045eb09213cd00694376250d5b2a012e89ca9864186d838e8597b7d0282420d7029ae95fdb2811ce4b9bb24a1a1cf0342e6a1161429e9a4502c3403ac25afb83ba115f4deb949472e7746bd39967596066d535028fddbfd6fe3c26374617e6dfdf905ef223050f65462d1f57cceb653af9b2cf9c9edcc21f632a67ac5a36867dd4a3d0ea4b2678c4c5121b24ab5f16fc009d6f78b80e9168bf71af58fb722b5de887", 0xe2}], 0x1, &(0x7f0000003fc0)=[@dstopts_2292={{0xb0, 0x29, 0x4, {0xe8ea3a17f9412946, 0x12, [], [@pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0xffffffff7fffffff, 0x5f, "125523c0baa35601e853c11d07b5d09dcc4c8bb9e2e9b97be0c4521c5623dbfe908585edcde1d86bb4b424ad6c29b6153e03ad07f9e8429bab4a0ee622b8791068284468b3e985de9d8f77ee652b30479a8d4e182f0d14f90a70a787fbc1af"}, @enc_lim={0x4, 0x1, 0x3c57}, @jumbo={0xc2, 0x4, 0x4}, @calipso={0x7, 0x18, {0x7fffffff, 0x4, 0x5583, 0x3, [0x401, 0x1]}}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7}}, @hoplimit={{0x14, 0x29, 0x34, 0x20}}, @dontfrag={{0x14, 0x29, 0x3e, 0x20}}], 0xf8}}], 0x9, 0x4000) getsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000004300)=""/4096, &(0x7f0000001c80)=0x1000) [ 668.823721] binder: 25163:25167 ioctl c028660f 20000140 returned -22 [ 668.838701] FAULT_INJECTION: forcing a failure. [ 668.838701] name failslab, interval 1, probability 0, space 0, times 0 [ 668.854667] binder: 25163:25167 unknown command 0 [ 668.862740] FAULT_INJECTION: forcing a failure. [ 668.862740] name failslab, interval 1, probability 0, space 0, times 0 [ 668.867691] CPU: 1 PID: 25170 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 668.875793] binder: 25163:25167 ioctl c0306201 20000380 returned -22 [ 668.881292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.881299] Call Trace: [ 668.881321] dump_stack+0x138/0x197 [ 668.881340] should_fail.cold+0x10f/0x159 [ 668.881353] should_failslab+0xdb/0x130 [ 668.881365] kmem_cache_alloc_node+0x287/0x780 [ 668.881375] ? get_pid_task+0x98/0x140 [ 668.881391] copy_process.part.0+0x17d5/0x6a00 [ 668.881408] ? save_trace+0x290/0x290 [ 668.881418] ? proc_fail_nth_write+0x7d/0x180 [ 668.881427] ? proc_cwd_link+0x1b0/0x1b0 [ 668.881435] ? __f_unlock_pos+0x19/0x20 [ 668.881444] ? find_held_lock+0x35/0x130 [ 668.881459] ? __cleanup_sighand+0x50/0x50 [ 668.881467] ? lock_downgrade+0x6e0/0x6e0 [ 668.881482] _do_fork+0x19e/0xce0 [ 668.957054] ? fork_idle+0x280/0x280 [ 668.960780] ? fput+0xd4/0x150 [ 668.963980] ? SyS_write+0x15e/0x230 [ 668.967752] SyS_clone+0x37/0x50 [ 668.971122] ? sys_vfork+0x30/0x30 [ 668.974668] do_syscall_64+0x1e8/0x640 [ 668.978571] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 668.983422] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 668.988603] RIP: 0033:0x459879 [ 668.991787] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 668.999580] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 669.010736] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 18:43:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00') ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) write$binfmt_aout(r1, &(0x7f0000000480)={{0x107, 0xff, 0x7, 0x9e, 0xd7, 0x1, 0x48, 0x400}, "529fee6fbdf9b3dd577315c5a20445b27b0782f6f728fd325b77a029d3727bf628599e5c4f78e6d6ff3fc43b2bb737b01fac89180da254eb2b", [[], [], [], []]}, 0x459) [ 669.017999] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 669.025268] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 669.025277] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 669.039835] CPU: 0 PID: 25169 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 669.046952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.056313] Call Trace: [ 669.058914] dump_stack+0x138/0x197 [ 669.062647] should_fail.cold+0x10f/0x159 [ 669.066809] should_failslab+0xdb/0x130 [ 669.070794] kmem_cache_alloc+0x2d7/0x780 [ 669.074954] ? lockdep_init_map+0x9/0x10 [ 669.077153] binder: 25176:25177 unknown command 0 [ 669.079026] ? debug_mutex_init+0x2d/0x5a [ 669.079042] dup_fd+0x85/0xa40 [ 669.079062] copy_process.part.0+0x1b5a/0x6a00 [ 669.084030] binder: 25176:25177 ioctl c0306201 20000380 returned -22 [ 669.088060] ? save_trace+0x290/0x290 [ 669.088072] ? proc_fail_nth_write+0x7d/0x180 [ 669.088081] ? proc_cwd_link+0x1b0/0x1b0 [ 669.088102] ? __cleanup_sighand+0x50/0x50 [ 669.096901] binder: 25176:25177 unknown command 0 [ 669.102476] ? lock_downgrade+0x6e0/0x6e0 [ 669.102496] _do_fork+0x19e/0xce0 [ 669.102509] ? fork_idle+0x280/0x280 [ 669.102524] ? fput+0xd4/0x150 [ 669.102537] ? SyS_write+0x15e/0x230 [ 669.111679] binder: 25176:25177 ioctl c0306201 20000380 returned -22 [ 669.114993] SyS_clone+0x37/0x50 [ 669.115003] ? sys_vfork+0x30/0x30 [ 669.115021] do_syscall_64+0x1e8/0x640 [ 669.115033] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 669.164473] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 669.169649] RIP: 0033:0x459879 18:43:50 executing program 2 (fault-call:7 fault-nth:1): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:50 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x4000, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0xa0001, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0xffffffff) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) pipe2(&(0x7f0000000300), 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f00000004c0)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0xffffffff, 0x0, 0x100000000}, {0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x7fff}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) sendmsg$TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[]}}, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000580)={[0x0, 0x8969, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4], 0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 18:43:50 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x1, 0x0) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000080)={0x0, 0x80000001}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f00000001c0)={r3, 0x84, "61f7804eceb356dd0b6528fecf4591c3052172437bdfb0ef56c36ae6b5033f3682d75b928d81624ad6a7ce16a4828457233fadefda38369591b64d9701173ada6fdbb7ef13e535093b3bf2859fabdeef92d1abd7c74d2370752ff83e13d22170872880fecd385e2a12735a7c11e940f375ce5531982f3eef6990cae885e08a7e9b42bd04"}, &(0x7f0000000140)=0x8c) 18:43:50 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:50 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) [ 669.172936] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 669.180893] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 669.188148] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 669.195401] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 669.202653] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 669.209906] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 669.253016] FAULT_INJECTION: forcing a failure. [ 669.253016] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 669.265234] CPU: 1 PID: 25183 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 669.272380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.281740] Call Trace: [ 669.284340] dump_stack+0x138/0x197 [ 669.288087] should_fail.cold+0x10f/0x159 [ 669.288098] ? __might_sleep+0x93/0xb0 [ 669.288112] __alloc_pages_nodemask+0x1d6/0x7a0 [ 669.297048] binder: 25186:25187 unknown command 0 [ 669.300799] ? __alloc_pages_slowpath+0x2930/0x2930 [ 669.300812] ? rcu_read_lock_sched_held+0x110/0x130 [ 669.300830] copy_process.part.0+0x26a/0x6a00 [ 669.300846] ? save_trace+0x290/0x290 [ 669.300856] ? proc_fail_nth_write+0x7d/0x180 [ 669.300863] ? proc_cwd_link+0x1b0/0x1b0 [ 669.300873] ? __f_unlock_pos+0x19/0x20 [ 669.300882] ? find_held_lock+0x35/0x130 [ 669.300902] ? __cleanup_sighand+0x50/0x50 [ 669.307406] binder: 25186:25187 ioctl c0306201 20000380 returned -22 [ 669.310758] ? lock_downgrade+0x6e0/0x6e0 [ 669.310779] _do_fork+0x19e/0xce0 [ 669.310792] ? fork_idle+0x280/0x280 [ 669.310805] ? fput+0xd4/0x150 [ 669.310814] ? SyS_write+0x15e/0x230 [ 669.310828] SyS_clone+0x37/0x50 [ 669.310836] ? sys_vfork+0x30/0x30 [ 669.310850] do_syscall_64+0x1e8/0x640 [ 669.310857] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 669.310876] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 669.320364] RIP: 0033:0x459879 [ 669.320369] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:43:50 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 669.320378] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 669.320383] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 669.320389] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 669.320394] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 669.320399] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 669.456421] binder: 25186:25192 unknown command 0 [ 669.466097] binder: 25186:25192 ioctl c0306201 20000380 returned -22 18:43:50 executing program 3 (fault-call:7 fault-nth:6): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:50 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:50 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) r3 = dup(r0) ioctl$TUNSETSTEERINGEBPF(r2, 0x800454e0, &(0x7f0000000040)=r3) 18:43:50 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:50 executing program 2 (fault-call:7 fault-nth:2): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 669.579044] binder: 25200:25201 unknown command 0 [ 669.579054] binder: 25200:25201 ioctl c0306201 20000380 returned -22 18:43:50 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) 18:43:50 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) [ 669.674565] binder: 25200:25207 unknown command 0 [ 669.679467] binder: 25200:25207 ioctl c0306201 20000380 returned -22 [ 669.709116] FAULT_INJECTION: forcing a failure. [ 669.709116] name failslab, interval 1, probability 0, space 0, times 0 18:43:50 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/enforce\x00', 0x4000, 0x0) ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0xfffffffffffffffb) r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) bind$ax25(r1, &(0x7f0000000080)={{0x3, @null, 0x4}, [@default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) ioctl$VIDIOC_S_OUTPUT(r1, 0xc004562f, 0xfffffffffffffffe) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x40, 0x0) ioctl$EVIOCGABS20(r3, 0x80184560, &(0x7f00000001c0)=""/247) 18:43:50 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 669.734465] FAULT_INJECTION: forcing a failure. [ 669.734465] name failslab, interval 1, probability 0, space 0, times 0 [ 669.753054] CPU: 0 PID: 25214 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 669.760223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.760230] Call Trace: [ 669.760246] dump_stack+0x138/0x197 [ 669.760263] should_fail.cold+0x10f/0x159 [ 669.779965] should_failslab+0xdb/0x130 [ 669.783966] kmem_cache_alloc_trace+0x2e9/0x790 [ 669.788649] ? lock_downgrade+0x6e0/0x6e0 [ 669.788666] alloc_fdtable+0x7f/0x280 [ 669.796607] dup_fd+0x693/0xa40 [ 669.799901] copy_process.part.0+0x1b5a/0x6a00 [ 669.799921] ? save_trace+0x290/0x290 [ 669.808290] ? proc_fail_nth_write+0x7d/0x180 [ 669.812878] ? proc_cwd_link+0x1b0/0x1b0 [ 669.812902] ? __cleanup_sighand+0x50/0x50 [ 669.812915] ? lock_downgrade+0x6e0/0x6e0 [ 669.825357] _do_fork+0x19e/0xce0 [ 669.828830] ? fork_idle+0x280/0x280 [ 669.832562] ? fput+0xd4/0x150 [ 669.835770] ? SyS_write+0x15e/0x230 [ 669.839499] SyS_clone+0x37/0x50 [ 669.842958] ? sys_vfork+0x30/0x30 [ 669.846515] do_syscall_64+0x1e8/0x640 [ 669.850414] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 669.855275] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 669.860473] RIP: 0033:0x459879 [ 669.863660] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 669.871440] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 669.875112] binder: 25221:25223 unknown command 0 [ 669.878820] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 669.878826] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 669.878833] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 669.878839] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 669.880279] CPU: 0 PID: 25217 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 669.906401] binder: 25221:25223 ioctl c0306201 20000380 returned -22 [ 669.912834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.912841] Call Trace: [ 669.912860] dump_stack+0x138/0x197 [ 669.912878] should_fail.cold+0x10f/0x159 [ 669.912891] should_failslab+0xdb/0x130 [ 669.912905] kmem_cache_alloc+0x2d7/0x780 [ 669.921843] QAT: Invalid ioctl [ 669.926489] ? creds_are_invalid+0x48/0x110 [ 669.926503] ? __validate_process_creds+0x14c/0x200 [ 669.926516] prepare_creds+0x3e/0x380 [ 669.926527] copy_creds+0x7b/0x4f0 18:43:50 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000480)={{{@in6=@remote, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0xe8) syz_mount_image$hfs(&(0x7f00000000c0)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f00000001c0)="9bc9a94b4a71dbd1116c48a2065c478b34db95d2114d874dcf840741b4a246a815db63e7e5703b4dc36869db90dee4c151ce6908aacfac3b3db9476751694e1a591041464f672ffb69839cf9c19a69ee498f414f8f7f3b99493357270ac0853cd960eb3d678a8bc687d018cb9767b87d4bd6f5861d65a0a9dad50196e6bd41022f847897653ce3f79c6523ac13c00febb5e42681", 0x94, 0x4}, {&(0x7f0000000280)="8aec8919c500aa4ff6a8ca07a1af5ea33f07f29e7e197e6bef1e4ee9a067a047c10e19bd464a8b5120e2b53b0c2897ef3db8a9395ee93f3ef5537f373abcabc54ee74de5b9465bcdfe369a90", 0x4c, 0x1000}], 0x20012, &(0x7f0000000580)={[{@quiet='quiet'}, {@file_umask={'file_umask', 0x3d, 0x4b}}, {@codepage={'codepage', 0x3d, 'cp936'}}, {@file_umask={'file_umask', 0x3d, 0xb5}}], [{@subj_role={'subj_role', 0x3d, 'self*#,(.'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'trusted.overlay.redirect\x00'}}, {@appraise='appraise'}, {@uid_eq={'uid', 0x3d, r2}}, {@pcr={'pcr', 0x3d, 0x1e}}]}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) lsetxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.redirect\x00', &(0x7f0000000080)='./file0\x00', 0x8, 0x2) [ 669.938831] binder: 25221:25223 unknown command 0 [ 669.942103] ? lockdep_init_map+0x9/0x10 [ 669.942122] copy_process.part.0+0x868/0x6a00 [ 669.942136] ? save_trace+0x290/0x290 [ 669.942146] ? proc_fail_nth_write+0x7d/0x180 [ 669.942158] ? proc_cwd_link+0x1b0/0x1b0 [ 669.946480] binder: 25221:25223 ioctl c0306201 20000380 returned -22 [ 669.950278] ? __f_unlock_pos+0x19/0x20 [ 669.950302] ? __cleanup_sighand+0x50/0x50 18:43:51 executing program 3 (fault-call:7 fault-nth:7): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:51 executing program 2 (fault-call:7 fault-nth:3): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 669.950312] ? lock_downgrade+0x6e0/0x6e0 [ 669.950328] _do_fork+0x19e/0xce0 [ 669.950342] ? fork_idle+0x280/0x280 [ 669.955584] QAT: Invalid ioctl [ 669.957770] ? fput+0xd4/0x150 [ 669.957783] ? SyS_write+0x15e/0x230 [ 669.957798] SyS_clone+0x37/0x50 [ 669.957810] ? sys_vfork+0x30/0x30 [ 669.980947] do_syscall_64+0x1e8/0x640 [ 669.980962] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 669.980979] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 670.004132] RIP: 0033:0x459879 [ 670.004138] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 670.018180] binder: 25226:25227 unknown command 0 [ 670.021251] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 670.021258] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 670.021264] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 670.021270] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 670.021276] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:51 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:43:51 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 670.132819] binder: 25226:25227 ioctl c0306201 20000380 returned -22 [ 670.144431] binder: 25226:25230 unknown command 0 [ 670.149570] binder: 25226:25230 ioctl c0306201 20000380 returned -22 18:43:51 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, &(0x7f0000000440)=0x8) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 670.206089] FAULT_INJECTION: forcing a failure. [ 670.206089] name failslab, interval 1, probability 0, space 0, times 0 [ 670.238539] CPU: 0 PID: 25233 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 670.245691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.255141] Call Trace: [ 670.257749] dump_stack+0x138/0x197 [ 670.261403] should_fail.cold+0x10f/0x159 [ 670.265577] should_failslab+0xdb/0x130 [ 670.269572] kmem_cache_alloc_node_trace+0x280/0x770 [ 670.274697] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 670.280169] __kmalloc_node+0x3d/0x80 [ 670.283986] kvmalloc_node+0x4e/0xe0 [ 670.287715] alloc_fdtable+0xcf/0x280 [ 670.291531] dup_fd+0x693/0xa40 [ 670.294826] copy_process.part.0+0x1b5a/0x6a00 [ 670.299429] ? save_trace+0x290/0x290 [ 670.299698] FAULT_INJECTION: forcing a failure. [ 670.299698] name failslab, interval 1, probability 0, space 0, times 0 [ 670.303236] ? proc_fail_nth_write+0x7d/0x180 [ 670.303245] ? proc_cwd_link+0x1b0/0x1b0 [ 670.303269] ? __cleanup_sighand+0x50/0x50 [ 670.303281] ? lock_downgrade+0x6e0/0x6e0 [ 670.303296] _do_fork+0x19e/0xce0 [ 670.303310] ? fork_idle+0x280/0x280 [ 670.338573] ? fput+0xd4/0x150 [ 670.341782] ? SyS_write+0x15e/0x230 [ 670.345500] SyS_clone+0x37/0x50 [ 670.348878] ? sys_vfork+0x30/0x30 [ 670.352427] do_syscall_64+0x1e8/0x640 [ 670.356313] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 670.361161] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 670.366341] RIP: 0033:0x459879 [ 670.369524] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 670.377316] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 670.384586] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 670.391943] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 670.399302] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 670.406568] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 670.413945] CPU: 1 PID: 25244 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 670.421150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.430496] Call Trace: [ 670.430514] dump_stack+0x138/0x197 [ 670.430530] should_fail.cold+0x10f/0x159 [ 670.430542] should_failslab+0xdb/0x130 [ 670.430553] __kmalloc_track_caller+0x2ec/0x790 [ 670.430565] ? check_preemption_disabled+0x3c/0x250 18:43:51 executing program 3 (fault-call:7 fault-nth:8): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:51 executing program 4: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xfffffffffffffd63, &(0x7f0000000140)={&(0x7f0000000080)={0x7c, r1, 0x702, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}]}, @TIPC_NLA_NET={0x40, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffffffff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffff9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3ae}]}, @TIPC_NLA_MON={0x1c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1d6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x810) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r3 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0) r4 = mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x60, 0x0, &(0x7f00000002c0)=[@release={0x40046306, 0x2}, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000200)={@fd={0x66642a85, 0x0, r3}, @fd={0x66642a85, 0x0, r3}, @fda={0x66646185, 0x8, 0x2}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}}, @free_buffer={0x40086303, r4}, @acquire={0x40046305, 0x1}], 0x41, 0x0, &(0x7f00000003c0)="1c3863278cc5c46cc587584ea2fa4210fcaa63aa284f4e229fb4a92018570e04e709361eb74393bb1723bc784f04b7b5fa875bd711ad38e14d22ed32d01581ec05"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) [ 670.430576] ? prepare_creds+0x3e/0x380 [ 670.430585] ? selinux_cred_prepare+0x49/0xb0 [ 670.430596] kmemdup+0x27/0x60 [ 670.430607] selinux_cred_prepare+0x49/0xb0 [ 670.470569] security_prepare_creds+0x7d/0xb0 [ 670.475065] prepare_creds+0x2cf/0x380 [ 670.479080] copy_creds+0x7b/0x4f0 [ 670.482715] ? lockdep_init_map+0x9/0x10 [ 670.486805] copy_process.part.0+0x868/0x6a00 [ 670.491326] ? save_trace+0x290/0x290 18:43:51 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="000000de000000010000000000000000"], 0x232, 0x2, 0x0}) [ 670.495517] ? proc_fail_nth_write+0x7d/0x180 [ 670.509031] ? proc_cwd_link+0x1b0/0x1b0 [ 670.513103] binder: 25247:25248 unknown command 0 [ 670.515379] ? __f_unlock_pos+0x19/0x20 [ 670.515400] ? __cleanup_sighand+0x50/0x50 [ 670.520418] binder: 25247:25248 ioctl c0306201 20000380 returned -22 [ 670.523155] binder: BINDER_SET_CONTEXT_MGR already set [ 670.525408] ? lock_downgrade+0x6e0/0x6e0 [ 670.525431] _do_fork+0x19e/0xce0 [ 670.529844] binder: 25247:25249 ioctl 40046207 0 returned -16 [ 670.551018] ? fork_idle+0x280/0x280 [ 670.551034] ? fput+0xd4/0x150 [ 670.551044] ? SyS_write+0x15e/0x230 [ 670.551056] SyS_clone+0x37/0x50 [ 670.551064] ? sys_vfork+0x30/0x30 [ 670.551077] do_syscall_64+0x1e8/0x640 [ 670.551084] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 670.551099] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 670.560562] RIP: 0033:0x459879 [ 670.560568] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:43:51 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000000)={0x28}, 0x28) r1 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000280)=0xc) keyctl$chown(0x4, r1, r2, r3) 18:43:51 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) 18:43:51 executing program 2 (fault-call:7 fault-nth:4): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:51 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8000001000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="28000000300001830000000066f3069a08f9e3ab14000100100001000800010000000000c3000000c9614be54eb7f66879dee9fe24e4aa801519c0c4c73aa857604edab911e248adbd474e0a0f857bd77b4461361deab89298a0aa4136fcfc750bdabdd07bc053b3aeff4a5125b04b6200282992b7c541d1bd59ff3307009a91abf5e88a943032353affc2f410e34bd594adb06cb3fe334c1733ff90ef1776f2a574f54408f84ed79644fcbf94abcf30bd155f1863802b25b7c9f5534a2d55c6bd92563af9eb6eec22604c12ffffff7f5673f62f0328233ecfdb40477bac3e4ac80200000000000000bc0c770a8c67cb813a15ef0b44b5642f6c1e6be331583ab7f831b30900000000000000e39e56d30f6e8e86401098cff9db73beec3f54d424d9361714a3ed4f59861e41ee4a15fad591a85dba4f3f0f55755b54273bbeb8a8a8065aecbc66efe69ab7d39da67d9e4f20207c34fd17be81a22150b686a6a70b3f09490348932bb4f2b5b384c013c09256b40d2880d9f24d5757d8daa6f739f3438a32fa292de511961db519681a20613840cdd7f068d9f7b78a5550bdcf4fa9a265526230dcc8e0e2339d66e5775a03d96c3530b4b6355ae0e0b852fc7284626a52a78488e629e48fb4895dbb25b1db46b1561a2342f3dfa8f5320e4870fe72d29362a9e6b3"], 0x28}}, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x400080, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) r3 = socket$unix(0x1, 0x2, 0x0) r4 = getuid() fstat(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$P9_RGETATTR(r3, &(0x7f00000001c0)={0xa0, 0x19, 0x1, {0x446, {0x45, 0x2, 0x1}, 0x42, r4, r5, 0x0, 0x2, 0x7d, 0x7e9, 0x4, 0x101, 0x4, 0xaad, 0x8001, 0x10000, 0x2, 0xfffffffffffffff7, 0x2, 0x3}}, 0xa0) recvmsg(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb1}, 0x0) [ 670.560577] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 670.560583] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 670.560588] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 670.560593] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 670.560598] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 670.675957] binder: 25250:25254 unknown command -570425344 [ 670.685022] binder: 25250:25254 ioctl c0306201 20000380 returned -22 [ 670.695933] FAULT_INJECTION: forcing a failure. [ 670.695933] name failslab, interval 1, probability 0, space 0, times 0 [ 670.724252] binder: 25250:25262 unknown command -570425344 [ 670.734699] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 670.745193] CPU: 1 PID: 25255 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 670.752336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.752343] Call Trace: [ 670.752365] dump_stack+0x138/0x197 [ 670.752384] should_fail.cold+0x10f/0x159 [ 670.752399] should_failslab+0xdb/0x130 [ 670.752416] kmem_cache_alloc_node_trace+0x280/0x770 [ 670.752427] ? kasan_unpoison_shadow+0x35/0x50 [ 670.752441] __kmalloc_node+0x3d/0x80 [ 670.752453] kvmalloc_node+0x4e/0xe0 [ 670.752464] alloc_fdtable+0x13b/0x280 [ 670.752478] dup_fd+0x693/0xa40 [ 670.752495] copy_process.part.0+0x1b5a/0x6a00 [ 670.752511] ? save_trace+0x290/0x290 [ 670.772670] ? proc_fail_nth_write+0x7d/0x180 [ 670.797678] ? proc_cwd_link+0x1b0/0x1b0 [ 670.797702] ? __cleanup_sighand+0x50/0x50 [ 670.805555] ? lock_downgrade+0x6e0/0x6e0 [ 670.805573] _do_fork+0x19e/0xce0 [ 670.813852] ? fork_idle+0x280/0x280 [ 670.813869] ? fput+0xd4/0x150 [ 670.822131] ? SyS_write+0x15e/0x230 [ 670.822148] SyS_clone+0x37/0x50 [ 670.822154] ? sys_vfork+0x30/0x30 [ 670.822167] do_syscall_64+0x1e8/0x640 [ 670.822176] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 670.822192] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 670.822199] RIP: 0033:0x459879 [ 670.822203] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:43:51 executing program 5: mount$9p_xen(&(0x7f00000000c0)='/selinux/policy\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="7472616e733d78656e2c63616368653d6d6d61702c730180000000000000616e736d7574653d2a656d305658b3736465663d2c2b2d7b70726f637b656d316574683176626f786e6574302c00ba47553bc7b600"/95]) r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0) pwritev(r0, &(0x7f0000000580)=[{&(0x7f0000000280)="eeb14c0b7d839451350f95bf05233573a61981053dbf3d94c88a14895f189f4147a43ee934e1edb288520634f4214141c25304187e78916353be259dec1568b37912529afbecc3aaac5f0ea59b95bf3d4293820f3e3b3c7ee4e6c0b37c5ba6e959d0453ac11813325f6e4c41e2ba5809ef4a93f3a0352b133201f2f87b3b770218609afc2c9369460cb7106be28aa4837dcf8723", 0x94}, {&(0x7f00000001c0)="c930fa8ee728fa6cb1219c91f0ef69216e1f4674bc8660292fd2b5a0f7f514ee0b5eb81c8e71", 0x26}, {&(0x7f0000000340)="f0dc4ef513126ddaad4313cc2c7665bb7a5a0a3dfe3b7e49e61bfdfc1a4b6f613dfc72ca1cf42f112333a0d97653d7128e6734b9edd72f999a1c5b4ce12d384302e5ccc0c719a140d7129e5860c1ca3389d9dff55ef59f817298b5d3a3cb25c98d69b24deffab06813e0f081bd27498ca922f285ebd3d368c4b6e1fd250ae9b6d2a844b65d81e3c12e6f72591bf0e0fcc9094c8063340ce0e663c1a5901d8e1780429ce6779fd41d9ba6d8b9a477a4fde4fb6c925df585a4420c8e1b33a0f1e55df1506cee9d85a2", 0xc8}, {&(0x7f0000000440)="d285e84d7347c225018cfa658fce961c478427e64b9258dc948ffac8ba2b397f64785174fba5bbe34ed45f070380e0516bf40fe7d6442bbe5ce1972860dca0c5823068c06ce23b1aa196c4b9c6c364266feaf7e6139b6bc7bb9f0200d1c45d7ea741842dfbbcc74fe2da649d92066c", 0x6f}, {&(0x7f00000004c0)="b678e20d98bbd2a6a1aceae1f0572202e8cf486ab52fc0261e71542165dbbe2423b0a24f2bcb0786f40866baa3e17fc8ffa29086ec95ff035e963e220ae7bb19223816065f156fdb026bd0537d6c6db6c6e0715d0ef2705871efdaaee3c25b8a3684cfad1515ca03f78542ef7b23c6c9c6", 0x71}, {&(0x7f0000000540)="0148d9a5b5339da8b02f37d143b8eca122e5a1734ba80df64840833c74e2b438610acfe58001d960ae7f5be8ed9bc78699", 0x31}], 0x6, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000040)={0x1, 0x0, {0x1, 0x2, 0xffffffff, 0x2, 0x78010ba7}}) ioctl$VIDIOC_SUBDEV_S_CROP(r1, 0xc038563c, &(0x7f0000000180)={0x0, 0x0, {0x9, 0x4, 0x10001, 0x1}}) 18:43:51 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 670.822214] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 670.822219] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 670.822225] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 670.822230] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 670.822235] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 670.826692] binder: 25250:25262 ioctl c0306201 20000380 returned -22 [ 670.838748] FAULT_INJECTION: forcing a failure. 18:43:51 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x100000000, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) [ 670.838748] name failslab, interval 1, probability 0, space 0, times 0 [ 670.887799] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 18:43:51 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x8000001000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="28000000300001830000000066f3069a08f9e3ab14000100100001000800010000000000c3000000c9614be54eb7f66879dee9fe24e4aa801519c0c4c73aa857604edab911e248adbd474e0a0f857bd77b4461361deab89298a0aa4136fcfc750bdabdd07bc053b3aeff4a5125b04b6200282992b7c541d1bd59ff3307009a91abf5e88a943032353affc2f410e34bd594adb06cb3fe334c1733ff90ef1776f2a574f54408f84ed79644fcbf94abcf30bd155f1863802b25b7c9f5534a2d55c6bd92563af9eb6eec22604c12ffffff7f5673f62f0328233ecfdb40477bac3e4ac80200000000000000bc0c770a8c67cb813a15ef0b44b5642f6c1e6be331583ab7f831b30900000000000000e39e56d30f6e8e86401098cff9db73beec3f54d424d9361714a3ed4f59861e41ee4a15fad591a85dba4f3f0f55755b54273bbeb8a8a8065aecbc66efe69ab7d39da67d9e4f20207c34fd17be81a22150b686a6a70b3f09490348932bb4f2b5b384c013c09256b40d2880d9f24d5757d8daa6f739f3438a32fa292de511961db519681a20613840cdd7f068d9f7b78a5550bdcf4fa9a265526230dcc8e0e2339d66e5775a03d96c3530b4b6355ae0e0b852fc7284626a52a78488e629e48fb4895dbb25b1db46b1561a2342f3dfa8f5320e4870fe72d29362a9e6b3"], 0x28}}, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x400080, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) r3 = socket$unix(0x1, 0x2, 0x0) r4 = getuid() fstat(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$P9_RGETATTR(r3, &(0x7f00000001c0)={0xa0, 0x19, 0x1, {0x446, {0x45, 0x2, 0x1}, 0x42, r4, r5, 0x0, 0x2, 0x7d, 0x7e9, 0x4, 0x101, 0x4, 0xaad, 0x8001, 0x10000, 0x2, 0xfffffffffffffff7, 0x2, 0x3}}, 0xa0) recvmsg(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb1}, 0x0) [ 671.052347] binder: 25279:25283 unknown command 0 [ 671.066325] binder: 25279:25283 ioctl c0306201 20000380 returned -22 [ 671.093098] binder: 25279:25288 unknown command 0 [ 671.099603] binder: 25279:25288 ioctl c0306201 20000380 returned -22 [ 671.107186] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 671.111767] CPU: 0 PID: 25266 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 671.122830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 671.132191] Call Trace: [ 671.132207] dump_stack+0x138/0x197 [ 671.132223] should_fail.cold+0x10f/0x159 18:43:52 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 671.132237] should_failslab+0xdb/0x130 [ 671.142609] kmem_cache_alloc+0x2d7/0x780 [ 671.142620] ? creds_are_invalid+0x48/0x110 [ 671.142631] ? selinux_is_enabled+0x9/0x50 [ 671.142640] ? creds_are_invalid+0x48/0x110 [ 671.163874] __delayacct_tsk_init+0x20/0x80 [ 671.168247] copy_process.part.0+0x1a6c/0x6a00 [ 671.172973] ? save_trace+0x290/0x290 [ 671.176795] ? proc_fail_nth_write+0x7d/0x180 [ 671.181311] ? proc_cwd_link+0x1b0/0x1b0 [ 671.185387] ? __f_unlock_pos+0x19/0x20 [ 671.189385] ? __cleanup_sighand+0x50/0x50 [ 671.193645] ? lock_downgrade+0x6e0/0x6e0 [ 671.197810] _do_fork+0x19e/0xce0 [ 671.201316] ? fork_idle+0x280/0x280 [ 671.205216] ? fput+0xd4/0x150 [ 671.208411] ? SyS_write+0x15e/0x230 [ 671.212110] SyS_clone+0x37/0x50 [ 671.215458] ? sys_vfork+0x30/0x30 [ 671.218986] do_syscall_64+0x1e8/0x640 [ 671.222851] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 671.227676] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 671.232845] RIP: 0033:0x459879 [ 671.236052] RSP: 002b:00007f8cec857c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:43:52 executing program 3 (fault-call:7 fault-nth:9): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:52 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) 18:43:52 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000080)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) r1 = syz_open_dev$admmidi(&(0x7f0000004d40)='/dev/admmidi#\x00', 0x8, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000004d80)=[@in={0x2, 0x4e22, @broadcast}, @in={0x2, 0x4e23, @multicast2}, @in6={0xa, 0x4e20, 0x0, @mcast1, 0x7ff}, @in6={0xa, 0x4e24, 0x81, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x7}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, @in={0x2, 0x4e21, @multicast1}], 0x78) 18:43:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0563c11c39cb2232b4a200604ac0a84e6f04262f2f9a19dc3846044000000000"], 0x232, 0x2, 0x0}) [ 671.243937] RAX: ffffffffffffffda RBX: 00007f8cec857c90 RCX: 0000000000459879 [ 671.251200] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 671.258543] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 671.265806] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8586d4 [ 671.273058] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:52 executing program 2 (fault-call:7 fault-nth:5): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:52 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 671.369785] binder: 25294:25301 unknown command 482435845 [ 671.387164] FAULT_INJECTION: forcing a failure. [ 671.387164] name failslab, interval 1, probability 0, space 0, times 0 [ 671.405828] binder: 25294:25301 ioctl c0306201 20000380 returned -22 18:43:52 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 671.430862] CPU: 0 PID: 25302 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 671.438026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 671.447477] Call Trace: [ 671.450079] dump_stack+0x138/0x197 [ 671.453726] should_fail.cold+0x10f/0x159 [ 671.457898] should_failslab+0xdb/0x130 [ 671.461893] kmem_cache_alloc+0x2d7/0x780 [ 671.466050] ? dup_fd+0x533/0xa40 [ 671.469514] copy_fs_struct+0x43/0x2d0 [ 671.473414] copy_process.part.0+0x3924/0x6a00 [ 671.478016] ? save_trace+0x290/0x290 [ 671.481828] ? proc_fail_nth_write+0x7d/0x180 [ 671.486334] ? proc_cwd_link+0x1b0/0x1b0 [ 671.490424] ? __cleanup_sighand+0x50/0x50 [ 671.494668] ? lock_downgrade+0x6e0/0x6e0 [ 671.499003] _do_fork+0x19e/0xce0 [ 671.502466] ? fork_idle+0x280/0x280 [ 671.506206] ? fput+0xd4/0x150 [ 671.509433] ? SyS_write+0x15e/0x230 [ 671.513172] SyS_clone+0x37/0x50 [ 671.516545] ? sys_vfork+0x30/0x30 [ 671.520078] do_syscall_64+0x1e8/0x640 [ 671.523969] ? trace_hardirqs_off_thunk+0x1a/0x1c 18:43:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x3, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x3, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0xc, &(0x7f0000000040)=0x3, 0x4) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:52 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 671.528826] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 671.534125] RIP: 0033:0x459879 [ 671.537304] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 671.545080] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 671.552335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 671.559591] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 671.566858] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 671.574125] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:52 executing program 3 (fault-call:7 fault-nth:10): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:52 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 671.641563] FAULT_INJECTION: forcing a failure. [ 671.641563] name failslab, interval 1, probability 0, space 0, times 0 [ 671.660742] binder: 25316:25319 unknown command 0 [ 671.680315] binder: 25316:25319 ioctl c0306201 20000380 returned -22 18:43:52 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 671.692895] CPU: 0 PID: 25308 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 671.700044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 671.709413] Call Trace: [ 671.712030] dump_stack+0x138/0x197 [ 671.715680] should_fail.cold+0x10f/0x159 [ 671.719850] should_failslab+0xdb/0x130 [ 671.723884] kmem_cache_alloc+0x2d7/0x780 [ 671.728043] ? lockdep_init_map+0x9/0x10 [ 671.732118] ? debug_mutex_init+0x2d/0x5a [ 671.736300] dup_fd+0x85/0xa40 [ 671.739507] copy_process.part.0+0x1b5a/0x6a00 [ 671.744107] ? save_trace+0x290/0x290 [ 671.748090] ? proc_fail_nth_write+0x7d/0x180 [ 671.752598] ? proc_cwd_link+0x1b0/0x1b0 [ 671.756678] ? __cleanup_sighand+0x50/0x50 [ 671.761095] ? lock_downgrade+0x6e0/0x6e0 [ 671.765244] _do_fork+0x19e/0xce0 [ 671.768702] ? fork_idle+0x280/0x280 [ 671.772511] ? fput+0xd4/0x150 [ 671.775712] ? SyS_write+0x15e/0x230 [ 671.779537] SyS_clone+0x37/0x50 [ 671.782402] FAULT_INJECTION: forcing a failure. [ 671.782402] name failslab, interval 1, probability 0, space 0, times 0 [ 671.782906] ? sys_vfork+0x30/0x30 [ 671.797794] do_syscall_64+0x1e8/0x640 [ 671.801683] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 671.806533] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 671.811716] RIP: 0033:0x459879 [ 671.814926] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 671.822627] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 671.829923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 671.837184] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 671.844455] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 671.851714] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 671.859006] CPU: 1 PID: 25324 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 671.866077] binder: 25316:25330 unknown command 0 [ 671.866116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 671.871227] binder: 25316:25330 ioctl c0306201 20000380 returned -22 [ 671.880339] Call Trace: [ 671.880365] dump_stack+0x138/0x197 18:43:52 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) r2 = request_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='vboxnet0+\\#security\xe2\x00', 0xfffffffffffffffd) r3 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) r4 = add_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000240)="bc851c43e797a0d576c4b564ecd179c34dce40aeab5e6b2ab40af7ae433d43aafa1ac9b7c442d6933bca7341e3adabb88ceec186133d", 0x36, 0xfffffffffffffffc) keyctl$KEYCTL_MOVE(0x1e, r2, r3, r4, 0x5b9d152e0369eb89) r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x131000, 0x0) setsockopt$bt_hci_HCI_FILTER(r5, 0x0, 0x2, &(0x7f00000002c0)={0x0, 0x0, 0x9, 0x3c7a36a1}, 0x10) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:52 executing program 2 (fault-call:7 fault-nth:6): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 671.880382] should_fail.cold+0x10f/0x159 [ 671.880395] should_failslab+0xdb/0x130 [ 671.880406] kmem_cache_alloc+0x2d7/0x780 [ 671.880417] ? _raw_spin_unlock+0x2d/0x50 [ 671.880434] copy_process.part.0+0x3987/0x6a00 [ 671.909678] ? save_trace+0x290/0x290 [ 671.918033] ? proc_fail_nth_write+0x7d/0x180 [ 671.922530] ? proc_cwd_link+0x1b0/0x1b0 [ 671.922555] ? __cleanup_sighand+0x50/0x50 [ 671.922567] ? lock_downgrade+0x6e0/0x6e0 [ 671.935258] _do_fork+0x19e/0xce0 [ 671.938732] ? fork_idle+0x280/0x280 [ 671.942465] ? fput+0xd4/0x150 [ 671.942903] binder: 25331:25333 unknown command 0 [ 671.945661] ? SyS_write+0x15e/0x230 [ 671.945678] SyS_clone+0x37/0x50 [ 671.945689] ? sys_vfork+0x30/0x30 [ 671.950932] binder: 25331:25333 ioctl c0306201 20000380 returned -22 [ 671.954249] do_syscall_64+0x1e8/0x640 [ 671.954258] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 671.954275] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 671.961084] binder: 25331:25335 unknown command 0 [ 671.961149] RIP: 0033:0x459879 18:43:52 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) 18:43:52 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:43:53 executing program 5: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 671.967755] binder: 25331:25335 ioctl c0306201 20000380 returned -22 [ 671.971543] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 671.971556] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 671.971561] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 671.971566] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 671.971570] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 671.971575] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:53 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$TUNGETIFF(0xffffffffffffffff, 0x800454d2, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = socket$inet_udplite(0x2, 0x2, 0x88) close(r0) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000000)='batadv0\x00', 0x10) close(r2) pipe(&(0x7f0000000140)) r4 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/policy\x00', 0x0, 0x0) connect$inet(r3, &(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10) ioctl$EVIOCGABS2F(0xffffffffffffffff, 0x8018456f, 0x0) splice(r1, 0x0, r3, 0x0, 0x6d55, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f00000000c0)={r5, 0x80000000, 0x8000, 0x400000000000}, &(0x7f0000000180)=0x10) write$binfmt_script(r2, &(0x7f0000000000)=ANY=[], 0xffffff31) [ 672.135176] FAULT_INJECTION: forcing a failure. [ 672.135176] name failslab, interval 1, probability 0, space 0, times 0 [ 672.159052] CPU: 1 PID: 25345 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 672.166295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 672.175675] Call Trace: [ 672.178283] dump_stack+0x138/0x197 18:43:53 executing program 4: socket$can_raw(0x1d, 0x3, 0x1) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05630440000600000063044000000100"], 0x232, 0x2, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) fcntl$setownex(r1, 0xf, &(0x7f0000000080)={0x0, r2}) [ 672.182104] should_fail.cold+0x10f/0x159 [ 672.186269] should_failslab+0xdb/0x130 [ 672.190258] kmem_cache_alloc_trace+0x2e9/0x790 [ 672.194946] ? lock_downgrade+0x6e0/0x6e0 [ 672.199278] alloc_fdtable+0x7f/0x280 [ 672.203095] dup_fd+0x693/0xa40 [ 672.206372] copy_process.part.0+0x1b5a/0x6a00 [ 672.210961] ? save_trace+0x290/0x290 [ 672.214768] ? proc_fail_nth_write+0x7d/0x180 [ 672.219269] ? proc_cwd_link+0x1b0/0x1b0 [ 672.223350] ? __cleanup_sighand+0x50/0x50 [ 672.227586] ? lock_downgrade+0x6e0/0x6e0 [ 672.228111] binder: 25348:25349 unknown command 1074029312 [ 672.231741] _do_fork+0x19e/0xce0 [ 672.231756] ? fork_idle+0x280/0x280 [ 672.231769] ? fput+0xd4/0x150 [ 672.231778] ? SyS_write+0x15e/0x230 [ 672.231791] SyS_clone+0x37/0x50 [ 672.231798] ? sys_vfork+0x30/0x30 [ 672.231812] do_syscall_64+0x1e8/0x640 [ 672.231820] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 672.231838] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 672.231845] RIP: 0033:0x459879 [ 672.231854] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 18:43:53 executing program 2 (fault-call:7 fault-nth:7): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:53 executing program 3 (fault-call:7 fault-nth:11): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:53 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet(0x10, 0x1000000000002, 0xc) r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/checkreqprot\x00', 0x803, 0x0) accept$ax25(r2, 0x0, &(0x7f0000000200)) pipe2(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000010407051dfffd946fa283000a200a0009000100031d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000000140)) ioctl$NBD_SET_SIZE_BLOCKS(r3, 0xab07, 0xfffffffffffffffa) 18:43:53 executing program 0: socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 672.238263] binder: 25348:25349 ioctl c0306201 20000380 returned -22 [ 672.240903] ORIG_RAX: 0000000000000038 [ 672.240910] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 672.240915] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 672.240921] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 672.240928] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 672.240933] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 672.378618] binder: 25348:25349 unknown command 1074029312 [ 672.383191] FAULT_INJECTION: forcing a failure. [ 672.383191] name failslab, interval 1, probability 0, space 0, times 0 [ 672.402869] binder: 25348:25349 ioctl c0306201 20000380 returned -22 [ 672.414937] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 672.422661] CPU: 0 PID: 25356 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 672.430919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 672.440269] Call Trace: [ 672.442883] dump_stack+0x138/0x197 [ 672.444227] FAULT_INJECTION: forcing a failure. [ 672.444227] name failslab, interval 1, probability 0, space 0, times 0 [ 672.446622] should_fail.cold+0x10f/0x159 [ 672.446641] should_failslab+0xdb/0x130 [ 672.446655] kmem_cache_alloc_node_trace+0x280/0x770 [ 672.446669] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 672.476698] __kmalloc_node+0x3d/0x80 [ 672.480509] kvmalloc_node+0x4e/0xe0 [ 672.484219] alloc_fdtable+0xcf/0x280 [ 672.488014] dup_fd+0x693/0xa40 [ 672.491304] copy_process.part.0+0x1b5a/0x6a00 [ 672.496148] ? save_trace+0x290/0x290 [ 672.499963] ? proc_fail_nth_write+0x7d/0x180 [ 672.504465] ? proc_cwd_link+0x1b0/0x1b0 [ 672.508528] ? __cleanup_sighand+0x50/0x50 [ 672.512760] ? lock_downgrade+0x6e0/0x6e0 [ 672.516912] _do_fork+0x19e/0xce0 18:43:53 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x9, 0x400) ioctl$RTC_ALM_READ(r1, 0x80247008, &(0x7f0000000040)) r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) [ 672.518474] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 672.520392] ? fork_idle+0x280/0x280 [ 672.520419] ? fput+0xd4/0x150 [ 672.520425] ? SyS_write+0x15e/0x230 [ 672.520433] SyS_clone+0x37/0x50 [ 672.520438] ? sys_vfork+0x30/0x30 [ 672.520446] do_syscall_64+0x1e8/0x640 [ 672.520451] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 672.520462] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 672.520467] RIP: 0033:0x459879 [ 672.520470] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 672.520477] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 672.520480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 672.520483] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 672.520487] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 672.520490] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:53 executing program 2 (fault-call:7 fault-nth:8): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 672.557497] CPU: 1 PID: 25362 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 672.576320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 672.598645] binder: 25366:25367 unknown command 0 [ 672.599223] Call Trace: [ 672.599241] dump_stack+0x138/0x197 [ 672.599259] should_fail.cold+0x10f/0x159 [ 672.615497] binder: 25366:25367 ioctl c0306201 20000380 returned -22 [ 672.621187] should_failslab+0xdb/0x130 [ 672.621202] kmem_cache_alloc+0x2d7/0x780 [ 672.621214] ? _raw_spin_unlock_irq+0x28/0x90 18:43:53 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge_slave_1\x00', 0x0}) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0xc7989c6cbfb66555, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0x1, @remote, 0x8}}, 0x0, 0x3, 0x8001, 0x2, 0x20}, &(0x7f00000000c0)=0x98) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000200)={r3, @in={{0x2, 0x4e20, @loopback}}}, 0x84) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/fuse\x00', 0x2, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0xfffffffffffffd42, &(0x7f0000000000)={&(0x7f0000000580)=@newqdisc={0x24, 0x5e, 0x7, 0x0, 0x0, {0x0, r1, {0xffffff7f}}}, 0x24}}, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000300)={0x0, r4, 0x3d77, 0x4, 0x1, 0x7f}) [ 672.621225] ? trace_hardirqs_on_caller+0x400/0x590 [ 672.621239] copy_process.part.0+0x1cd5/0x6a00 [ 672.621254] ? save_trace+0x290/0x290 [ 672.621264] ? proc_fail_nth_write+0x7d/0x180 [ 672.621273] ? proc_cwd_link+0x1b0/0x1b0 [ 672.621294] ? __cleanup_sighand+0x50/0x50 [ 672.621307] ? lock_downgrade+0x6e0/0x6e0 [ 672.621325] _do_fork+0x19e/0xce0 [ 672.621338] ? fork_idle+0x280/0x280 [ 672.621353] ? fput+0xd4/0x150 [ 672.636926] binder: 25366:25369 unknown command 0 [ 672.645116] ? SyS_write+0x15e/0x230 [ 672.645136] SyS_clone+0x37/0x50 18:43:53 executing program 0: socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:43:53 executing program 3 (fault-call:7 fault-nth:12): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 672.645146] ? sys_vfork+0x30/0x30 [ 672.645158] do_syscall_64+0x1e8/0x640 [ 672.645166] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 672.645183] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 672.645190] RIP: 0033:0x459879 [ 672.645195] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 672.645205] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 672.645210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 18:43:53 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$VIDIOC_G_ENC_INDEX(r0, 0x8818564c, &(0x7f0000000480)) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x10040, 0x0) setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f0000000040)={{0xd93, 0x5}, 0x8}, 0x10) mmap$binder(&(0x7f0000ff2000/0xe000)=nil, 0xe000, 0x1, 0x11, r2, 0x39) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0500010093c200000073ee6039d8b6aa117000000000000000"], 0x232, 0x2, 0x0}) [ 672.645214] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 672.645219] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 672.645224] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 672.699562] binder: 25366:25369 ioctl c0306201 20000380 returned -22 [ 672.821752] binder: 25376:25377 unknown command 65541 [ 672.827077] binder: 25376:25377 ioctl c0306201 20000380 returned -22 [ 672.836012] binder: 25376:25378 unknown command 65541 [ 672.842471] binder: 25376:25378 ioctl c0306201 20000380 returned -22 [ 672.891051] FAULT_INJECTION: forcing a failure. [ 672.891051] name failslab, interval 1, probability 0, space 0, times 0 [ 672.909240] FAULT_INJECTION: forcing a failure. [ 672.909240] name failslab, interval 1, probability 0, space 0, times 0 [ 672.914706] CPU: 0 PID: 25381 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 672.927618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 672.937074] Call Trace: [ 672.939672] dump_stack+0x138/0x197 [ 672.943402] should_fail.cold+0x10f/0x159 [ 672.947554] should_failslab+0xdb/0x130 [ 672.951700] kmem_cache_alloc+0x2d7/0x780 [ 672.955837] ? lockdep_init_map+0x9/0x10 [ 672.959890] ? debug_mutex_init+0x2d/0x5a [ 672.964037] copy_process.part.0+0x3c75/0x6a00 [ 672.968620] ? proc_fail_nth_write+0x7d/0x180 [ 672.973189] ? proc_cwd_link+0x1b0/0x1b0 [ 672.977266] ? __cleanup_sighand+0x50/0x50 [ 672.981492] ? lock_downgrade+0x6e0/0x6e0 [ 672.985636] _do_fork+0x19e/0xce0 [ 672.989690] ? fork_idle+0x280/0x280 [ 672.993396] ? fput+0xd4/0x150 [ 672.996579] ? SyS_write+0x15e/0x230 [ 673.000284] SyS_clone+0x37/0x50 [ 673.003638] ? sys_vfork+0x30/0x30 [ 673.011665] do_syscall_64+0x1e8/0x640 [ 673.015572] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 673.020586] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 673.025769] RIP: 0033:0x459879 [ 673.028969] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 673.036761] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 673.044030] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 673.051462] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 673.059845] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 673.067102] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 673.074564] CPU: 1 PID: 25379 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 673.081711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 18:43:54 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x1) fsetxattr$security_ima(r0, &(0x7f00000000c0)='security.ima\x00', &(0x7f0000000340)=@ng={0x4, 0x7}, 0x2, 0x0) open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) 18:43:54 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0xc180, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000f00)={0xffffffffffffffff, 0x0, 0x2, 0xffffffff, 0x3}) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000e40)=[@in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e22, @empty}, @in={0x2, 0x4e24, @remote}, @in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e21, 0x1fa, @mcast2, 0x7fff}, @in={0x2, 0x4e23, @rand_addr=0x10001}, @in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e22, 0x1, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3}], 0x98) r2 = socket$inet_sctp(0x2, 0x1, 0x84) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cachefiles\x00', 0x102, 0x0) r4 = accept4$packet(r3, &(0x7f0000000f40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0, 0x800) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x660c) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/syz0\x00', 0x1ff) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000001000)='./file0\x00', 0x0) r6 = fcntl$getown(r2, 0x9) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f00000009c0)={{{@in6=@remote, @in6=@ipv4={[], [], @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@dev}}, &(0x7f0000000280)=0xe8) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000ac0)={0x8, 0x0, r6, 0x0, r7, 0x0, 0x6f7, 0xfffffffffffffffc}) r8 = socket$inet_udplite(0x2, 0x2, 0x88) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000d80)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000d40)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000dc0)={0x13, 0x10, 0xfa00, {&(0x7f0000000b40), r9}}, 0x18) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000940)=""/82) setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f00000000c0)={0x2, 'gre0\x00', 0x1}, 0x18) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f319bd070") getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x811e}, &(0x7f0000000140)=0x8) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000e00)={@dev={0xac, 0x14, 0x14, 0xd}, @local, r5}, 0xc) readv(r3, &(0x7f0000000880)=[{&(0x7f0000000440)=""/115, 0x73}, {&(0x7f00000004c0)=""/231, 0xe7}, {&(0x7f00000005c0)=""/235, 0xeb}, {&(0x7f00000006c0)=""/88, 0x58}, {&(0x7f0000000740)=""/170, 0xaa}, {&(0x7f0000000800)=""/87, 0x57}], 0x6) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000180)={r10, @in6={{0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, [], 0x19}, 0xfffffffffffffff9}}, 0x100000001, 0x0, 0x6, 0x7, 0x7afe}, &(0x7f0000000240)=0x98) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x10000006, &(0x7f00000003c0), 0x106, 0xe}}, 0xfffffebc) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000b00)={r11, 0x1}, 0xc) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, 0x0, 0xffffffffffffffc3) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e21, 0x6, @loopback}, 0x1c) ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8914, &(0x7f0000000080)={'hsr0\x00'}) 18:43:54 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x82000, 0x0) ioctl$KVM_SET_CLOCK(r0, 0x4030ae7b, &(0x7f00000000c0)={0xa321, 0x400}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f00000003c0)={0x5, 0x70, 0xffff, 0xfff, 0x8, 0x7, 0x0, 0x200, 0x110c, 0x8, 0x2, 0x6, 0x7fff, 0x6, 0x3ff, 0x101, 0x3, 0x8, 0x5, 0xffff, 0x5, 0x9, 0x0, 0x81, 0xfffffffffffffff7, 0x6, 0x7, 0x10000, 0xfffffffffffff000, 0x3f00000000000000, 0x80000000, 0xfb18, 0x6, 0x6, 0x0, 0x20, 0x81, 0x5, 0x0, 0x3, 0x4, @perf_config_ext={0x1000, 0x200}, 0x1000, 0x5, 0x1, 0x4, 0x31, 0x9}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000040)={0x28, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="09431040030000000000000000ccaf6fc6b0a03e6b62067aab0000000010000009631040000000000000000000000000000000008434dc89b583b6b89fc83772eb87e4415e136378a88fead9694e3f421722b56c31a7280e67322b23a0ca32548958709095bb67774505fe91dd08a343351e9c43b437e1905732dc9d4ee9d882504f7e2a5d661989d67172401e1311"], 0xf9, 0x0, &(0x7f00000001c0)="9b06d8352d900f8ad0e160344d9467f068756bc2c1feaeed34857b5810684537b5d07bbdaecc04643f425cb395fa5a32d83363f0f4a84ab6385ba105e52fd00a6f650d80dbabe859ee851b5c91ef0113ce977ddc06816479b66493e250def00f79a51b2d4ba1dd362851aff9675de3717acf5e7faf8ef729a312564ebc07cdbf920954e7884003005408094e5d5d315df94dd8bd9ce3736b30be884a66fe863db090636e2b7e26fe1de87eab47ea1302151e6e7428a4abcc8d4025fd79f612faa49af260a8cbf05687bd77b947795e3af22bd4611d75c5b22e59c71e4dcb638cc0a1bfb3f1baef945fb9914306e57cb4b7c9f910bca5b43344"}) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) socket$inet6_dccp(0xa, 0x6, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0xc66e, 0x4, 0xfffffffffffffff9, 0x800, 0x0}, &(0x7f0000000140)=0x10) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000480)={r3, 0x9, 0x4c1}, 0x8) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0563044000000000f148e38eb85087e6"], 0x232, 0x2, 0x0}) 18:43:54 executing program 0: socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:43:54 executing program 3 (fault-call:7 fault-nth:13): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 673.091110] Call Trace: [ 673.093721] dump_stack+0x138/0x197 [ 673.097801] should_fail.cold+0x10f/0x159 [ 673.101966] should_failslab+0xdb/0x130 [ 673.106047] kmem_cache_alloc_node_trace+0x280/0x770 [ 673.111168] ? kasan_unpoison_shadow+0x35/0x50 [ 673.115783] __kmalloc_node+0x3d/0x80 [ 673.119701] kvmalloc_node+0x4e/0xe0 [ 673.124650] alloc_fdtable+0x13b/0x280 [ 673.128582] dup_fd+0x693/0xa40 [ 673.131938] copy_process.part.0+0x1b5a/0x6a00 [ 673.136547] ? save_trace+0x290/0x290 [ 673.140361] ? proc_fail_nth_write+0x7d/0x180 [ 673.144455] audit: type=1804 audit(1566758634.091:266): pid=25391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir190474352/syzkaller.f7D7jh/843/bus" dev="sda1" ino=17550 res=1 [ 673.144872] ? proc_cwd_link+0x1b0/0x1b0 [ 673.176187] ? __cleanup_sighand+0x50/0x50 [ 673.180442] ? lock_downgrade+0x6e0/0x6e0 [ 673.184616] _do_fork+0x19e/0xce0 [ 673.188089] ? fork_idle+0x280/0x280 [ 673.191827] ? fput+0xd4/0x150 [ 673.195037] ? SyS_write+0x15e/0x230 [ 673.198781] SyS_clone+0x37/0x50 [ 673.202283] ? sys_vfork+0x30/0x30 [ 673.205854] do_syscall_64+0x1e8/0x640 [ 673.209752] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 673.214615] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 673.219813] RIP: 0033:0x459879 [ 673.223099] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 673.230819] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 18:43:54 executing program 1: mlockall(0x0) mount(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) fchdir(0xffffffffffffffff) syz_genetlink_get_family_id$team(0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x6, 0x6, 0xffffffffffffffff}, 0x14}}, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vcs\x00', 0x10000, 0x0) openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) openat$vfio(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, 0x0) add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0) openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair(0x8, 0x1, 0x0, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x0) open(0x0, 0x0, 0x0) openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, 0x0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) open(0x0, 0x0, 0x0) r2 = dup(r0) bind$inet6(r0, &(0x7f0000000600)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmsg$IPVS_CMD_GET_DAEMON(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB], 0x1}}, 0x0) write$FUSE_POLL(r2, &(0x7f00000005c0)={0x18}, 0x18) setsockopt$inet_tcp_int(r0, 0x6, 0xc, &(0x7f00000002c0)=0x1, 0x2e7) 18:43:54 executing program 2 (fault-call:7 fault-nth:9): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 673.234583] IPVS: sync thread started: state = BACKUP, mcast_ifn = gre0, syncid = 1, id = 0 [ 673.238103] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 673.238110] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 673.238116] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 673.238122] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 673.311071] binder: 25392:25401 unknown command 1074807561 [ 673.320628] binder: 25392:25401 ioctl c0306201 20000040 returned -22 [ 673.333084] audit: type=1400 audit(1566758634.291:267): avc: denied { map } for pid=25392 comm="syz-executor.4" path="/dev/zero" dev="devtmpfs" ino=13688 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:zero_device_t:s0 tclass=chr_file permissive=1 18:43:54 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 673.334040] binder: 25392:25397 unknown command -1897707279 18:43:54 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0xc180, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000f00)={0xffffffffffffffff, 0x0, 0x2, 0xffffffff, 0x3}) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000e40)=[@in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e22, @empty}, @in={0x2, 0x4e24, @remote}, @in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e21, 0x1fa, @mcast2, 0x7fff}, @in={0x2, 0x4e23, @rand_addr=0x10001}, @in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e22, 0x1, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3}], 0x98) r2 = socket$inet_sctp(0x2, 0x1, 0x84) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cachefiles\x00', 0x102, 0x0) r4 = accept4$packet(r3, &(0x7f0000000f40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0, 0x800) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x660c) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/syz0\x00', 0x1ff) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000001000)='./file0\x00', 0x0) r6 = fcntl$getown(r2, 0x9) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f00000009c0)={{{@in6=@remote, @in6=@ipv4={[], [], @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@dev}}, &(0x7f0000000280)=0xe8) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000ac0)={0x8, 0x0, r6, 0x0, r7, 0x0, 0x6f7, 0xfffffffffffffffc}) r8 = socket$inet_udplite(0x2, 0x2, 0x88) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000d80)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000d40)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000dc0)={0x13, 0x10, 0xfa00, {&(0x7f0000000b40), r9}}, 0x18) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000940)=""/82) setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f00000000c0)={0x2, 'gre0\x00', 0x1}, 0x18) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f319bd070") getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x811e}, &(0x7f0000000140)=0x8) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000e00)={@dev={0xac, 0x14, 0x14, 0xd}, @local, r5}, 0xc) readv(r3, &(0x7f0000000880)=[{&(0x7f0000000440)=""/115, 0x73}, {&(0x7f00000004c0)=""/231, 0xe7}, {&(0x7f00000005c0)=""/235, 0xeb}, {&(0x7f00000006c0)=""/88, 0x58}, {&(0x7f0000000740)=""/170, 0xaa}, {&(0x7f0000000800)=""/87, 0x57}], 0x6) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000180)={r10, @in6={{0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, [], 0x19}, 0xfffffffffffffff9}}, 0x100000001, 0x0, 0x6, 0x7, 0x7afe}, &(0x7f0000000240)=0x98) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x10000006, &(0x7f00000003c0), 0x106, 0xe}}, 0xfffffebc) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000b00)={r11, 0x1}, 0xc) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, 0x0, 0xffffffffffffffc3) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e21, 0x6, @loopback}, 0x1c) ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8914, &(0x7f0000000080)={'hsr0\x00'}) [ 673.395705] FAULT_INJECTION: forcing a failure. [ 673.395705] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 673.421561] binder: 25392:25397 ioctl c0306201 20000380 returned -22 [ 673.435873] CPU: 1 PID: 25408 Comm: syz-executor.3 Not tainted 4.14.140 #36 18:43:54 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 673.443031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.452396] Call Trace: [ 673.454996] dump_stack+0x138/0x197 [ 673.458644] should_fail.cold+0x10f/0x159 [ 673.462812] ? __might_sleep+0x93/0xb0 [ 673.466726] __alloc_pages_nodemask+0x1d6/0x7a0 [ 673.471514] ? fs_reclaim_acquire+0x20/0x20 [ 673.475853] ? __alloc_pages_slowpath+0x2930/0x2930 [ 673.480900] ? check_preemption_disabled+0x3c/0x250 [ 673.485938] alloc_pages_current+0xec/0x1e0 [ 673.490285] __get_free_pages+0xf/0x40 18:43:54 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0xc180, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000f00)={0xffffffffffffffff, 0x0, 0x2, 0xffffffff, 0x3}) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000e40)=[@in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e22, @empty}, @in={0x2, 0x4e24, @remote}, @in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e21, 0x1fa, @mcast2, 0x7fff}, @in={0x2, 0x4e23, @rand_addr=0x10001}, @in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e22, 0x1, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3}], 0x98) r2 = socket$inet_sctp(0x2, 0x1, 0x84) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cachefiles\x00', 0x102, 0x0) r4 = accept4$packet(r3, &(0x7f0000000f40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0, 0x800) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x660c) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/syz0\x00', 0x1ff) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000001000)='./file0\x00', 0x0) r6 = fcntl$getown(r2, 0x9) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f00000009c0)={{{@in6=@remote, @in6=@ipv4={[], [], @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@dev}}, &(0x7f0000000280)=0xe8) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000ac0)={0x8, 0x0, r6, 0x0, r7, 0x0, 0x6f7, 0xfffffffffffffffc}) r8 = socket$inet_udplite(0x2, 0x2, 0x88) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000d80)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000d40)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000dc0)={0x13, 0x10, 0xfa00, {&(0x7f0000000b40), r9}}, 0x18) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000940)=""/82) setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f00000000c0)={0x2, 'gre0\x00', 0x1}, 0x18) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f319bd070") getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x811e}, &(0x7f0000000140)=0x8) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000e00)={@dev={0xac, 0x14, 0x14, 0xd}, @local, r5}, 0xc) readv(r3, &(0x7f0000000880)=[{&(0x7f0000000440)=""/115, 0x73}, {&(0x7f00000004c0)=""/231, 0xe7}, {&(0x7f00000005c0)=""/235, 0xeb}, {&(0x7f00000006c0)=""/88, 0x58}, {&(0x7f0000000740)=""/170, 0xaa}, {&(0x7f0000000800)=""/87, 0x57}], 0x6) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000180)={r10, @in6={{0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, [], 0x19}, 0xfffffffffffffff9}}, 0x100000001, 0x0, 0x6, 0x7, 0x7afe}, &(0x7f0000000240)=0x98) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x10000006, &(0x7f00000003c0), 0x106, 0xe}}, 0xfffffebc) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000b00)={r11, 0x1}, 0xc) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, 0x0, 0xffffffffffffffc3) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e21, 0x6, @loopback}, 0x1c) ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8914, &(0x7f0000000080)={'hsr0\x00'}) [ 673.494196] pgd_alloc+0x25/0x2b0 [ 673.511238] ? lockdep_init_map+0x9/0x10 [ 673.523764] mm_init+0x578/0x970 [ 673.537381] copy_process.part.0+0x3ccd/0x6a00 [ 673.541992] ? proc_fail_nth_write+0x7d/0x180 18:43:54 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 673.546508] ? proc_cwd_link+0x1b0/0x1b0 [ 673.550608] ? __cleanup_sighand+0x50/0x50 [ 673.554953] ? lock_downgrade+0x6e0/0x6e0 [ 673.559385] _do_fork+0x19e/0xce0 [ 673.562879] ? fork_idle+0x280/0x280 [ 673.566616] ? fput+0xd4/0x150 [ 673.569827] ? SyS_write+0x15e/0x230 [ 673.573561] SyS_clone+0x37/0x50 [ 673.576946] ? sys_vfork+0x30/0x30 [ 673.580503] do_syscall_64+0x1e8/0x640 [ 673.584404] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 673.589271] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 673.594466] RIP: 0033:0x459879 18:43:54 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0xc180, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000f00)={0xffffffffffffffff, 0x0, 0x2, 0xffffffff, 0x3}) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000e40)=[@in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e22, @empty}, @in={0x2, 0x4e24, @remote}, @in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e21, 0x1fa, @mcast2, 0x7fff}, @in={0x2, 0x4e23, @rand_addr=0x10001}, @in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e22, 0x1, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3}], 0x98) r2 = socket$inet_sctp(0x2, 0x1, 0x84) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cachefiles\x00', 0x102, 0x0) r4 = accept4$packet(r3, &(0x7f0000000f40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0, 0x800) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x660c) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/syz0\x00', 0x1ff) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000001000)='./file0\x00', 0x0) r6 = fcntl$getown(r2, 0x9) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f00000009c0)={{{@in6=@remote, @in6=@ipv4={[], [], @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@dev}}, &(0x7f0000000280)=0xe8) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000ac0)={0x8, 0x0, r6, 0x0, r7, 0x0, 0x6f7, 0xfffffffffffffffc}) r8 = socket$inet_udplite(0x2, 0x2, 0x88) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000d80)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000d40)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000dc0)={0x13, 0x10, 0xfa00, {&(0x7f0000000b40), r9}}, 0x18) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000940)=""/82) setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f00000000c0)={0x2, 'gre0\x00', 0x1}, 0x18) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f319bd070") getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x811e}, &(0x7f0000000140)=0x8) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000e00)={@dev={0xac, 0x14, 0x14, 0xd}, @local, r5}, 0xc) readv(r3, &(0x7f0000000880)=[{&(0x7f0000000440)=""/115, 0x73}, {&(0x7f00000004c0)=""/231, 0xe7}, {&(0x7f00000005c0)=""/235, 0xeb}, {&(0x7f00000006c0)=""/88, 0x58}, {&(0x7f0000000740)=""/170, 0xaa}, {&(0x7f0000000800)=""/87, 0x57}], 0x6) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000180)={r10, @in6={{0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, [], 0x19}, 0xfffffffffffffff9}}, 0x100000001, 0x0, 0x6, 0x7, 0x7afe}, &(0x7f0000000240)=0x98) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x10000006, &(0x7f00000003c0), 0x106, 0xe}}, 0xfffffebc) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000b00)={r11, 0x1}, 0xc) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, 0x0, 0xffffffffffffffc3) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e21, 0x6, @loopback}, 0x1c) ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8914, &(0x7f0000000080)={'hsr0\x00'}) 18:43:54 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 673.597754] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 673.605480] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 673.612764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 673.620048] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 673.627330] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 673.634615] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:54 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="056304400000ee000563044000000000"], 0x232, 0x2, 0x0}) [ 673.644344] binder: 25392:25401 unknown command 1074807561 [ 673.650275] binder: 25392:25401 ioctl c0306201 20000040 returned -22 [ 673.657369] FAULT_INJECTION: forcing a failure. [ 673.657369] name failslab, interval 1, probability 0, space 0, times 0 [ 673.665093] binder: 25392:25401 unknown command -1897707279 [ 673.674737] binder: 25392:25401 ioctl c0306201 20000380 returned -22 [ 673.710927] CPU: 0 PID: 25411 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 673.718085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.727445] Call Trace: [ 673.730034] dump_stack+0x138/0x197 [ 673.733679] should_fail.cold+0x10f/0x159 [ 673.737843] should_failslab+0xdb/0x130 [ 673.742011] kmem_cache_alloc+0x2d7/0x780 [ 673.746164] ? dup_fd+0x533/0xa40 [ 673.749629] copy_fs_struct+0x43/0x2d0 [ 673.753633] copy_process.part.0+0x3924/0x6a00 [ 673.758213] ? save_trace+0x290/0x290 [ 673.762292] ? proc_fail_nth_write+0x7d/0x180 [ 673.766788] ? proc_cwd_link+0x1b0/0x1b0 [ 673.770846] ? __cleanup_sighand+0x50/0x50 [ 673.775159] ? lock_downgrade+0x6e0/0x6e0 [ 673.779394] _do_fork+0x19e/0xce0 [ 673.782928] ? fork_idle+0x280/0x280 [ 673.786810] ? fput+0xd4/0x150 [ 673.790039] ? SyS_write+0x15e/0x230 [ 673.793789] SyS_clone+0x37/0x50 [ 673.797142] ? sys_vfork+0x30/0x30 [ 673.800676] do_syscall_64+0x1e8/0x640 [ 673.804552] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 673.809477] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 673.814652] RIP: 0033:0x459879 [ 673.817826] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 673.825536] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 673.832822] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 673.840115] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 673.847489] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 18:43:54 executing program 3 (fault-call:7 fault-nth:14): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:54 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x8001, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[], 0xffdc) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x200001000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") setsockopt$inet6_int(r0, 0x29, 0x4d, &(0x7f00000000c0)=0x200006d26, 0x4) read(r0, &(0x7f0000000140)=""/165, 0xc2) socket$inet6(0xa, 0x1, 0x1fc0000000000000) [ 673.855019] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 673.918346] binder: 25429:25434 unknown command 0 [ 673.927807] binder: 25429:25434 ioctl c0306201 20000380 returned -22 [ 673.936872] FAULT_INJECTION: forcing a failure. [ 673.936872] name failslab, interval 1, probability 0, space 0, times 0 [ 673.948427] binder: 25429:25438 unknown command 0 [ 673.948437] binder: 25429:25438 ioctl c0306201 20000380 returned -22 [ 673.973800] CPU: 0 PID: 25435 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 673.980951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.990314] Call Trace: [ 673.992914] dump_stack+0x138/0x197 [ 673.996566] should_fail.cold+0x10f/0x159 [ 674.000731] should_failslab+0xdb/0x130 [ 674.005123] kmem_cache_alloc+0x2d7/0x780 [ 674.009284] ? lock_downgrade+0x6e0/0x6e0 [ 674.013556] __khugepaged_enter+0x37/0x340 [ 674.017884] copy_process.part.0+0x5557/0x6a00 [ 674.022604] ? proc_fail_nth_write+0x7d/0x180 [ 674.027541] ? __cleanup_sighand+0x50/0x50 [ 674.031781] ? lock_downgrade+0x6e0/0x6e0 [ 674.035937] _do_fork+0x19e/0xce0 [ 674.039400] ? fork_idle+0x280/0x280 [ 674.043198] ? fput+0xd4/0x150 [ 674.043208] ? SyS_write+0x15e/0x230 [ 674.043223] SyS_clone+0x37/0x50 [ 674.043230] ? sys_vfork+0x30/0x30 [ 674.043243] do_syscall_64+0x1e8/0x640 [ 674.043252] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 674.053603] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 674.053612] RIP: 0033:0x459879 [ 674.053618] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 674.053628] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 674.053635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 674.061027] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 674.061033] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 674.061038] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:55 executing program 1: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x10802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="20a05a0d1de0c4d7b3a00000000000f864b7ec7c298aa7ea84bb24a58c2a0000050000f5997fd55418b708ed6cc226d7622d0000019b4200cc323ae56f8ea8fbb816e66ef4eb92efaa2e"], 0x1}}, 0x0) r1 = shmget(0x3, 0x2000, 0x200, &(0x7f0000ffc000/0x2000)=nil) shmctl$SHM_STAT(r1, 0xd, &(0x7f0000000040)=""/42) r2 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) gettid() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x35) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) prctl$PR_GET_NO_NEW_PRIVS(0x27) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r4 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x3, 0x200) ioctl$KVM_HYPERV_EVENTFD(r3, 0x4018aebd, &(0x7f00000000c0)={0x2, r4}) ptrace$cont(0x9, r2, 0x0, 0x0) 18:43:55 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) 18:43:55 executing program 2 (fault-call:7 fault-nth:10): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:55 executing program 4: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x10100, 0x0) ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r2 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:55 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f00004a0000/0x3000)=nil, 0x3000, 0x8003, &(0x7f0000000000)=0x3, 0x8, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x80000, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) 18:43:55 executing program 3 (fault-call:7 fault-nth:15): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 674.258334] FAULT_INJECTION: forcing a failure. [ 674.258334] name failslab, interval 1, probability 0, space 0, times 0 [ 674.265794] binder: 25452:25458 unknown command 0 [ 674.273738] FAULT_INJECTION: forcing a failure. [ 674.273738] name failslab, interval 1, probability 0, space 0, times 0 [ 674.293403] CPU: 1 PID: 25455 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 674.300552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 674.303176] binder: 25452:25458 ioctl c0306201 20000380 returned -22 [ 674.309996] Call Trace: [ 674.310019] dump_stack+0x138/0x197 [ 674.310037] should_fail.cold+0x10f/0x159 [ 674.310054] should_failslab+0xdb/0x130 [ 674.310067] kmem_cache_alloc+0x2d7/0x780 [ 674.310076] ? _raw_spin_unlock+0x2d/0x50 [ 674.310085] ? __khugepaged_enter+0x26c/0x340 [ 674.310100] copy_process.part.0+0x444f/0x6a00 [ 674.310129] ? __cleanup_sighand+0x50/0x50 [ 674.339106] binder: 25452:25463 unknown command 0 18:43:55 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000040)=0x60, 0x2) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000080)={0xea, 0x4, 0x20, 0x3, 0x7}, 0x14) getsockopt$inet_tcp_int(r2, 0x6, 0x9, &(0x7f00000000c0), &(0x7f0000000100)=0x4) [ 674.339172] ? lock_downgrade+0x6e0/0x6e0 [ 674.354131] binder: 25452:25463 ioctl c0306201 20000380 returned -22 [ 674.357297] _do_fork+0x19e/0xce0 [ 674.357312] ? fork_idle+0x280/0x280 [ 674.375145] ? fput+0xd4/0x150 [ 674.378425] ? SyS_write+0x15e/0x230 [ 674.382487] SyS_clone+0x37/0x50 [ 674.385846] ? sys_vfork+0x30/0x30 [ 674.389392] do_syscall_64+0x1e8/0x640 [ 674.393371] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 674.398237] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 674.403430] RIP: 0033:0x459879 18:43:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, &(0x7f0000000000)={0x2}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:55 executing program 5: r0 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0xe, 0x400000) ioctl$SIOCX25SDTEFACILITIES(r0, 0x89eb, &(0x7f0000000200)={0xffffffffffffff00, 0x10000, 0x7f, 0x0, 0x6, 0x17, 0x19, "efebf55451ff997b740dff89e6295c2d44c8be8a", "075fd240eb25f8f313a33ed896a5b88ceb3bb9ef"}) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r0, &(0x7f0000002600)={0x8, "c0c814a55b6300d28afc61ac7dd1ffb869b761e8e53ee36e4be89e9fea175523e4468dec44bf8b5473c7a5062b4ede67dcb24cb9484ccfff2b3a70befc56e8ab2eee3483f5bf78c16beac035b700eb84e2216f268d02b717d2046c273814475b412437f7dc08a13a55d3c02132999dfd9fe80b750eff4d7c1da975b3835602728ae09e72527fcee19377e29c6c19e1ccce0f75e0e54001e3e83e473fa3d37eca8be1b3de565571e0e84f310c11fa8616068113b038aaa5c69967699fc2aa41c6f26fc22cf68e3577242c9b4ca20fab9de5885e0648fbd7af089b05f38f152d2f8144461608733c567b6dc5d2a07022c3764565c85abcfd99dd7a85e58939278235d50e8b321be7dbaa5141e097c28364fad2f713d666ca94f4e429687fcabb72aceeaf8abe5b506d98dc393b6e97492d785ead0ca2953f92c4d2b2c9f616e3d98b36be55a923fc5892413f7a3b615cec89b52e0ecdcee0aa5af72bcbb91b4bade7435dd8b529feaf13f8b48fcaca5952235d2e909f8831d8ca05a0daa3f6c581f388e0c1879b41fe63ef3d122bd0c5acd4fb07b96797918791075ae7383bb1bbdea574b31301ff37ecc45671ee2e7fc55bf6244025d1fd82dca56a42a23aa826a0b1e102bd87893ddc05649304eb1866c796e46e0d57f552bd572891ef892918bb2e7f2c6bcf68f388ea0c50f48c06de1b46b1434cdf25ca1288ebabe2a33d1c6effb77f91ef75471e93952caeda8ac2b2677e46d62b8366922d093832bccb949e177b4417864812d22972d81d89158288b5318d017329d4e8f66273abf74c434f318ebf32c7629342a85336387231b1e579d57cff0b125bef9dddf0fc33f71cb59d5a8972cda06ba6bba4a89cb8d3b465492c431698984998b2979ea61fed3d99b049724f2bdda5a0700ccb28825da1343f41290e569a6d38d4ae3968147cf39b097efd78e058fc71523c12e724bf93dc4ecc02b5cb18d13b59ec8f85368ac1ea93ed0149c60c53569dc69cdb3f37470eab26ef010b03a7e651b9e8e9065da347660836eddb3988c9a0f394aad055f727310f646d6cb35131d02aaf24735792bfce250798bebf0d1a4495fca568b9449e81afef2937b50faf873257d7efa07d31759474d50ca2a7922e79ab47dd59b11dfd1ec43fef3551aed81d01ee4ab997c6cecc39013dcaa442aec803e4cebbc288b4f9e87b30613f0ec88ddc6f60f56787f4040897e6e6bdac317d74b27f97f2efadb031f03c61954fd0232373582b7fa315d3eb9f67053126d2ed0636f04d669c47bdeb078fbda177533902e20b5ce9d8f395ea4c0aaf2cae774fe99bc40105a9ca184bcb598ab2f49c1df62d32d1a6d73a26812cb47a2ccaf0e9b759df89ad1e18238d897b9fd658f6786a92a0c12bd0ee6dad8a430a67962363e5b9afb3329e4f1f6fcd7e63cb8f24872bcf5b8c349d9ce423666cb39f16884219dea338b388e40f4ad996419cb3858637364d8e5af67f846d77b2749115131a3642ef56681315e4a2cbca5e60febabf693570f515e09c2a8994a8e2be3cba28118ef429d4de781118182607dd2c2d5aaba621ea29c140338bd8f1787fd2a3f43bb7fa22a8ce053adb331a4c78eab569af317e14360a6bf1c8b7394f34bfc1a941ac88dab334d5a2d45fc83bee28884698fd82339c972a06efb369220049ca89727513bd4262ad6f94f55f659ec98b684b1d92e1b6a303548a196cc5316e9845baaf01e737ef047d3d1ac4fe13de618e8fd6471c225e688b73b866213f4765c1a1ecf041f66a11177b0425b0423c455dccfa35a34f3b1c4c9850267bd41dcc366f4f8fef6982699e9aee7f3edff90217c84f6865234676e65911e5e99739792161766e959d061d6e86797b595ae3cffc043da0929dce1b4bd27e04532800f14f69398a681d46f00197f547fa138e676a4c84e586e9a2037faad7d7342221c229ff13606688ab70305dc28d01270604fbcb2b5777541e637a10e7d6c2dfa76461b18c8b303234282f31b7ed8afd0cdcc3978c6520a182000ea312296c7d9df08c2a67b944bc519113822014a831c8d6a7f8d26a7a443666b6077bdc1c11cf47001bcbb484d163543445c77a02140191bbb813da818b4dc3ef1ca420f624e5cb67c48024aeb8691b549202750899938067a3ad49da19e9fffc6486b3525fba8b2ff991fb3b4c1a536818f2dad96f713ac264a22136c6a3a9eacb4f69ab08cfe2b971a7d916833c6a0370d4b0bc428db2e4b4013899668b73caf9c983e2f07e46b4b5b4f0d231edee8b1951e1d0e34c881d1fc5c6be05b92b13680398e7109bd18048f0bd980fceb24e59411873e7a8a7f95f4da2ba5c082fdda710361e163a213a3dbb82c08a69020545da4636c09a67cd962182a011cf5eb1c3d999abc7b834ee518bb53afe19941927ca190699abf79c334c52e206fc851deb7398947ad5bd125ef3f51349497142e921c85506c739f6319ae0eb8e3c551ceb7e16afc2d6aad36841ed8eb560ef984ee5e00f1ead2c646546b3c145e3700b07fc257551641cf3dcb76a8b3cc75994f2c3eb521cea22d64c8b72b2de506fde8185b70b4707b7f571668a5925ca21e605904d7c896a5d7290b9c4fc75ecc7ddbbd7f6f003a74f53d1a5432e0377a3efce1e7ac61e36dc13aeea57400d4d3986db3fccb6edaf83f86daeb42f416f58c502e74178e013b399d0b155e0df86b40b5f3f2ab0ad61c90870cee340c07977b55622699101e5372677dd4e208fa6b5d4834a2d6f37b2ead107218aa0e702d1f6a60bd4ad3a2e22807237129fdc02993ef1fffe3c285bd4f7b093b2da8d772ce2df7874bf9b7fd0893eb66a4931acc38129bfe4a8fc6b28ea83bcca1220b66c86d4d90914bb9e9a425fce618f11b66f93aa78515eac0f3956cb1e8b6f12d7f6f22c1ca5563e280b15c64732aec2a37d6010cee0fd2263ea3ea2011043153284b4a5fc87cc0dd8c36f084ce715a6e9ba3e8b2586726255d122f2b5677d6590405ae031df8f83840ef3011a7f5d18037407758270d980aa65d5a4aa26a35a61b65178b6183b282771e89a8fe47bd3ea5a23146b924a47c3cc2540a9c8d91d4a8924e010fb6d3e60457e0aa86749cc3444707fda055a0f489aecda68af7f0d7d31cf25641a10bcc0d00996cddf9059121639fa3ff2e5490bae6b702fcf226d8e50f27f0973e5e4cf543445524d0fe3bd55d3f215978bfabcba0d44c076f5b333b2095c70f6a5426338bf0c065ddce27f6730606d84d1ccef8cebcd15085fa8a5d0975dc47eeb09a4ab6da21d01916c97f4e266c4b01f2bfb3b6a08bb5a7cf834e56782d824e7c55b591cd883ed9e806a4f7033bbab49a2b8ab2cb0f6da9d76968208236b35a51f8eba3769a676ad60d69c475706a630f3a078ebaa6ba5bc25719867cb61d48cc3a381b261165c04f3c93f37d72fc15f43df1de34e24e80a46f5d15fb362e71cb4a5365dde04a53dc5e42745fbd601ff148db416244dd76ac16f24138ef9a02491eb5b48d731a8bdcd46040d0ff11a07c040b83db84bfd21ffb1d818203cb7d3f8fca47f1dc510afa8219ab031aaba2147aed7c50228930e895a72abf55ca6997131e231ea92e0059b680735548adf2d572c3540e096a644deb3750e3b341bbeffee70ff22e0b4e56142e4c1965c01a646dd9b5b0055f88f08987ad45adb844b9ffc84792073048c28bcb60f2666802052ee45dcd9a2950d55ecf0234a3dcf67e83cfa0bfb1285eb54e6292d8075c9e1b459e48556f416898557c9c864fc5de459feb53e33dd1a6860a2d1a836ab5ff6efaee123b3715a7137787ee4345efbce38074e262f363a8ff400345c8539d44a7286c7291246810bce063f0877db6585842380b530a4aaef6e36779a95fed220cef6c1fff2fdd5031f83987dc3282d432f322852cc9dc6d00c59d5ed83b386ff97c521e528e59f2df932467ac02d17f8818c2de26d69725f42cecaf186fab7b6e10b1ebd9a9a12ed83cd382d9a6f9a9bed2736cb0ec0260057f5ec704d2e1a64caad59e02ff2022174b23564cb0942e6769b12e0ae4d65dc4c5e6b6ceaf2667e085909c93a9768b7bfdac612801c0bc3848bad51e2367f788cbd1c5091ce0e9c567528c72003712e91247d87f1ff60d3865fc687a35886822079392f8d151b89e09469bef98e59139c460a53805a93245148cbb9a6a010dadc87e9b1a0e0a89e87e433ff1c0ad4b125760858c8badff4d82cbd31cf88f3e2e16a4e960e1e0b5825fc0f2b21d660cf60069d43fb6a8a96c44fa922164f02c9cd5ebb6fad848871224d157777b5a70dc6deb988506bd03aa4ce2200e9ce23641221784250c22d2c8635a3512f45d433cf66e158eb261f48a23d54f5ef4358df3487da471eb5775bdba565ee170be126b2300d0dad050212606f2d77a63fa2ab430e62670e852b89944e611509415bee36bf0961c8918bd8b0eb8af45b1a9d0420c7101a9c5f4a63efb9cc8de7897b5e2b02cb5885ad8d0d8ac7754ba8d4e9d37175e614e3f3a6a7b122bbc6dd9ce78f1b9a4e940a1160bb85650d8932fe1a82d0525630ba017be5129625a45c3cae66c7cdaa33ee704791db81ef2e11a2f528974fa388cd929c934dbdb21425e6117839ab33b2926b036457db3a43083c3ec17231aed4ee5b607a45a5735c9470c03a424b43efcea953c078717344aeb1449c0dfa3a3ec224b542c16cf735466bdaf26b522aef1db547b14f07ebd4f5da34426a46007757be47ed3f643c47f2c4467762cd049d6f4cf8a78d04f8318bdedcee80871e91c0330499d88254555c456d9bde8a892394267eac15c230cf7e7ba19ebc01b1905c80476de3cea8258f6d0820d159f4aa8a37fb378b2685da4e0e89d253187219869f1157bbe4a8a43eabf65e86a6d9b21e25d91c43c3036914427833ed87073886719069148e2e47219bb5da5d9664d64dc5c4ff71c0e808dadbb53a23e41e3c02fd0c9e0704490f3283d1864d15d795882e6522f31445556cab6832f273dac0c7aef4e3f8c09a34d1624fdb087d852f2e827fb2c3105f1afda54b9dc12cfde3cf7747daa5ac70904e82636a13155303f9a1198d6e7f9dc7be394ebc5db9e8380e290e6cae5f320caa56aa94490789fce2e2540b3de8865396f58e14d61d3cb122f7bd1af5a27c6fe733eba3cc39106efc906ea967fb833e2480aa80bd56ccd9e5c25304e2b8135f1453af70059e599cb67bc8eaaa38c39768e74d3da8aba0135f0192d7ddf0149ce62f353b0360251f1f88b272c6e85b4ee4e0563a6de80de83749af6e6aa4d80cab7031aff3f7e8d0c9114940549f828a62be9fd6a16db001369728b4b93d4ecf91563ae03def3ca4e9900a97657c4ff1e41c5742fb3329ba882ed61645aedb22f2543b83cd4007e5d228697a48064acc32ece41f2d5ead3f31a9689249e8b4bb57ac0b136b6c60ec531708235b94db823344aafbb9b79e21959635664b2193c3add0b28767906b7ba4118e6548e9a23b49e9181dc6f7dc7857425c9ab1b1451bc4572fd060190d0b5a76b8368b68e72a212bd0f89d0778d293b1d32f155f30c9aafe7215d2e746ea8f2c73a30bcd8c093a489519b60616b15afe69074ee77fb65caf5faf0aad49106057a91fdcd622a07ac21eb5c221f2e65323228af41b3eb894517c34c4f60ba20fb6f6c4309a7357884c0eeeb0a4874550107f2d0ffdc412f86bdf712f96183b3932cfb4da3f179cde1a288df9af09c243fae8c67b0d208d9cdb7adde8d5e548e0624b19da4818ef656b88280a", 0xe0f3}, 0x1006) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r4, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) getpeername$inet(r3, &(0x7f0000004940)={0x2, 0x0, @loopback}, &(0x7f0000004980)=0x10) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r0, &(0x7f00000049c0), 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(r5, 0x400448c9, &(0x7f0000000180)={{0x720, 0x4, 0xfff, 0x10001, 0x7, 0x80}, 0xfffffffffffffffe}) setsockopt$inet_udp_int(r4, 0x11, 0x66, &(0x7f0000000100)=0xffff, 0x4) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000000c0)={0x0, @speck128, 0x2, "6ad7d240298dfef1"}) sendmsg$unix(r6, &(0x7f0000004900)={&(0x7f00000002c0)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000004840)=[{&(0x7f0000000340)="85893c3f5644bc1c4f8fdeee0b4fa1173692534507edb97c8a3febcad66d6f14622348c3f961340549daab01fc243feeb279249c8885ce4be48c9ea5ab7cd25b88a08eb828ac0a1c6da6058d4a1b39e78245bee8ec51fc684c7d4a6e5389d8ea1086beea1f9bcc3d85ecda49887fb44a22a9ea739e89e173b85d355b48b0741adef418b4bb17c327cb636ed6e96c253eba398f71558a82938cf486277d4480a6c57c4f87566f532c525899f0a060467fe17e2d77d65f12d197bf4145147d264aea8ea18b13836e43a46576baa786f78e0383622b88c1998471644d6d4affbfe630b7975e8436f2fdea8320e3f32ddfe9ed07f247467031b2a5410b6353826f9420159b59fcf90badd64ea249c6a4428c873eac611ade2d2eb170713735832cd5fca95953650961e938f960ab28e1d814c1f625de7a96e12970a032f1aa3c7bdcb5a989562318c6e09fbc1bf36c49274ddb083eb47b5c7ba29011fa97354ca9ef2f4db01f0315dde7b6ec6e9a52917ad2bc7c76aed614f01e3d1e684f5688089b737fd72e3b5c13b18e9f64942d889c9912d207bbf294ae69e0584ea98fd8bc4d54c64950572d1089b793f7baebe081c405758d2bafa1ffc311570f4d6f814c7cd0cf31c0804eca9dd928fc9173616561292bb427e671449d16bd2acb19b0c2191341f59a17b0b94dba328e46de59926574920a82ded07044aca9de84fd0377d45415efe281d76300e0df26f6b9ccd565bbc58b01116560511df77edcaeef083807fe72cc65b00d01b69b0afa21ef602529ac559da81ff962ed666968c05b04752f36fb6b812e4a115218c72c557b89ef2c1791174ceb4396cb5030c79c63c7add6184794f83878cb316fff05e7d663e0818292b70cbd916826a2b64507c1a5ddf50540700f0a1a39f9e82065739676bb14971b60b309a8f73d2d441011ffe42439a18b2f68fdb01c0fe6e599c5c9c03e9213af36a253965d0602014b44c3cb924ac460acc67cdf84b0eba098cc24cb6f26ba42cf4961c182fa0e844442e77b445541e0703ea9991001859314383fef7c53a2b34b249a43464140590c8b5fff57e1c31960f232fdc29d46997fe544835953818cc64294a9fac022243a74e016bff45d519e857fa905b693b22562a57d0cbc6a29fa8dff357e65040854f9e1d690ddc00ad9d49a1ce3e60d495c969f45f17c227e41dbb2e0ef525d7c1aafc50faa05c8718e11589819e46d9af76bdff04feb8379617326672a3ba3a6358813ac608adad6f8c16ea6c962864ddf27dfd666d31be4ba06f0338bd92cdacaa1ef732b649eee3e797aea48b45920b159394dc02c7855068ce39f412d0a7e1be56fb8ef8c4332b34b803b4d49759c53dcbf96880fc17236c0b69b1ca2183bf721d5bf3feefde97d2b5c1250225fa3b2cdde818e175cfdd304ec137968502e23ecf48c44439cf20a783423fbda39fb45ed0c2305cd6fefc901f1f50e19ac93080031c0532884420c140c318223bcb4989cda413feba885370fc91dc0c2e15ecbd624bf914eb10440aa474cefb1f44be7ad8c464a23e743e8aa44dec98cc49247600e7499076c05ff183eb3c1ce795435e7842bcb6f90ca82f372a9b610634949e67418f74d5e4fdf1180271dc5459dc725e938d50cdf787e18bbd19330cbef0d3b2b55069dce8665e8500286a3a05830452bdf9f43f6b53b29bc10b599e420bc1520e624d8740c4d3e05aed0b12c0f65f2494f3a721efa3f70dde861ef00baa415829d8b8d4f318240dbf09405c27eaf8d9791d4d6095e9d87d354507d666fb4b1b103bb2fa28c65d0b50822604ee9f3ecac331e58f2d3945e0e9229fddb844009b89f6ec92d1bb546e076a5fab945602ccca0e70e6a538b6dd58f2c90a701f680181e9781cb18c3e1a8da1e4556f6960ac6a1123302fd28daee8d8e300b00d646ade4280e3c48351ba7067b102644778ce367c71b93334794c13973e4f2b3c915fd441f29c02e4f029c776049c388acee6481d4627658dcde46ff8d22ce9a96a9fb7a169616b84c19349eb7a17a2885ad801dd1281b106218c93f54e420bb07f555d5e468b484c793c2d5f52333dc8c9c056fd2a752d57f74a62fea73576198789eaad9154817bcae16a74ae83cdfe184ece970a6710937737466c9c0df8d209f00c3f672c547d717711b08aa9d18c9edff712f3385a919486ff7352dde6acf62a59cbf618aa51f14995cdb9e9a2f61ff9f41af2f3b64dc6ce1fd18be35b16636ec0b8ee4f7e87fe88026b18b3359cfd501a635f47e9e1db0f422426e737ae38b960ae4af250c755dfde967c72b50eee36ab2b197fd064a2710b51f28a42f45a84c37904b5da04754c6445c30988b50a3573c2fc7aef83e191f5c3a42a88e5ed1adf5cf8666b702242a35b0816db64722ef459dfdd9ff6391f7fe2b7c33c289942119243e2d1b28a1cc8b0ecd3955a28c20204575323777393d78e6586d7cc201b4fdbc30f631e6009bc3f52f111f8681b174b7b88ec72f777fa9d816d74a1a0dd9f2863f2dd7f28875fa0a6a190fd24b7ea007ec280070942827b4edca5a2ee9d4234aa33fd3e81ff740a8623c435c19b1e00ede5cca16fcfdfa4bdb593e45e49c2bcefe61bea5b75c7502db3ce53efec7c0e29743946f523cd1a318fbe80b80d8bdd6d780e36ed3b91782915866678fbeb562d782ba6a84ef27e7434c6b59a782d97bdfb3b24c2b9db6afd96d045c11493345fb9fe90e1de3f2d404328f0b68c2eebdfae072d9e6f33ea191383f992472c029d1838f91f1b1b865bb8243fcf4061854da450f1a0a97730e51c0ab4e6cfce934b87175afeada406f0181026aa0d0404906a3823914b09dc2a9e11a6b278289603388d30f2dff28e6c3caa7c882fcc70bcd71dbe06415364b523f5df79b2aab1aa14f90f0bbc8c9de2a26210528206208bc71f093326a1d4ae8c957f73458a7ca9c79bf478e4ee1b400c4d5bcfbc38af657f518782ca447e388bb3ac331cd0dd1400899311a1d2636e1685c843fc2bd33a7de1bace06e457b4130c4d60af208f05c809a2cdecaef4461fb28c90c2c7e17ed7da2ce03e0cbc68173ae6af9e83108b7438f1f2e28b674e58ad43a481cd8183de31ed18e43947e085e01640c0ef7e23c98fe23ce0936ac150b1bca302f576f4edef9ed8fdb1980910c702667a6b8b051e18f372bc0b79cb38105549ba48c359258b9c9762e3771088cd1a6c1dd0007f8fee19b5971ebe06a383feb191c510fc7ea8bf73a63afaa547911cab8c899c5e4cdd46cd86241b37e15c8f119b54eea48bd7831bd46d697177fc8ad254866d73bf3e929d0ab5176b8658c58ab3115d8c1ce60bfe3524411c51f4b576d707a43841f2590f7d67c5ebad2d6479c23544dff18fa21a61427904ff13ba702dfc9aa5ca74fafd4082333469c5eadaa2e3cac302f69b9241e735281a457417bed3b5c73b8939fcbfe2ca71fc0b9920724b6306975e8467ba42a91b1cac9d20209fe6f5bd253710e5fe6ac79f16a823cc9e5cf631f07d1dce68cc7057c72ab89e6922ff208487ddcb7c25dcdfd6617a940229863042ebbd5e170900ab7dd169dcfe988d47b66d6ac68033ca397973a68b09bfae86ad8c88f97127c19aad2645ed9452392567c7ca9f3c96b2d977606d1d11c740af4e8df034c719374296335ed02ea065bbd6c630cfdb6d7191aea697e65926c7bbd2dfeda6e6dfb57d2d1b3db3592496194de8dbe0c3807db6de8cd53357b48b45fff89a62e21cf9e18ca7272483ef59d8f09b6ea70f352b771f663c865e8851c4c3a821af1520cfd9d93920652f8d925f077f70806d373165661530506e392528c30c04313e1b4635a83ea6014f6f73902a70264a1da0cfa0d4e0894bf3da54e777e34df54db28dc3dc7747445ba4150fd4ce59ccc2aedc22d457fd807fd80ac94d74c5ea87e44d07b675fffdb49d9dbf3235ce38b56561bdef2253375e7266cf24df51940e70b9aa4fca4486092d793e78da6d2c543278735740394b54994018b430c58c2735a789ebedead89826d559a2b149fbae92414797efed97a377c5f1486e391436ebe63ebc1ac467e6d8b6a5d59866fc54ed83497bdead02c445934ec8c18f06eb68c81ed38a195edfa601689ccd8ece7e1a0e4660ae327c03286b315c1c6fdc0080bd1801e1cac2e3c237905750b2d6b670a7189f63fc41c2ab9a885af5a494c18999361adcec3804967b1781c2797c0729c8739a2200eb461f51033244d178c322afe35b551e85e6a994c9e26523c038721c43beb72a3b1f1eb71b9b77004101eac921a6fc06c136470384033a34b8a4f9e05890e6f84b60bb34fc43a9e010e1d0820e4b1f42f31e543f8bf645c5500ed60fd0427396e2e2ff5f79ab96a8c5e8d49a4fae0fee926e53b9d4a0920c41a1f4057dfb6671ecf21e572835500f6104bf4dcf1901bcec3020cf7c6eb324b947f1256fa25295ce17956f54325e81d8141678206fb1bc41650d7b0b169350bbadae424f7f30972b1610554ff68cf255e7a55ca489cf7e611c78d441f78cdc4b3982226bce99d823f9bb8e1a604507a9a67bfdc423dd17456658b4e86136e668154f4077b2e01043fc9fec7b101c256b88f10b552ab14684daaff8519ea0ebe0bdee99bf5997eb6d0e387e5872040448e1085bf58cdf2c49b8b16dbe9b0bf77d7833402f36d75c64fa6b7fc680177b72d3fb3f888746e837aae44b5f6c79e40db1a17166fec45b46cd734ba77f344b03029ca9ec4799b7e28707ff3437f5636b74b4f77e979b906e6a792d0759768c9425ff0bcbf3fb64267a8fdd995e0398c4d6666d2ce16c491b5ea6eff45bb047333a01ab7539f6e8aefb80c3d83eaf7ad61a9c89cf70990d10daa5263f3bdc1f87f145382e2d5a093f51fb79f7f13088a0e838ecf484776721d8d27a2ca020a113372fb0de7682f1bf0ca05153a2c7315c8729b569a2d0efeb9af9a78da9f03dd1d0ed5e13f1dc4eeff9fe087938aeeaa37597477bf35d3d59ad45d1447e0e7cfc717af69ba1245adf3f45d8c5b934dacac99810eb697920eef55339c8a43fa0c8f701695b0c231f510b7582f1990983729cac7ec9aa98322e570be78da44df2b7206184dccc0d4a41e0524d2e1ca2f473851ed058a371c4d6f13e139aab483665463dd6ae6aae5cc6b57dfd20418e2f319e06479ca2fc36c4e1af7c21334e147a955864a84c246f576f9e22e63a1100560949d1ede8d0d9cb9e4afa6f6ee77563aaa4dc37df5f3b7b649489c6d1481dc18c06c32384af470b5db913bf5800a18d602607f60641539752a85ed8dfd4e9e9145c9f63311c5109447c0493b224af55630f4a252b5f1244f90604be210abbdb70132ccd54890755004f3dfef63af4c248d23bd14b71be49d28187c8d14a49b67e93e6c5257948448abd60390ab0de7136b76c44c870be8747ba3baaff9aa7b60837792c4b1c670bf0e7e0931dce651c73a7f1998af12d0cce4f5d862e802eb095ca20de64a77a587a5ebabf2220fbe57bd1045d37dfcb7d986eecae96a2b5be98966d1d85c713473225447d47bd01032ccd9edee38b33e1b92d0ed89b275bd61c16bf637ca77b2cdabb45a21a752402e2b3362987a0b360d39d8f3254c242ea18a21373c37fcd95e4819bd33d5ddc43b087c2c72ee8d5c19b3b4271b2e0d577e3cd52e9624f5cb23e429caa89271813fabfc1c96a19bb5c9a184443333d0ab9f1fcdecace286ffcfa1f45308a4082ad20b8415a276dc859507a373f3f7eebdd0b35c6b048a293972c4cb", 0x1000}, {&(0x7f0000001340)="26d80e63f726d58273854f4ec1103004c1d65aafc210f25a86c5980ff47e59b3d6c88a3565b7b0889fc50f9f9612931f861eaa3cb13f4f6b84ada429f93cb94ab8ca02b9c65d1f2bf86a9ae532473f40cfbc58d9ccc7dd658ceb0d0c22790ee376bacc001f1793095181ebcb526dd86cb3f9dafab87396715b98aeda0bab3269dde8c47a0e37b70c6e96b8f17d962451ef8b921c30bd99b4c77b49ee7283a7a9b379927ff408e2210467303d1a1dd616c8f6a59f82475b355bdb771075c85cfd75b6ac058759f1dc1a6cc506128d6bb998d216ddcadaa9a33e559978477b32aa890b56ece24be29f9a3d49173d61688a8120ea3f3dbc5f97e69160274399f4fd10c4c03033bdd019c49f64f7b259e1ce36b81dd75a2a389b9208cc1097fc337bf917074f5114c6e47ed555f85ad68e04718ecabc023b0040fef0ca037e8675426caaaccdf9c5f66a5021d5bda687515ee61fb4412519b4b4b0411670e8c3f34c28e228ce9e184ee94e0067b1c7d272b95fd63e4493e3c85a7a11906ad58349bfbd7a345a135122a941277da4b36e943454e7456687f5822eb1f63ba49d70b833104748a362043b956ca00238b95cedd3049d03f851cc645356778a8485ef99a627fbc37e8c707f0e73766e48feff7bd2bad77818fbbe23688fe71779603435bef9c6fd493f6254b5d94b8e726c6dc857d92b9678241e83de78f88562d57136464fbc28676bafaaecf3ff45154f5ec701548e00955fc9e1c5e4e7838dc15aeb5250766319f4f0ccd3505ba95154cb2f04279837d53bfdf74de34e764a4c637b972f43994ed2a4b1dcc693f86e76727e64003d5d0939fe5020a4c2e6a1a0261f7836f482ab67fb9b283a0090d78119c8b4238292eadf9073d5aee70f5b2f20854881ea0ca3fb446c682089b0267c68a3cfdd68b7e59962bda756e55177e16cb84cff57a00bc4a7207b994cdb6eebdcb088ef6820156a3f69c78179ad25b1c73f648ed09e2210e4d6b6d54242dcf25e5b4c9f01f57bf123e1dba7215179f3306959ba7e518650b3ca91fe47d99510858624498be32d07d9171c31233a01f514167bd16bab8b8106408746a936a080ab88ff3df45caaaec7e506c86b10bbddac5c3db8019387ef50a6fc32a9ee961b2d13832466532ef49e930a29ead4f1cd8675b9107d8519201d9c918a2d66b4abb5eefcb71a82d60a313c986e26ba3b076a6f8e28c06d90c6091714bf08b998fa81f4563053cbddd59f962e30071028d3b594c1cc2ad1e3fea575f2ab04e06a31be25f6d64ca60edefb856a58ea8c2facf2ab0f7a8a35b0ab90cd0dc92ba3f7fe33cb9e6bb398c624795cd1bcafbcc432df29d86a1736bf2eb928b8c8e82a74f724809f3bcc143106d83f50c765ac18603c1d19c7d45c09cd14cc220225c604e78765bd40ffe5d97bd3e17c873aeb7606c9b8966b922f4531426f83bc335bf35de3e71b19d464fc58e55997fed02ebc8f1a51affa0072e91b2ed6597c36b30fba587e1614301a8f4612b936e44a234fca50ec0d4a22b0929149546d56b85c415e96de4ee4a6f6a938a3fb158a0f8f3b26e2fc3db9e081ee86b51e2f98b33b0a9acf6bc41c2956cc5aa8cffcfc43967bf3e5d445cc946dc0cda173e68ad95864f303b9bc5903ff0de0f5f35940224e2dcdad55553a6f9a78b390d74bfe505803a12a56ac4cd8936faffcb072cfafcc431d1dab0193ee5e00c1c0a196d14d863ddefa934c5bfd011650a18ed69fd8435a957d6c028947700f7672415fda788c2980030bfb817fb9f56b8abc2208539ca771a0d36514e10ba9819c4e7bc863a9d753b751a8fe8ca799859b09f0fd6a590dba9c4776ecb7f674e12e9c2fd941ad201aea67f1b1ef7c640cfc097d7bceb0a74023b1399565b76b4210a4b87ebde033d4507435992e4fb76ca865859090b952557512afb9903277b0792b42bec0af10e6afe13932158b2fb66bbbe69ba96e19b6f60c23c6afb0451d01a401a6ead9b1a90769f9ab20c3615e61ac9cd05fca26eb68bdca3ade1d202a7d877d86a6d6fae2bba90d6fbd46a5aaef294672b98c606d11b97e6cba695978c610707b8948c6c51274db555ecb34a057eed19ee2755af372bc5f762de000bbc59339db7f427518ba73434e30554e0bfbdd9a4a67a8391b2c138685b73065853997854eab4b9ada3c3f3f18ada73022dd6e0b2a8527dcb67c8fbcbf354bd552ad54d1d927de50313b3c824200e9fd4d207f649486590d5c37042ec50df84979d91e0ca241d2982ea5e1f2397b3e333e248d2cf26934e6fd8de7e0c8c87481f9db2b22b9ec8416353d902b831e8c8a5d0a102a13ec7d3f2b385fdb3aa4fea65e8cc4381c4eb82971340d2153e13ff758d637894cca39a3019515b41b5cb254abb3ce03552ca029bcc9b7a271308856c42692118d16e2fddddef962edf0accd5ac81fc1faadc3262fd9d6d5a8c286c30248c30cb311053cac99574170c21f99d5133d79abf646695eac2f1663763ac1f6ae1ed45b29ac0f236d10adb3e9a909dfe346dceaa36a4a6472d85f5e1826df6136ac67351bef69b8853dd22e77ae69f0c4744058b0c305d74ac9ebb9c14b9b77e184f3a91d8273cd9e3ec6cab2105f708e805add21afda11683285ae7f0364d435fb27603fe84338020af6d34425bfd08d9f568f9c41879d4e35e66c6f62f91d03cc298c12fa3fb27db37ce27a926db9fa39e96bc00d972a922a11cbb6090ba3670a3f06cdf5f84d236ea2860b4c8108fd8eb5462cfe0ef476cbaee26b131efc10385f940e7ff69ece797132a3a838cfef6850d23d27c8adbe182b777920623916afba6b69c6791c3cfc9c855808a4c5a6496af68cc3af431692036133247efa82b00ed8761d32d11b7769f58196643e7d2ca47a32238fcbcc7a7f6bfa8e53f80829b8957603d85b1df1451ac7719fa572a727f17ee2b47b2d619231faab4ec1df961222ce0bb67893aa3f1899c207610a1b5f73eb939a2e41e28cf620011b5a4e28cbc1855acb0724eeb73cdee5899e6bbb4ad3abd9c37f784223a47a74489d3e98cadbb778f8042d0af51bb745b4a671d4a5516a632b7aef00f67dcb77df8d395ece6fc5ce69ce2ec1f01fc30082e4c273ad81d965249e2e15a71ec53e8aa69529811f7a12fb9bdb56937756ec0dfa2832f24c1824b4332ffafd8fbe2e0642e0197b3d4f7c52010c9a52cf76207eeffe4fcc09249238ae295d507dc450607bfd3095343030c54558caad5f1387cf31c985053b78a0dafc89bde8997dd75a8bd18fb9bb5c30016ec42f686f17c7e91c17ca2466599c33b131f39907a18b73e7697e5a39f6ba8f4ed36ed25550938161ff58420969376963a7a90eb5525ab8b67fde768920fbb6073fef9575a029e1ffa12a136e2ccfbe3ddf844dd063bd47bf4ad3f066c2149249bd4b709a52e4650c127ff17b9fbd5043cd18c3b76753bc952b657ec3d3de31cab8b5caa98e2ae76e0e933bef1fa0e0d201b46f6f2227d4b8e0e9d4ec691d9d27a925e8eb43850e1745ecb91e6102af49d1c1c203d9500a10c651be044657d732e7acdc77222be7007bc9853c4ae6a6e52c1e6508d881c3e6f93d5699fe1ddf5b1ccce35bc946585d0ab376c1333e253b1007ad18733284e06a291913ba6e3fa875faef8b42b6a74af42261f6e225ddbf86efa7e290790000cbd2368d2dd2b96faece78f21045511a31d375e7fca5fea5e0d6cf057ace8e03120d30b9279c0984da109f8f4cb79936e22459a9adafc68382be5a8f04f421ea285ac08972052adc2e249e15420263b96772c46f48778fbfab4f7c6b45a0a545a325a2c0865535e4ed0c315d796eb4c6b08bd86a566d0d72ac45aceaaba9853596d955c04aeaa704c0b9f04d55abc640732abc7fc62d9c1669ccc963608c234db010c871975a06dd54c7dd7a488df77ce46ca2296772d2c632de2aa8ef02b9215e4a394b0bb4b5d4a61c3d29085b65855aa7bf30fe23bb0e71c3eaa99a54ecee878bd2f1d42eda0091a47e0405802cac125c7531376ea26fa3728aaeb948f98763705fb1723427ea5ad8bf1d020e68fe4f98db5a1f6581e2cdff4c3d4270c04e4bc708a618c1ea56708e36e38d4a0058881848a95901989242c2aa1c67a7436ac69bdfb6d9ae1e8ab2ea2e7157ed1039b54cc01926a6b65ccfc82c3fa0b6e9cc38c2acbb29d7c5622d7da5cdffc602a49de52e0bf7efb8dd8efbc284b8322534a52714f9650d744c6242bb4c148da82660a9488290092886880e89540b9c6b111364907f9459765961da661b47c69835cca28b672ee79dd3f6177e45ce042322e1632f7508983c8a7cfd87b8d2d770c8b4993959ebeb86b788168c5f51dd13456f2e94294d9c4a65335aaf2e2fa96c32da40aa34f48478acc254a757541090f3fed160bc890fa1891c7feaacdaa1487551e9acaa9818195308bfe1979ec6f4623ca631da77ffc19dafb05b15839bcecb01c1893ce53dfdfb5d1da6a915112a6a82a22c021798aa0d8d324eedd30ef1378c2891c1dbb76da47a59ccbeeb57eedc0cebdaedece016652b48ba3c85f1d01ba0aea9a960277da539fd821f9c8ec914b1ce9e56a8017493ee2d8b0f3c51690759fed1c1a92c90f70bbdd2bf403577d1812133bb87bbe557ab2723cb566e56d283d7d3d9f6231921a9dd45acbbed0b3b5a6e6211bd64cb8ae02774f8b382cbd4adbacd86e2160be9d028e83362580d06a10a5a834392f047717964e10b171d86702cad5a56e9b2b432fdbd10ba52f61c42a2b2418efa61cc73a0cff0e54b8c755fa0fac82e5bd5d4674627d9ae94c2a7bf8b34b85e4dedc06f45e9e9f3044c4e09fbd62ffd330e3361995af56a70895556d4b35d6ac03e8fa0dc22ac2942bd3cc6f7d46471b9074d8018e00835cc9655a7ecd904f603a1c87c3977cfcc53563e74e745f9536dc3e3647785fcad45401be2a954c26a4b7eed336fe00f699ce6522df977f7574094b6559949f2b67fbc2fa338b4aa6fc7b742e1392e29ad516f2c1e413a5a613e17b51fd766c481403b8f943093fcb1bb86479e4fab4572bd91a921897a5a0176425986a3ab2d2bd9b770fcc1b3329357636d2c8b75fcc00b7f6dafea8cea8c6c197955face6f7e762830eb01ab41b4cd43138f991805d75388c3becd0ae0282bce57e4f2e59df5096e6dd88f1602616be551d1effefab01f5c7741f8e41fa3e40576d7fba53ac7064abb7d9d2423cb4899428d10c8899fd6a364960108a7e1e36c01e4473477bcba36bc0d27b35d73124323cc6ac4baa97e41e73e5496711d1056a9875dd11695c1b693e4a6c1bdf9150b7294c08d09977c1041dd6be539006847dc0bda19f620940668f559fc8e90014e21e9a4861d01a7b6495835fa9061dd6b319baef71a819b2e7b17f82f273a77a343fdd914ebb6525bdb3d3ed9f4242e61c044216e47d33cd24377bfdf235b7509308611b3e87e94e0106fcd825d5f234e6e2afe4bb53237dd008ee3a513a572c3c4a078c624ddd549ac08bedba265cdeeedf1d445d3f3e28fe23221dec744f3b6af7f59eb9920c0de1c28a615f9196c54b67aba226153bd25fe819b7c28b2942c76f03bddb051e48dbbe82af87b0d7efccb3f4b2183dc95f3e506484297a243b0dfa1b3381ac24930955c08f0e1b848e6aa6af443734e6c250173720cf5bf0bd1c6ef7147c41ae110bf8ebbd5bff107486c0ceeb6f77a21d2671691c850f93ef7e7b82d874339ded0cd60c9bd6d48984ece39c9acbce997fd5e363139f19403a5e86a137d", 0x1000}, {&(0x7f0000002340)="d9a3635df28295fd5a08ba82d6c131f66e3e859101443fa21b95302431d8e3b98fff3defb63763ef2c5fcad00469673bc483492478f224166530a75928f907a264fc41c93d0752bd27e29c073c48651864dedc9bbb8c5eec148d3c9c1ab891848bb06cad7bdf3d864d3c532b861672d831dbdddcd8a8517cda8042efb7e26cd22bd5e80e860994cc0d8171beaa5c27791578bd946cac4851918b645750f8d66459b2b310296ac2719b94d287512d2331b60924730b514d9e9ab89969eff492abe367fa5892b0dac481a8c294ab0ecb659d8d5db3dea1088a", 0xd8}, {&(0x7f0000002440)="d47855cd1d8569681f38aa336640db2feca543fd6f9adef51426307f8bbb1b38fe84563b2b7f3bb2cca35701eaad2d463c291286246bbe49251beb97a06fefc8478c6e3d42384ca96acb01ac867e266f491a526cea228458397e4738b111150350ed05111e841cb843b5dacf904701de9e73a995361d7bf471f1777ff5", 0x7d}, {&(0x7f00000024c0)="b0f3f29bc1f4a11db58fdfbabfac59afabe4edf563c803704cd0d75546b7d44e061305ab53e8a1a8603937cca0ea057f8ea5e91a4ad3bab88e222c7c5891adfa37e3883170261e379836d27a373e8360a92b43db66478bd392d86e5e78211aedbd2072ed024ddfaf3a6c24bea1541572bcca42b2b8a9650376804544063a71e39f44fcf3592085b8552eec1f045589209e5754ebc0028cb2abb6dbede345e28f6707688c2e05f7e7e5f6de79663626107c72d3c2612cf2adbfc162", 0xbb}, {&(0x7f0000003640)="9c9e8d0043f496e4f9791fe40cf3e00d7bdd7e3e068f0faa4edd72bac540a46e3754f68c54313db8834e15a6c6df877f4bdfaf0dd79c0e7cba4ef23549dd7478b2155c63e1816fd981d9e7f38675dafebaa7927124e90aff79331ef9cf82d554dc7de083c8a7846305f2278333c781a581a452707b4070d732c621535d4e32d0915fa788ad8c7e461484f69574eaa33a2db4378048a0964f02b9f22494be8fc47b207a62bdc86717b3394f7215f5abb5754574d3934a1fdd2bbb88e3bda0992296052a9e3714dd8d9273898015115187ab308efb6c7608d2dd192502773eb190bae071962eb84473b59cdb15794d88781869e0942a9943372a6af237437d131ed08fff70057ea6c8274a406f9c27e37b7331499ccca9912441ad58c0ec963db68a5056d40c231478136d161cee2b807f9d24f93a8ac3cc1bad97744526529ba3b84a630548031b492f87f24937348aa1bfee3e6fe906ec2e23a6f4d38b27e5c9c7023300af672156a9e4ff1fa65601fcc4269833f0b2ca09bb3e706ebce5d997a9d292578199c58d8f757bfb22ee9634af30d3501de3a9fa3b86756e156aeac8f6dea82a1b0a95376cb749d2de546be8742604685721906a87000926c75bac7f037c59797fe633c0868cf4bfaf5d8a9fa125ab14b881e798462096b6fc6da3ff82e313162ddd9c2609764ff77dae7d34f1630cb57195ffd04648744974f16ea366d58a52822de622e664d716f6e4d129918c5a4122bd270bcb9dcb85b4a262555e1276469025c916dd97dc45dff1ecc6d628a8aabfcd26a02abe23f20ad271620e042b61c7b8c8c402928d53bf8d88c1b334bc36c8a9300ef7ee4954ab0ae527404def826380eae6a7428b01c66c3461a74541398fbf126f341b9fc45f4ac43851bab3ed642d6a4d57d1e5374d4465247658e06af3901680db82abc5d9976748490b93b5d28dbd2bd32279fbe3ef68a56f884fcc1325090e6b8ab11955b4a8486655aacc0fdb84955daf843dee49012e2455ecd4b9efbd6587a7df520ee12e1bfe48ad58a036c7fc1c3cb60aa0a0a8d0b4b9635bb7c32c9fe0fc9ae4b50c73f8556cc6c97ed8adb30996ba8a3f1fa7e4e8daa91d9da10b12de6e4794b68f07682ebc2b9156004bb97f541ee197062a0e85ed0ee2bd99f7a72f029a53839082a6a648bfd6620340dc3d06d49c3f934a89ccef9956fb0af0f32ff5cad0d0d2ac5950b3a5c1b46e715759385de57c8f85585889e9bb2bf4a42b94000378980322beb1fd194d5da33825dd4b378defe0c9625c4af53db0304918e4cc170c89e9e71d6ed95e296e0fda4508cdcce2f964382637877a7cbbbfbbe1d1c8f50523c8b82fa7a388ff34357cb2f36aaa577056b06c6eff889a7fdae440d4ce1d4022c7e0aa01b7ac6e6d7f7c4ddb02a30141a416dd4cd199cb3c4a30028291aacb748a689eae5ce47f654cfb98572acf783821f4e71f59d41dea0e4334b312bd81e5eb9faa6041532804d062919ed22ef7f2412ea88dd9d0e3123d9891da150a1a4e3a05acf198033cbf5abf011d7ff9170200c5730ab3fd316c62d38724b250488eae36b05f56421b83e22dd757060bc0b5a2fc3ee5abf4c87fdc7a3df524bd1287dee5e46bcecf7ae1f50b82c37045e36a85c9f8e759a7d91b834463e3003d425f6142d86788acbcf679f54caa721fd69912aa9b522b1027d29e1dd233512278ecde8b78732609defca5a663245cc9bb7157295f75e8dd17bf46a5b0ce922f09a1358e022721ecedc7ea273c12ba056b8588eb5603e122a0ff83ff58d086c87c99a8ec5fe9df876c58fa750425fc8d8ebadc30d826fe29f8a46f5b66220844242de1695b3dc926e4f86fa4a1e43850abcae71ac4004c150d17c135e9397d253cd9205d2df13a32701ada3ab5ce9020abbaf60bba6655f4baffebf9a0feb864af2475f91ae0d07c7b0a1915dc1dde3c8f6835921e8a0874dfbd8ef40b469f9bc24fbd0b2bfa103c4ac8ca95fa9113055518b2ec6ad179b18d13d99c3b845dc4c874ec2b7040a7300adc5b5f8169b89d7dd5aaea0fc800dea7c7e76c24417442f0a9456bfb4ff8ecc49544f6760a91379f077237e4025de234d2a1d13a6328d462bf9316db5c8f363abbf76b82fc051f1fe96b97eb4d1d5f9c1e11020b0829c68e546da65a30620a90afd9c908269c68c1e0d2ce24e6645c422b14dc46cc1a01b157730cd87baefe5d2d21224ed1cd60b47ade4dd85ac563a6beddaf796f01797372ab911b7cacbb838c930f11ecdd7f66e1effea9ff8b056fba4bddbc47785c94362295b9164ad45a07fb8351cbce319dd0185d1874b5ed678a4e4ec9efda5f227b07e0f360de3079b0202092de75968d037e659804caf44f88615b6f0f9c2d548f1d5ede03d5b670e7d2dbbabb7d75c6c9396036233ed99c6cb0e38334b9002b2c0b5b49660a1b6289f5bec42a4d35f893a68350a643c06ba01081eb9bc8a3bf7dec56a2b3d2d7c329dd2394aba90b3ee7898cfe34046851be005a4f8239487f802c44fe74f9d95616135dad7d28005fa1ff09f9854089dd2fcdabfc59481455a06c4a414af04258e7d17800a396d6730981d281c158c6bda3d2d2f0e101d602e909e075fa46b32b90e61ac133746dfefb5e0295fd9e4cba078cecdf97b559180ecd4ee78886f75e6a2f5002b9d407167166fbbbb83f4279ca6361a65a0ff25e7e39749ae19b99e6d62fef32013f862a0995cce04076eb483be60a5a1003b270ad60ac57d3373a0f29c2172a003047e84b9bd7c533f890b55be073d9721f2d993cc2534007a0bae4b5828c006270496861bf2ae652dbead9f17d000564c50f84b59ed17d61e38e8935360a13fea11dbb716a57271c645fea9cc619a8f16f727f2b13f9cda6640f44ad1e82c40720b71d2a6a3c0cff53a1a13d83379f22c019aaa50cfa58f172051e222543b58e91e81cc7d7504d9e2d2515fab90cdc2877f995071f5c2f10f89382b40f54cef60120c06e81f52d9259e3d13c93f222ebf903c16ba2b932f7082ffc93d095127c00763aeaddf2354ce5c9237246761d1cbb865e897d3f766ab69d709aecb23373bac46d3ccc11ce60454158c485a85e347ab3f8d69bb1488dfbf978dc4af7f6378f6a935fac0aace2d9a6f55b067f5ea35cc47d0be154ee10085297b0df313ea7a3bcfdb19adac8f5f4074432044b7cdbc293c47042b28bc482549af91110df7afb5313031b36d548563216ea91a61ab02cf6add9d0485afdd2d446bd7780d42666363bb88b491d0b7f017cf490a2b67d084ce32985b4a2161ab52b96fc4861ec57b9ac50285da19bb1dda62fa410df7d315065081d7a042076f04ef31d4db78534b6e01e931e9134794951820f5fd7083e80a0edb28069276cb0fae49a406f4beb59a4c0749b3e7380e65ec93fcdef5b905617a6351e3c268f3db0f4eb4719b3f32e8fe05cff00cf317441426ddd93344abdae771c410b141371d23ede47dbd3a178ae57d830afe7d9b60005c82a8fac91a87961ae949232da371125ab083833aa7336e4069c0d2e53811dfa12868b4e9a013b362635bc638fdbdd7321364dbc61ec9c5a3c22f301b0cb8f80036c20e32c6b0074b0720a0d82665cd901bba74af8154248b1957b528d8830273151f3f3530073fd0ccc50bdc563b7fe81910427c670aea3536b067d01f4a7a99601ac27fcdc6e4a21a6bf842a3a13dc39b80f809bedc2d05f4596687f608d150cc63f27f7b3e1f41861c5f643bef77004d367f7bf5bab0b29be7fbcc80dee7d1b3962306495feb1bbcc8cb0789f08830cf45b8043ac1deff783bd6a4ba4386a01c77091ad8836ae3c8c10f862b32851973bd394540b2b2f6c4ad465f8e5ad66310132d5d663e450100b28b716d54ad19adaa69022cb925653e4e078fcfdaa579bc825f3b909fdb3237c07c4cbc31c0aad46fa4612083e0748f49602a5e89f631b806bc76f5ac3370b85b0eefb28a8da78faa3b04dc0cbad7e5c55e3b478c162585f5e030e7620239d9fa584a5243810596ff997b050b10dd8d5c245c50a96bb4afe6cc6ba8be0f055de2f89d19bedb9b9767ca77a0fdf8a81f7ee16b64125a58353683b7648c69218ba42693dc61e0596e0eca65e336c6d3d356d44f7bfb38812ba516f44a38530bfccd59a72f3a3eac67c25bae911e5260f5c683e8e1ecfad93ec728dd1a9b53b69fba3335a9a9756b7b94ca4488da7c9cdcec08942b43638b06e441215f5f8ddb0d5714015f2c948a7a14c1e2e7b2459ec4f7ea89d749f899e893637e63a72c874900a6fb5adf2959eb57c182248e95ab3244b39380d0689e7407b4503c07f5b485409a97378277eaaf7530c401eb19b68bb6c89a5fb2e700407a63458c6217941118f2f1ac59d6c6b90930977445a27c0aacef905c31f4b97e5bd9399eb87d84295395220a27db8f297baceb357e51d1348e0e054611cf125da59a9127b838ffd8c04717c121a27612a9e6050b8917828940dd0f16eee4f5689d43fa6d13079398ef332a8afbe351917e217dff246d89bc549d68e199c3aec72a42196585b07cdcee19378a2fb0865a26c0d7a9379158100642294e8afa41cf7e144582a82c02b92c4044739243a0b1866036ec000219c2f923a4e0470e4810ad1b1b32c2cdf257800f648a6f7ac7efa0a79e4042a6a4b32fa5614ed17f35c0e4629a158f725e6c31daeec605e9dc5bbd4d0502ef0eba51dba018e21df5880dccc2a6f246fc2a69072835fefcdc94bab97c900eb1c745e22898b2cc51c393591844c1275f87ea4c76e9abc22cdcc91922bd09cd7f2cfccd897df3ac00599385d5f2a28768ef0a2c337db09fc3b94ebc88aa769de2801ec526fb9e93d757387c02eadd671dc2e18ce18b3f4297e47bf5020858f58de094efcd4b83d3f6a093386dd9ca2c0e29cb7cb4e1b727bd256b0681a1e3176e2ddfebbe498d49e487e5ccddee356412691d0c469a1e9b3ed4584089d3f77c497bff598d7bcc4fbc237f55c87aaa7f3f0bfed71c9042df1ee3661a6c4bbc299533c3c8eb68f1517538b98f087db229a3f9465ee6654f0ab44ceaca9b38fb74922c4f3a74d5f6222990f0c09cdeac5480ca0c1175dd0f4586986f9ccfafba5947d5b12243910f7fe796b5282e37e0372b3910469923e381e5abbeeb2aaa694fbcfaca3f000a6a7c2abb40d0cd72f901b333b23d5820b57623faf908b6aa048da11f7ac0f4dddd7376d3f9c92fde36d8a586a127b828a7e87aae1041ac9a5f231989cd9e6c71e761475162c7de4ba701630219e874ef55bbaf75da1ee5491f488ddf6e597aba37d8e6cf83009112d99b406df69022d60aaefc5a9a8fa2e2f9ce8b94e26dd945b10d70244cf59474410a83ed14ee9cb806b8230dc4ed774679ceecb8c853748581eca2cdba905c85a131ea0200a1d212f311020b82e05fe016f9bafc094ca11fa3d9f4f60c58eed0bb939094d57b8ab9599875da428720d3baac56aa8cf5351abd4653ceb90cb7dae27d273a3d3121b82b7efaaf7655cfbc7822eddfec4febfa62c4f12b7ca35db4bfe8b21b66fc09eed0706607170e2dc285e8007d958ded7112c37bbbf8c5db5dac4b79db8871f92adcca400b9eb345bfdce8affb68c9b06af4f9bc0e0738866dc1aebb03c634881834043e107a8584d809163e5fdfa366789b660542fba01187d07837880b91d72b4a0b82358c1bbb07b0bc1b5f232d9bc169e20624c69d7a705a07817d21d3f9189848f1ec294f0ded69cefb28ccd22a108bfd68c63622b7417287f8a8358d353", 0x1000}, {&(0x7f0000004640)="20dc43c323f9d1f6fb9fdcefb5f5cd798f7c860ce85543952d8085fe6cfaad2be5d46863cd65d050f9ffe52f746f905bbe5201b01cb52e9b85581a99587f9dc29b9e9255863f487a0eb0328aa1319a0b7b43e8ed381e62c1c242ed2a53af52701dbf607dc493942050155dbd200110a0166c7a3dcca2716a20c8f0b6aecc6996bdb48c87585b6e4213afddc02f8aac4610533bceb25f70821c031f1eda3ecea957af921d2ffad7ea97532d64ef2846ecf8ee148087de9bc49f09d37c41beebf510e5bb25a16057197a258f07fa49ec0ef8bfeabe9e1e05632bc86db4633a9e49026667337c9a373915f0b8e45d079dfaa5", 0xf1}, {&(0x7f0000002580)="aa4fedcd1150141c18fcc3b6332d51b7bc689f05756f1a0377d04940e951e655f0bdaed7d565a2095060e593233877b43c853dfde4545d19597cd1b070b42dafa8de0e0e2248e8b0afe0f2c0370c297518b9a3fa270a9062f1764ac99d45a35aaf9a5de89b19ce53bad341bac4a948e7eea7b91182560dfe25", 0x79}, {&(0x7f0000004740)="d1e34d4e897dcd9e6ea7cd0953b9886d453ede88797767dc12f01c42618231a6814e800a35802de2e6e7c2f942e77a573d76af3796348d4d80e002dec4078de06121e46d682e86f9a00714cb52f62fa65d69d0f1a9e55ea29df7e7aa8e6ef6a6b59d4270ff6518f4d2014422b4c6eeecc8e3f346bc6da90519b8637363b3d65f2975efcd0f9785e776793839689d4b7e014ea48df93cb3d3ca0b877ba5ce5d17e5ee", 0xa2}, {&(0x7f0000004800)="c4eb18862f8c8db818886c99aa0c97d0fb7e63c9083e5e20ef8147e08c0f1fbaddfe55cf0193eea2de0bf07204a50c8644cec09b", 0x34}], 0xa}, 0x40000) [ 674.406618] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 674.414335] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 674.421605] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 674.428962] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 674.436404] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 674.443667] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 674.485387] CPU: 0 PID: 25456 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 674.492532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 674.502077] Call Trace: [ 674.504765] dump_stack+0x138/0x197 [ 674.508417] should_fail.cold+0x10f/0x159 [ 674.512607] should_failslab+0xdb/0x130 [ 674.516596] kmem_cache_alloc+0x2d7/0x780 [ 674.520831] ? _raw_spin_unlock+0x2d/0x50 18:43:55 executing program 0: r0 = socket$unix(0x1, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) 18:43:55 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000e40)=ANY=[@ANYBLOB="00000420000060ed207441733bdae00fd300000000e46ce6160a0000ff0000008a2269b881c0df72d0195dbae7fa960900000000000000e2cd15132e886a5561e524480db589971e87943b844038fac1577f90fb1ea6d21c196a465fd810ab43d857e1ad0d1dc2cce90e8980e23cc0ce0e0ff728638fe9c6e75f0151fe1dc5dd8e0b5739281094325ade89e2571abaa4364f06a614c739cba5e9e1bda141c1901b4da548b8073aae18976fb8e6201b0c8a82e2526dc59ec6d7544771393d14eafebb2ec1e50123c5583d29b942520c8942ae00100000ad7fb198b84b59639a66ad1a608315ea67046d8ec51f0b486a001d8f480f22cb8878e0681107b1c5da0172fea4774da9d1b119004915a4ec546d7a3e68f6d25af0c35cfb08b4dc390fb44eb9d875a14a5b99893537ac18c8e5f169fa315963e8bfb2aeaf02f52aa892f4545d2bd33ff6000000007dd24f67a39db1f457f8010036afbeed28788ecbd59b79d0723c0700cd5f816474796ecfdeb1e1c2f02fed68520cb626c689f3b350142c0be62802f4b8c8d299f03121d132c39e6ef93caccb3c7ef8fee6f1fc12fab0790d6603c03661d7520108000000e615a9a4fe6c2b4d7b97d115b8f2a97db37c7baf688a5d9003bef61e005d1c1fb50a3c82202c53f3c496b9d2e50ba4f0530f57dcd7867a7235fcaed05ac66b34cbcbb76bb1d95d52af30858e441f853975608d51b971ddf05945b8e9fc4e5ba8e3f4f9121f90a454df27021a846f5f445ef951ca4bc575794abda2d365635d0c66a9867f10eb4d871b31c69e79342de13a6d46ebd5417deeac8d9ccfc8c465256d40f1cf00000017289fbb65c028f61f5370928d617f919ec60576201f1a4721b1befd6c0c9be9783c2546a8eb1a5d0f295ab1514b4691dcc34d186f390b731885dcb37b616588b39d425d497ddd36f710dbe85aadf7048a0c7aa495e63b46ae41ddd183bf68940f54b434f71348a07ed931eb3c62b8d5fcd1c1ddcff741e9998748b050a22beb435a72718b469676c24b84dc1b3d50c1b079d5055801191aaa2efe3ef1814e4eca1cca3d6cacc31cdb50ec136c97c073e7b4407970a5f59611e7a46c69d32bccff0c4eba7472c0e0500bd8c2aaf49f7aed87db63d0b4210aec5dd0645bd996b07031774ebd76ee9672c53a216e39e5a85f2330dc478f7c3fe7760dc424f193ed6e0760de1fedc16f7568e06ee2a3"], 0x1) close(r0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000000)={@remote, @rand_addr, @multicast2}, &(0x7f0000000040)=0xc) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x80000000}, 0x0) r2 = open(&(0x7f0000000240)='./file0\x00', 0x8000, 0x50) sendfile(r2, r2, 0x0, 0x3) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(r3, r3, r3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, @perf_bp={0x0}, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat$null(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/null\x00', 0x41, 0x0) ioctl$INOTIFY_IOC_SETNEXTWD(r2, 0x40044900, 0xffff) r5 = socket(0xa, 0x3, 0x8) write$P9_RLINK(r2, &(0x7f0000000140)={0x7, 0x47, 0x1}, 0x7) prctl$PR_SET_MM(0x23, 0x20000000000000, &(0x7f0000fea000/0x14000)=nil) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f00000000c0)={0x9, &(0x7f0000000040)=[{0x3, 0x80000, 0x5, 0xfffffffffffffffd}, {0x7fefadfb, 0x8, 0x10000, 0x9}, {0x9, 0x5, 0x100000001, 0x4000000080}, {0xffffffffffffff01, 0x984c, 0xfffffffffffffffd, 0xc96}, {0xffffffff, 0x3, 0x0, 0x5a}, {0x3f, 0x112000, 0xfffffffffffffff8, 0xbd}, {0xe60, 0x5, 0x100, 0x1}, {0xa7a, 0x2, 0xffffffffffffff81, 0x4}, {0x3, 0x7, 0x4, 0x7}]}, 0x10) getsockopt$IPT_SO_GET_INFO(r5, 0x0, 0x40, &(0x7f0000000500)={'nat\x00'}, &(0x7f00000001c0)=0x54) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000000)={'bridge0\x004\x01\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd}) syz_genetlink_get_family_id$nbd(&(0x7f00000002c0)='nbd\x00') perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = creat(&(0x7f0000000200)='./file1\x00', 0x0) write$cgroup_type(r6, &(0x7f0000000040)='threaded\x00', 0xfd87) fallocate(r6, 0x6, 0x0, 0x81) sendmmsg(r6, &(0x7f00000007c0)=[{{0x0, 0x0, &(0x7f0000000740)}, 0x7fffffff}], 0x1, 0x4040000) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syz_tun\x00'}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000440)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000640)={'team0\x00', r7}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'eql\x00', r8}) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000300)={r9, @multicast1, @dev={0xac, 0x14, 0x14, 0x1d}}, 0xc) fallocate(r6, 0x3, 0x5e00, 0x2cbd) sync_file_range(r4, 0x2002, 0x800008, 0x6) [ 674.522844] binder: 25469:25474 ioctl c018620c 20000000 returned -22 [ 674.525027] copy_process.part.0+0x3987/0x6a00 [ 674.525040] ? save_trace+0x290/0x290 [ 674.525064] ? proc_fail_nth_write+0x7d/0x180 [ 674.525069] ? proc_cwd_link+0x1b0/0x1b0 [ 674.525081] ? __cleanup_sighand+0x50/0x50 [ 674.525087] ? lock_downgrade+0x6e0/0x6e0 [ 674.525096] _do_fork+0x19e/0xce0 [ 674.525104] ? fork_idle+0x280/0x280 [ 674.525114] ? fput+0xd4/0x150 [ 674.525119] ? SyS_write+0x15e/0x230 [ 674.525156] SyS_clone+0x37/0x50 [ 674.525161] ? sys_vfork+0x30/0x30 [ 674.525171] do_syscall_64+0x1e8/0x640 [ 674.525176] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 674.525201] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 674.525206] RIP: 0033:0x459879 [ 674.525210] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 674.525216] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 18:43:55 executing program 3 (fault-call:7 fault-nth:16): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:55 executing program 2 (fault-call:7 fault-nth:11): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:55 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 674.525219] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 674.525223] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 674.525226] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 674.525230] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 674.623506] binder: 25469:25477 unknown command 0 [ 674.739987] FAULT_INJECTION: forcing a failure. [ 674.739987] name failslab, interval 1, probability 0, space 0, times 0 [ 674.753484] FAULT_INJECTION: forcing a failure. [ 674.753484] name failslab, interval 1, probability 0, space 0, times 0 [ 674.755015] CPU: 1 PID: 25485 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 674.771957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 674.781319] Call Trace: [ 674.783999] dump_stack+0x138/0x197 [ 674.787744] should_fail.cold+0x10f/0x159 [ 674.787849] binder: 25469:25477 ioctl c0306201 20000380 returned -22 [ 674.791886] should_failslab+0xdb/0x130 [ 674.791898] kmem_cache_alloc+0x2d7/0x780 [ 674.791910] ? _raw_spin_unlock_irq+0x28/0x90 [ 674.791923] ? trace_hardirqs_on_caller+0x400/0x590 [ 674.791937] copy_process.part.0+0x1cd5/0x6a00 [ 674.791952] ? save_trace+0x290/0x290 [ 674.791964] ? proc_fail_nth_write+0x7d/0x180 [ 674.829054] ? proc_cwd_link+0x1b0/0x1b0 [ 674.833133] ? __cleanup_sighand+0x50/0x50 [ 674.837403] ? lock_downgrade+0x6e0/0x6e0 [ 674.841554] _do_fork+0x19e/0xce0 [ 674.845094] ? fork_idle+0x280/0x280 [ 674.848900] ? fput+0xd4/0x150 [ 674.852089] ? SyS_write+0x15e/0x230 [ 674.855815] SyS_clone+0x37/0x50 [ 674.859637] ? sys_vfork+0x30/0x30 [ 674.863176] do_syscall_64+0x1e8/0x640 [ 674.867315] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 674.872168] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 674.877348] RIP: 0033:0x459879 [ 674.880536] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:43:55 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 674.888268] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 674.895536] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 674.902992] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 674.910344] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 674.917693] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 674.946045] CPU: 0 PID: 25491 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 674.953195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 674.962559] Call Trace: [ 674.965158] dump_stack+0x138/0x197 [ 674.968800] should_fail.cold+0x10f/0x159 [ 674.977935] should_failslab+0xdb/0x130 [ 674.988195] kmem_cache_alloc+0x2d7/0x780 [ 674.992355] copy_process.part.0+0x444f/0x6a00 [ 674.996941] ? __cleanup_sighand+0x50/0x50 [ 675.001166] ? lock_downgrade+0x6e0/0x6e0 [ 675.005302] _do_fork+0x19e/0xce0 [ 675.008739] ? fork_idle+0x280/0x280 [ 675.012469] ? fput+0xd4/0x150 [ 675.015654] ? SyS_write+0x15e/0x230 [ 675.019375] SyS_clone+0x37/0x50 [ 675.022731] ? sys_vfork+0x30/0x30 [ 675.026257] do_syscall_64+0x1e8/0x640 [ 675.030126] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 675.034956] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 675.040123] RIP: 0033:0x459879 18:43:56 executing program 2 (fault-call:7 fault-nth:12): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:56 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) 18:43:56 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 675.043291] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 675.050995] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 675.058271] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 675.065557] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 675.072824] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 675.080363] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:56 executing program 3 (fault-call:7 fault-nth:17): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 675.104088] binder: 25469:25477 ioctl c018620c 20000000 returned -22 [ 675.112221] binder: 25469:25474 unknown command 0 [ 675.117231] binder: 25469:25474 ioctl c0306201 20000380 returned -22 18:43:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x420480, 0x10) ioctl$EVIOCSABS2F(r2, 0x401845ef, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x2, 0x6, 0x1}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0xffffffffffffffc5, 0x2, 0x0}) [ 675.187686] FAULT_INJECTION: forcing a failure. [ 675.187686] name failslab, interval 1, probability 0, space 0, times 0 [ 675.217191] FAULT_INJECTION: forcing a failure. [ 675.217191] name failslab, interval 1, probability 0, space 0, times 0 [ 675.231033] CPU: 0 PID: 25503 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 675.238174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 675.247541] Call Trace: [ 675.250234] dump_stack+0x138/0x197 [ 675.253888] should_fail.cold+0x10f/0x159 [ 675.258058] should_failslab+0xdb/0x130 [ 675.262077] kmem_cache_alloc+0x2d7/0x780 [ 675.266238] ? lockdep_init_map+0x9/0x10 [ 675.268217] binder: 25506:25507 unknown command 0 [ 675.270317] ? debug_mutex_init+0x2d/0x5a [ 675.270335] copy_process.part.0+0x3c75/0x6a00 [ 675.270353] ? proc_fail_nth_write+0x7d/0x180 [ 675.270365] ? proc_cwd_link+0x1b0/0x1b0 [ 675.276355] binder: 25506:25507 ioctl c0306201 20000380 returned -22 [ 675.279525] ? __cleanup_sighand+0x50/0x50 [ 675.279542] ? lock_downgrade+0x6e0/0x6e0 [ 675.287059] binder: 25506:25508 unknown command 0 [ 675.288616] _do_fork+0x19e/0xce0 [ 675.288633] ? fork_idle+0x280/0x280 [ 675.292803] binder: 25506:25508 ioctl c0306201 20000380 returned -22 [ 675.299164] ? fput+0xd4/0x150 [ 675.299175] ? SyS_write+0x15e/0x230 [ 675.299190] SyS_clone+0x37/0x50 [ 675.299203] ? sys_vfork+0x30/0x30 [ 675.316866] do_syscall_64+0x1e8/0x640 [ 675.327045] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 675.327067] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 675.355048] RIP: 0033:0x459879 [ 675.358310] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 675.366002] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 675.373259] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 675.380744] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 675.387996] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 675.395262] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 675.410664] CPU: 0 PID: 25505 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 675.417809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 675.427268] Call Trace: [ 675.429865] dump_stack+0x138/0x197 [ 675.433513] should_fail.cold+0x10f/0x159 [ 675.437669] should_failslab+0xdb/0x130 [ 675.441635] kmem_cache_alloc+0x47/0x780 [ 675.445681] ? __lock_is_held+0xb6/0x140 [ 675.449745] ? check_preemption_disabled+0x3c/0x250 [ 675.454758] anon_vma_clone+0xde/0x470 [ 675.458650] anon_vma_fork+0x87/0x4d0 [ 675.462515] copy_process.part.0+0x45e2/0x6a00 [ 675.467125] ? __cleanup_sighand+0x50/0x50 [ 675.471344] ? lock_downgrade+0x6e0/0x6e0 [ 675.475484] _do_fork+0x19e/0xce0 [ 675.478938] ? fork_idle+0x280/0x280 [ 675.482673] ? fput+0xd4/0x150 [ 675.485844] ? SyS_write+0x15e/0x230 [ 675.489536] SyS_clone+0x37/0x50 [ 675.492896] ? sys_vfork+0x30/0x30 [ 675.496526] do_syscall_64+0x1e8/0x640 [ 675.500702] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 675.505724] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 675.510905] RIP: 0033:0x459879 [ 675.514091] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 675.521781] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 675.529053] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 18:43:56 executing program 5: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:43:56 executing program 1: r0 = socket$unix(0x1, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) 18:43:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) ioctl$VIDIOC_SUBDEV_G_FMT(r1, 0xc0585604, &(0x7f0000000280)={0x1, 0x0, {0x4838, 0xffffffff, 0x3016, 0xaa1049f209577c71, 0xc, 0x0, 0x1, 0x5}}) ioctl$KDADDIO(r2, 0x4b34, 0x7) ioctl$TUNSETLINK(r2, 0x400454cd, 0x207) ioctl$RNDGETENTCNT(r2, 0x80045200, &(0x7f0000000080)) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000500)='/dev/dlm-control\x00', 0x0, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000001}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)={0xe4, r3, 0x800, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_DEST={0x4c, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xec5a}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x7}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7ff}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}]}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xffff}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7ff}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e21}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7fff}]}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'nq\x00'}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x8}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x5, 0x22}}]}]}, 0xe4}}, 0x8000) open(&(0x7f0000000040)='./file0\x00', 0x0, 0x80) write$P9_RUNLINKAT(r1, &(0x7f00000000c0)={0x7, 0x4d, 0x2}, 0x7) r4 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r4, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0563044000000000052c044000000000e603132f5a9290fbbe4813ac2e49f7453e6d7a3305fbafef98431752bc7c5ebef9e1ee0332284e933c400070bc8b48255344440e02f212f1017755d3438563b3b3d715d6eae89f210969e9fabfa6903b709b9744f2cf4acc56fdb6b478decc0de6358fa02b9f67d84c684e9a2050863e3a6e68e7ece0eb9ae494ef371b572e65c20a4e6690354825bc13471b0adc49fb003f5ec5e95331c1"], 0x232, 0x2, 0x0}) 18:43:56 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:43:56 executing program 2 (fault-call:7 fault-nth:13): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 675.536302] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 675.543553] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 675.550803] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:56 executing program 3 (fault-call:7 fault-nth:18): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:56 executing program 1: openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) clone(0x1000108, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04) request_key(&(0x7f0000000040)='trusted\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)='#(\x00', 0xfffffffffffffffe) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) gettid() ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000080)=0x80407fe) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) [ 675.654176] binder: 25518:25520 unknown command 1074015237 18:43:56 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 675.698419] binder: 25518:25520 ioctl c0306201 20000380 returned -22 [ 675.707890] FAULT_INJECTION: forcing a failure. [ 675.707890] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 675.733478] binder: 25518:25531 unknown command 1074015237 [ 675.739546] FAULT_INJECTION: forcing a failure. [ 675.739546] name failslab, interval 1, probability 0, space 0, times 0 [ 675.749067] binder: 25518:25531 ioctl c0306201 20000380 returned -22 [ 675.762213] CPU: 1 PID: 25526 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 675.765668] EXT4-fs warning (device sda1): ext4_group_extend:1764: will only finish group (524288 blocks, 256 new) [ 675.770869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 675.770875] Call Trace: [ 675.770893] dump_stack+0x138/0x197 18:43:56 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 675.770910] should_fail.cold+0x10f/0x159 [ 675.770920] ? __might_sleep+0x93/0xb0 [ 675.770933] __alloc_pages_nodemask+0x1d6/0x7a0 [ 675.770944] ? fs_reclaim_acquire+0x20/0x20 [ 675.770957] ? __alloc_pages_slowpath+0x2930/0x2930 [ 675.770972] ? check_preemption_disabled+0x3c/0x250 [ 675.770987] alloc_pages_current+0xec/0x1e0 [ 675.806102] EXT4-fs warning (device sda1): ext4_group_extend:1770: can't read last block, resize aborted [ 675.810277] __get_free_pages+0xf/0x40 [ 675.810289] pgd_alloc+0x25/0x2b0 18:43:56 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 675.810298] ? lockdep_init_map+0x9/0x10 [ 675.810310] mm_init+0x578/0x970 [ 675.810321] copy_process.part.0+0x3ccd/0x6a00 [ 675.810337] ? proc_fail_nth_write+0x7d/0x180 [ 675.810348] ? proc_cwd_link+0x1b0/0x1b0 [ 675.843904] EXT4-fs warning (device sda1): ext4_group_extend:1764: will only finish group (524288 blocks, 256 new) [ 675.846023] ? __cleanup_sighand+0x50/0x50 [ 675.846038] ? lock_downgrade+0x6e0/0x6e0 [ 675.851395] EXT4-fs warning (device sda1): ext4_group_extend:1770: can't read last block, resize aborted [ 675.853472] _do_fork+0x19e/0xce0 18:43:56 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 675.853489] ? fork_idle+0x280/0x280 [ 675.902416] ? fput+0xd4/0x150 [ 675.905627] ? SyS_write+0x15e/0x230 [ 675.909362] SyS_clone+0x37/0x50 [ 675.912734] ? sys_vfork+0x30/0x30 [ 675.916380] do_syscall_64+0x1e8/0x640 [ 675.920292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 675.925151] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 675.930349] RIP: 0033:0x459879 [ 675.933538] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 675.941445] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 18:43:56 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 675.948752] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 675.956029] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 675.963404] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 675.970684] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 675.977984] CPU: 0 PID: 25532 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 675.985196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 675.994559] Call Trace: [ 675.997249] dump_stack+0x138/0x197 [ 676.000931] should_fail.cold+0x10f/0x159 [ 676.005622] should_failslab+0xdb/0x130 [ 676.009616] kmem_cache_alloc+0x47/0x780 [ 676.013688] ? anon_vma_chain_link+0x142/0x1a0 [ 676.018316] anon_vma_clone+0xde/0x470 [ 676.022216] anon_vma_fork+0x87/0x4d0 [ 676.022233] copy_process.part.0+0x45e2/0x6a00 [ 676.022264] ? __cleanup_sighand+0x50/0x50 [ 676.034954] ? lock_downgrade+0x6e0/0x6e0 [ 676.039124] _do_fork+0x19e/0xce0 [ 676.042603] ? fork_idle+0x280/0x280 [ 676.046339] ? fput+0xd4/0x150 [ 676.049550] ? SyS_write+0x15e/0x230 [ 676.053366] SyS_clone+0x37/0x50 [ 676.056766] ? sys_vfork+0x30/0x30 [ 676.060316] do_syscall_64+0x1e8/0x640 [ 676.064203] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 676.069067] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 676.074279] RIP: 0033:0x459879 [ 676.077460] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 676.085328] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 676.092592] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 676.099861] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 676.107122] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 676.114385] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:57 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000400)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast5)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000012c0)="0a0775b005", 0x5) sendmsg(r0, &(0x7f0000000680)={&(0x7f0000000200)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-camellia-aesni-avx2\x00'}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000280)="f64f906e0a568e1778ab9fc19fa901fd4fd60efec434cc62974612d8a69d931a507f6b8eae9677f805b35b41249bcc6da82ba4afc274ad600dfe3f04b2a5a52defc50939d63eb2325d2d0ebb921ec8e7811c3ba3dd2762ae89446d15cf2c6b940052dd9d88c83a90c36dfca013cfca8cdd653d153687d6a426812c8368abb6d65faa2c36bca299be3884ae47c08cb9f117144588e6f0f640d8b03cb27e4f5b7312df10af0c83867b25eaac7652f5062b46ad9d978355b4670651bc8c37f984025866bf298059e42e1b6f09aefff2b77a2f223bef21aef5ca832ce8a4e8eff9c167f10f850386226ba44d53e9bc07b4e0a13af7c58f7bec0c", 0xf8}, {&(0x7f0000000380)="e96e53a2a7669555606c2c376c97b69fe20c", 0x12}, {&(0x7f00000003c0)="0a78a69d6c2fe7dcb9498fed0f2826", 0xf}, {&(0x7f0000000480)="7edb0717ee55cfdd85f1601f14fbf6626f87d00f18a89e8601db4b591bf94f8f1266a8055b27b74a74ef3b48d9337b6fa50b189b464012be4ff329fb4c4ee02223506f2f1e9255e6ad3d077812c9379e4ac54816373037790a3f111335e281af678138ea4ec491ee641fca25185fdb786290aa20556f1d61f99e15cf233ed98d8d7ec24e8d42bfdaffe03f778b0e46dcea972bb151e3930bd9dbdf86baf144ccdc2a243c6d3dd49ffbc92407f40366216ffe88a0486676fbfc19ceb9d0", 0xbd}], 0x4, &(0x7f0000000580)=[{0x48, 0x10a, 0x5, "8eb16f34c78202e17a0fbcf5d8eac8e88c874847ec0e1ebad5a9ad4154776ec41bb0c2d43301ee0d5de4b6b4843dce0155"}, {0x28, 0x119, 0x2, "6502a4103082d708c381f5963910551d7ffb049c8f2374"}, {0x88, 0x100, 0x4a1e2ba5, "e39aa4e395d61635e1a884cad3e14e1d5270d8d89041d0830bdeb062a6b2beecb27fee9c2bf99b25ee20e8843b92b6d968bf54db9a926249a22df85bbf0e3ce492ba2edbdd80de0e255f29f5e64b5bc3d1f217c470520724e4b239ce5d52b29d2c1d8cbcdeb7a45b15316aa625fc17862cf0ce0daa0c"}], 0xf8}, 0x90) r1 = accept$alg(r0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000100)=0xff) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) sendmsg$sock(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002480)="3e29b3afe83599a9d5f65391874a6dca26b510ca0c8269a4a3a5444e36f89b5613ba34f62616c91045b81b81ed84f21113d4a6e5df18f7435e03429d8ba9825c3d6ff50d1d5000c33b74a305acfd53b2fec847884d0ce0ecd6eb0a32d7175b34750a7502ce114b366080a7f856982214315441fc1bef76e3bc72d59700d754d64ed80828422d7a6dfac624aa05edc806b6863e6b90f387117e70da2b459048311a0291071c8106d1b91410d98cc75e93698e1bc3d8825518623470bafc4600879729134ca0827e441d12e73ad3887db11cd7ae05371f6ab29f7d2fc9c11033e07de8a51d943f3f6e02ab93eab244e4bc762356918f7be8f050d1dc3b018efaf81744666c9f3485425a14ee3a93ad05d20c5a4105d24750662b990fe3ce9b60272aed3e9695a789a78f56189a637a41f1e32894c298384cbac44142d5faf565f4e81cba94a22647ff99f48ca04da23ec7dca8d5606f87e4b4158008f2c35880bf3638d6ffbd02e69d43080c87b387ab21411a155a8d48c3a75c9ed7703da7a17db2dbc1572b87f4dba9f0d952af69a94d92ad3fd5f83b3e69e2b79d0a20541b39ca1d317b3c131c10e1f8172c743c9fb5e71b0c3db80029222b94cae67f049f7861831479c6187aa5a0aafd9083f779c474c7ad994dedc5e04ab2fd35a1f3d4268bd33e3ec879a8f25c0fdfd9be641ad897da6bc7e45b482aa25d4838069751ef6ae2f82bd8fbb2d76783de933c5ef635223fb53cc1da2d32e3065f61b1f7d971a9d109f49a1fa79431071695acbec3c344bb1f0382f9a7ed62a0c24c6a9375a0fde52c5496b8a9367a7c66850d0cedec2df9b06b766fe87a0ac1be945631a57df08f57bd950830baaa68128f3c3022a7754602e28226a78a43885642804eddbfdc75103c715758085f7820c4f42fb9b45259c1a06f22ca52deec8d64fc32c6e6bc87bb5d25f8fe7add85bc49087307190211a67f881c00f2fbeb2aee44d07115bf5c1eda4e04368aa3d38d217fa119d0cda27f2f693cfc36177641fd67d7cdc79c7df0efc6c85bc0a66e5c032369fa8bacca3fce324f8a2663373b246a079635da28e28849ea2c013eb336d400642bbb7e85a6d0ae2d14150bd73edbd93ce68e5f358c55bf3f1f4b44ca4133ea2fa9f54957d7411405d1461260d0d8a5e09e41abe9d9b343c168aa98f58b74914e4febc35476bccf7fa8f90857b7681307050531936650a0fbb2438ef9fb51415b04b2d732942a05e66f5c53b94ce02b9c584c94b3dc98890bce37e15b22b9bdc140c1e87038a974bd111c49a14e1aba5a24a1d10ded63c6b72163476b8cdb063bf9a38f92e72ae40aac14fae57780a288333d52d81163816fba43fa0873de75f0f2b32fd5b6ac2312ac93287a43cbc9201fcbac8ef9abb75d17a527f1c9f16711255f74dc52e82b04313d7844797c573ea3c4a9de467be14e606c1f7a64af6109bc7e51e6669b88720d58960999b6d99fdd8c3f92ff6ce928d2b5bf0868c1d252015a550cced943851f69fd42ffe326be5535c987969fbabdf72e55f13a8f3dc0b8361c17b1bd0f8bec0a07e02e920ce23ebacebb7f4fb88256107de6eaf3c6093d2745e6d0272bce2e954aed5bad491bcdad84e1272f49ac7ba063694ef89fef609d08b3b65f9131f930d7a3a88c4c32613ea715c5cf611ef48b99b0275b26a847529b827863d3af312c2505ffe20cacb9ea33e74f7d3315c4577d0c75b4b0c52fa98454bb938a29f9fdcc514bf32d53afce29401127037b1a0b0c483f38fa82d572246d2f69cd81b0f691b456c6242ef8e2e72f3978e02a7f0fc3358e81f05e58a5d64f5dce98e1415c574a68a87fd31f7cda6fc1b59fbffdb12b242a1858f270ab2fbec268a8e55fea2c0106d0999f199ed745fc95a29e45c6d85945224c204a01ff0856c9ef45e35a659116a496d3f6925ffea0fba83c8d2bbe3eb52ef7389ebc40748b2d7ccc9761e8bcc2c330ad979c5dd13b8f664a19725f8b2145dcf21116055b233b341bf28d003442f4d83d300c86e267f921f9db9125631739db9c1e24921ed1954e0a18fde350183a622bad78e602d2195f85f2bf252156413e115f901cc7115463a2711710c9eda1500911c45c61ec459e5860da59ee0a08b56e14983f61e985e5159864ad5a63f9931f24a67f12d1f621efe5f7621e8f5d021ed28774ce5a1d838d3e79f43bb53009249caa7ee7b3de3d53253c64cb29de9871864f51911be4c74b52262c6feff33978bd1c39296a79c6c08a86dbf6f36de1bfff8e7a2a2d289ad4dbbe0b51d69d61f0e5f3df458438174fb103d4c94178ae53514779c599296db694243557f48eced4c4de4f3fe175564f825769507e94163107eda82cab7f1586b416b45f6e48043127da9e9bfadef82b4a487f3bc37fb591734c24389f76850e04e27253f5241c1956ece0126d8917a41a96e4cd44df439f53f25eb629fee78d1b3dad80ce9f5c0bbee47244f65b00de42d5815fc18c90b0a61a7713c07e779788377d017b573a16acbcad04304aa4daa13114d4b589a1db71bf28f876a4a5531c0afc62009c0abb08056fc34c8d3348e4bc866aef66f539cd20ff3a7b3d073751f18dafbe56314740b08f63b91f5fe2575f6f6ba8ea760eeae28a699237fb76b61c3b32bc179cdaa1e6beb3a30e5219e39ff399d2c6fcba96bb433d141d1a58ac094d3d71c04bcdcf2cb73a7b39e96b68c04860704d803e7ff49d12a8895ab539af586f20183330cfdf33a5c14d1d5b4d8c70f982bb694f3327e3f464e923dc86afd995df5a53ab23d34ac43348b21339c2212882ec5cbad697616c40e956af060252a691758cdb3cb0c39a46904801007ac8cfc6ab926e22c33f967f2b77f36c4309c4549acac1bd2dfcde0de1775229ae9b953a56f3593b3eda7e997f54bcd784822d0e18b54f5357c1fb12d52a9813412b53a33ead694c25cd8118b02fa560f585740b3f7007fd2a81eb7f19966711aae097b873c546e07f1179e99f34f84605b9d2653c099ab569f55b5fb427e16e183acb8fbf356e6215b518d1269c9193d7daa9c9dceb986515a3f61b51703f9410d4771b0a32d21c21bdd31e42853b9195303853a9c53e5bb91d078b6e4ae53b15a54bdd02d733bf4a0a61cd5c21f91958de4697e3ab4e42136d672c7c39d5df5a791a0d8dada5f39d99e4eea1ff47386e1a15b750c1219826d742e19638d8067053d13aa7a694c9e5dc6f195b17fd17b5d93717cbddba48c05f3a747856c23ceb7ecd43092b3e0de1669c5493ef7c359c0290ba57704a451b504808b1246f52bb51c60d52b70841b20debf9f96345d5c1c2faf3004a6c4ebe69c4dd198f727ae15447019bf01621753d426af6b11f9f8fac5beff38a71028d8442c38d79d52a5bda6e5c07177b59dd616b00050743eb6b7a3b68997a3e73d1d901a5046f814d1a42c90fbf15b8b8644f1e342388c13121c092cd4c527382ac8477f27d24dc9a0000d922cab8af21e522b03e87e50002764762637adc79197dfdad6f1f7604980df1b00c939e420a8550818446d4e5de2d98ebdb585b7dd1abd7141dd70c680780ce8b62388f401635387fcc3c4b72885ee074e96ed77673fc8a9ebd37b7648a87af5bf3811a10e12cb5c4249854dc7116805e2797b54f1158a599e507a6293e56c5847d171147e2a78791315e602b72a561e33b992ef4b9054c547b42fb64c09e9089a5856e6c2f8d54e9ef540dfbb684a6a8e1cb5dad441e534b24e149dbce3b25e7b2e24cc5b0dd0c1dc21849505aac89e98711566ad21bd973412b9d1a8517be1e7a1503c6634052f2b2d5a9cf76d38f4d0980c613e23a50cf38ca8b9a6c12b97806939332f294256d1627766be254d266152c646d1916418165666854193d42d62198e83e8ece96ced40cb10adc72b6bb8cf82b0357ae7b6cd3f58669f6b3a4b3f50e2b779e8f7ef556a2139efd38b922352876eafa343cc4ee162287872daabe76c1a196c17e5d57fbdf30d0bd68cd463f9ecf5c244f93e1405e6d3337eb318eebd53ca9ecaa3d943be44ede98596c7cd53e39aa6db9e968276a37669bc5769b8ae22ef8d9957566b0933f12199ad5a8548240b72d8ec7c961451649e73552eab20d096b8eaabaa8de145d7f77d0cbdf3e222d92e101", 0xb80}], 0x1}, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/exec\x00', 0x2, 0x0) set_mempolicy(0x4000, &(0x7f0000000080)=0x8a6, 0x8000) 18:43:57 executing program 2 (fault-call:7 fault-nth:14): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@dev}}, &(0x7f0000000340)=0xe8) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x14, 0x3, &(0x7f00000000c0)=@raw=[@ldst={0x3, 0x0, 0x7, 0x7, 0x8, 0x8, 0xffffffffffffffff}, @alu={0x7, 0x80, 0x98d8dad8257a51dd, 0x4, 0xa, 0xffffffffffffffe0, 0x1}, @generic={0x0, 0x8001, 0x2, 0x7, 0x6}], &(0x7f0000000140)='GPL\x00', 0x6, 0x50, &(0x7f00000001c0)=""/80, 0x40f00, 0x3, [], r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000400)={0x5, 0x5, 0x7f, 0x100000000}, 0x10}, 0x70) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x40500, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r2, 0xc040564a, &(0x7f0000000080)={0x7, 0x0, 0x3009, 0x7, 0x25, 0x5, 0xde, 0x1}) r3 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x4) 18:43:57 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:43:57 executing program 3 (fault-call:7 fault-nth:19): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 676.199890] binder: 25551:25555 unknown command 0 [ 676.218808] binder: 25551:25555 ioctl c0306201 20000380 returned -22 [ 676.239820] FAULT_INJECTION: forcing a failure. [ 676.239820] name failslab, interval 1, probability 0, space 0, times 0 [ 676.257331] CPU: 1 PID: 25558 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 676.264499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 676.273860] Call Trace: [ 676.276473] dump_stack+0x138/0x197 [ 676.280209] should_fail.cold+0x10f/0x159 [ 676.284377] should_failslab+0xdb/0x130 [ 676.288370] kmem_cache_alloc+0x2d7/0x780 [ 676.289595] FAULT_INJECTION: forcing a failure. [ 676.289595] name failslab, interval 1, probability 0, space 0, times 0 [ 676.292534] ? lock_downgrade+0x6e0/0x6e0 [ 676.292548] __khugepaged_enter+0x37/0x340 [ 676.292562] copy_process.part.0+0x5557/0x6a00 [ 676.292582] ? proc_fail_nth_write+0x7d/0x180 [ 676.292603] ? __cleanup_sighand+0x50/0x50 [ 676.292612] ? lock_downgrade+0x6e0/0x6e0 [ 676.292628] _do_fork+0x19e/0xce0 [ 676.292642] ? fork_idle+0x280/0x280 [ 676.292655] ? fput+0xd4/0x150 [ 676.292665] ? SyS_write+0x15e/0x230 [ 676.292678] SyS_clone+0x37/0x50 [ 676.292686] ? sys_vfork+0x30/0x30 [ 676.292702] do_syscall_64+0x1e8/0x640 [ 676.355084] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 676.359733] binder: 25551:25567 unknown command 0 [ 676.360026] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 676.360035] RIP: 0033:0x459879 [ 676.360040] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 676.360049] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 676.360054] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 18:43:57 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:43:57 executing program 2 (fault-call:7 fault-nth:15): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 676.360058] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 676.360064] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 676.360069] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 676.420240] CPU: 0 PID: 25564 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 676.427377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 676.436753] Call Trace: [ 676.439364] dump_stack+0x138/0x197 [ 676.443026] should_fail.cold+0x10f/0x159 18:43:57 executing program 5: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 676.447278] ? anon_vma_clone+0xde/0x470 [ 676.451367] should_failslab+0xdb/0x130 [ 676.455353] kmem_cache_alloc+0x47/0x780 [ 676.459432] ? anon_vma_chain_link+0x142/0x1a0 [ 676.464030] anon_vma_clone+0xde/0x470 [ 676.468283] anon_vma_fork+0x87/0x4d0 [ 676.472102] copy_process.part.0+0x45e2/0x6a00 [ 676.476727] ? __cleanup_sighand+0x50/0x50 [ 676.480975] ? lock_downgrade+0x6e0/0x6e0 [ 676.485229] _do_fork+0x19e/0xce0 [ 676.488690] ? fork_idle+0x280/0x280 [ 676.492503] ? fput+0xd4/0x150 [ 676.495694] ? SyS_write+0x15e/0x230 [ 676.499430] SyS_clone+0x37/0x50 [ 676.502810] ? sys_vfork+0x30/0x30 [ 676.506366] do_syscall_64+0x1e8/0x640 [ 676.510285] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 676.515247] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 676.520689] RIP: 0033:0x459879 [ 676.523923] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 676.531662] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 676.539161] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 18:43:57 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 676.546459] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 676.553777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 676.561144] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 676.570149] binder: 25551:25567 ioctl c0306201 20000380 returned -22 18:43:57 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x2000000ce, &(0x7f0000000000)="11dca58ec5cbb0e47bf07069623cdb44a45b9f668530e65f1720469e053f5eebb0b3a6903a3a40dbdefcce943a0ec232bcb0ab8cbe8696bcbdc606242e7ec339b4c568cf488d70f8e129a51d3def229540c298f8fc1c5dfc5828e5c81327c1759e80d8914746cc88c8f07b9420843c41ff600f866a4eb7407c1aeb03de913b7c93c327a794eff91ae077e467509967017fe5ff3cb789874821ad0e34213211f078e1a778109b88e51919133e09083bf7b66c00"/197) r1 = syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0x0, 0x806) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:57 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:43:57 executing program 5: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:43:57 executing program 3 (fault-call:7 fault-nth:20): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 676.712409] binder: 25580:25589 unknown command 0 [ 676.737186] binder: 25580:25589 ioctl c0306201 20000380 returned -22 [ 676.766279] FAULT_INJECTION: forcing a failure. [ 676.766279] name failslab, interval 1, probability 0, space 0, times 0 [ 676.775309] binder: 25580:25593 unknown command 0 [ 676.779323] CPU: 1 PID: 25591 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 676.790904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 676.794897] binder: 25580:25593 ioctl c0306201 20000380 returned -22 [ 676.800301] Call Trace: [ 676.800323] dump_stack+0x138/0x197 [ 676.800343] should_fail.cold+0x10f/0x159 [ 676.800358] should_failslab+0xdb/0x130 [ 676.800372] kmem_cache_alloc+0x2d7/0x780 [ 676.800384] ? _raw_spin_unlock+0x2d/0x50 [ 676.800394] ? __khugepaged_enter+0x26c/0x340 18:43:57 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 676.800407] copy_process.part.0+0x444f/0x6a00 [ 676.800435] ? __cleanup_sighand+0x50/0x50 [ 676.842880] ? lock_downgrade+0x6e0/0x6e0 [ 676.847050] _do_fork+0x19e/0xce0 [ 676.850604] ? fork_idle+0x280/0x280 [ 676.853229] FAULT_INJECTION: forcing a failure. [ 676.853229] name failslab, interval 1, probability 0, space 0, times 0 [ 676.854370] ? fput+0xd4/0x150 [ 676.854382] ? SyS_write+0x15e/0x230 [ 676.854399] SyS_clone+0x37/0x50 [ 676.854413] ? sys_vfork+0x30/0x30 [ 676.879478] do_syscall_64+0x1e8/0x640 [ 676.883367] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 676.888214] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 676.893410] RIP: 0033:0x459879 [ 676.896595] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 676.904474] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 676.911826] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 676.919100] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 676.926454] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 18:43:57 executing program 4: r0 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x1, 0x400000) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f00000000c0)={0x4, 0x2, 0x2, 0x5e9, 0x8}) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x200000, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4188aea7, &(0x7f0000000040)={0x2, 0x7, [{0x2, 0x0, 0x8}, {0x6, 0x0, 0x4b9}]}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r3 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:57 executing program 1: r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) getsockopt$ax25_int(r0, 0x101, 0x9, &(0x7f00000000c0), &(0x7f0000000100)=0x4) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x200080, 0x0) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-monitor\x00', 0x200200, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f00000001c0)=r2) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=0x0) syz_open_procfs(r3, &(0x7f0000000080)='fd\x00') 18:43:57 executing program 5: syz_emit_ethernet(0x66, &(0x7f0000000080)={@local, @empty=[0x2, 0x7], [], {@ipv6={0x86dd, {0x0, 0x6, "b40900", 0x30, 0x0, 0x0, @ipv4={[0x2, 0x0, 0x0, 0x0, 0x8847], [], @multicast2}, @mcast2, {[], @icmpv6=@time_exceed={0x4, 0x0, 0x0, 0x0, [0x9, 0x29], {0x0, 0x6, "b680fa", 0x0, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x2], [], @broadcast}, @ipv4={[], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x800, 0x0) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/hash_stats\x00', 0x0, 0x0) signalfd(r1, &(0x7f0000000100)={0xa6}, 0x8) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) [ 676.933817] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 676.975025] CPU: 0 PID: 25592 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 676.983826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 676.993200] Call Trace: [ 676.995811] dump_stack+0x138/0x197 [ 676.999467] should_fail.cold+0x10f/0x159 [ 677.003907] should_failslab+0xdb/0x130 [ 677.011464] kmem_cache_alloc+0x2d7/0x780 [ 677.015621] ? anon_vma_clone+0x310/0x470 [ 677.019875] anon_vma_fork+0xe9/0x4d0 [ 677.023788] copy_process.part.0+0x45e2/0x6a00 [ 677.028507] ? __cleanup_sighand+0x50/0x50 [ 677.032861] ? lock_downgrade+0x6e0/0x6e0 [ 677.037028] _do_fork+0x19e/0xce0 [ 677.040496] ? fork_idle+0x280/0x280 [ 677.044228] ? fput+0xd4/0x150 [ 677.047433] ? SyS_write+0x15e/0x230 [ 677.051173] SyS_clone+0x37/0x50 [ 677.054548] ? sys_vfork+0x30/0x30 [ 677.058107] do_syscall_64+0x1e8/0x640 [ 677.062103] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 677.066988] entry_SYSCALL_64_after_hwframe+0x42/0xb7 18:43:57 executing program 2 (fault-call:7 fault-nth:16): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:57 executing program 1: socket$unix(0x1, 0x0, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(0xffffffffffffffff, &(0x7f00000001c0)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x400000, 0x0) ioctl$VIDIOC_G_JPEGCOMP(r1, 0x808c563d, &(0x7f00000000c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000017c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$IMCLEAR_L2(r1, 0x80044946, &(0x7f0000000300)) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$RTC_UIE_OFF(r1, 0x7004) ioctl$MON_IOCX_MFETCH(r5, 0xc0109207, &(0x7f00000002c0)={&(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) listen(r0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) 18:43:58 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x2000000080002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@broute={'broute\x00', 0x20, 0x2, 0x238, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200005c0], 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000110000000000000081006263736630000000000800000000000073697430000002000000ffff00000000626f6e64300000000000000000000000766574382d863573e35cea0000000000ffffffffffff0000000000000000000000010030cd5f50e400800000000000d0000000d000000000010000766c616e000000ff03000000000000000000000000000000000000000000000008000000000000000100000000000100766c616e000000000000000000000000000000000000000000000000000000000800000000000000000000000000000041554449540000000000000000000000000000000000000000000000000000000800000000000000000000000051fa5a92000000000000000000000000000000000000000000000000000000000000000000000003000000feffffff0100000003000000000000000000017f916970365f76746930000000000000000073797a6b616c6c6572300000000000006263736630000000000000000000000076657468305f746f5f7465616d000000aaaaaaaaaabb000000000000aaaaaaaaaaaa00000000000000007000000070000000a8000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000"]}, 0x2b0) socket$isdn(0x22, 0x3, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00\x00\x00\x00\x00P\xe0\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108) r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x101000, 0x0) setsockopt$bt_l2cap_L2CAP_CONNINFO(r3, 0x6, 0x2, &(0x7f0000000240)={0x0, 0x7, 0x4, 0x7}, 0x6) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000000c0)) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000003c0)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x20000300, 0x0, 0x0, 0x20000330, 0x20000360], 0x0, &(0x7f0000000040), &(0x7f0000000300)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000440)={r2, r3}) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) tee(r0, 0xffffffffffffffff, 0x0, 0x2) 18:43:58 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 677.072549] RIP: 0033:0x459879 [ 677.075917] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 677.083637] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 677.090926] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 677.098464] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 677.105744] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 677.113034] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:58 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000040)={'batadv0\x00', {0x2, 0x4e21, @empty}}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = gettid() capset(&(0x7f0000000240)={0x20080522, r1}, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x0, 0x2}) [ 677.186458] binder: 25598:25610 unknown command 0 [ 677.198610] binder: 25598:25610 ioctl c0306201 20000380 returned -22 [ 677.234773] binder: 25598:25619 unknown command 0 [ 677.241468] FAULT_INJECTION: forcing a failure. [ 677.241468] name failslab, interval 1, probability 0, space 0, times 0 [ 677.247944] binder: 25598:25619 ioctl c0306201 20000380 returned -22 [ 677.258428] CPU: 1 PID: 25617 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 677.266571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 677.275945] Call Trace: [ 677.278725] dump_stack+0x138/0x197 18:43:58 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)=ANY=[@ANYBLOB="44000000100001040000000000000000000000008e5ccfbe00e18d9447be02", @ANYRES32=0x0, @ANYBLOB="000000000000000024000e00eaffffff000000ffe54c6b000000000000000000000000979aacb63e2b0000000000004801005e37502bf4477d0048cac4b4ef1f8ca1aa0c2f86d0f9d56bc7018509000000000000009f52ef78df7ba07f6862dff01f75e89ed73f88cc08f8853d3dac8a4214b0013f7904bc347d2a689f4b4929a94adf4a826c077c9f8f16c3f99558a3ca27ff739162935e592073ef9589c5b82afe087368adc2e66e0688f7d7d06d208c0e03a537c12d5f"], 0x44}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r2 = socket(0x400000000010, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000200)={{{@in6=@remote, @in=@remote}}, {{}, 0x0, @in6=@empty}}, &(0x7f0000000300)=0xe8) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="0b0017000b000800ffffffff08b0000b0091000000080679000200000008000b00eedd00"], 0x1}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) write(r2, &(0x7f0000000340)="2400000021002551071c0165ff00fc020200000000100f000ee1000c08000f0000000000", 0x24) recvfrom(r2, &(0x7f0000000080)=""/231, 0xe7, 0x40002121, 0x0, 0x0) dup2(r0, r0) 18:43:58 executing program 3 (fault-call:7 fault-nth:21): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:58 executing program 2 (fault-call:7 fault-nth:17): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:58 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 677.282631] should_fail.cold+0x10f/0x159 [ 677.282647] should_failslab+0xdb/0x130 [ 677.282660] kmem_cache_alloc+0x2d7/0x780 [ 677.282678] copy_process.part.0+0x444f/0x6a00 [ 677.282708] ? __cleanup_sighand+0x50/0x50 [ 677.282719] ? lock_downgrade+0x6e0/0x6e0 [ 677.282734] _do_fork+0x19e/0xce0 [ 677.282747] ? fork_idle+0x280/0x280 [ 677.282760] ? fput+0xd4/0x150 [ 677.282770] ? SyS_write+0x15e/0x230 [ 677.282784] SyS_clone+0x37/0x50 [ 677.282792] ? sys_vfork+0x30/0x30 [ 677.282803] do_syscall_64+0x1e8/0x640 [ 677.282811] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 677.282826] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 677.282834] RIP: 0033:0x459879 [ 677.282839] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 677.282849] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 677.282855] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 677.282861] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 677.282866] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 18:43:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) connect$l2tp(0xffffffffffffffff, &(0x7f0000000140)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x0, 0x2, 0x4, 0x1, {0xa, 0x4e24, 0x100, @loopback, 0x9}}}, 0x32) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0440a73639b05b47cd8908a37d670800396537dd05002b60155f62d8b89b9dbe1fac7e0f2461bc3912b1488aaf81698646ed734e597486ba8b997521c31c9bc4e39ed05db0a94209c63a0f07ae83"], 0x232, 0x2, 0x0}) r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xce5, 0x800) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r2, 0x810c5701, &(0x7f00000001c0)) connect$l2tp(r0, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x8}}, 0x1, 0x1}}, 0x26) 18:43:58 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x5380) readv(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/127, 0x7f}], 0x1) ioctl$int_in(r0, 0x8000008010500d, &(0x7f0000000000)) [ 677.282872] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:58 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 677.440589] FAULT_INJECTION: forcing a failure. [ 677.440589] name failslab, interval 1, probability 0, space 0, times 0 [ 677.469080] FAULT_INJECTION: forcing a failure. [ 677.469080] name failslab, interval 1, probability 0, space 0, times 0 [ 677.496991] binder: 25637:25639 unknown command 916930564 [ 677.506437] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.5'. [ 677.514690] CPU: 1 PID: 25627 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 677.517288] binder: 25637:25639 ioctl c0306201 20000380 returned -22 [ 677.522357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 677.522363] Call Trace: [ 677.522385] dump_stack+0x138/0x197 [ 677.522403] should_fail.cold+0x10f/0x159 [ 677.522416] should_failslab+0xdb/0x130 [ 677.522429] kmem_cache_alloc+0x2d7/0x780 [ 677.522442] ? anon_vma_clone+0x310/0x470 [ 677.537428] binder: 25637:25639 unknown command 916930564 [ 677.538436] anon_vma_fork+0x1ce/0x4d0 [ 677.538456] copy_process.part.0+0x45e2/0x6a00 [ 677.543875] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.5'. [ 677.545366] ? __cleanup_sighand+0x50/0x50 [ 677.545380] ? lock_downgrade+0x6e0/0x6e0 [ 677.549684] binder: 25637:25639 ioctl c0306201 20000380 returned -22 [ 677.617505] _do_fork+0x19e/0xce0 [ 677.620968] ? fork_idle+0x280/0x280 [ 677.624707] ? fput+0xd4/0x150 [ 677.627892] ? SyS_write+0x15e/0x230 [ 677.631781] SyS_clone+0x37/0x50 [ 677.635141] ? sys_vfork+0x30/0x30 [ 677.638678] do_syscall_64+0x1e8/0x640 [ 677.642648] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 677.647604] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 677.653220] RIP: 0033:0x459879 [ 677.656423] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 677.664125] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 677.671389] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 677.678738] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 677.686004] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 18:43:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$dspn(&(0x7f00000002c0)='/dev/dsp#\x00', 0x800000000000000, 0x40) getsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000004900)={@remote, @empty, 0x0}, &(0x7f00000004c0)=0xffffffffffffff40) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000004980)={'vcan0\x00', r2}) r3 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x6, 0x7b420da93af250ae) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040)={0x8000}) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r4 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$VIDIOC_DBG_S_REGISTER(r3, 0x4038564f, &(0x7f0000000500)={{0x3, @addr=0x77de}, 0x8, 0xffff, 0x8}) getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f00000000c0)={@empty, 0x0}, &(0x7f0000000140)=0x14) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x0, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)={0x1, 0x72, 0x7, 0x9, 0x10, 0x1, 0x1000, [], r5, r6, 0x0, 0x5}, 0x3c) openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/validatetrans\x00', 0x1, 0x0) ioctl$VIDIOC_ENCODER_CMD(r6, 0xc028564d, &(0x7f0000000240)={0x2, 0x1, [0x3, 0x0, 0x9, 0x6, 0x1ff, 0x5, 0xc74, 0x6]}) r8 = syz_genetlink_get_family_id$fou(&(0x7f0000000300)='fou\x00') sendmsg$FOU_CMD_GET(r3, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)={0x50, r8, 0x2, 0x70bd2c, 0x25dfdbff, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @ipv4={[], [], @rand_addr=0x2}}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e20}, @FOU_ATTR_IFINDEX={0x8, 0xb, r5}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}, @FOU_ATTR_IFINDEX={0x8, 0xb, r5}, @FOU_ATTR_IFINDEX={0x8, 0xb, r2}]}, 0x50}, 0x1, 0x0, 0x0, 0x4040}, 0x0) r9 = getpgid(0xffffffffffffffff) openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000540)='/selinux/mls\x00', 0x0, 0x0) fcntl$setown(r7, 0x8, r9) ioctl$BINDER_SET_CONTEXT_MGR(r4, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:43:58 executing program 5: r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000080)={0xffffffffaff29802, 0x6, 0x3b, 0xea1}, 0x10) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f0000000040), 0x0, 0x1, 0x0, &(0x7f0000048000), 0x1) futex(&(0x7f000000cffc)=0x4, 0x4, 0x1, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1c0000000, 0x0) 18:43:58 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0bc5310, &(0x7f0000000100)) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x20400000000b}, 0x1c) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0xffffff11, 0x0, @remote, @local, {[], @udp={0x0, 0x4e20, 0x8}}}}}}, 0x0) syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0xffffff11, 0x0, @remote, @local, {[], @udp={0x0, 0x4e20, 0x8}}}}}}, 0x0) [ 677.693444] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 677.700994] CPU: 0 PID: 25635 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 677.708112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 677.717469] Call Trace: [ 677.720071] dump_stack+0x138/0x197 [ 677.723716] should_fail.cold+0x10f/0x159 [ 677.728230] should_failslab+0xdb/0x130 [ 677.732335] kmem_cache_alloc+0x47/0x780 [ 677.736411] ? __lock_is_held+0xb6/0x140 [ 677.740601] ? check_preemption_disabled+0x3c/0x250 18:43:58 executing program 1: r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) set_thread_area(&(0x7f0000000580)={0x0, 0x20001800, 0x4000, 0x0, 0xffff, 0x1, 0x0, 0x2, 0x843, 0x3}) r1 = socket(0xa, 0x1, 0x8000000000) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x40247007, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id<', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) write$char_usb(r0, &(0x7f00000000c0)="c1c53077531e23c4a152bc22577782d779509c4db3d99a8155690a19dd688795f9781f61a6061ddc82fed069f1e02d6969e88b7e2d9ef5ed012807bfcd758bd598e74f9efac242e94f15676da176cf96a15d85e21346e8213d703f6d23809ef4", 0x60) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000140)='mountinfo\x00') ioctl$TIOCGETD(r3, 0x5424, &(0x7f0000000680)) set_thread_area(&(0x7f0000000580)={0x7a, 0x20001800, 0x4000, 0x200, 0xffff, 0x1, 0x101, 0x2, 0x843, 0x3}) prctl$PR_GET_UNALIGN(0x5, &(0x7f00000002c0)) rename(0x0, 0x0) write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f00000006c0)={0x2a, 0x4, 0x0, {0x1, 0xffffffff00000000, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) mount(&(0x7f0000000640)=ANY=[@ANYBLOB="539b8a05ab1072c24e2b98df1388f1adc95900b6cd020000a500"/35], 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000000740)=ANY=[@ANYBLOB="5a31cda6de549acfc975297eca8ad100c94eebb9152a6597510618cfcb791fc2ab9b8cecb90b5f7e19c315249f1ddd3ffbb056e6c79d41699a13b0ab3ac6510f19"], 0x0, 0x0, 0x100000, 0x0) mount(&(0x7f0000000500)=ANY=[@ANYBLOB="969957b52d30fea3a6945a209674fd3e214cb9dcc33db7762efad2628dcef5d3b6364e601019df973b53d859e769464fe2a2410d59da45"], 0x0, 0x0, 0x80010, 0x0) mount(&(0x7f0000000940)=ANY=[@ANYBLOB="675d60930c61d0cd631a838fe0a75467dd67f3c0d5ad000072d4f02f2ac544ea80dd8353580900fae05641aa049b6b10e199086af0c13f77a3438490a44db0b0ec2c9066b0bea2c9a55ae0edbf506dc3ec44383f69d5dccc055d009d4f169b82629128dd79423e04c2e7a984750da85aee88bcff8f31f23014c5efff30d0d425b20141e3a391465de87be71f48c67f6a27174539555966ba813826a11f510be2bb1a7e1d57463feb06303f67d5c4527f426b980de0ef024c1c8851b0"], 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000000500)=ANY=[], &(0x7f0000000540)='./file0\x00', &(0x7f0000000800)='devtmpfs\x00', 0x847, &(0x7f0000000780)) [ 677.745809] anon_vma_clone+0xde/0x470 [ 677.749730] anon_vma_fork+0x87/0x4d0 [ 677.754329] copy_process.part.0+0x45e2/0x6a00 [ 677.758946] ? __cleanup_sighand+0x50/0x50 [ 677.763199] ? lock_downgrade+0x6e0/0x6e0 [ 677.767392] _do_fork+0x19e/0xce0 [ 677.770878] ? fork_idle+0x280/0x280 [ 677.774624] ? fput+0xd4/0x150 [ 677.777861] ? SyS_write+0x15e/0x230 [ 677.781595] SyS_clone+0x37/0x50 [ 677.785051] ? sys_vfork+0x30/0x30 [ 677.788606] do_syscall_64+0x1e8/0x640 [ 677.792510] ? trace_hardirqs_off_thunk+0x1a/0x1c 18:43:58 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f0000000140), 0x20000152) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', r0}, 0x10) ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000100)={0x2, 0x3}) openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x4040, 0x0) [ 677.797458] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 677.802746] RIP: 0033:0x459879 [ 677.806057] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 677.814209] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 677.821493] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 677.829298] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 677.836579] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 18:43:58 executing program 3 (fault-call:7 fault-nth:22): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 677.844198] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:43:58 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) [ 677.878596] binder: 25647:25656 unknown command 0 [ 677.908627] binder: 25647:25656 ioctl c0306201 20000380 returned -22 [ 677.964928] FAULT_INJECTION: forcing a failure. [ 677.964928] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 677.967432] binder: 25647:25668 unknown command 0 [ 677.995266] binder: 25647:25668 ioctl c0306201 20000380 returned -22 18:43:59 executing program 2 (fault-call:7 fault-nth:18): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:43:59 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x4000, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x405, 0x0) getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000100)={@local, @remote}, &(0x7f0000000140)=0xc) signalfd4(r0, &(0x7f0000000080)={0xfffffffffffff5c4}, 0x8, 0x800) r2 = syz_open_dev$sndpcmc(&(0x7f00000001c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl$TUNSETNOCSUM(r2, 0x400454c8, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x4) 18:43:59 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) socket$inet(0x2, 0x4, 0x80000001) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f00000000c0)={0x5, 0x4, 0x1ff, 0x1a, 0x9}) ioctl$VIDIOC_G_INPUT(r0, 0x80045626, &(0x7f0000000000)) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 18:43:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) r2 = shmget(0x1, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_STAT(r2, 0xd, &(0x7f0000000000)=""/203) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) r3 = syz_open_dev$dmmidi(&(0x7f00000002c0)='/dev/dmmidi#\x00', 0x200, 0x20000) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000300)={0xffffffffffffffff}, 0x106, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r3, &(0x7f00000003c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000480), r4, 0x7fffffff}}, 0x18) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000540)) r5 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x400, 0x20000) ioctl$sock_x25_SIOCADDRT(r5, 0x890b, &(0x7f00000001c0)={@null=' \x00', 0x1, 'bridge0\x00'}) getsockopt$sock_buf(r0, 0x1, 0x1c, &(0x7f0000000400)=""/37, &(0x7f0000000600)=0x25) [ 678.017581] CPU: 0 PID: 25667 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 678.024996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 678.034360] Call Trace: [ 678.037595] dump_stack+0x138/0x197 [ 678.042132] should_fail.cold+0x10f/0x159 [ 678.046300] ? __might_sleep+0x93/0xb0 [ 678.050214] __alloc_pages_nodemask+0x1d6/0x7a0 [ 678.054986] ? save_stack+0xa9/0xd0 [ 678.058671] ? __alloc_pages_slowpath+0x2930/0x2930 [ 678.063746] ? anon_vma_fork+0x1ce/0x4d0 [ 678.067832] ? copy_process.part.0+0x45e2/0x6a00 [ 678.072604] ? _do_fork+0x19e/0xce0 [ 678.074119] binder: 25675:25676 unknown command 0 [ 678.076363] ? __lock_acquire+0x5f7/0x4620 [ 678.076380] alloc_pages_current+0xec/0x1e0 [ 678.076394] __get_free_pages+0xf/0x40 [ 678.076406] get_zeroed_page+0x11/0x20 [ 678.081717] binder: 25675:25676 ioctl c0306201 20000380 returned -22 [ 678.086017] __pud_alloc+0x3b/0x200 [ 678.086029] pud_alloc+0xc9/0x130 [ 678.086040] copy_page_range+0x2de/0x1bd0 18:43:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x46400, 0x0) ioctl$CAPI_GET_FLAGS(r2, 0x80044323, &(0x7f00000000c0)) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x400, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0xad9b69a77e522f02, 0x0) [ 678.086057] ? find_held_lock+0x35/0x130 [ 678.086070] ? find_held_lock+0x35/0x130 [ 678.095059] binder: 25675:25677 unknown command 0 [ 678.098190] ? __pmd_alloc+0x410/0x410 [ 678.098203] ? __vma_link_rb+0x247/0x340 [ 678.098218] copy_process.part.0+0x4764/0x6a00 [ 678.098246] ? __cleanup_sighand+0x50/0x50 [ 678.105033] binder: 25675:25677 ioctl c0306201 20000380 returned -22 [ 678.108350] ? lock_downgrade+0x6e0/0x6e0 [ 678.108370] _do_fork+0x19e/0xce0 [ 678.108386] ? fork_idle+0x280/0x280 [ 678.108402] ? fput+0xd4/0x150 [ 678.133046] ? SyS_write+0x15e/0x230 [ 678.141662] SyS_clone+0x37/0x50 [ 678.141671] ? sys_vfork+0x30/0x30 [ 678.141684] do_syscall_64+0x1e8/0x640 [ 678.141692] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 678.141709] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 678.162804] binder: 25678:25680 unknown command 0 [ 678.164114] RIP: 0033:0x459879 [ 678.164121] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 678.164133] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 18:43:59 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:43:59 executing program 3 (fault-call:7 fault-nth:23): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 678.164139] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 678.164144] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 678.164149] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 678.164159] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 678.167645] binder: 25678:25680 ioctl c0306201 20000380 returned -22 18:43:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) r2 = dup3(r1, r1, 0x80000) ioctl$TIOCSBRK(r2, 0x5427) 18:43:59 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 678.285854] binder: 25678:25680 unknown command 0 [ 678.293321] binder: 25678:25680 ioctl c0306201 20000380 returned -22 [ 678.345368] binder: 25692:25695 unknown command 0 [ 678.351464] binder: 25692:25695 ioctl c0306201 20000380 returned -22 [ 678.365794] FAULT_INJECTION: forcing a failure. [ 678.365794] name failslab, interval 1, probability 0, space 0, times 0 [ 678.377829] FAULT_INJECTION: forcing a failure. [ 678.377829] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 678.379596] CPU: 1 PID: 25698 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 678.396931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 678.406296] Call Trace: [ 678.408890] dump_stack+0x138/0x197 [ 678.412534] should_fail.cold+0x10f/0x159 [ 678.416693] should_failslab+0xdb/0x130 [ 678.420773] kmem_cache_alloc+0x47/0x780 [ 678.424840] ? anon_vma_chain_link+0x142/0x1a0 [ 678.429418] anon_vma_clone+0xde/0x470 [ 678.433317] anon_vma_fork+0x87/0x4d0 [ 678.437124] copy_process.part.0+0x45e2/0x6a00 [ 678.441732] ? __cleanup_sighand+0x50/0x50 [ 678.445971] ? lock_downgrade+0x6e0/0x6e0 [ 678.450122] _do_fork+0x19e/0xce0 [ 678.453577] ? fork_idle+0x280/0x280 [ 678.457297] ? fput+0xd4/0x150 [ 678.460504] ? SyS_write+0x15e/0x230 [ 678.464222] SyS_clone+0x37/0x50 [ 678.467580] ? sys_vfork+0x30/0x30 [ 678.471202] do_syscall_64+0x1e8/0x640 [ 678.475086] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 678.479927] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 678.485183] RIP: 0033:0x459879 [ 678.488368] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 678.496078] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 678.516347] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 18:43:59 executing program 2 (fault-call:7 fault-nth:19): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 678.542559] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 678.549835] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 678.557100] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 678.564405] CPU: 0 PID: 25697 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 678.571620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 678.580978] Call Trace: [ 678.583580] dump_stack+0x138/0x197 [ 678.587222] should_fail.cold+0x10f/0x159 [ 678.591374] ? __might_sleep+0x93/0xb0 18:43:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) setreuid(0xee00, 0x0) r2 = getuid() setuid(r2) msgctl$IPC_RMID(0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) r3 = request_key(&(0x7f0000000040)='pkcs7_test\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000000c0)='/dev/binder#\x00', 0x0) keyctl$assume_authority(0x10, r3) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) [ 678.591565] binder: 25692:25700 unknown command 0 [ 678.595276] __alloc_pages_nodemask+0x1d6/0x7a0 [ 678.595292] ? __alloc_pages_slowpath+0x2930/0x2930 [ 678.595312] alloc_pages_current+0xec/0x1e0 [ 678.600364] binder: 25692:25700 ioctl c0306201 20000380 returned -22 [ 678.604817] __pmd_alloc+0x41/0x410 [ 678.604831] copy_page_range+0x12b7/0x1bd0 [ 678.604851] ? find_held_lock+0x35/0x130 [ 678.628624] ? __pmd_alloc+0x410/0x410 [ 678.636539] ? __vma_link_rb+0x247/0x340 [ 678.636556] copy_process.part.0+0x4764/0x6a00 [ 678.636587] ? __cleanup_sighand+0x50/0x50 [ 678.649519] ? lock_downgrade+0x6e0/0x6e0 [ 678.653763] _do_fork+0x19e/0xce0 [ 678.654375] binder: BINDER_SET_CONTEXT_MGR bad uid 60928 != 0 [ 678.657585] ? fork_idle+0x280/0x280 [ 678.657602] ? fput+0xd4/0x150 [ 678.657614] ? SyS_write+0x15e/0x230 [ 678.663685] binder: 25703:25705 ioctl 40046207 0 returned -1 [ 678.667200] SyS_clone+0x37/0x50 [ 678.667211] ? sys_vfork+0x30/0x30 [ 678.667224] do_syscall_64+0x1e8/0x640 [ 678.667235] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 678.672197] binder: 25703:25705 unknown command 0 [ 678.674159] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 678.674168] RIP: 0033:0x459879 [ 678.674176] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 [ 678.680415] binder: 25703:25705 ioctl c0306201 20000380 returned -22 [ 678.683309] ORIG_RAX: 0000000000000038 [ 678.683316] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 678.683321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 678.683327] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 678.683334] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 678.683339] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 678.716126] FAULT_INJECTION: forcing a failure. [ 678.716126] name failslab, interval 1, probability 0, space 0, times 0 [ 678.728901] CPU: 0 PID: 25707 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 678.747327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 678.747333] Call Trace: [ 678.747352] dump_stack+0x138/0x197 [ 678.747375] should_fail.cold+0x10f/0x159 [ 678.762745] binder: BINDER_SET_CONTEXT_MGR bad uid 60928 != 0 [ 678.773174] ? anon_vma_clone+0xde/0x470 [ 678.773192] should_failslab+0xdb/0x130 [ 678.773203] kmem_cache_alloc+0x47/0x780 [ 678.773214] ? anon_vma_chain_link+0x142/0x1a0 [ 678.773225] anon_vma_clone+0xde/0x470 [ 678.773240] anon_vma_fork+0x87/0x4d0 [ 678.781353] binder: 25703:25710 unknown command 0 [ 678.789785] copy_process.part.0+0x45e2/0x6a00 [ 678.789818] ? __cleanup_sighand+0x50/0x50 18:43:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x10000) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) r4 = msgget$private(0x0, 0x81) msgrcv(r4, &(0x7f0000000640)={0x0, ""/186}, 0xc2, 0x3, 0x1000) r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nbd(&(0x7f0000000100)='nbd\x00') readv(r5, &(0x7f0000000580)=[{&(0x7f0000000300)=""/204, 0xcc}, {&(0x7f0000000500)=""/104, 0x68}, {0x0}], 0x3) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ff7000/0x8000)=nil, 0x2) r6 = dup(r3) getsockopt$inet_sctp6_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f00000002c0), 0x0) openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) accept4$tipc(r7, 0x0, 0x0, 0x80000) ioctl$DRM_IOCTL_ADD_BUFS(0xffffffffffffffff, 0xc0206416, 0x0) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000012c0)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) setsockopt$RXRPC_SECURITY_KEYRING(r6, 0x110, 0x2, &(0x7f00000005c0)='\xb0posix_acl_access$bdevmime_type\'selinux))cpusetposix_acl_accessmd5sumtrusted[\x00', 0x4e) r8 = accept$alg(r3, 0x0, 0x0) sendmmsg$alg(r8, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) ioctl$KVM_SET_TSC_KHZ(r6, 0xaea2, 0x80) finit_module(r7, &(0x7f0000000180)='/dev/md0\x00', 0x2) ioctl$TUNSETGROUP(r7, 0x400454ce, 0x0) recvmsg(r8, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x13, r1, 0xfffffffffffffffc) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0xbcda34450b800b7a, 0x40000000000a132, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_FD(r2, 0x4c00, r1) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="10000000004d40000000000563044000"], 0x232, 0x2, 0x0}) 18:43:59 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 678.792980] binder: 25703:25705 ioctl 40046207 0 returned -1 [ 678.796009] ? lock_downgrade+0x6e0/0x6e0 [ 678.796027] _do_fork+0x19e/0xce0 [ 678.796040] ? fork_idle+0x280/0x280 [ 678.800370] binder: 25703:25710 ioctl c0306201 20000380 returned -22 [ 678.806082] ? fput+0xd4/0x150 [ 678.806093] ? SyS_write+0x15e/0x230 [ 678.806111] SyS_clone+0x37/0x50 [ 678.826638] ? sys_vfork+0x30/0x30 [ 678.835265] do_syscall_64+0x1e8/0x640 [ 678.835279] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 678.890581] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 678.895783] RIP: 0033:0x459879 [ 678.898976] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 678.906782] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 678.914093] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 678.921350] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 678.928625] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 678.935902] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:00 executing program 5: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:00 executing program 2 (fault-call:7 fault-nth:20): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:00 executing program 3 (fault-call:7 fault-nth:24): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:00 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:00 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 679.038436] binder: 25712:25722 unknown command 16 [ 679.053761] binder: 25712:25722 ioctl c0306201 20000380 returned -22 [ 679.124550] FAULT_INJECTION: forcing a failure. [ 679.124550] name failslab, interval 1, probability 0, space 0, times 0 [ 679.137724] CPU: 0 PID: 25734 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 679.144858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 679.154220] Call Trace: [ 679.156822] dump_stack+0x138/0x197 [ 679.161254] should_fail.cold+0x10f/0x159 [ 679.165451] should_failslab+0xdb/0x130 [ 679.169489] kmem_cache_alloc+0x2d7/0x780 [ 679.173642] ? alloc_pages_current+0xf4/0x1e0 [ 679.178153] __pmd_alloc+0xbd/0x410 [ 679.179156] FAULT_INJECTION: forcing a failure. [ 679.179156] name failslab, interval 1, probability 0, space 0, times 0 [ 679.181885] copy_page_range+0x12b7/0x1bd0 [ 679.181902] ? find_held_lock+0x35/0x130 [ 679.181924] ? __pmd_alloc+0x410/0x410 [ 679.181933] ? __vma_link_rb+0x247/0x340 [ 679.181954] copy_process.part.0+0x4764/0x6a00 [ 679.214786] ? __cleanup_sighand+0x50/0x50 [ 679.219020] ? lock_downgrade+0x6e0/0x6e0 [ 679.223176] _do_fork+0x19e/0xce0 [ 679.226629] ? fork_idle+0x280/0x280 [ 679.230522] ? fput+0xd4/0x150 [ 679.233716] ? SyS_write+0x15e/0x230 [ 679.237437] SyS_clone+0x37/0x50 [ 679.240885] ? sys_vfork+0x30/0x30 [ 679.244423] do_syscall_64+0x1e8/0x640 [ 679.248583] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 679.253432] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 679.258621] RIP: 0033:0x459879 [ 679.261804] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 679.269510] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 679.276774] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 679.284038] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 679.291310] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 679.298581] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 679.305865] CPU: 1 PID: 25736 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 679.312991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 18:44:00 executing program 3 (fault-call:7 fault-nth:25): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 679.322361] Call Trace: [ 679.326174] dump_stack+0x138/0x197 [ 679.329990] should_fail.cold+0x10f/0x159 [ 679.334143] ? anon_vma_clone+0xde/0x470 [ 679.338562] should_failslab+0xdb/0x130 [ 679.342723] kmem_cache_alloc+0x47/0x780 [ 679.346798] ? anon_vma_chain_link+0x142/0x1a0 [ 679.351555] anon_vma_clone+0xde/0x470 [ 679.355612] anon_vma_fork+0x87/0x4d0 [ 679.359581] copy_process.part.0+0x45e2/0x6a00 [ 679.364196] ? __cleanup_sighand+0x50/0x50 [ 679.368552] ? lock_downgrade+0x6e0/0x6e0 [ 679.373151] _do_fork+0x19e/0xce0 [ 679.376620] ? fork_idle+0x280/0x280 [ 679.380345] ? fput+0xd4/0x150 [ 679.383536] ? SyS_write+0x15e/0x230 [ 679.387253] SyS_clone+0x37/0x50 [ 679.390610] ? sys_vfork+0x30/0x30 [ 679.394161] do_syscall_64+0x1e8/0x640 [ 679.398041] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 679.403064] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 679.408247] RIP: 0033:0x459879 [ 679.411427] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:00 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f0000000540)) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:00 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:00 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) setreuid(0xee00, 0x0) r2 = getuid() setuid(r2) msgctl$IPC_RMID(0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) r3 = request_key(&(0x7f0000000040)='pkcs7_test\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000000c0)='/dev/binder#\x00', 0x0) keyctl$assume_authority(0x10, r3) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) [ 679.419462] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 679.427165] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 679.434429] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 679.441738] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 679.449101] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:00 executing program 2 (fault-call:7 fault-nth:21): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 679.593464] binder: 25742:25744 unknown command 0 [ 679.607391] FAULT_INJECTION: forcing a failure. [ 679.607391] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 679.632774] binder: 25742:25744 ioctl c0306201 20000380 returned -22 [ 679.647172] CPU: 1 PID: 25745 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 679.654324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 679.663688] Call Trace: [ 679.666294] dump_stack+0x138/0x197 [ 679.669970] should_fail.cold+0x10f/0x159 [ 679.674144] ? __might_sleep+0x93/0xb0 [ 679.678047] __alloc_pages_nodemask+0x1d6/0x7a0 [ 679.682829] ? __alloc_pages_slowpath+0x2930/0x2930 [ 679.687863] alloc_pages_current+0xec/0x1e0 [ 679.692185] pte_alloc_one+0x1a/0x100 [ 679.695970] __pte_alloc+0x2a/0x2d0 [ 679.699584] copy_page_range+0x11ba/0x1bd0 [ 679.703840] ? __pmd_alloc+0x410/0x410 [ 679.707818] copy_process.part.0+0x4764/0x6a00 [ 679.712409] ? __cleanup_sighand+0x50/0x50 [ 679.716641] ? lock_downgrade+0x6e0/0x6e0 [ 679.720807] _do_fork+0x19e/0xce0 [ 679.724312] ? fork_idle+0x280/0x280 [ 679.728275] ? fput+0xd4/0x150 [ 679.731479] ? SyS_write+0x15e/0x230 [ 679.735808] SyS_clone+0x37/0x50 [ 679.739265] ? sys_vfork+0x30/0x30 [ 679.742811] do_syscall_64+0x1e8/0x640 [ 679.746682] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 679.751607] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 679.756781] RIP: 0033:0x459879 [ 679.759954] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 679.767647] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 679.775003] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 679.782347] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 679.789877] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 679.797151] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 679.812902] FAULT_INJECTION: forcing a failure. [ 679.812902] name failslab, interval 1, probability 0, space 0, times 0 [ 679.834213] CPU: 0 PID: 25751 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 679.841370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 679.845428] binder: 25712:25754 unknown command 16 [ 679.850745] Call Trace: [ 679.850767] dump_stack+0x138/0x197 [ 679.850784] should_fail.cold+0x10f/0x159 [ 679.850798] should_failslab+0xdb/0x130 [ 679.850808] kmem_cache_alloc+0x2d7/0x780 [ 679.850820] ? anon_vma_clone+0x310/0x470 [ 679.855890] binder: 25712:25754 ioctl c0306201 20000380 returned -22 [ 679.858356] anon_vma_fork+0x1ce/0x4d0 [ 679.858379] copy_process.part.0+0x45e2/0x6a00 [ 679.894384] ? __cleanup_sighand+0x50/0x50 [ 679.898611] ? lock_downgrade+0x6e0/0x6e0 [ 679.902764] _do_fork+0x19e/0xce0 [ 679.906214] ? fork_idle+0x280/0x280 [ 679.909924] ? fput+0xd4/0x150 [ 679.913126] ? SyS_write+0x15e/0x230 [ 679.916857] SyS_clone+0x37/0x50 [ 679.920218] ? sys_vfork+0x30/0x30 [ 679.923781] do_syscall_64+0x1e8/0x640 [ 679.927806] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 679.932675] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 679.937947] RIP: 0033:0x459879 [ 679.941126] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:00 executing program 5: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f0000000540)) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:44:00 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x2, @empty, 0x86d}}, 0x9, 0x6, 0x3, 0x2, 0xd3e4}, &(0x7f0000000540)=0x98) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:00 executing program 3 (fault-call:7 fault-nth:26): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:00 executing program 2 (fault-call:7 fault-nth:22): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:00 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 679.948828] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 679.956084] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 679.963348] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 679.970633] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 679.977892] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 680.103573] FAULT_INJECTION: forcing a failure. [ 680.103573] name failslab, interval 1, probability 0, space 0, times 0 [ 680.116596] binder: BINDER_SET_CONTEXT_MGR already set [ 680.123669] binder: 25763:25769 ioctl 40046207 0 returned -16 [ 680.131007] FAULT_INJECTION: forcing a failure. [ 680.131007] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 680.145959] binder: 25763:25769 unknown command 0 [ 680.151612] CPU: 1 PID: 25767 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 680.158737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.168288] Call Trace: [ 680.170893] dump_stack+0x138/0x197 [ 680.174536] should_fail.cold+0x10f/0x159 [ 680.178711] should_failslab+0xdb/0x130 [ 680.182789] kmem_cache_alloc+0x2d7/0x780 [ 680.186964] ptlock_alloc+0x20/0x70 [ 680.190738] pte_alloc_one+0x60/0x100 [ 680.191593] binder: 25763:25769 ioctl c0306201 20000380 returned -22 [ 680.194534] __pte_alloc+0x2a/0x2d0 [ 680.194549] copy_page_range+0x11ba/0x1bd0 [ 680.194582] ? __pmd_alloc+0x410/0x410 [ 680.212902] copy_process.part.0+0x4764/0x6a00 [ 680.217509] ? __cleanup_sighand+0x50/0x50 [ 680.221743] ? lock_downgrade+0x6e0/0x6e0 [ 680.225899] _do_fork+0x19e/0xce0 [ 680.229354] ? fork_idle+0x280/0x280 [ 680.233071] ? fput+0xd4/0x150 [ 680.236354] ? SyS_write+0x15e/0x230 [ 680.240093] SyS_clone+0x37/0x50 [ 680.243459] ? sys_vfork+0x30/0x30 [ 680.246999] do_syscall_64+0x1e8/0x640 [ 680.250880] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 680.255727] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 680.260909] RIP: 0033:0x459879 [ 680.264205] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 680.271916] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 680.279186] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 680.286459] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 680.293732] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 680.301002] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 680.308379] CPU: 0 PID: 25768 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 680.315498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.320775] binder: BINDER_SET_CONTEXT_MGR already set [ 680.324859] Call Trace: [ 680.324878] dump_stack+0x138/0x197 [ 680.324899] should_fail.cold+0x10f/0x159 [ 680.332120] binder: 25763:25770 ioctl 40046207 0 returned -16 [ 680.332751] ? __might_sleep+0x93/0xb0 [ 680.332770] __alloc_pages_nodemask+0x1d6/0x7a0 [ 680.355365] ? save_stack+0xa9/0xd0 [ 680.359083] ? __alloc_pages_slowpath+0x2930/0x2930 [ 680.364118] ? anon_vma_fork+0x1ce/0x4d0 [ 680.368173] ? copy_process.part.0+0x45e2/0x6a00 [ 680.372926] ? _do_fork+0x19e/0xce0 [ 680.376550] ? __lock_acquire+0x5f7/0x4620 [ 680.380798] alloc_pages_current+0xec/0x1e0 [ 680.386455] __get_free_pages+0xf/0x40 [ 680.390371] get_zeroed_page+0x11/0x20 [ 680.394243] __pud_alloc+0x3b/0x200 [ 680.397863] pud_alloc+0xc9/0x130 [ 680.401818] copy_page_range+0x2de/0x1bd0 [ 680.405985] ? find_held_lock+0x35/0x130 [ 680.410043] ? find_held_lock+0x35/0x130 [ 680.414103] ? __pmd_alloc+0x410/0x410 [ 680.417987] ? __vma_link_rb+0x247/0x340 [ 680.422040] copy_process.part.0+0x4764/0x6a00 [ 680.426646] ? __cleanup_sighand+0x50/0x50 [ 680.430965] ? lock_downgrade+0x6e0/0x6e0 [ 680.435118] _do_fork+0x19e/0xce0 [ 680.438563] ? fork_idle+0x280/0x280 [ 680.442288] ? fput+0xd4/0x150 [ 680.445591] ? SyS_write+0x15e/0x230 [ 680.449687] SyS_clone+0x37/0x50 [ 680.453044] ? sys_vfork+0x30/0x30 [ 680.456574] do_syscall_64+0x1e8/0x640 [ 680.460451] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 680.465287] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 680.470463] RIP: 0033:0x459879 [ 680.473655] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 680.481370] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 680.488632] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 680.496033] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:44:01 executing program 3 (fault-call:7 fault-nth:27): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:01 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:44:01 executing program 5: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f00000000c0)=0x800000100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000100)={0x100}, 0x14) 18:44:01 executing program 1: perf_event_open(&(0x7f0000000bc0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x7d}) [ 680.503329] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 680.510596] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:01 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:01 executing program 5: r0 = syz_open_dev$usbmon(0x0, 0x45, 0x0) getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) gettid() getpgid(0x0) r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb) keyctl$instantiate_iov(0x14, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000ac0)}], 0x1, 0x0) io_setup(0xfe, &(0x7f0000000200)) memfd_create(0x0, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 18:44:01 executing program 1: getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000040), 0x0) shmctl$SHM_STAT(0x0, 0xd, 0x0) lstat(0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) request_key(&(0x7f00000005c0)='cifs.idmap\x00', &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0) add_key$keyring(0x0, &(0x7f0000000000)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) [ 680.629961] FAULT_INJECTION: forcing a failure. [ 680.629961] name failslab, interval 1, probability 0, space 0, times 0 [ 680.634861] binder: 25778:25784 unknown command 0 [ 680.667984] binder: 25778:25784 ioctl c0306201 20000380 returned -22 [ 680.692691] CPU: 1 PID: 25781 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 680.699846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.709214] Call Trace: [ 680.711829] dump_stack+0x138/0x197 [ 680.715512] should_fail.cold+0x10f/0x159 [ 680.719677] should_failslab+0xdb/0x130 [ 680.723669] kmem_cache_alloc+0x2d7/0x780 [ 680.727843] copy_process.part.0+0x444f/0x6a00 [ 680.732458] ? __cleanup_sighand+0x50/0x50 [ 680.736791] ? lock_downgrade+0x6e0/0x6e0 [ 680.740968] _do_fork+0x19e/0xce0 [ 680.744439] ? fork_idle+0x280/0x280 [ 680.748171] ? fput+0xd4/0x150 [ 680.751404] ? SyS_write+0x15e/0x230 [ 680.755139] SyS_clone+0x37/0x50 [ 680.755149] ? sys_vfork+0x30/0x30 [ 680.755165] do_syscall_64+0x1e8/0x640 [ 680.755175] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 680.755192] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 680.755203] RIP: 0033:0x459879 [ 680.770821] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:01 executing program 1: recvfrom$inet(0xffffffffffffffff, 0x0, 0xfffffffffffffed0, 0x0, 0x0, 0xc0) getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000040), 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8) r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x3f}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f0000000340)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffc) keyctl$instantiate_iov(0x14, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000ac0)}], 0x1, 0x0) memfd_create(&(0x7f0000000880)='\x00\x05\xdb\x1f]\x0f>\x04\xdb\xbf\x02\x04\x80\xff\xc5\xaf\xe4*\xa6\n\xc1\x05\xdc\x87\x1ct\xea\b\xa1!3\\\xe9\xe7\xac\"\xed\x96F\xec\xdcd\xcan6\x1d\xb3|\xbd\xe2\xc6\xf3\t\xf7\x89K\xc5AG\xf2\xc2]{\xd8\x02iD\xb0\xefXv\x92\xc1\xceg\a\"\x0f\xe0\"w`6\x89', 0x0) 18:44:01 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x10, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="056304040000000100000000000000007119a6f7c70a12009c57a134a07e2116fb0574b7c5d28376ef579705d4e0b2bce48884516b452616586e93f679b8fe389a9f85639d2545e57e1518e42337a75d5bffb6807b31dad1a0157127833e20203b09e57d9d5165b14af74dfa1baace8d521723b86b1986e92171aabe4720e4fae3edba85bbffb8e0c9c045b2d8801965469e1029726e85961852"], 0x0, 0x2, 0x0}) socketpair(0x1f, 0x80800, 0xffffffffffffff00, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$unix(r2, &(0x7f0000000040), &(0x7f00000000c0)=0x6e) 18:44:01 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:01 executing program 2 (fault-call:7 fault-nth:23): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:01 executing program 3 (fault-call:7 fault-nth:28): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 680.770832] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 680.770837] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 680.770843] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 680.770849] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 680.770854] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 680.802651] binder: 25794:25795 unknown command 67396357 [ 680.802662] binder: 25794:25795 ioctl c0306201 20000380 returned -22 18:44:01 executing program 5: pipe2(&(0x7f0000000240)={0xffffffffffffffff}, 0x0) r1 = socket(0x18, 0x0, 0x3) dup2(r0, r1) 18:44:01 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:01 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000d80)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = epoll_create1(0x0) r2 = syz_open_pts(r0, 0x0) close(r0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe469f070") dup2(r1, r2) [ 680.899833] FAULT_INJECTION: forcing a failure. [ 680.899833] name failslab, interval 1, probability 0, space 0, times 0 [ 680.916488] binder: 25794:25806 unknown command 67396357 [ 680.948813] binder: 25794:25806 ioctl c0306201 20000380 returned -22 [ 680.964883] CPU: 0 PID: 25803 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 680.972035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.981401] Call Trace: [ 680.984204] dump_stack+0x138/0x197 [ 680.987946] should_fail.cold+0x10f/0x159 [ 680.992550] should_failslab+0xdb/0x130 [ 680.996629] kmem_cache_alloc+0x2d7/0x780 [ 681.001639] copy_process.part.0+0x444f/0x6a00 [ 681.009798] ? __cleanup_sighand+0x50/0x50 [ 681.014061] ? lock_downgrade+0x6e0/0x6e0 [ 681.018238] _do_fork+0x19e/0xce0 [ 681.021766] ? fork_idle+0x280/0x280 [ 681.025526] ? fput+0xd4/0x150 [ 681.028727] ? SyS_write+0x15e/0x230 [ 681.032545] SyS_clone+0x37/0x50 [ 681.035921] ? sys_vfork+0x30/0x30 [ 681.039482] do_syscall_64+0x1e8/0x640 [ 681.043471] ? trace_hardirqs_off_thunk+0x1a/0x1c 18:44:01 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) r2 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xd5d}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={r3, @in6={{0xa, 0x4e20, 0x5, @empty, 0x4}}, 0xad33, 0x1, 0x3ff, 0x1, 0x6fe9cbf53bb5429f}, 0x98) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) 18:44:01 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) accept4$vsock_stream(r0, &(0x7f0000000100)={0x28, 0x0, 0x0, @reserved}, 0x10, 0x0) r1 = getpid() getpriority(0xfffffffffffffffe, r1) ptrace$setregset(0x4205, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) clock_gettime(0x0, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, &(0x7f00000002c0)={0x3, 0x2}) r3 = syz_open_dev$ndb(0x0, 0x0, 0x4000) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r3, 0x0, 0xc, &(0x7f0000000180)='/dev/uinput\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, r2, 0x0, 0xd, &(0x7f0000000080)='bond_slave_0\x00', r4}, 0x30) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x600) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000003c0)=ANY=[@ANYBLOB="070000000000000000000000000000000000000000000000000000000000000000000000007e000000000000f500002c000000000000000000000000000000b200000000000000020000000000000000060000000000000000000000000000000000000000eebb60c6cb5dec44d588000000000000000000000000000000000077a629d8a62e31023940df8e23cda867e97d987a4d89a729cf0de07bf99fbe26d525a7a43a6ed4e8f918c6e83bd77dfe2d91"]) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000280)={'bond_slave_0\x00'}) select(0x0, 0x0, 0x0, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x0, 0xfaad, 0x7, 0x0, 0x400}, &(0x7f0000000140)={0x0, 0x2710}) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @loopback}}) openat$uinput(0xffffffffffffff9c, &(0x7f0000000240)='/dev/uinput\x00', 0x2, 0x0) fcntl$setflags(r0, 0x2, 0x1) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000200)='fou\x00') r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x0, 0x0) getuid() getpgid(0x0) getsockopt$inet_IP_IPSEC_POLICY(r6, 0x0, 0x10, &(0x7f0000001040)={{{@in=@loopback, @in6=@ipv4={[], [], @remote}}}, {{@in=@remote}, 0x0, @in=@multicast2}}, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) [ 681.048341] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 681.051823] binder: 25817:25823 unknown command 0 [ 681.053582] RIP: 0033:0x459879 [ 681.053589] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 681.053601] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 681.053606] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 681.053615] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 681.062792] binder: 25817:25823 ioctl c0306201 20000380 returned -22 18:44:02 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) accept4$vsock_stream(r0, &(0x7f0000000100)={0x28, 0x0, 0x0, @reserved}, 0x10, 0x0) r1 = getpid() getpriority(0xfffffffffffffffe, r1) ptrace$setregset(0x4205, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) clock_gettime(0x0, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, &(0x7f00000002c0)={0x3, 0x2}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000180)='/dev/uinput\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, r2, 0x0, 0xd, &(0x7f0000000080)='bond_slave_0\x00', r3}, 0x30) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x600) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000003c0)=ANY=[@ANYBLOB="070000000000000000000000000000000000000000000000000000000000000000000000007e000000000000f500002c000000000000000000000000000000b200000000000000020000000000000000060000000000000000000000000000000000000000eebb60c6cb5dec44d588000000000000000000000000000000000077a629d8a62e31023940df8e23cda867e97d987a4d89a729cf0de07bf99fbe26d525a7a43a6ed4e8f918c6e83bd77dfe2d91"]) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000280)={'bond_slave_0\x00'}) select(0x0, 0x0, 0x0, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x0, 0xfaad, 0x7, 0x0, 0x400}, &(0x7f0000000140)={0x0, 0x2710}) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @loopback}}) openat$uinput(0xffffffffffffff9c, &(0x7f0000000240)='/dev/uinput\x00', 0x2, 0x0) fcntl$setflags(r0, 0x2, 0x1) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000200)='fou\x00') r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x0, 0x0) getuid() getpgid(0x0) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000001040)={{{@in=@loopback, @in6=@ipv4={[], [], @remote}}}, {{@in=@remote}, 0x0, @in=@multicast2}}, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) 18:44:02 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 681.069350] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 681.069356] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 681.091189] FAULT_INJECTION: forcing a failure. [ 681.091189] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 681.224489] CPU: 1 PID: 25811 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 681.231641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 681.241002] Call Trace: [ 681.243596] dump_stack+0x138/0x197 [ 681.247266] should_fail.cold+0x10f/0x159 [ 681.251510] ? __might_sleep+0x93/0xb0 [ 681.255406] __alloc_pages_nodemask+0x1d6/0x7a0 [ 681.260199] ? save_stack+0xa9/0xd0 [ 681.263831] ? __alloc_pages_slowpath+0x2930/0x2930 [ 681.268841] ? anon_vma_fork+0x1ce/0x4d0 [ 681.272903] ? copy_process.part.0+0x45e2/0x6a00 [ 681.277660] ? _do_fork+0x19e/0xce0 [ 681.281286] ? __lock_acquire+0x5f7/0x4620 [ 681.285519] alloc_pages_current+0xec/0x1e0 [ 681.289838] __get_free_pages+0xf/0x40 [ 681.293716] get_zeroed_page+0x11/0x20 [ 681.297602] __pud_alloc+0x3b/0x200 [ 681.301225] pud_alloc+0xc9/0x130 [ 681.304717] copy_page_range+0x2de/0x1bd0 [ 681.309047] ? find_held_lock+0x35/0x130 [ 681.313124] ? find_held_lock+0x35/0x130 [ 681.317196] ? __pmd_alloc+0x410/0x410 [ 681.321607] ? __vma_link_rb+0x247/0x340 [ 681.325677] copy_process.part.0+0x4764/0x6a00 [ 681.330284] ? __cleanup_sighand+0x50/0x50 [ 681.334520] ? lock_downgrade+0x6e0/0x6e0 [ 681.338676] _do_fork+0x19e/0xce0 [ 681.342123] ? fork_idle+0x280/0x280 [ 681.345821] ? fput+0xd4/0x150 [ 681.349038] ? SyS_write+0x15e/0x230 [ 681.352752] SyS_clone+0x37/0x50 [ 681.356126] ? sys_vfork+0x30/0x30 [ 681.359680] do_syscall_64+0x1e8/0x640 [ 681.363653] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 681.368517] entry_SYSCALL_64_after_hwframe+0x42/0xb7 18:44:02 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:02 executing program 3 (fault-call:7 fault-nth:29): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:02 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) accept4$vsock_stream(r0, &(0x7f0000000100)={0x28, 0x0, 0x0, @reserved}, 0x10, 0x0) r1 = getpid() getpriority(0xfffffffffffffffe, r1) ptrace$setregset(0x4205, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) clock_gettime(0x0, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, &(0x7f00000002c0)={0x3, 0x2}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000180)='/dev/uinput\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, r2, 0x0, 0xd, &(0x7f0000000080)='bond_slave_0\x00', r3}, 0x30) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x600) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000003c0)=ANY=[@ANYBLOB="070000000000000000000000000000000000000000000000000000000000000000000000007e000000000000f500002c000000000000000000000000000000b200000000000000020000000000000000060000000000000000000000000000000000000000eebb60c6cb5dec44d588000000000000000000000000000000000077a629d8a62e31023940df8e23cda867e97d987a4d89a729cf0de07bf99fbe26d525a7a43a6ed4e8f918c6e83bd77dfe2d91"]) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000280)={'bond_slave_0\x00'}) select(0x0, 0x0, 0x0, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x0, 0xfaad, 0x7, 0x0, 0x400}, &(0x7f0000000140)={0x0, 0x2710}) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @loopback}}) openat$uinput(0xffffffffffffff9c, &(0x7f0000000240)='/dev/uinput\x00', 0x2, 0x0) fcntl$setflags(r0, 0x2, 0x1) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x0, 0x0) getuid() getpgid(0x0) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000001040)={{{@in=@loopback, @in6=@ipv4={[], [], @remote}}}, {{@in=@remote}, 0x0, @in=@multicast2}}, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) [ 681.373708] RIP: 0033:0x459879 [ 681.376977] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 681.384684] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 681.391947] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 681.399345] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 681.406684] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 681.413934] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:02 executing program 2 (fault-call:7 fault-nth:24): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:02 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) accept4$vsock_stream(r0, &(0x7f0000000100)={0x28, 0x0, 0x0, @reserved}, 0x10, 0x0) r1 = getpid() getpriority(0xfffffffffffffffe, r1) ptrace$setregset(0x4205, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) clock_gettime(0x0, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, &(0x7f00000002c0)={0x3, 0x2}) r3 = syz_open_dev$ndb(0x0, 0x0, 0x4000) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, r3, 0x0, 0xc, &(0x7f0000000180)='/dev/uinput\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, r2, 0x0, 0xd, &(0x7f0000000080)='bond_slave_0\x00', r4}, 0x30) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x600) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000003c0)=ANY=[@ANYBLOB="070000000000000000000000000000000000000000000000000000000000000000000000007e000000000000f500002c000000000000000000000000000000b200000000000000020000000000000000060000000000000000000000000000000000000000eebb60c6cb5dec44d588000000000000000000000000000000000077a629d8a62e31023940df8e23cda867e97d987a4d89a729cf0de07bf99fbe26d525a7a43a6ed4e8f918c6e83bd77dfe2d91"]) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000280)={'bond_slave_0\x00'}) select(0x0, 0x0, 0x0, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x0, 0xfaad, 0x7, 0x0, 0x400}, &(0x7f0000000140)={0x0, 0x2710}) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @loopback}}) openat$uinput(0xffffffffffffff9c, &(0x7f0000000240)='/dev/uinput\x00', 0x2, 0x0) fcntl$setflags(r0, 0x2, 0x1) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000200)='fou\x00') r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x0, 0x0) getuid() getpgid(0x0) getsockopt$inet_IP_IPSEC_POLICY(r6, 0x0, 0x10, &(0x7f0000001040)={{{@in=@loopback, @in6=@ipv4={[], [], @remote}}}, {{@in=@remote}, 0x0, @in=@multicast2}}, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) 18:44:02 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x74, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) write$P9_RUNLINKAT(r2, &(0x7f0000000040)={0x7, 0x4d, 0x1}, 0x7) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) [ 681.536831] FAULT_INJECTION: forcing a failure. [ 681.536831] name failslab, interval 1, probability 0, space 0, times 0 [ 681.554123] FAULT_INJECTION: forcing a failure. [ 681.554123] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 681.563497] binder: 25847:25855 unknown command 0 [ 681.605289] CPU: 0 PID: 25857 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 681.609288] binder: 25847:25855 ioctl c0306201 20000380 returned -22 [ 681.612731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 681.612736] Call Trace: [ 681.612771] dump_stack+0x138/0x197 [ 681.612783] should_fail.cold+0x10f/0x159 [ 681.612791] ? __might_sleep+0x93/0xb0 [ 681.612800] __alloc_pages_nodemask+0x1d6/0x7a0 [ 681.612809] ? __alloc_pages_slowpath+0x2930/0x2930 [ 681.612825] alloc_pages_current+0xec/0x1e0 [ 681.612853] __pmd_alloc+0x41/0x410 [ 681.612860] copy_page_range+0x12b7/0x1bd0 [ 681.612869] ? find_held_lock+0x35/0x130 [ 681.612885] ? __pmd_alloc+0x410/0x410 [ 681.612912] ? __vma_link_rb+0x247/0x340 [ 681.612922] copy_process.part.0+0x4764/0x6a00 [ 681.612942] ? __cleanup_sighand+0x50/0x50 [ 681.612948] ? lock_downgrade+0x6e0/0x6e0 [ 681.612960] _do_fork+0x19e/0xce0 [ 681.612969] ? fork_idle+0x280/0x280 [ 681.612997] ? fput+0xd4/0x150 18:44:02 executing program 2 (fault-call:7 fault-nth:25): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:02 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 18:44:02 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) accept4$vsock_stream(r0, &(0x7f0000000100)={0x28, 0x0, 0x0, @reserved}, 0x10, 0x0) r1 = getpid() getpriority(0xfffffffffffffffe, r1) ptrace$setregset(0x4205, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) clock_gettime(0x0, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, &(0x7f00000002c0)={0x3, 0x2}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r1, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000180)='/dev/uinput\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, r2, 0x0, 0xd, &(0x7f0000000080)='bond_slave_0\x00', r3}, 0x30) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x600) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000003c0)=ANY=[@ANYBLOB="070000000000000000000000000000000000000000000000000000000000000000000000007e000000000000f500002c000000000000000000000000000000b200000000000000020000000000000000060000000000000000000000000000000000000000eebb60c6cb5dec44d588000000000000000000000000000000000077a629d8a62e31023940df8e23cda867e97d987a4d89a729cf0de07bf99fbe26d525a7a43a6ed4e8f918c6e83bd77dfe2d91"]) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000280)={'bond_slave_0\x00'}) select(0x0, 0x0, 0x0, &(0x7f0000000100)={0x6, 0x0, 0x0, 0x0, 0xfaad, 0x7, 0x0, 0x400}, &(0x7f0000000140)={0x0, 0x2710}) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @loopback}}) openat$uinput(0xffffffffffffff9c, &(0x7f0000000240)='/dev/uinput\x00', 0x2, 0x0) fcntl$setflags(r0, 0x2, 0x1) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x0, 0x0) getuid() getpgid(0x0) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000001040)={{{@in=@loopback, @in6=@ipv4={[], [], @remote}}}, {{@in=@remote}, 0x0, @in=@multicast2}}, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) [ 681.613003] ? SyS_write+0x15e/0x230 [ 681.613011] SyS_clone+0x37/0x50 [ 681.613017] ? sys_vfork+0x30/0x30 [ 681.613027] do_syscall_64+0x1e8/0x640 [ 681.613050] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 681.613059] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 681.613064] RIP: 0033:0x459879 [ 681.613068] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 681.613075] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 681.613078] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 18:44:02 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 681.613082] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 681.613086] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 681.613089] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 681.743293] CPU: 1 PID: 25850 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 681.782581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 681.791945] Call Trace: [ 681.794545] dump_stack+0x138/0x197 [ 681.798184] should_fail.cold+0x10f/0x159 [ 681.798202] should_failslab+0xdb/0x130 [ 681.798215] kmem_cache_alloc+0x47/0x780 [ 681.798230] ? anon_vma_chain_link+0x142/0x1a0 [ 681.798249] anon_vma_clone+0xde/0x470 [ 681.818995] anon_vma_fork+0x87/0x4d0 [ 681.822820] copy_process.part.0+0x45e2/0x6a00 [ 681.827436] ? __cleanup_sighand+0x50/0x50 [ 681.827450] ? lock_downgrade+0x6e0/0x6e0 [ 681.827469] _do_fork+0x19e/0xce0 [ 681.827485] ? fork_idle+0x280/0x280 [ 681.827499] ? fput+0xd4/0x150 [ 681.827510] ? SyS_write+0x15e/0x230 [ 681.836097] FAULT_INJECTION: forcing a failure. [ 681.836097] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 681.839418] SyS_clone+0x37/0x50 [ 681.839428] ? sys_vfork+0x30/0x30 [ 681.839444] do_syscall_64+0x1e8/0x640 [ 681.839454] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 681.839472] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 681.839479] RIP: 0033:0x459879 [ 681.839487] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 [ 681.861878] ORIG_RAX: 0000000000000038 [ 681.861885] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 18:44:02 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000006c0)={'vcan0\x00', 0x0}) connect(r1, &(0x7f0000000000)=@ll={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x80) sendmsg$can_bcm(r1, &(0x7f0000000300)={0x0, 0xf3, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000005a2953be4d14f0", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0020000002000000000000010076671a77bba450"], 0x20000248}}, 0x0) recvmsg(r1, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMP(r1, 0x8906, 0x0) sendmsg$can_bcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x3, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x7530}, {0x2000}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "7e09ead6ae3cea3e"}}, 0x48}}, 0x0) 18:44:02 executing program 3 (fault-call:7 fault-nth:30): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 681.861891] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 681.861898] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 681.861904] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 681.861910] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 681.969261] CPU: 0 PID: 25864 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 681.981300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 681.990745] Call Trace: [ 681.992419] binder: 25847:25871 unknown command 0 [ 681.993344] dump_stack+0x138/0x197 [ 681.998176] binder: 25847:25871 ioctl c0306201 20000380 returned -22 [ 682.001790] should_fail.cold+0x10f/0x159 [ 682.001801] ? __might_sleep+0x93/0xb0 [ 682.001812] __alloc_pages_nodemask+0x1d6/0x7a0 [ 682.001823] ? __alloc_pages_slowpath+0x2930/0x2930 [ 682.001843] alloc_pages_current+0xec/0x1e0 [ 682.030430] pte_alloc_one+0x1a/0x100 [ 682.034239] __pte_alloc+0x2a/0x2d0 [ 682.037869] copy_page_range+0x11ba/0x1bd0 [ 682.042136] ? __pmd_alloc+0x410/0x410 [ 682.046035] copy_process.part.0+0x4764/0x6a00 [ 682.050651] ? __cleanup_sighand+0x50/0x50 [ 682.054890] ? lock_downgrade+0x6e0/0x6e0 [ 682.058750] FAULT_INJECTION: forcing a failure. [ 682.058750] name failslab, interval 1, probability 0, space 0, times 0 [ 682.059051] _do_fork+0x19e/0xce0 [ 682.059066] ? fork_idle+0x280/0x280 [ 682.077909] ? fput+0xd4/0x150 [ 682.081115] ? SyS_write+0x15e/0x230 [ 682.084832] SyS_clone+0x37/0x50 [ 682.088199] ? sys_vfork+0x30/0x30 [ 682.091749] do_syscall_64+0x1e8/0x640 [ 682.095628] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 682.100479] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 682.105664] RIP: 0033:0x459879 [ 682.108845] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:03 executing program 5: r0 = memfd_create(&(0x7f00000002c0)='\x00', 0x16) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.events\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x3, 0x9, 0x17, 0x10, "2dcfd64000ab848722a95a5f5b0457c6856481b7e6c141a4a9c7acd015df84f47780e553174030d11a50edb9e1ed9a5a9979e232f712a7e8db9c1fe1ea941b45", "221590e52e459a1c198b008a6555605ec3439e3c831a32899c4954f9345869e2", [0x3, 0x70f1]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) ioctl$GIO_FONTX(0xffffffffffffffff, 0x4b6b, &(0x7f0000000540)=""/149) sendmmsg(r2, &(0x7f0000006d00), 0xffffffffffffff92, 0x1ffffffe) write$binfmt_script(r0, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x3) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000180)={0x17, 0x19, 0x12, 0x1, 0x6, 0x2ad5, 0x0, 0xd9, 0xea022ebbad034d4e}) 18:44:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0563044000400000000000000000000065613bd677aa3bfa4b9af604771511458a434f0345623986f1645a74edff6057e2cafa7b83a845a2b40f2f2b6dc11098780eb2e4a19eb483812146714cae97a0f32e56a75d596a41b20466c7881e19bf192f0ab6dd7439287af363d4efe3f703e5524df23b95f3cadd08f3320b521d1f9e8172c622c97e4d3b5153eaeb0833dffdbe56b3660e55bbbf16d8b176f3243cf571c474dea9fcf377cb8ba0cc04cd8ccebb979be7451b729ee0b488cc422f4a0fd04ff97fdd5613"], 0x232, 0x2, 0x0}) [ 682.116625] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 682.123974] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 682.131241] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 682.138945] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 682.146212] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 682.153517] CPU: 1 PID: 25873 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 682.160631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 682.170085] Call Trace: [ 682.172692] dump_stack+0x138/0x197 [ 682.176341] should_fail.cold+0x10f/0x159 [ 682.180539] ? anon_vma_clone+0xde/0x470 [ 682.184618] should_failslab+0xdb/0x130 [ 682.188595] kmem_cache_alloc+0x47/0x780 [ 682.192833] ? anon_vma_chain_link+0x142/0x1a0 [ 682.197412] anon_vma_clone+0xde/0x470 [ 682.201565] anon_vma_fork+0x87/0x4d0 [ 682.205356] copy_process.part.0+0x45e2/0x6a00 [ 682.209933] ? __cleanup_sighand+0x50/0x50 [ 682.214170] ? lock_downgrade+0x6e0/0x6e0 [ 682.218306] _do_fork+0x19e/0xce0 [ 682.221752] ? fork_idle+0x280/0x280 [ 682.225452] ? fput+0xd4/0x150 [ 682.228717] ? SyS_write+0x15e/0x230 [ 682.232504] SyS_clone+0x37/0x50 [ 682.235848] ? sys_vfork+0x30/0x30 [ 682.239370] do_syscall_64+0x1e8/0x640 [ 682.243262] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 682.248090] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 682.253262] RIP: 0033:0x459879 [ 682.256429] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:03 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 682.264141] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 682.271399] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 682.278667] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 682.285935] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 682.293191] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 682.318891] binder: 25875:25880 unknown command 0 [ 682.332993] binder: 25875:25880 ioctl c0306201 20000380 returned -22 18:44:03 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x9, 0x4000) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)={0xbc, r3, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x5c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={[], [], @rand_addr=0x101}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'tunl0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x9}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1c5}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffffffffffff9}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x4}]}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'ovf\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3a}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblc\x00'}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x20004000}, 0xc001) [ 682.365220] binder: 25875:25888 unknown command 0 [ 682.372466] binder: 25875:25888 ioctl c0306201 20000380 returned -22 18:44:03 executing program 3 (fault-call:7 fault-nth:31): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:03 executing program 2 (fault-call:7 fault-nth:26): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:03 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @broadcast=0xe0000001}, @icmp}}}}, 0x0) getrlimit(0x0, &(0x7f0000000040)) recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x800e00908) 18:44:03 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000006c0)={'vcan0\x00', 0x0}) connect(r1, &(0x7f0000000000)=@ll={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x80) sendmsg$can_bcm(r1, &(0x7f0000000300)={0x0, 0xf3, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000005a2953be4d14f0", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0020000002000000000000010076671a77bba450"], 0x20000248}}, 0x0) recvmsg(r1, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCGSTAMP(r1, 0x8906, 0x0) sendmsg$can_bcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x3, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x7530}, {0x2000}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "7e09ead6ae3cea3e"}}, 0x48}}, 0x0) [ 682.535516] FAULT_INJECTION: forcing a failure. [ 682.535516] name failslab, interval 1, probability 0, space 0, times 0 [ 682.554021] binder: 25894:25905 unknown command 0 [ 682.558487] CPU: 0 PID: 25901 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 682.562560] FAULT_INJECTION: forcing a failure. [ 682.562560] name failslab, interval 1, probability 0, space 0, times 0 [ 682.566012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 682.566018] Call Trace: [ 682.566036] dump_stack+0x138/0x197 [ 682.566057] should_fail.cold+0x10f/0x159 [ 682.578168] binder: 25894:25905 ioctl c0306201 20000380 returned -22 [ 682.587218] should_failslab+0xdb/0x130 [ 682.587231] kmem_cache_alloc+0x2d7/0x780 [ 682.587240] ? anon_vma_clone+0x310/0x470 [ 682.587254] anon_vma_fork+0xe9/0x4d0 [ 682.587270] copy_process.part.0+0x45e2/0x6a00 [ 682.594708] binder: 25894:25908 unknown command 0 [ 682.597620] ? __cleanup_sighand+0x50/0x50 [ 682.613604] binder: 25894:25908 ioctl c0306201 20000380 returned -22 [ 682.616783] ? lock_downgrade+0x6e0/0x6e0 [ 682.616802] _do_fork+0x19e/0xce0 [ 682.648694] ? fork_idle+0x280/0x280 [ 682.652490] ? fput+0xd4/0x150 [ 682.655693] ? SyS_write+0x15e/0x230 [ 682.659404] SyS_clone+0x37/0x50 [ 682.662763] ? sys_vfork+0x30/0x30 [ 682.666299] do_syscall_64+0x1e8/0x640 [ 682.670262] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 682.675101] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 682.680282] RIP: 0033:0x459879 [ 682.683462] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 682.691160] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 682.698422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 682.705681] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 682.712959] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 682.720240] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 682.727785] CPU: 1 PID: 25906 Comm: syz-executor.2 Not tainted 4.14.140 #36 18:44:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0563044000000000056304b6c938ffe418fd85e51f9ab3f106ef83f09540000000007144f73e0736a47522c95fc699666dda1e116dacd7a10d3ea1ddb641554c5e098badcbc98068eec2b0a4e1700b681e7f1462044efd5eaef30953bca85d5646cfdf096fd5867bb744b216b6320b5b4ecf269a981d146c7b1e7cd98894ec98e93407ce7b17dfbd100feff61186f8d687a00b7b18a29d3ab9cd0df82f0e0275ad4868f5c91975b43c7a93d8aedd1930406223a16330ae96b9be9153b3ffd3114fdb5df5051e0f16c51b52afe07c4d57d573d30c4a8eb38f4e3c1ac7aa026a335218fd05afe660f4f66aea007391a7cf7f246d"], 0x232, 0x2, 0x0}) 18:44:03 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 682.734894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 682.744249] Call Trace: [ 682.744268] dump_stack+0x138/0x197 [ 682.744284] should_fail.cold+0x10f/0x159 [ 682.744298] should_failslab+0xdb/0x130 [ 682.744308] kmem_cache_alloc+0x2d7/0x780 [ 682.744323] ptlock_alloc+0x20/0x70 [ 682.744334] pte_alloc_one+0x60/0x100 [ 682.744342] __pte_alloc+0x2a/0x2d0 [ 682.744353] copy_page_range+0x11ba/0x1bd0 [ 682.744379] ? __pmd_alloc+0x410/0x410 [ 682.782090] copy_process.part.0+0x4764/0x6a00 [ 682.786721] ? __cleanup_sighand+0x50/0x50 [ 682.790972] ? lock_downgrade+0x6e0/0x6e0 [ 682.795145] _do_fork+0x19e/0xce0 [ 682.798614] ? fork_idle+0x280/0x280 [ 682.802438] ? fput+0xd4/0x150 [ 682.805734] ? SyS_write+0x15e/0x230 [ 682.806026] binder: 25911:25914 unknown command -1241226491 [ 682.809458] SyS_clone+0x37/0x50 [ 682.809468] ? sys_vfork+0x30/0x30 [ 682.809484] do_syscall_64+0x1e8/0x640 [ 682.809493] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 682.809509] entry_SYSCALL_64_after_hwframe+0x42/0xb7 18:44:03 executing program 2 (fault-call:7 fault-nth:27): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:03 executing program 3 (fault-call:7 fault-nth:32): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 682.809520] RIP: 0033:0x459879 [ 682.819124] binder: 25911:25914 ioctl c0306201 20000380 returned -22 [ 682.822173] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 682.822185] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 682.822190] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 682.822195] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 682.822201] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 18:44:03 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r0, &(0x7f0000004900)={0x0, 0x0, &(0x7f0000003840)=[{&(0x7f00000013c0)=""/46, 0x2e}, {0x0}], 0x2}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00526) shutdown(r0, 0x0) setsockopt$sock_timeval(r1, 0xffff, 0x1006, &(0x7f0000000000)={0x4}, 0x10) openat(0xffffffffffffffff, 0x0, 0xcc8a592655cfa123, 0x0) recvfrom$inet(r1, 0x0, 0xfffffe44, 0x0, 0x0, 0x800e00521) shutdown(r1, 0x0) [ 682.822207] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:03 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 682.941265] FAULT_INJECTION: forcing a failure. [ 682.941265] name failslab, interval 1, probability 0, space 0, times 0 [ 682.945651] binder: 25911:25917 unknown command -1241226491 [ 682.976127] binder: 25911:25917 ioctl c0306201 20000380 returned -22 [ 682.981498] CPU: 0 PID: 25920 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 682.985121] FAULT_INJECTION: forcing a failure. [ 682.985121] name failslab, interval 1, probability 0, space 0, times 0 [ 682.990071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 682.990077] Call Trace: [ 682.990099] dump_stack+0x138/0x197 [ 682.990117] should_fail.cold+0x10f/0x159 [ 682.990133] should_failslab+0xdb/0x130 [ 682.990145] kmem_cache_alloc+0x2d7/0x780 [ 682.990163] copy_process.part.0+0x444f/0x6a00 [ 683.034553] ? __cleanup_sighand+0x50/0x50 [ 683.038798] ? _raw_spin_unlock_irq+0x28/0x90 [ 683.043314] _do_fork+0x19e/0xce0 [ 683.048081] ? finish_task_switch+0x14d/0x650 [ 683.052573] ? fork_idle+0x280/0x280 [ 683.056377] ? __schedule+0x7c0/0x1cd0 [ 683.060266] ? pci_mmcfg_check_reserved+0x150/0x150 [ 683.065290] SyS_clone+0x37/0x50 [ 683.068650] ? sys_vfork+0x30/0x30 [ 683.073194] do_syscall_64+0x1e8/0x640 [ 683.077073] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 683.081926] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 683.087307] RIP: 0033:0x459879 [ 683.090496] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 683.098371] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 683.105728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 683.113008] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 683.120385] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 683.127738] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 683.135031] CPU: 1 PID: 25922 Comm: syz-executor.3 Not tainted 4.14.140 #36 18:44:04 executing program 2 (fault-call:7 fault-nth:28): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 683.142325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.152387] Call Trace: [ 683.154993] dump_stack+0x138/0x197 [ 683.158816] should_fail.cold+0x10f/0x159 [ 683.162984] should_failslab+0xdb/0x130 [ 683.166991] kmem_cache_alloc+0x2d7/0x780 [ 683.171259] ? anon_vma_clone+0x310/0x470 [ 683.175763] anon_vma_fork+0x1ce/0x4d0 [ 683.179713] copy_process.part.0+0x45e2/0x6a00 [ 683.184376] ? __cleanup_sighand+0x50/0x50 [ 683.189001] ? lock_downgrade+0x6e0/0x6e0 [ 683.193390] _do_fork+0x19e/0xce0 [ 683.196851] ? fork_idle+0x280/0x280 [ 683.200582] ? fput+0xd4/0x150 [ 683.203776] ? SyS_write+0x15e/0x230 [ 683.207723] SyS_clone+0x37/0x50 [ 683.211214] ? sys_vfork+0x30/0x30 [ 683.214758] do_syscall_64+0x1e8/0x640 [ 683.218722] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 683.223569] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 683.228751] RIP: 0033:0x459879 [ 683.232023] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:04 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r0, &(0x7f0000004900)={0x0, 0x0, &(0x7f0000003840)=[{&(0x7f00000013c0)=""/46, 0x2e}], 0x1}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00526) shutdown(r0, 0x0) setsockopt$sock_timeval(r1, 0xffff, 0x1006, &(0x7f0000000000)={0x4}, 0x10) getsockopt$inet6_tcp_buf(r1, 0x6, 0x0, 0x0, 0x0) recvfrom$inet(r1, 0x0, 0xfffffe44, 0x0, 0x0, 0x800e00521) shutdown(r1, 0x0) 18:44:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") ioctl$TUNSETLINK(r0, 0x400454cd, 0x33a) r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x400, 0x200000) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0598d8f6b842bd9c4cc028114c029fa1"], 0x232, 0x2, 0x0}) [ 683.240245] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 683.247778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 683.255222] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 683.262484] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 683.269744] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:04 executing program 3 (fault-call:7 fault-nth:33): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r0, &(0x7f0000004900)={0x0, 0x0, &(0x7f0000003840)=[{&(0x7f00000013c0)=""/46, 0x2e}, {0x0}], 0x2}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00526) shutdown(r0, 0x0) openat(0xffffffffffffffff, 0x0, 0xcc8a592655cfa123, 0x0) recvfrom$inet(r1, 0x0, 0xfffffe44, 0x0, 0x0, 0x800e00521) shutdown(r1, 0x0) 18:44:04 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 683.373328] binder: 25934:25939 unknown command -153577467 [ 683.397177] binder: 25934:25939 ioctl c0306201 20000380 returned -22 [ 683.398671] FAULT_INJECTION: forcing a failure. [ 683.398671] name failslab, interval 1, probability 0, space 0, times 0 18:44:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x800) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000000)="169a90e9a3eb66dcd5c7c812a4b81dc4cbbacaafcd994cb89354e718d279f382d053e3ba0098290967c282dd39860b5bd305a5cac337a8ba83004e596df30e", &(0x7f0000000040)="47c8f8dad648023254d67812a2e2547fc5808e8a6afac132b4c8020125fe920b3494229a2d31f60dde87bea3d26b51ca8e78", 0x4}, 0x20) pipe2(&(0x7f0000000100)={0xffffffffffffffff}, 0x800) fstat(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getegid() write$FUSE_CREATE_OPEN(r2, &(0x7f0000000240)={0xa0, 0x0, 0x2, {{0x0, 0x2, 0x1, 0xffffffffffffffc7, 0x2906, 0x5, {0x2, 0x1ff, 0x1ff, 0x4, 0x100000000, 0x3, 0xe58d, 0x0, 0x400, 0x0, 0x0, r3, r4, 0xfff, 0x81}}, {0x0, 0x14}}}, 0xa0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="056304c00000a7617802245b0897aaafbfcb5dacb38000000563044000000000"], 0x232, 0x2, 0x0}) 18:44:04 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 683.430284] FAULT_INJECTION: forcing a failure. [ 683.430284] name failslab, interval 1, probability 0, space 0, times 0 [ 683.444127] CPU: 1 PID: 25945 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 683.451971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.461683] Call Trace: [ 683.464287] dump_stack+0x138/0x197 [ 683.467983] should_fail.cold+0x10f/0x159 [ 683.473315] should_failslab+0xdb/0x130 [ 683.477398] kmem_cache_alloc+0x2d7/0x780 [ 683.482984] ? __pmd_alloc+0x410/0x410 [ 683.486995] copy_process.part.0+0x444f/0x6a00 [ 683.491623] ? __cleanup_sighand+0x50/0x50 [ 683.495949] binder: 25950:25953 unknown command -1073454331 [ 683.501987] ? lock_downgrade+0x6e0/0x6e0 [ 683.502008] _do_fork+0x19e/0xce0 [ 683.502023] ? fork_idle+0x280/0x280 [ 683.502038] ? fput+0xd4/0x150 [ 683.502046] ? SyS_write+0x15e/0x230 [ 683.502058] SyS_clone+0x37/0x50 [ 683.502065] ? sys_vfork+0x30/0x30 18:44:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x101100, 0x0) ioctl$VIDIOC_QUERY_EXT_CTRL(r2, 0xc0e85667, &(0x7f00000001c0)={0xc0000000, 0x102, "9ae4f6c164f703c1d82390ca915e1c50e66a0f09204affb2bbf26800c7b9b234", 0x1000, 0xffff, 0x9, 0x0, 0x1, 0x3, 0x6b3988f5, 0x7fffffff, [0x5, 0xfffffffffffffffa, 0xdc, 0x401]}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x18, 0x0, &(0x7f0000000440)=[@acquire, @acquire], 0x232, 0x2, 0x0}) [ 683.502078] do_syscall_64+0x1e8/0x640 [ 683.502086] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 683.502101] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 683.502109] RIP: 0033:0x459879 [ 683.502115] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 683.502125] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 683.502130] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 683.502136] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 683.502142] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 683.502146] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 683.504427] CPU: 1 PID: 25943 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 683.508263] binder: 25950:25953 ioctl c0306201 20000380 returned -22 [ 683.509861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.509867] Call Trace: [ 683.509886] dump_stack+0x138/0x197 [ 683.509907] should_fail.cold+0x10f/0x159 [ 683.509920] should_failslab+0xdb/0x130 [ 683.539672] kmem_cache_alloc+0x47/0x780 [ 683.563874] ? __lock_is_held+0xb6/0x140 [ 683.563889] ? check_preemption_disabled+0x3c/0x250 [ 683.563907] anon_vma_clone+0xde/0x470 [ 683.563923] anon_vma_fork+0x87/0x4d0 [ 683.563937] copy_process.part.0+0x45e2/0x6a00 [ 683.563968] ? __cleanup_sighand+0x50/0x50 [ 683.563977] ? lock_downgrade+0x6e0/0x6e0 [ 683.563994] _do_fork+0x19e/0xce0 18:44:04 executing program 3 (fault-call:7 fault-nth:34): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:04 executing program 2 (fault-call:7 fault-nth:29): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:04 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:04 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000100)=""/169, 0xa9}], 0x1}, 0x0) r1 = dup(r0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r2, 0x0, 0xccf3, 0x0, 0x0, 0x800e00551) shutdown(r1, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000200)=""/139, 0x8b}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7}, 0x0) r4 = dup(r3) r5 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r5, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549) shutdown(r4, 0x0) ppoll(&(0x7f0000000140)=[{}], 0x1, 0x0, 0x0, 0x0) shutdown(r5, 0x0) shutdown(r2, 0x0) [ 683.564007] ? fork_idle+0x280/0x280 [ 683.564021] ? fput+0xd4/0x150 [ 683.589922] binder: 25957:25958 unknown command 0 [ 683.599552] ? SyS_write+0x15e/0x230 [ 683.599570] SyS_clone+0x37/0x50 [ 683.599578] ? sys_vfork+0x30/0x30 [ 683.599591] do_syscall_64+0x1e8/0x640 [ 683.599599] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 683.599617] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 683.599625] RIP: 0033:0x459879 [ 683.599637] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 683.599647] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 683.599651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 683.599655] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 683.599660] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 683.599664] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 683.730998] binder: 25957:25958 ioctl c0306201 20000380 returned -22 [ 683.779836] FAULT_INJECTION: forcing a failure. [ 683.779836] name failslab, interval 1, probability 0, space 0, times 0 [ 683.798977] CPU: 1 PID: 25967 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 683.803032] FAULT_INJECTION: forcing a failure. [ 683.803032] name failslab, interval 1, probability 0, space 0, times 0 [ 683.806155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.826977] Call Trace: [ 683.826994] dump_stack+0x138/0x197 [ 683.827009] should_fail.cold+0x10f/0x159 [ 683.827023] should_failslab+0xdb/0x130 [ 683.827034] kmem_cache_alloc+0x47/0x780 [ 683.827045] ? __lock_is_held+0xb6/0x140 [ 683.827057] ? check_preemption_disabled+0x3c/0x250 [ 683.833307] anon_vma_clone+0xde/0x470 [ 683.858547] anon_vma_fork+0x87/0x4d0 [ 683.862367] copy_process.part.0+0x45e2/0x6a00 [ 683.867086] ? __cleanup_sighand+0x50/0x50 [ 683.871413] ? lock_downgrade+0x6e0/0x6e0 [ 683.875561] _do_fork+0x19e/0xce0 [ 683.879018] ? fork_idle+0x280/0x280 [ 683.882734] ? fput+0xd4/0x150 [ 683.885923] ? SyS_write+0x15e/0x230 [ 683.889638] SyS_clone+0x37/0x50 [ 683.893036] ? sys_vfork+0x30/0x30 [ 683.896576] do_syscall_64+0x1e8/0x640 [ 683.900454] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 683.905312] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 683.910493] RIP: 0033:0x459879 [ 683.913694] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 683.921404] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 683.928681] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 683.935955] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 683.943317] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 683.950600] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 683.957890] CPU: 0 PID: 25969 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 683.965192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.974560] Call Trace: [ 683.977164] dump_stack+0x138/0x197 18:44:04 executing program 2 (fault-call:7 fault-nth:30): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 683.980812] should_fail.cold+0x10f/0x159 [ 683.985067] should_failslab+0xdb/0x130 [ 683.989056] kmem_cache_alloc+0x2d7/0x780 [ 683.993223] copy_process.part.0+0x444f/0x6a00 [ 683.998532] ? __cleanup_sighand+0x50/0x50 [ 684.002787] ? lock_downgrade+0x6e0/0x6e0 [ 684.007077] _do_fork+0x19e/0xce0 [ 684.010592] ? fork_idle+0x280/0x280 [ 684.014333] ? fput+0xd4/0x150 [ 684.017538] ? SyS_write+0x15e/0x230 [ 684.021453] SyS_clone+0x37/0x50 [ 684.021462] ? sys_vfork+0x30/0x30 [ 684.021476] do_syscall_64+0x1e8/0x640 18:44:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)=""/138, 0x8a}, {0x0}, {0x0}, {0x0}], 0x4}, 0x2) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d) shutdown(r0, 0x0) dup(0xffffffffffffffff) shutdown(0xffffffffffffffff, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000040)=""/18, 0x12}], 0x1}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r3, 0x0, 0xbf9d, 0x0, 0x0, 0x800e0053e) shutdown(r2, 0x0) r4 = socket$inet6_sctp(0x1c, 0x5, 0x84) recvmsg(r4, &(0x7f0000001940)={0x0, 0x0, &(0x7f00000018c0)=[{0x0}, {0x0}], 0x2}, 0x0) shutdown(r3, 0x0) shutdown(r1, 0x0) [ 684.021485] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 684.021501] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 684.021509] RIP: 0033:0x459879 [ 684.021514] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 684.021525] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 684.021531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 684.021536] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:44:05 executing program 3 (fault-call:7 fault-nth:35): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:05 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:05 executing program 4: prctl$PR_SET_TIMERSLACK(0x1d, 0xffffffffffffffc1) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mounts\x00') poll(&(0x7f0000000080)=[{r0}], 0x1, 0x10080c) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) [ 684.021541] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 684.021546] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 684.069001] FAULT_INJECTION: forcing a failure. [ 684.069001] name failslab, interval 1, probability 0, space 0, times 0 [ 684.126189] CPU: 0 PID: 25981 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 684.133342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.142698] Call Trace: [ 684.142716] dump_stack+0x138/0x197 [ 684.142735] should_fail.cold+0x10f/0x159 [ 684.142753] should_failslab+0xdb/0x130 [ 684.148993] kmem_cache_alloc+0x47/0x780 [ 684.149009] ? anon_vma_chain_link+0x142/0x1a0 [ 684.149024] anon_vma_clone+0xde/0x470 [ 684.149042] anon_vma_fork+0x87/0x4d0 [ 684.157152] copy_process.part.0+0x45e2/0x6a00 [ 684.157188] ? __cleanup_sighand+0x50/0x50 [ 684.157202] ? lock_downgrade+0x6e0/0x6e0 [ 684.165818] _do_fork+0x19e/0xce0 [ 684.165835] ? fork_idle+0x280/0x280 [ 684.165851] ? fput+0xd4/0x150 [ 684.165861] ? SyS_write+0x15e/0x230 [ 684.165875] SyS_clone+0x37/0x50 [ 684.173555] ? sys_vfork+0x30/0x30 [ 684.173571] do_syscall_64+0x1e8/0x640 [ 684.173579] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 684.173597] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 684.173606] RIP: 0033:0x459879 [ 684.173612] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 684.173624] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 684.173630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 684.173636] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 684.173641] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 684.173648] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 684.229044] FAULT_INJECTION: forcing a failure. 18:44:05 executing program 2 (fault-call:7 fault-nth:31): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:05 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 684.229044] name failslab, interval 1, probability 0, space 0, times 0 [ 684.308641] CPU: 0 PID: 25986 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 684.315983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.325376] Call Trace: [ 684.327985] dump_stack+0x138/0x197 [ 684.331637] should_fail.cold+0x10f/0x159 [ 684.335806] should_failslab+0xdb/0x130 [ 684.339801] kmem_cache_alloc+0x2d7/0x780 [ 684.343974] copy_process.part.0+0x444f/0x6a00 [ 684.348794] ? __cleanup_sighand+0x50/0x50 [ 684.353047] ? lock_downgrade+0x6e0/0x6e0 18:44:05 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) setxattr$security_evm(&(0x7f0000000200)='./file0\x00', &(0x7f00000003c0)='security.evm\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="02ec4283bf82d65a05ef9b022bea7479"], 0x7, 0x1) setxattr$security_smack_transmute(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000140)='TRUE', 0x4, 0x0) setxattr$security_evm(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='security.evm\x00', 0x0, 0x0, 0x0) [ 684.357230] _do_fork+0x19e/0xce0 [ 684.360710] ? fork_idle+0x280/0x280 [ 684.364691] ? fput+0xd4/0x150 [ 684.367901] ? SyS_write+0x15e/0x230 [ 684.371637] SyS_clone+0x37/0x50 [ 684.375016] ? sys_vfork+0x30/0x30 [ 684.378573] do_syscall_64+0x1e8/0x640 [ 684.382577] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 684.387528] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 684.392720] RIP: 0033:0x459879 [ 684.395988] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:05 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendfile(r0, r1, &(0x7f0000000000)=0x100000, 0x100000008008) 18:44:05 executing program 3 (fault-call:7 fault-nth:36): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:05 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 684.403790] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 684.409460] FAULT_INJECTION: forcing a failure. [ 684.409460] name failslab, interval 1, probability 0, space 0, times 0 [ 684.411063] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 684.411069] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 684.411075] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 684.411086] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 684.538465] FAULT_INJECTION: forcing a failure. [ 684.538465] name failslab, interval 1, probability 0, space 0, times 0 [ 684.561707] CPU: 1 PID: 26007 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 684.568817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.578177] Call Trace: [ 684.580780] dump_stack+0x138/0x197 [ 684.584453] should_fail.cold+0x10f/0x159 [ 684.588610] ? anon_vma_clone+0xde/0x470 [ 684.592816] should_failslab+0xdb/0x130 [ 684.596809] kmem_cache_alloc+0x47/0x780 [ 684.600973] ? anon_vma_chain_link+0x142/0x1a0 [ 684.605578] anon_vma_clone+0xde/0x470 [ 684.609485] anon_vma_fork+0x87/0x4d0 [ 684.613299] copy_process.part.0+0x45e2/0x6a00 [ 684.617998] ? __cleanup_sighand+0x50/0x50 [ 684.622322] ? lock_downgrade+0x6e0/0x6e0 [ 684.626565] _do_fork+0x19e/0xce0 [ 684.630019] ? fork_idle+0x280/0x280 [ 684.633735] ? fput+0xd4/0x150 [ 684.636937] ? SyS_write+0x15e/0x230 [ 684.640655] SyS_clone+0x37/0x50 [ 684.644022] ? sys_vfork+0x30/0x30 [ 684.647558] do_syscall_64+0x1e8/0x640 [ 684.651514] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 684.656357] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 684.661539] RIP: 0033:0x459879 [ 684.664742] RSP: 002b:00007f8cec857c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 684.672448] RAX: ffffffffffffffda RBX: 00007f8cec857c90 RCX: 0000000000459879 [ 684.679712] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 684.686972] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 684.694233] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8586d4 [ 684.701500] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000004 [ 684.708808] CPU: 0 PID: 26015 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 684.715921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.725647] Call Trace: [ 684.728512] dump_stack+0x138/0x197 [ 684.732242] should_fail.cold+0x10f/0x159 [ 684.736403] should_failslab+0xdb/0x130 [ 684.740427] kmem_cache_alloc+0x47/0x780 [ 684.744597] ? anon_vma_chain_link+0x142/0x1a0 [ 684.749372] anon_vma_clone+0xde/0x470 [ 684.753451] anon_vma_fork+0x87/0x4d0 [ 684.757296] copy_process.part.0+0x45e2/0x6a00 [ 684.757328] ? __cleanup_sighand+0x50/0x50 [ 684.766726] ? lock_downgrade+0x6e0/0x6e0 [ 684.766745] _do_fork+0x19e/0xce0 [ 684.766760] ? fork_idle+0x280/0x280 [ 684.774327] ? fput+0xd4/0x150 [ 684.774339] ? SyS_write+0x15e/0x230 [ 684.774356] SyS_clone+0x37/0x50 [ 684.781226] ? sys_vfork+0x30/0x30 [ 684.781242] do_syscall_64+0x1e8/0x640 [ 684.781250] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 684.781266] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 684.781276] RIP: 0033:0x459879 [ 684.809406] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 684.817216] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 684.824504] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 684.831796] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:44:05 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) dup(r0) 18:44:05 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = accept$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCGICOUNT(r0, 0x545d, 0x0) 18:44:05 executing program 5: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f00000001c0)={{0x6, @rose}, [@rose, @rose, @default, @netrom, @netrom, @rose, @rose]}, 0x48) listen(r0, 0x0) r1 = accept(r0, 0x0, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) ioctl$sock_SIOCBRADDBR(r2, 0x89a0, &(0x7f0000000740)='bcsf0\x00') accept4(r0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCBRDELBR(r2, 0x89a1, &(0x7f0000000b00)='bcsf0\x00\x00\x00\x00\x00\x00h\x11\x00') r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x181000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)={0x180, r3, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x28, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xcb}, @TIPC_NLA_NET_NODEID_W1={0xc}]}, @TIPC_NLA_MEDIA={0x24, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_BEARER={0xbc, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x2, @rand_addr="baf16ae5b831414b29e41f45ebc5873b", 0x7}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7ff}]}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_REF={0x8}]}, @TIPC_NLA_NODE={0x18, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4f2d}]}, @TIPC_NLA_LINK={0x38, 0x4, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5f}]}, @TIPC_NLA_LINK_PROP={0x4}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}]}, 0x180}}, 0x20000000) getsockopt$SO_COOKIE(r2, 0x1, 0x39, &(0x7f0000000400), &(0x7f0000000440)=0x8) accept$nfc_llcp(0xffffffffffffffff, 0x0, &(0x7f0000000500)) listen(0xffffffffffffffff, 0x0) write$binfmt_aout(r0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, 0x0, 0x0) 18:44:05 executing program 2 (fault-call:7 fault-nth:32): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:05 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:05 executing program 3 (fault-call:7 fault-nth:37): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 684.839162] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 684.846437] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 684.909226] FAULT_INJECTION: forcing a failure. [ 684.909226] name failslab, interval 1, probability 0, space 0, times 0 [ 684.938133] CPU: 0 PID: 26036 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 684.945279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.954727] Call Trace: [ 684.957327] dump_stack+0x138/0x197 [ 684.960968] should_fail.cold+0x10f/0x159 [ 684.965221] should_failslab+0xdb/0x130 [ 684.965229] FAULT_INJECTION: forcing a failure. [ 684.965229] name failslab, interval 1, probability 0, space 0, times 0 [ 684.980557] kmem_cache_alloc+0x2d7/0x780 [ 684.984712] ? anon_vma_clone+0x310/0x470 [ 684.988960] anon_vma_fork+0xe9/0x4d0 [ 684.992778] copy_process.part.0+0x45e2/0x6a00 [ 684.997387] ? __cleanup_sighand+0x50/0x50 [ 685.001624] ? lock_downgrade+0x6e0/0x6e0 [ 685.009340] _do_fork+0x19e/0xce0 [ 685.013091] ? fork_idle+0x280/0x280 [ 685.016811] ? fput+0xd4/0x150 [ 685.020012] ? SyS_write+0x15e/0x230 [ 685.023731] SyS_clone+0x37/0x50 [ 685.027108] ? sys_vfork+0x30/0x30 [ 685.030636] do_syscall_64+0x1e8/0x640 [ 685.034508] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 685.039521] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 685.044694] RIP: 0033:0x459879 [ 685.047965] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 685.055840] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 685.063527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 685.071269] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 685.078620] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 685.085885] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 685.093405] CPU: 1 PID: 26043 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 685.100604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 685.109955] Call Trace: [ 685.112644] dump_stack+0x138/0x197 [ 685.116262] should_fail.cold+0x10f/0x159 [ 685.120487] should_failslab+0xdb/0x130 [ 685.124536] kmem_cache_alloc+0x2d7/0x780 [ 685.128854] copy_process.part.0+0x444f/0x6a00 [ 685.133793] ? __cleanup_sighand+0x50/0x50 [ 685.138012] ? lock_downgrade+0x6e0/0x6e0 [ 685.142148] _do_fork+0x19e/0xce0 [ 685.145588] ? fork_idle+0x280/0x280 [ 685.149303] ? fput+0xd4/0x150 [ 685.152582] ? SyS_write+0x15e/0x230 [ 685.156389] SyS_clone+0x37/0x50 [ 685.159740] ? sys_vfork+0x30/0x30 [ 685.163589] do_syscall_64+0x1e8/0x640 [ 685.167567] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 685.172572] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 685.177747] RIP: 0033:0x459879 [ 685.180920] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 685.188634] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 685.196069] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 685.203320] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 685.210855] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 685.218455] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:06 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1, 0x2) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/raw6\x00HT\xf4\xfa\x92\xcaH\x1ci\xccui\x13W}9\x00ah\xde\x84\xf0\xbdU\x96\xbd11=*w\x81\x8d\x1c\x82\x04\x99n\xdf\xbcD\xe6{\t\x04\xaf\x92W\x00\xe4wt&\xff-\xae\x19\x9b\x97\nS\xe5\xafu_s\xf6\xf7\x14P\a\xe3\xc0\xed\xe28F/S\xcc\xcc\xeae\r\x97Z\xd1Q0\xa8Aj\x15\xaf\xf0\xc96bJ\xeeH%\x0f=\x01\x82\xf00\x9bE!\x9e\xbf\x12w\xcb\xc1\xd0\xf1*\xf9\xe7\xc7\xd3uI\x1c#\xfa\x92\x95\xca\xd6\xa39\xd1\xf0g\xe2!\f\\;qO\x97\xce\xcc\xbcU\xadLR\xf5 \xb0\xe8\x00'/176) mkdirat$cgroup(r1, &(0x7f0000000000)='syz\xff\xda', 0x1ff) ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000180)) sendmsg(0xffffffffffffffff, &(0x7f0000002fc8)={0x0, 0x249, 0x0, 0x0, &(0x7f00000002c0)=ANY=[]}, 0x0) r2 = getpid() fcntl$lock(r0, 0x7, &(0x7f00000001c0)={0x1, 0x0, 0xfffffffffffffffe, 0x3ff, r2}) ioctl$RTC_SET_TIME(r1, 0x4024700a, 0x0) listen(r0, 0x200) sched_setaffinity(0x0, 0x8, &(0x7f0000000780)=0xa000000000000005) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000140)='./file1\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000040)={{0x2, 0x4e20, @multicast2}, {0x7, @dev={[], 0x25}}, 0x22, {0x2, 0x4e20, @empty}, 'caif0\x00'}) stat(&(0x7f0000000200)='./file1\x00', &(0x7f0000000240)) getgid() preadv(r1, &(0x7f00000017c0), 0x1fe, 0x500) perf_event_open(&(0x7f0000000380)={0x1, 0x70, 0x4, 0x100000001, 0x1, 0x9, 0x0, 0x1, 0x20, 0x1, 0x80000000, 0x1, 0x9108, 0x9, 0x101, 0x0, 0x1, 0xfffffffffffffff8, 0x4, 0xaba, 0x6, 0x4, 0x3, 0x3, 0x8, 0x1f, 0xfffffffffffff000, 0x0, 0x81, 0x5, 0x3ff, 0x8, 0x4, 0x5, 0x4, 0xc96, 0x8, 0x3, 0x0, 0x7, 0x4, @perf_config_ext={0x8000, 0x280000}, 0x20000, 0x40, 0xffffffffabbe73b0, 0x3, 0x8fd, 0x9, 0x7}, r2, 0x9, r3, 0x1) 18:44:06 executing program 2 (fault-call:7 fault-nth:33): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:06 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x0, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:06 executing program 3 (fault-call:7 fault-nth:38): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:06 executing program 1: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000440)=[{0x0, 0x0, 0xbbf}, {&(0x7f0000000400)="e5d6f42d545256e3b7e14b0fe179ec4725e441f0", 0x14, 0x2}], 0x0, 0x0) [ 685.404207] FAULT_INJECTION: forcing a failure. [ 685.404207] name failslab, interval 1, probability 0, space 0, times 0 [ 685.423028] CPU: 1 PID: 26055 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 685.430213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 685.439617] Call Trace: [ 685.442218] dump_stack+0x138/0x197 [ 685.445896] should_fail.cold+0x10f/0x159 [ 685.450100] should_failslab+0xdb/0x130 [ 685.454185] kmem_cache_alloc+0x2d7/0x780 [ 685.458431] ? __pmd_alloc+0x410/0x410 [ 685.462330] copy_process.part.0+0x444f/0x6a00 [ 685.466947] ? __cleanup_sighand+0x50/0x50 [ 685.471279] ? lock_downgrade+0x6e0/0x6e0 [ 685.475444] _do_fork+0x19e/0xce0 [ 685.479034] ? fork_idle+0x280/0x280 [ 685.483104] ? fput+0xd4/0x150 [ 685.486321] ? SyS_write+0x15e/0x230 [ 685.490039] SyS_clone+0x37/0x50 [ 685.493508] ? sys_vfork+0x30/0x30 [ 685.499390] do_syscall_64+0x1e8/0x640 [ 685.508710] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 685.517989] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 685.523182] RIP: 0033:0x459879 [ 685.526374] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:06 executing program 1: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = open(&(0x7f0000032ff8)='./file0\x00', 0x0, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000200)='/dev/input/event#\x00', 0x0, 0x0) dup2(r1, r0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) mount$9p_fd(0x0, &(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='9p\x00', 0x0, &(0x7f0000000b40)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) [ 685.538576] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 685.560548] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 685.563886] FAULT_INJECTION: forcing a failure. [ 685.563886] name failslab, interval 1, probability 0, space 0, times 0 [ 685.570181] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 685.570187] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 685.570192] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 685.610694] CPU: 0 PID: 26065 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 685.617825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 685.627268] Call Trace: [ 685.627286] dump_stack+0x138/0x197 [ 685.627301] should_fail.cold+0x10f/0x159 [ 685.627310] ? anon_vma_clone+0xde/0x470 [ 685.627322] should_failslab+0xdb/0x130 [ 685.627333] kmem_cache_alloc+0x47/0x780 [ 685.627344] ? anon_vma_chain_link+0x142/0x1a0 [ 685.654426] anon_vma_clone+0xde/0x470 18:44:06 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x0, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:06 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/raw6\x00HT\xf4\xfa\x92\xcaH\x1ci\xccui\x13W}9\x00ah\xde\x84\xf0\xbdU\x96\xbd11=*w\x81\x8d\x1c\x82\x04\x99n\xdf\xbcD\xe6{\t\x04\xaf\x92W\x00\xe4wt&\xff-\xae\x19\x9b\x97\nS\xe5\xafu_s\xf6\xf7\x14P\a\xe3\xc0\xed\xe28F/S\xcc\xcc\xeae\r\x97Z\xd1Q0\xa8Aj\x15\xaf\xf0\xc96bJ\xeeH%\x0f=\x01\x82\xf00\x9bE!\x9e\xbf\x12w\xcb\xc1\xd0\xf1*\xf9\xe7\xc7\xd3uI\x1c#\xfa\x92\x95\xca\xd6\xa39\xd1\xf0g\xe2!\f\\;qO\x97\xce\xcc\xbcU\xadLR\xf5 \xb0\xe8\x00'/176) sendmsg$unix(0xffffffffffffffff, &(0x7f0000002040)={&(0x7f0000000880)=@abs, 0x6e, 0x0}, 0x0) preadv(r0, &(0x7f00000017c0), 0x1fe, 0x500) [ 685.658426] anon_vma_fork+0x87/0x4d0 [ 685.662251] copy_process.part.0+0x45e2/0x6a00 [ 685.666876] ? __cleanup_sighand+0x50/0x50 [ 685.671138] ? lock_downgrade+0x6e0/0x6e0 [ 685.675312] _do_fork+0x19e/0xce0 [ 685.678785] ? fork_idle+0x280/0x280 [ 685.682514] ? fput+0xd4/0x150 [ 685.685715] ? SyS_write+0x15e/0x230 [ 685.685735] SyS_clone+0x37/0x50 [ 685.685744] ? sys_vfork+0x30/0x30 [ 685.685761] do_syscall_64+0x1e8/0x640 [ 685.693115] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 685.693135] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 685.693145] RIP: 0033:0x459879 [ 685.693150] RSP: 002b:00007fed35998c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 685.705403] RAX: ffffffffffffffda RBX: 00007fed35998c90 RCX: 0000000000459879 [ 685.705409] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 685.705415] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 685.705421] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359996d4 [ 685.705427] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000004 18:44:06 executing program 5: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f00000001c0)={{0x6, @rose}, [@rose, @rose, @default, @netrom, @netrom, @rose, @rose]}, 0x48) listen(r0, 0x0) r1 = accept(r0, 0x0, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) ioctl$sock_SIOCBRADDBR(r2, 0x89a0, &(0x7f0000000740)='bcsf0\x00') accept4(r0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCBRDELBR(r2, 0x89a1, &(0x7f0000000b00)='bcsf0\x00\x00\x00\x00\x00\x00h\x11\x00') r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x181000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)={0x180, r3, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x28, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xcb}, @TIPC_NLA_NET_NODEID_W1={0xc}]}, @TIPC_NLA_MEDIA={0x24, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_BEARER={0xbc, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x2, @rand_addr="baf16ae5b831414b29e41f45ebc5873b", 0x7}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7ff}]}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_REF={0x8}]}, @TIPC_NLA_NODE={0x18, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4f2d}]}, @TIPC_NLA_LINK={0x38, 0x4, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5f}]}, @TIPC_NLA_LINK_PROP={0x4}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}]}, 0x180}}, 0x20000000) getsockopt$SO_COOKIE(r2, 0x1, 0x39, &(0x7f0000000400), &(0x7f0000000440)=0x8) accept$nfc_llcp(0xffffffffffffffff, 0x0, &(0x7f0000000500)) listen(0xffffffffffffffff, 0x0) write$binfmt_aout(r0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, 0x0, 0x0) 18:44:06 executing program 2 (fault-call:7 fault-nth:34): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$binder(&(0x7f0000000180)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x14, 0x0, &(0x7f0000001780)=[@dead_binder_done, @enter_looper, @register_looper], 0x0, 0x2, 0x0}) 18:44:06 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x0, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:06 executing program 3 (fault-call:7 fault-nth:39): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 685.885982] FAULT_INJECTION: forcing a failure. [ 685.885982] name failslab, interval 1, probability 0, space 0, times 0 [ 685.919651] CPU: 0 PID: 26089 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 685.926807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 18:44:06 executing program 4: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000140)={0x84a5}) close(r2) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'lo\x00', 0x0}) bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0x5, 0x4) splice(r0, 0x0, r2, 0x0, 0x10003, 0x0) [ 685.936176] Call Trace: [ 685.938786] dump_stack+0x138/0x197 [ 685.942443] should_fail.cold+0x10f/0x159 [ 685.946618] should_failslab+0xdb/0x130 [ 685.950610] kmem_cache_alloc+0x2d7/0x780 [ 685.954772] copy_process.part.0+0x444f/0x6a00 [ 685.959499] ? __cleanup_sighand+0x50/0x50 [ 685.963750] ? lock_downgrade+0x6e0/0x6e0 [ 685.967923] _do_fork+0x19e/0xce0 [ 685.971395] ? fork_idle+0x280/0x280 [ 685.975123] ? fput+0xd4/0x150 [ 685.978332] ? SyS_write+0x15e/0x230 [ 685.982068] SyS_clone+0x37/0x50 [ 685.985445] ? sys_vfork+0x30/0x30 [ 685.989007] do_syscall_64+0x1e8/0x640 [ 685.992913] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 685.997780] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 686.003149] RIP: 0033:0x459879 [ 686.003155] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 686.003164] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 686.003169] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 686.003175] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:44:07 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, 0x0) setns(r0, 0x0) [ 686.003180] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 686.003186] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 686.082568] FAULT_INJECTION: forcing a failure. [ 686.082568] name failslab, interval 1, probability 0, space 0, times 0 [ 686.106172] CPU: 0 PID: 26106 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 686.113322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 686.122770] Call Trace: [ 686.125378] dump_stack+0x138/0x197 [ 686.129031] should_fail.cold+0x10f/0x159 [ 686.133200] should_failslab+0xdb/0x130 [ 686.137192] kmem_cache_alloc+0x2d7/0x780 [ 686.141356] ? anon_vma_clone+0x310/0x470 [ 686.145526] anon_vma_fork+0x1ce/0x4d0 [ 686.149438] copy_process.part.0+0x45e2/0x6a00 [ 686.154065] ? __cleanup_sighand+0x50/0x50 [ 686.158331] ? lock_downgrade+0x6e0/0x6e0 [ 686.158353] _do_fork+0x19e/0xce0 [ 686.158369] ? fork_idle+0x280/0x280 [ 686.158385] ? fput+0xd4/0x150 [ 686.172882] ? SyS_write+0x15e/0x230 [ 686.176715] SyS_clone+0x37/0x50 [ 686.180094] ? sys_vfork+0x30/0x30 [ 686.183640] do_syscall_64+0x1e8/0x640 [ 686.183652] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 686.183670] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 686.183679] RIP: 0033:0x459879 [ 686.183685] RSP: 002b:00007fed359b9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 686.183696] RAX: ffffffffffffffda RBX: 00007fed359b9c90 RCX: 0000000000459879 [ 686.183702] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 686.183707] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 18:44:07 executing program 2 (fault-call:7 fault-nth:35): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 686.183714] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359ba6d4 [ 686.197701] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 686.197978] audit: type=1400 audit(1566758647.061:268): avc: denied { write } for pid=26080 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=socket permissive=1 18:44:07 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, 0x0) setns(r0, 0x0) [ 686.279166] audit: type=1400 audit(1566758647.231:269): avc: denied { sys_ptrace } for pid=26094 comm="ps" capability=19 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=cap_userns permissive=1 18:44:07 executing program 1: 18:44:07 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, 0x0) setns(r0, 0x0) 18:44:07 executing program 3 (fault-call:7 fault-nth:40): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 686.442523] FAULT_INJECTION: forcing a failure. [ 686.442523] name failslab, interval 1, probability 0, space 0, times 0 [ 686.533836] CPU: 0 PID: 26124 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 686.541165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 686.550569] Call Trace: [ 686.553175] dump_stack+0x138/0x197 [ 686.557023] should_fail.cold+0x10f/0x159 [ 686.561281] should_failslab+0xdb/0x130 [ 686.565280] kmem_cache_alloc+0x47/0x780 [ 686.569632] ? __lock_is_held+0xb6/0x140 [ 686.573895] ? check_preemption_disabled+0x3c/0x250 [ 686.579008] anon_vma_clone+0xde/0x470 [ 686.582918] anon_vma_fork+0x87/0x4d0 [ 686.586741] copy_process.part.0+0x45e2/0x6a00 [ 686.591357] ? __cleanup_sighand+0x50/0x50 [ 686.595691] ? lock_downgrade+0x6e0/0x6e0 [ 686.599891] _do_fork+0x19e/0xce0 [ 686.603356] ? fork_idle+0x280/0x280 [ 686.607089] ? fput+0xd4/0x150 [ 686.610287] ? SyS_write+0x15e/0x230 [ 686.614014] SyS_clone+0x37/0x50 [ 686.617378] ? sys_vfork+0x30/0x30 [ 686.620928] do_syscall_64+0x1e8/0x640 [ 686.624912] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 686.629856] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 686.635138] RIP: 0033:0x459879 [ 686.638332] RSP: 002b:00007f8cec857c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 686.646044] RAX: ffffffffffffffda RBX: 00007f8cec857c90 RCX: 0000000000459879 [ 686.653318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 686.660591] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 686.667864] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8586d4 [ 686.675160] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 686.838032] FAULT_INJECTION: forcing a failure. [ 686.838032] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 686.877363] CPU: 0 PID: 26136 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 686.884516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 686.894054] Call Trace: [ 686.896743] dump_stack+0x138/0x197 [ 686.900479] should_fail.cold+0x10f/0x159 [ 686.904984] ? __might_sleep+0x93/0xb0 [ 686.908893] __alloc_pages_nodemask+0x1d6/0x7a0 [ 686.913662] ? save_stack+0x45/0xd0 [ 686.917299] ? kasan_kmalloc+0xce/0xf0 [ 686.921191] ? kasan_slab_alloc+0xf/0x20 [ 686.925270] ? __alloc_pages_slowpath+0x2930/0x2930 [ 686.930309] alloc_pages_current+0xec/0x1e0 [ 686.934640] pte_alloc_one+0x1a/0x100 [ 686.938454] __pte_alloc+0x2a/0x2d0 [ 686.942184] copy_page_range+0x11ba/0x1bd0 [ 686.946431] ? anon_vma_fork+0x358/0x4d0 [ 686.950513] ? vma_compute_subtree_gap+0x190/0x1f0 [ 686.955553] ? __pmd_alloc+0x410/0x410 [ 686.959462] copy_process.part.0+0x4764/0x6a00 [ 686.964442] ? __cleanup_sighand+0x50/0x50 [ 686.972523] ? lock_downgrade+0x6e0/0x6e0 [ 686.980164] _do_fork+0x19e/0xce0 [ 686.983642] ? fork_idle+0x280/0x280 [ 686.987368] ? fput+0xd4/0x150 [ 686.990589] ? SyS_write+0x15e/0x230 [ 686.994324] SyS_clone+0x37/0x50 [ 686.997700] ? sys_vfork+0x30/0x30 [ 687.001273] do_syscall_64+0x1e8/0x640 [ 687.008704] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 687.013653] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 687.018846] RIP: 0033:0x459879 [ 687.018853] RSP: 002b:00007fed359b9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 687.018868] RAX: ffffffffffffffda RBX: 00007fed359b9c90 RCX: 0000000000459879 [ 687.018872] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 687.018877] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 687.018881] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359ba6d4 [ 687.030027] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:08 executing program 5: 18:44:08 executing program 1: 18:44:08 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(0xffffffffffffffff, 0x0) 18:44:08 executing program 4: 18:44:08 executing program 2 (fault-call:7 fault-nth:36): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:08 executing program 3 (fault-call:7 fault-nth:41): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:08 executing program 4: 18:44:08 executing program 1: [ 687.243996] FAULT_INJECTION: forcing a failure. [ 687.243996] name failslab, interval 1, probability 0, space 0, times 0 18:44:08 executing program 5: [ 687.333371] CPU: 1 PID: 26149 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 687.340626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 687.349993] Call Trace: [ 687.352593] dump_stack+0x138/0x197 [ 687.352660] FAULT_INJECTION: forcing a failure. [ 687.352660] name failslab, interval 1, probability 0, space 0, times 0 [ 687.356235] should_fail.cold+0x10f/0x159 [ 687.356254] should_failslab+0xdb/0x130 [ 687.356267] kmem_cache_alloc+0x47/0x780 [ 687.356285] ? anon_vma_chain_link+0x142/0x1a0 [ 687.384397] anon_vma_clone+0xde/0x470 [ 687.388312] anon_vma_fork+0x87/0x4d0 [ 687.392132] copy_process.part.0+0x45e2/0x6a00 [ 687.396754] ? __cleanup_sighand+0x50/0x50 [ 687.400996] ? lock_downgrade+0x6e0/0x6e0 [ 687.405161] _do_fork+0x19e/0xce0 [ 687.408632] ? fork_idle+0x280/0x280 [ 687.412358] ? fput+0xd4/0x150 [ 687.415563] ? SyS_write+0x15e/0x230 [ 687.419371] SyS_clone+0x37/0x50 [ 687.422764] ? sys_vfork+0x30/0x30 [ 687.426317] do_syscall_64+0x1e8/0x640 [ 687.430386] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 687.435247] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 687.440439] RIP: 0033:0x459879 [ 687.443625] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 687.451339] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 687.458616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 687.465893] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 687.473343] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 18:44:08 executing program 5: 18:44:08 executing program 5: 18:44:08 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(0xffffffffffffffff, 0x0) 18:44:08 executing program 1: 18:44:08 executing program 4: [ 687.480621] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 687.526355] CPU: 0 PID: 26155 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 687.533553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 687.542916] Call Trace: [ 687.545570] dump_stack+0x138/0x197 [ 687.549312] should_fail.cold+0x10f/0x159 [ 687.553466] should_failslab+0xdb/0x130 [ 687.557443] kmem_cache_alloc+0x2d7/0x780 [ 687.561610] ptlock_alloc+0x20/0x70 [ 687.565243] pte_alloc_one+0x60/0x100 [ 687.569147] __pte_alloc+0x2a/0x2d0 18:44:08 executing program 5: [ 687.572788] copy_page_range+0x11ba/0x1bd0 [ 687.577047] ? anon_vma_fork+0x358/0x4d0 [ 687.581107] ? vma_compute_subtree_gap+0x190/0x1f0 [ 687.586048] ? __pmd_alloc+0x410/0x410 [ 687.589951] copy_process.part.0+0x4764/0x6a00 [ 687.594568] ? __cleanup_sighand+0x50/0x50 [ 687.598820] ? lock_downgrade+0x6e0/0x6e0 [ 687.602996] _do_fork+0x19e/0xce0 [ 687.606478] ? fork_idle+0x280/0x280 [ 687.610210] ? fput+0xd4/0x150 [ 687.613410] ? SyS_write+0x15e/0x230 [ 687.617135] SyS_clone+0x37/0x50 [ 687.620508] ? sys_vfork+0x30/0x30 [ 687.624055] do_syscall_64+0x1e8/0x640 [ 687.627946] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 687.632807] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 687.638032] RIP: 0033:0x459879 [ 687.641223] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 687.648945] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 687.656329] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 687.664131] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:44:08 executing program 1: 18:44:08 executing program 2 (fault-call:7 fault-nth:37): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 687.671510] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 687.678790] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 687.781835] FAULT_INJECTION: forcing a failure. [ 687.781835] name failslab, interval 1, probability 0, space 0, times 0 [ 687.799574] CPU: 1 PID: 26172 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 687.806725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 687.816088] Call Trace: [ 687.818790] dump_stack+0x138/0x197 [ 687.822548] should_fail.cold+0x10f/0x159 [ 687.826708] ? anon_vma_clone+0xde/0x470 [ 687.830958] should_failslab+0xdb/0x130 [ 687.834941] kmem_cache_alloc+0x47/0x780 [ 687.839018] ? anon_vma_chain_link+0x142/0x1a0 [ 687.843828] anon_vma_clone+0xde/0x470 [ 687.847741] anon_vma_fork+0x87/0x4d0 [ 687.851569] copy_process.part.0+0x45e2/0x6a00 [ 687.856188] ? __cleanup_sighand+0x50/0x50 [ 687.860438] ? lock_downgrade+0x6e0/0x6e0 [ 687.864624] _do_fork+0x19e/0xce0 [ 687.868099] ? fork_idle+0x280/0x280 [ 687.871924] ? fput+0xd4/0x150 [ 687.875133] ? SyS_write+0x15e/0x230 [ 687.878865] SyS_clone+0x37/0x50 [ 687.882237] ? sys_vfork+0x30/0x30 [ 687.885794] do_syscall_64+0x1e8/0x640 [ 687.889702] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 687.894560] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 687.899760] RIP: 0033:0x459879 [ 687.902958] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 687.910678] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 687.917957] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 687.925241] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:44:08 executing program 3 (fault-call:7 fault-nth:42): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:08 executing program 5: 18:44:08 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(0xffffffffffffffff, 0x0) 18:44:08 executing program 4: 18:44:08 executing program 1: 18:44:08 executing program 1: 18:44:08 executing program 4: 18:44:08 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fstat(0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x200000002, 0x0) r1 = socket$l2tp(0x18, 0x1, 0x1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r3, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) connect$l2tp(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x3a) close(0xffffffffffffffff) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0) memfd_create(0x0, 0x0) [ 687.932609] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 687.939892] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:08 executing program 5: 18:44:08 executing program 4: 18:44:09 executing program 2 (fault-call:7 fault-nth:38): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 688.036568] FAULT_INJECTION: forcing a failure. [ 688.036568] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 688.102658] CPU: 1 PID: 26185 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 688.109806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 688.119206] Call Trace: [ 688.121823] dump_stack+0x138/0x197 [ 688.125476] should_fail.cold+0x10f/0x159 [ 688.129640] ? __might_sleep+0x93/0xb0 [ 688.133543] __alloc_pages_nodemask+0x1d6/0x7a0 [ 688.138230] ? __alloc_pages_slowpath+0x2930/0x2930 [ 688.143567] alloc_pages_current+0xec/0x1e0 [ 688.148020] pte_alloc_one+0x1a/0x100 18:44:09 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fstat(0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x200000002, 0x0) r1 = socket$l2tp(0x18, 0x1, 0x1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r3, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) connect$l2tp(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x3a) close(0xffffffffffffffff) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0) memfd_create(0x0, 0x0) [ 688.149715] FAULT_INJECTION: forcing a failure. [ 688.149715] name failslab, interval 1, probability 0, space 0, times 0 [ 688.151834] __pte_alloc+0x2a/0x2d0 [ 688.151845] copy_page_range+0x11ba/0x1bd0 [ 688.151874] ? __pmd_alloc+0x410/0x410 [ 688.151895] copy_process.part.0+0x4764/0x6a00 [ 688.151923] ? __cleanup_sighand+0x50/0x50 [ 688.151934] ? lock_downgrade+0x6e0/0x6e0 [ 688.151951] _do_fork+0x19e/0xce0 [ 688.151968] ? fork_idle+0x280/0x280 [ 688.195796] ? fput+0xd4/0x150 [ 688.198994] ? SyS_write+0x15e/0x230 [ 688.202742] SyS_clone+0x37/0x50 [ 688.206197] ? sys_vfork+0x30/0x30 [ 688.209739] do_syscall_64+0x1e8/0x640 [ 688.213621] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 688.218467] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 688.223655] RIP: 0033:0x459879 [ 688.226847] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 688.234653] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 688.241933] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 688.249378] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 688.256646] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 688.265136] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 688.272425] CPU: 0 PID: 26195 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 688.279533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 688.279538] Call Trace: [ 688.279556] dump_stack+0x138/0x197 [ 688.279573] should_fail.cold+0x10f/0x159 [ 688.296050] should_failslab+0xdb/0x130 [ 688.296063] kmem_cache_alloc+0x2d7/0x780 [ 688.308423] ? anon_vma_clone+0x310/0x470 [ 688.312597] anon_vma_fork+0xe9/0x4d0 [ 688.317117] copy_process.part.0+0x45e2/0x6a00 [ 688.321834] ? __cleanup_sighand+0x50/0x50 [ 688.326270] ? lock_downgrade+0x6e0/0x6e0 [ 688.330442] _do_fork+0x19e/0xce0 [ 688.334008] ? fork_idle+0x280/0x280 [ 688.337864] ? fput+0xd4/0x150 [ 688.341257] ? SyS_write+0x15e/0x230 [ 688.344993] SyS_clone+0x37/0x50 [ 688.348371] ? sys_vfork+0x30/0x30 [ 688.351916] do_syscall_64+0x1e8/0x640 [ 688.355807] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 688.360675] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 688.366376] RIP: 0033:0x459879 [ 688.369553] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 688.377345] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 688.384621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 688.392227] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:44:09 executing program 3 (fault-call:7 fault-nth:43): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:09 executing program 4: 18:44:09 executing program 5: 18:44:09 executing program 2 (fault-call:7 fault-nth:39): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:09 executing program 1: [ 688.399688] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 688.406964] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:09 executing program 5: 18:44:09 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x40000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 688.499070] FAULT_INJECTION: forcing a failure. [ 688.499070] name failslab, interval 1, probability 0, space 0, times 0 [ 688.523025] CPU: 0 PID: 26205 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 688.530973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 688.540341] Call Trace: [ 688.543119] dump_stack+0x138/0x197 [ 688.546848] should_fail.cold+0x10f/0x159 [ 688.551013] should_failslab+0xdb/0x130 [ 688.555000] kmem_cache_alloc+0x2d7/0x780 [ 688.559211] ? anon_vma_clone+0x310/0x470 [ 688.563464] anon_vma_fork+0x1ce/0x4d0 [ 688.567458] copy_process.part.0+0x45e2/0x6a00 [ 688.572164] ? __cleanup_sighand+0x50/0x50 [ 688.576437] ? lock_downgrade+0x6e0/0x6e0 [ 688.577457] FAULT_INJECTION: forcing a failure. [ 688.577457] name failslab, interval 1, probability 0, space 0, times 0 [ 688.580597] _do_fork+0x19e/0xce0 [ 688.580614] ? fork_idle+0x280/0x280 [ 688.580631] ? fput+0xd4/0x150 [ 688.580641] ? SyS_write+0x15e/0x230 [ 688.580653] SyS_clone+0x37/0x50 [ 688.580661] ? sys_vfork+0x30/0x30 [ 688.580682] do_syscall_64+0x1e8/0x640 [ 688.617451] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 688.622403] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 688.627694] RIP: 0033:0x459879 [ 688.630979] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 688.638788] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 18:44:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000060000000100000000000000000000001f"]) 18:44:09 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000002880)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x2, {0x7, 0x1f, 0x0, 0xc00}}, 0x50) 18:44:09 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xfffffffffffffffc, 0x0) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0}, 0x0) setreuid(r1, r2) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x200000000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x10000000000000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3, 0x0, 0x0, 0x1, 0x6, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) ioctl$PIO_CMAP(r3, 0x4b71, &(0x7f00000000c0)={0x2, 0x1000, 0x81, 0xffff, 0x1, 0x3}) clock_gettime(0x0, &(0x7f0000000580)) futex(&(0x7f0000000540)=0x2, 0x3, 0x0, &(0x7f0000000440), &(0x7f0000000480)=0x2, 0x1) r4 = socket$isdn_base(0x22, 0x3, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000940)=ANY=[@ANYBLOB="00fb080203616f1b50818b28177cb3ceb62e9b9e7b43ded7e1efe5782071e19462638e308b58292d9a87f73772895ef5bf36446ad6f81c7b9cff936d1f6e2cad4c512c3ea60df2976d789266a9855aec5da0a814f35adfb51f89246da14485f563533660d3d1724f038544ebdf124da4793e45e4b7cd8ba4831dca436f10d20500000000000000da29657add6206c9cd209537f1ce085514c5118f381d7419aa79231446d358108904d189989000742e2b117668484146985e00bb07ac835f15475d7fe6e2ac805fa91714a765227dcb7aa97383810b7cffb03362e5e81a28ac4b45cf0309b77a59cb8f96c03933b0c7da865f47d0fa801c294754ffaeec3db1ddf186f0d24fd46430ff3b19c87ea33d709b63ecb9acd202f00175e9f3c3454697962efb7b6d46ef2ba9e3be2ba5f87082ec55345a9b5c23fe5b4ac21769bcacae5c510f6d4bbc6de6754d6500000000000000009a8fe81568a052390e9a1cd947f321101c850b46571dcc695f049bbb913894c912dc1a7bac9091c09a60c779d4c93bc5f2c9dd729985ee401919b20a80d2cbe97130e0b75c35154bd9cfadeaeacc8c8f7cb6d0578427f6453b694a27597927a0a1216ae2eff5cf0d189b9d677759051f2add54c2de457f813bdfa09dcf0e515454623a17179ea6b22ddce72eacf832070906d4ed6052207452bb7dd2a566b25af235d858feb3ce5e0000000000000000000000008c07a1d5e1580d8333277e4408f7ed86c33cc995b838071e47d0b2e935f66a3a1cf879922e3b795066b1a31dc5aaac7de33094a7091e8ccd9592658940a11766cbe31d651ec3b50f1029e2075d7e11726f304e93576d4e444e1fd958adb82d8a33347f4fe85e13a8b2b8e2e2ee12ea34d299d36676fbaaa671d7dbd1e58d5c56f491326cb513bdd397ef5a2036967772f4f907cabc63b119b232c8c2d817"], 0x1, 0x2) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'ifb0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x8, 0x7, 0xc, 0x6, 0xffffffffffffffff, 0xfffffffffffffffe, [], r5, 0xffffffffffffffff, 0x1}, 0xffffffffffffffa4) socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000640)={{{@in=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@multicast2}}, &(0x7f0000000340)=0xe8) sendmsg$can_raw(r3, &(0x7f0000000900)={&(0x7f00000004c0)={0x1d, r6}, 0x10, &(0x7f0000000740)={&(0x7f0000000500)=@can={{0x1, 0x41, 0x0, 0x83}, 0x0, 0x1, 0x0, 0x0, "afdb4b64d379a7ef"}, 0x10}, 0x1, 0x0, 0x0, 0x40001}, 0x0) ioctl(0xffffffffffffffff, 0x0, 0x0) setpgid(0x0, 0x0) clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0x4008ae48, &(0x7f0000000280)) gettid() r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240)='TIPC\x00') sendmsg$TIPC_CMD_GET_BEARER_NAMES(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000140), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, r7, 0x121, 0x70bd2b, 0x25dfdbff, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x48851) 18:44:09 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, 0x0) setns(r0, 0x0) [ 688.646070] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 688.653526] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 688.660813] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 688.668361] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 688.679127] CPU: 1 PID: 26212 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 688.686363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 688.695812] Call Trace: [ 688.698417] dump_stack+0x138/0x197 [ 688.702102] should_fail.cold+0x10f/0x159 [ 688.706476] should_failslab+0xdb/0x130 [ 688.710464] kmem_cache_alloc+0x2d7/0x780 [ 688.714980] ptlock_alloc+0x20/0x70 [ 688.718603] pte_alloc_one+0x60/0x100 [ 688.722398] __pte_alloc+0x2a/0x2d0 [ 688.726118] copy_page_range+0x11ba/0x1bd0 [ 688.730527] ? __pmd_alloc+0x410/0x410 [ 688.734403] copy_process.part.0+0x4764/0x6a00 [ 688.739004] ? __cleanup_sighand+0x50/0x50 [ 688.743235] ? lock_downgrade+0x6e0/0x6e0 [ 688.747400] _do_fork+0x19e/0xce0 [ 688.751624] ? fork_idle+0x280/0x280 [ 688.755349] ? fput+0xd4/0x150 [ 688.758526] ? SyS_write+0x15e/0x230 [ 688.762339] SyS_clone+0x37/0x50 [ 688.765688] ? sys_vfork+0x30/0x30 [ 688.769215] do_syscall_64+0x1e8/0x640 [ 688.773622] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 688.778455] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 688.783631] RIP: 0033:0x459879 [ 688.786806] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:09 executing program 5: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x0, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 688.794513] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 688.802053] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 688.809306] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 688.816563] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 688.824541] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:09 executing program 3 (fault-call:7 fault-nth:44): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:09 executing program 2 (fault-call:7 fault-nth:40): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:09 executing program 4: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x0, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:09 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:09 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:09 executing program 5: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 689.028003] FAULT_INJECTION: forcing a failure. [ 689.028003] name fail_page_alloc, interval 1, probability 0, space 0, times 0 18:44:10 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) [ 689.087942] FAULT_INJECTION: forcing a failure. [ 689.087942] name failslab, interval 1, probability 0, space 0, times 0 [ 689.148389] CPU: 0 PID: 26245 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 689.155552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.164921] Call Trace: [ 689.167571] dump_stack+0x138/0x197 [ 689.171225] should_fail.cold+0x10f/0x159 [ 689.175398] should_failslab+0xdb/0x130 [ 689.179401] kmem_cache_alloc+0x2d7/0x780 [ 689.183577] copy_process.part.0+0x444f/0x6a00 [ 689.188362] ? __cleanup_sighand+0x50/0x50 [ 689.192618] ? lock_downgrade+0x6e0/0x6e0 [ 689.196766] _do_fork+0x19e/0xce0 [ 689.200217] ? fork_idle+0x280/0x280 [ 689.204120] ? fput+0xd4/0x150 [ 689.207326] ? SyS_write+0x15e/0x230 [ 689.211030] SyS_clone+0x37/0x50 [ 689.214381] ? sys_vfork+0x30/0x30 [ 689.217907] do_syscall_64+0x1e8/0x640 [ 689.221778] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 689.226616] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 689.231806] RIP: 0033:0x459879 [ 689.234978] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:10 executing program 0 (fault-call:9 fault-nth:0): sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) eventfd2(0x10000, 0x80000) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 689.242859] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 689.250198] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 689.257452] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 689.264708] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 689.271960] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 689.305981] CPU: 1 PID: 26242 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 689.313137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.322508] Call Trace: [ 689.325111] dump_stack+0x138/0x197 [ 689.328851] should_fail.cold+0x10f/0x159 [ 689.333017] ? __might_sleep+0x93/0xb0 [ 689.336925] __alloc_pages_nodemask+0x1d6/0x7a0 [ 689.341614] ? save_stack+0x45/0xd0 [ 689.345260] ? kasan_kmalloc+0xce/0xf0 [ 689.349166] ? kasan_slab_alloc+0xf/0x20 [ 689.353244] ? __alloc_pages_slowpath+0x2930/0x2930 [ 689.357072] FAULT_INJECTION: forcing a failure. [ 689.357072] name failslab, interval 1, probability 0, space 0, times 0 [ 689.358273] alloc_pages_current+0xec/0x1e0 [ 689.358291] pte_alloc_one+0x1a/0x100 [ 689.358305] __pte_alloc+0x2a/0x2d0 [ 689.381492] copy_page_range+0x11ba/0x1bd0 [ 689.385731] ? anon_vma_fork+0x358/0x4d0 [ 689.389807] ? vma_compute_subtree_gap+0x190/0x1f0 [ 689.394748] ? __pmd_alloc+0x410/0x410 [ 689.398640] copy_process.part.0+0x4764/0x6a00 [ 689.403246] ? __cleanup_sighand+0x50/0x50 [ 689.407476] ? lock_downgrade+0x6e0/0x6e0 [ 689.411630] _do_fork+0x19e/0xce0 [ 689.415085] ? fork_idle+0x280/0x280 [ 689.418795] ? fput+0xd4/0x150 [ 689.421986] ? SyS_write+0x15e/0x230 [ 689.425709] SyS_clone+0x37/0x50 [ 689.429162] ? sys_vfork+0x30/0x30 [ 689.432706] do_syscall_64+0x1e8/0x640 [ 689.436589] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 689.441437] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 689.446624] RIP: 0033:0x459879 [ 689.449806] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 689.457510] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 689.464776] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 689.472040] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 689.479316] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 689.486589] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 689.493927] CPU: 0 PID: 26256 Comm: syz-executor.0 Not tainted 4.14.140 #36 [ 689.501054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.510413] Call Trace: [ 689.513043] dump_stack+0x138/0x197 [ 689.516700] should_fail.cold+0x10f/0x159 [ 689.520845] should_failslab+0xdb/0x130 [ 689.524882] kmem_cache_alloc+0x2d7/0x780 [ 689.529047] create_new_namespaces+0x34/0x720 [ 689.533537] SyS_setns+0x18c/0x2c0 [ 689.537065] ? exit_task_namespaces+0x20/0x20 [ 689.541550] do_syscall_64+0x1e8/0x640 [ 689.545423] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 689.550297] entry_SYSCALL_64_after_hwframe+0x42/0xb7 18:44:10 executing program 3 (fault-call:7 fault-nth:45): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:10 executing program 1: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:10 executing program 5: ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'lo\x00@\x00', 0x1801}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000640)='/dev/input/mouse#\x00', 0x99f, 0x10000) ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000680)) pipe(0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x80, 0x0) ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000600)={0x6, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}]}) ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, 0x0) shmget$private(0x0, 0x3000, 0x100, &(0x7f0000ffb000/0x3000)=nil) lookup_dcookie(0x0, &(0x7f0000000280)=""/55, 0x37) sendto$inet6(r1, 0x0, 0x29, 0x20000001, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr, 0x3ff}, 0x1c) setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000000c0), 0x4) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video0\x00', 0x2, 0x0) ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000240)=0x80000001) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e3a66696c65302c776f726b6469723d2e2f66696c65314d9e038b44e164cb5bd3891ec9d5d3d5393d8b88d75b2d59ea0a0572f9e15ce7bda73560c18d7f19810fae06d466004aa93a1dbf40699fbde325b16593be426f9a9eb51e6508eddc6ca775fd8d9c51283a3d5bdff7e2fee14941ffb8b38ff8520044479fefaf337ac4c5075a138b6324c7746bd0cddf68bf8d71f61aaad8819e358e7cd527929aca1c6a974de63da3785da574280f30ef10675e659cbb97f42a54581a89a4e88a933a025decb85083a0599df3f4db06b780f17e6b17fef6500e675d6e8f0fef13ddfc35276247761057"]) r4 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f00000000c0)='./file0\x00', r4, &(0x7f0000000140)='.//ile0\x00') chdir(&(0x7f0000000380)='./file1/file0\x00') getsockopt$nfc_llcp(r4, 0x118, 0x1, &(0x7f00000002c0)=""/1, 0x1) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r4, 0x6, 0x15, &(0x7f00000003c0)=0x8000, 0x4) renameat(r4, &(0x7f0000000180)='.//ile0\x00', r4, &(0x7f00000007c0)='./file0/f.le.\x00') [ 689.555492] RIP: 0033:0x459879 [ 689.558666] RSP: 002b:00007fa25bd6fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 689.566472] RAX: ffffffffffffffda RBX: 00007fa25bd6fc90 RCX: 0000000000459879 [ 689.576529] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 689.583893] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 689.591611] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa25bd706d4 [ 689.598952] R13: 00000000004c7923 R14: 00000000004dd2d0 R15: 0000000000000005 [ 689.675644] FAULT_INJECTION: forcing a failure. [ 689.675644] name failslab, interval 1, probability 0, space 0, times 0 [ 689.715117] CPU: 0 PID: 26261 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 689.722374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.731832] Call Trace: [ 689.734437] dump_stack+0x138/0x197 [ 689.738081] should_fail.cold+0x10f/0x159 [ 689.738098] should_failslab+0xdb/0x130 [ 689.738111] kmem_cache_alloc+0x47/0x780 [ 689.750590] ? __lock_is_held+0xb6/0x140 [ 689.754666] ? check_preemption_disabled+0x3c/0x250 [ 689.759694] anon_vma_clone+0xde/0x470 [ 689.763696] anon_vma_fork+0x87/0x4d0 [ 689.767591] copy_process.part.0+0x45e2/0x6a00 [ 689.767623] ? __cleanup_sighand+0x50/0x50 [ 689.776429] ? lock_downgrade+0x6e0/0x6e0 [ 689.780589] _do_fork+0x19e/0xce0 [ 689.784056] ? fork_idle+0x280/0x280 [ 689.787793] ? fput+0xd4/0x150 [ 689.790990] ? SyS_write+0x15e/0x230 [ 689.794709] SyS_clone+0x37/0x50 [ 689.798101] ? sys_vfork+0x30/0x30 [ 689.801907] do_syscall_64+0x1e8/0x640 [ 689.805801] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 689.810661] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 689.815856] RIP: 0033:0x459879 18:44:10 executing program 2 (fault-call:7 fault-nth:41): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:10 executing program 1: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x82, 0x0) writev(r0, &(0x7f0000001340)=[{&(0x7f0000000080)='m', 0x1}], 0x1) [ 689.819043] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 689.826932] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 689.834374] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 689.841645] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 689.848908] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 689.856189] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="11dca50d5e0bcfe47bf070") r1 = socket$inet(0x10, 0x3, 0xc) pipe2(&(0x7f0000000140), 0x84800) syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0x5, 0x40000) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000040807031dfffd946fa2830020200a0009000200001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 18:44:10 executing program 0 (fault-call:9 fault-nth:1): sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:10 executing program 3 (fault-call:7 fault-nth:46): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 689.889031] overlayfs: failed to resolve './file1Mž‹DádË[Ó‰ÉÕÓÕ9=‹ˆ×[-Yê [ 689.889031] rùá罧5`Á®Ôf': -2 18:44:10 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='veth0_to_hsr\x00', 0xffffffffffffff9b) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @remote}]}, &(0x7f0000000180)=0x3ad) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000000)={r1, 0x42, 0x20, 0xffffffffffffffff, 0x4}, &(0x7f0000000280)=0x18) [ 689.968669] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 690.008016] overlayfs: failed to resolve './file1Mž‹DádË[Ó‰ÉÕÓÕ9=‹ˆ×[-Yê [ 690.008016] rùá罧5`Á®Ôf': -2 18:44:11 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000540)={0xffffffffffffffff}) mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x10) mount(0x0, &(0x7f0000000480)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000500)='sysfs\x00', 0x0, 0x0) symlink(&(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000040)) syz_open_procfs(0x0, &(0x7f0000000080)='net/sco\x00') r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) socket$caif_stream(0x25, 0x1, 0x0) unlink(&(0x7f0000000180)='./file0\x00') stat(0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) write$RDMA_USER_CM_CMD_NOTIFY(0xffffffffffffffff, &(0x7f0000000300)={0xf, 0x8, 0xfa00, {0xffffffffffffffff, 0x13}}, 0x10) write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000000400)={0xf, 0x8, 0xfa00, {0xffffffffffffffff, 0x13}}, 0x3) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhci\x00', 0x1) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000000c0)) write$vhci(r2, 0x0, 0x0) [ 690.008895] FAULT_INJECTION: forcing a failure. [ 690.008895] name failslab, interval 1, probability 0, space 0, times 0 [ 690.031894] FAULT_INJECTION: forcing a failure. [ 690.031894] name failslab, interval 1, probability 0, space 0, times 0 [ 690.057855] CPU: 1 PID: 26281 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 690.065009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.074379] Call Trace: [ 690.076983] dump_stack+0x138/0x197 [ 690.079887] FAULT_INJECTION: forcing a failure. [ 690.079887] name failslab, interval 1, probability 0, space 0, times 0 [ 690.080621] should_fail.cold+0x10f/0x159 [ 690.080639] should_failslab+0xdb/0x130 [ 690.080652] kmem_cache_alloc+0x47/0x780 [ 690.080669] ? anon_vma_chain_link+0x142/0x1a0 [ 690.080684] anon_vma_clone+0xde/0x470 18:44:11 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 690.080705] anon_vma_fork+0x87/0x4d0 [ 690.080724] copy_process.part.0+0x45e2/0x6a00 [ 690.080757] ? __cleanup_sighand+0x50/0x50 [ 690.080768] ? lock_downgrade+0x6e0/0x6e0 [ 690.080784] _do_fork+0x19e/0xce0 [ 690.080797] ? fork_idle+0x280/0x280 [ 690.080810] ? fput+0xd4/0x150 [ 690.080821] ? SyS_write+0x15e/0x230 [ 690.080836] SyS_clone+0x37/0x50 [ 690.080843] ? sys_vfork+0x30/0x30 [ 690.080855] do_syscall_64+0x1e8/0x640 [ 690.080863] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 690.080880] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 690.080888] RIP: 0033:0x459879 [ 690.080894] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 690.080904] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 690.080910] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 690.080915] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 690.080921] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 690.080927] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 690.132907] CPU: 0 PID: 26278 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 690.132914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.132918] Call Trace: [ 690.132934] dump_stack+0x138/0x197 [ 690.132953] should_fail.cold+0x10f/0x159 [ 690.132967] should_failslab+0xdb/0x130 [ 690.132978] kmem_cache_alloc+0x2d7/0x780 [ 690.132997] ptlock_alloc+0x20/0x70 [ 690.133009] pte_alloc_one+0x60/0x100 [ 690.162718] __pte_alloc+0x2a/0x2d0 [ 690.162737] copy_page_range+0x11ba/0x1bd0 [ 690.162751] ? anon_vma_fork+0x358/0x4d0 18:44:11 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:11 executing program 3 (fault-call:7 fault-nth:47): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 690.162770] ? vma_compute_subtree_gap+0x190/0x1f0 [ 690.162787] ? __pmd_alloc+0x410/0x410 [ 690.242025] copy_process.part.0+0x4764/0x6a00 [ 690.242056] ? __cleanup_sighand+0x50/0x50 [ 690.242071] ? lock_downgrade+0x6e0/0x6e0 [ 690.253903] _do_fork+0x19e/0xce0 [ 690.253918] ? fork_idle+0x280/0x280 [ 690.298712] ? fput+0xd4/0x150 [ 690.301920] ? SyS_write+0x15e/0x230 [ 690.305655] SyS_clone+0x37/0x50 [ 690.309034] ? sys_vfork+0x30/0x30 [ 690.312584] do_syscall_64+0x1e8/0x640 [ 690.316478] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 690.321353] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 690.321362] RIP: 0033:0x459879 [ 690.321368] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 690.321377] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 690.321382] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 690.321387] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 690.321392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 18:44:11 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:11 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$uhid(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uhid\x00', 0x802, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) bind(r0, &(0x7f0000000080)=@nfc={0x27, 0x1, 0x1, 0x7}, 0x80) close(r0) r1 = socket(0x100000000000011, 0x2, 0x81) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000180)=[@timestamp, @sack_perm, @timestamp, @mss={0x2, 0x7}, @timestamp, @window={0x3, 0x100000001, 0x3ff}], 0x6) bind(r1, &(0x7f0000000000)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x80000, 0x0) r2 = open(&(0x7f000000cc80)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x87ffd) sendfile(r0, r2, 0x0, 0x800000000024) [ 690.321397] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 690.422579] CPU: 0 PID: 26277 Comm: syz-executor.0 Not tainted 4.14.140 #36 [ 690.427504] FAULT_INJECTION: forcing a failure. [ 690.427504] name failslab, interval 1, probability 0, space 0, times 0 [ 690.429764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.429771] Call Trace: [ 690.429790] dump_stack+0x138/0x197 [ 690.429808] should_fail.cold+0x10f/0x159 [ 690.429832] should_failslab+0xdb/0x130 [ 690.464775] kmem_cache_alloc+0x2d7/0x780 [ 690.468957] ? retint_kernel+0x2d/0x2d [ 690.472854] alloc_inode+0xa9/0x180 [ 690.476473] new_inode_pseudo+0x19/0xf0 [ 690.480444] __ns_get_path.isra.0+0xfd/0x6e0 [ 690.484851] ns_get_path+0x6b/0xc0 [ 690.488389] perf_fill_ns_link_info.isra.0+0x6e/0x1d0 [ 690.488401] ? get_order+0x30/0x30 [ 690.488413] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 690.488427] perf_event_namespaces.part.0+0xba/0x190 [ 690.488436] ? perf_event_task+0x140/0x140 [ 690.511608] ? check_preemption_disabled+0x3c/0x250 [ 690.516646] ? free_nsproxy+0x188/0x200 [ 690.520638] perf_event_namespaces+0x25/0x30 [ 690.525186] SyS_setns+0x20f/0x2c0 [ 690.528743] ? exit_task_namespaces+0x20/0x20 [ 690.533423] do_syscall_64+0x1e8/0x640 [ 690.533434] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 690.533453] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 690.533461] RIP: 0033:0x459879 [ 690.533467] RSP: 002b:00007fa25bd6fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 690.542185] RAX: ffffffffffffffda RBX: 00007fa25bd6fc90 RCX: 0000000000459879 [ 690.542190] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 690.542196] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 690.542201] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa25bd706d4 [ 690.542207] R13: 00000000004c7923 R14: 00000000004dd2d0 R15: 0000000000000005 [ 690.610200] CPU: 1 PID: 26303 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 690.617352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.628723] Call Trace: [ 690.631370] dump_stack+0x138/0x197 [ 690.635014] should_fail.cold+0x10f/0x159 [ 690.639179] ? anon_vma_clone+0xde/0x470 [ 690.643280] should_failslab+0xdb/0x130 [ 690.647306] kmem_cache_alloc+0x47/0x780 [ 690.651384] ? anon_vma_chain_link+0x142/0x1a0 [ 690.655980] anon_vma_clone+0xde/0x470 [ 690.659972] anon_vma_fork+0x87/0x4d0 [ 690.663779] copy_process.part.0+0x45e2/0x6a00 [ 690.668396] ? __cleanup_sighand+0x50/0x50 18:44:11 executing program 2 (fault-call:7 fault-nth:42): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:11 executing program 5: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x1, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) r1 = socket$kcm(0xa, 0x2, 0x73) r2 = socket$kcm(0xa, 0x6, 0x73) r3 = dup3(r1, r2, 0x0) sendmmsg$inet6(r3, &(0x7f0000004040)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1b, 0x0, 0x0, &(0x7f0000001440)=[@tclass={{0x14}}], 0x18}}], 0x1, 0x0) 18:44:11 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 690.672733] ? lock_downgrade+0x6e0/0x6e0 [ 690.676898] _do_fork+0x19e/0xce0 [ 690.681758] ? fork_idle+0x280/0x280 [ 690.685490] ? fput+0xd4/0x150 [ 690.688694] ? SyS_write+0x15e/0x230 [ 690.692532] SyS_clone+0x37/0x50 [ 690.695904] ? sys_vfork+0x30/0x30 [ 690.699456] do_syscall_64+0x1e8/0x640 [ 690.703351] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 690.708216] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 690.713414] RIP: 0033:0x459879 [ 690.716608] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:11 executing program 0 (fault-call:9 fault-nth:2): sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:11 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:11 executing program 5: r0 = socket$unix(0x1, 0x5, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) close(r0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet6_udp(0xa, 0x2, 0x0) r1 = fanotify_init(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="7472616eea3d66642c7266646e6f3d", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',\x00']) 18:44:11 executing program 3 (fault-call:7 fault-nth:48): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 690.724319] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 690.731599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 690.738878] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 690.746167] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 690.753491] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:11 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:11 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:11 executing program 5: r0 = getpid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x80000000037) ptrace$cont(0x18, r1, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x5, 0x112}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x80840, 0x100) readlinkat(r2, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=""/68, 0x44) fdatasync(r2) [ 690.875686] FAULT_INJECTION: forcing a failure. [ 690.875686] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 690.915259] FAULT_INJECTION: forcing a failure. [ 690.915259] name failslab, interval 1, probability 0, space 0, times 0 [ 690.939301] FAULT_INJECTION: forcing a failure. [ 690.939301] name failslab, interval 1, probability 0, space 0, times 0 [ 690.942325] CPU: 0 PID: 26331 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 690.958067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.967467] Call Trace: [ 690.970066] dump_stack+0x138/0x197 [ 690.974057] should_fail.cold+0x10f/0x159 [ 690.978213] ? __might_sleep+0x93/0xb0 [ 690.982111] __alloc_pages_nodemask+0x1d6/0x7a0 [ 690.986785] ? __alloc_pages_slowpath+0x2930/0x2930 [ 690.991822] alloc_pages_current+0xec/0x1e0 [ 690.996150] pte_alloc_one+0x1a/0x100 [ 690.999950] __pte_alloc+0x2a/0x2d0 [ 691.007480] copy_page_range+0x11ba/0x1bd0 [ 691.011739] ? __pmd_alloc+0x410/0x410 [ 691.015638] copy_process.part.0+0x4764/0x6a00 [ 691.020340] ? __cleanup_sighand+0x50/0x50 [ 691.024676] ? lock_downgrade+0x6e0/0x6e0 [ 691.028938] _do_fork+0x19e/0xce0 [ 691.032423] ? fork_idle+0x280/0x280 [ 691.034120] ptrace attach of "/root/syz-executor.5"[26341] was attempted by "/root/syz-executor.5"[26342] [ 691.036235] ? fput+0xd4/0x150 [ 691.036247] ? SyS_write+0x15e/0x230 [ 691.036264] SyS_clone+0x37/0x50 [ 691.036274] ? sys_vfork+0x30/0x30 [ 691.059921] do_syscall_64+0x1e8/0x640 [ 691.063811] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 691.068657] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 691.073842] RIP: 0033:0x459879 [ 691.077108] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 691.084821] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 691.092087] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 691.099446] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 691.106709] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 691.114155] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 691.121553] CPU: 1 PID: 26330 Comm: syz-executor.0 Not tainted 4.14.140 #36 [ 691.128659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 691.137998] Call Trace: [ 691.140583] dump_stack+0x138/0x197 [ 691.144201] should_fail.cold+0x10f/0x159 [ 691.148338] should_failslab+0xdb/0x130 [ 691.152293] kmem_cache_alloc+0x2d7/0x780 [ 691.156426] ? check_preemption_disabled+0x3c/0x250 [ 691.161438] ? alloc_inode+0xa9/0x180 [ 691.165225] selinux_inode_alloc_security+0xb6/0x2a0 [ 691.170326] security_inode_alloc+0x94/0xd0 [ 691.175144] inode_init_always+0x552/0xaf0 [ 691.179378] alloc_inode+0x81/0x180 [ 691.183009] new_inode_pseudo+0x19/0xf0 [ 691.187069] __ns_get_path.isra.0+0xfd/0x6e0 [ 691.191482] ns_get_path+0x6b/0xc0 [ 691.195012] perf_fill_ns_link_info.isra.0+0x6e/0x1d0 [ 691.200190] ? get_order+0x30/0x30 [ 691.203737] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 691.208579] perf_event_namespaces.part.0+0xba/0x190 [ 691.213707] ? perf_event_task+0x140/0x140 [ 691.217924] ? check_preemption_disabled+0x3c/0x250 [ 691.222934] ? free_nsproxy+0x188/0x200 [ 691.226906] perf_event_namespaces+0x25/0x30 [ 691.231295] SyS_setns+0x20f/0x2c0 [ 691.234990] ? exit_task_namespaces+0x20/0x20 [ 691.239469] do_syscall_64+0x1e8/0x640 [ 691.243339] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 691.248184] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 691.253731] RIP: 0033:0x459879 [ 691.256904] RSP: 002b:00007fa25bd6fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 691.264766] RAX: ffffffffffffffda RBX: 00007fa25bd6fc90 RCX: 0000000000459879 18:44:12 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 691.272119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 691.279373] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 691.286623] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa25bd706d4 [ 691.293876] R13: 00000000004c7923 R14: 00000000004dd2d0 R15: 0000000000000005 [ 691.327409] CPU: 1 PID: 26335 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 691.334561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 691.343933] Call Trace: [ 691.346536] dump_stack+0x138/0x197 [ 691.350184] should_fail.cold+0x10f/0x159 [ 691.354342] ? anon_vma_clone+0xde/0x470 [ 691.358420] should_failslab+0xdb/0x130 [ 691.362410] kmem_cache_alloc+0x47/0x780 [ 691.366511] ? anon_vma_chain_link+0x142/0x1a0 [ 691.371105] anon_vma_clone+0xde/0x470 18:44:12 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 691.375006] anon_vma_fork+0x87/0x4d0 [ 691.378814] copy_process.part.0+0x45e2/0x6a00 [ 691.383427] ? __cleanup_sighand+0x50/0x50 [ 691.387682] ? lock_downgrade+0x6e0/0x6e0 [ 691.391844] _do_fork+0x19e/0xce0 [ 691.395331] ? fork_idle+0x280/0x280 [ 691.399135] ? fput+0xd4/0x150 [ 691.402338] ? SyS_write+0x15e/0x230 [ 691.406287] SyS_clone+0x37/0x50 [ 691.409661] ? sys_vfork+0x30/0x30 [ 691.413209] do_syscall_64+0x1e8/0x640 [ 691.417101] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 691.421959] entry_SYSCALL_64_after_hwframe+0x42/0xb7 18:44:12 executing program 2 (fault-call:7 fault-nth:43): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:12 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) 18:44:12 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 691.427153] RIP: 0033:0x459879 [ 691.430346] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 691.438074] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 691.445345] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 691.452805] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 691.460066] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 691.467384] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:12 executing program 0 (fault-call:9 fault-nth:3): sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:12 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:12 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) 18:44:12 executing program 3 (fault-call:7 fault-nth:49): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:12 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:12 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 691.647030] FAULT_INJECTION: forcing a failure. [ 691.647030] name failslab, interval 1, probability 0, space 0, times 0 [ 691.687203] FAULT_INJECTION: forcing a failure. [ 691.687203] name failslab, interval 1, probability 0, space 0, times 0 [ 691.704642] FAULT_INJECTION: forcing a failure. [ 691.704642] name failslab, interval 1, probability 0, space 0, times 0 [ 691.718054] CPU: 0 PID: 26364 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 691.726504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 691.735870] Call Trace: [ 691.738475] dump_stack+0x138/0x197 [ 691.742129] should_fail.cold+0x10f/0x159 [ 691.746303] should_failslab+0xdb/0x130 [ 691.750291] kmem_cache_alloc+0x2d7/0x780 [ 691.754458] ptlock_alloc+0x20/0x70 [ 691.758111] pte_alloc_one+0x60/0x100 [ 691.762009] __pte_alloc+0x2a/0x2d0 [ 691.765659] copy_page_range+0x11ba/0x1bd0 [ 691.769920] ? __pmd_alloc+0x410/0x410 [ 691.773835] copy_process.part.0+0x4764/0x6a00 [ 691.778450] ? __cleanup_sighand+0x50/0x50 [ 691.782732] ? lock_downgrade+0x6e0/0x6e0 [ 691.786887] _do_fork+0x19e/0xce0 [ 691.790348] ? fork_idle+0x280/0x280 [ 691.794073] ? fput+0xd4/0x150 [ 691.797269] ? SyS_write+0x15e/0x230 [ 691.801085] SyS_clone+0x37/0x50 [ 691.804453] ? sys_vfork+0x30/0x30 [ 691.808006] do_syscall_64+0x1e8/0x640 [ 691.811898] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 691.816753] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 691.821946] RIP: 0033:0x459879 [ 691.825131] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 691.832839] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 691.840109] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 691.847418] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 691.854694] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 691.861971] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 691.869701] CPU: 1 PID: 26371 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 691.876820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 18:44:12 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:12 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:12 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)) [ 691.886167] Call Trace: [ 691.886185] dump_stack+0x138/0x197 [ 691.886200] should_fail.cold+0x10f/0x159 [ 691.886213] should_failslab+0xdb/0x130 [ 691.886223] kmem_cache_alloc+0x2d7/0x780 [ 691.886232] ? anon_vma_clone+0x310/0x470 [ 691.886246] anon_vma_fork+0xe9/0x4d0 [ 691.886261] copy_process.part.0+0x45e2/0x6a00 [ 691.886290] ? __cleanup_sighand+0x50/0x50 [ 691.921539] ? lock_downgrade+0x6e0/0x6e0 [ 691.925722] _do_fork+0x19e/0xce0 [ 691.929467] ? fork_idle+0x280/0x280 [ 691.933190] ? fput+0xd4/0x150 [ 691.936385] ? SyS_write+0x15e/0x230 [ 691.940103] SyS_clone+0x37/0x50 [ 691.943477] ? sys_vfork+0x30/0x30 [ 691.947027] do_syscall_64+0x1e8/0x640 [ 691.950914] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 691.955762] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 691.960949] RIP: 0033:0x459879 [ 691.964141] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 691.981608] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 691.995493] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 692.002776] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 692.010050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 692.017418] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 692.026062] CPU: 0 PID: 26360 Comm: syz-executor.0 Not tainted 4.14.140 #36 [ 692.033192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.042561] Call Trace: [ 692.045170] dump_stack+0x138/0x197 [ 692.048813] should_fail.cold+0x10f/0x159 [ 692.053237] should_failslab+0xdb/0x130 [ 692.057219] kmem_cache_alloc+0x2d7/0x780 [ 692.061379] ? current_kernel_time64+0x102/0x230 [ 692.066154] __d_alloc+0x2d/0x9f0 [ 692.069706] d_alloc_pseudo+0x1e/0x30 [ 692.073516] __ns_get_path.isra.0+0x2ce/0x6e0 [ 692.078017] ns_get_path+0x6b/0xc0 [ 692.081648] perf_fill_ns_link_info.isra.0+0x6e/0x1d0 [ 692.086833] ? get_order+0x30/0x30 [ 692.090478] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 692.095344] perf_event_namespaces.part.0+0xba/0x190 [ 692.100641] ? perf_event_task+0x140/0x140 [ 692.104955] ? check_preemption_disabled+0x3c/0x250 [ 692.110076] ? free_nsproxy+0x188/0x200 [ 692.114040] perf_event_namespaces+0x25/0x30 [ 692.118448] SyS_setns+0x20f/0x2c0 [ 692.121977] ? exit_task_namespaces+0x20/0x20 [ 692.126458] do_syscall_64+0x1e8/0x640 [ 692.130334] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 692.135161] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 692.140335] RIP: 0033:0x459879 [ 692.145269] RSP: 002b:00007fa25bd6fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 692.152972] RAX: ffffffffffffffda RBX: 00007fa25bd6fc90 RCX: 0000000000459879 [ 692.160260] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 692.167520] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 692.174776] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa25bd706d4 [ 692.182031] R13: 00000000004c7923 R14: 00000000004dd2d0 R15: 0000000000000005 18:44:13 executing program 2 (fault-call:7 fault-nth:44): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:13 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) 18:44:13 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)) 18:44:13 executing program 3 (fault-call:7 fault-nth:50): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:13 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:13 executing program 0 (fault-call:9 fault-nth:4): sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:13 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)) [ 692.285246] FAULT_INJECTION: forcing a failure. [ 692.285246] name failslab, interval 1, probability 0, space 0, times 0 [ 692.347258] FAULT_INJECTION: forcing a failure. [ 692.347258] name failslab, interval 1, probability 0, space 0, times 0 [ 692.353823] CPU: 0 PID: 26392 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 692.365709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.367804] FAULT_INJECTION: forcing a failure. [ 692.367804] name failslab, interval 1, probability 0, space 0, times 0 [ 692.375152] Call Trace: [ 692.375173] dump_stack+0x138/0x197 [ 692.375193] should_fail.cold+0x10f/0x159 [ 692.375208] should_failslab+0xdb/0x130 [ 692.375218] kmem_cache_alloc+0x2d7/0x780 [ 692.375236] ? anon_vma_clone+0x310/0x470 [ 692.409063] anon_vma_fork+0x1ce/0x4d0 [ 692.413053] copy_process.part.0+0x45e2/0x6a00 [ 692.417664] ? __cleanup_sighand+0x50/0x50 [ 692.421991] ? lock_downgrade+0x6e0/0x6e0 [ 692.426143] _do_fork+0x19e/0xce0 [ 692.429606] ? fork_idle+0x280/0x280 [ 692.433326] ? fput+0xd4/0x150 [ 692.436521] ? SyS_write+0x15e/0x230 [ 692.440411] SyS_clone+0x37/0x50 [ 692.443769] ? sys_vfork+0x30/0x30 [ 692.447305] do_syscall_64+0x1e8/0x640 [ 692.451188] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 692.456030] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 692.461211] RIP: 0033:0x459879 [ 692.464390] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 692.472184] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 692.479445] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 692.486712] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 692.493978] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 692.501266] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 692.508571] CPU: 1 PID: 26398 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 692.529506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 18:44:13 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) 18:44:13 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 692.542154] Call Trace: [ 692.549905] dump_stack+0x138/0x197 [ 692.557687] should_fail.cold+0x10f/0x159 [ 692.564053] should_failslab+0xdb/0x130 [ 692.568045] kmem_cache_alloc+0x2d7/0x780 [ 692.572218] ptlock_alloc+0x20/0x70 [ 692.575938] pte_alloc_one+0x60/0x100 [ 692.579749] __pte_alloc+0x2a/0x2d0 [ 692.583389] copy_page_range+0x11ba/0x1bd0 [ 692.587677] ? __pmd_alloc+0x410/0x410 [ 692.591583] copy_process.part.0+0x4764/0x6a00 18:44:13 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) 18:44:13 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 692.596202] ? __cleanup_sighand+0x50/0x50 [ 692.600446] ? lock_downgrade+0x6e0/0x6e0 [ 692.604609] _do_fork+0x19e/0xce0 [ 692.608077] ? fork_idle+0x280/0x280 [ 692.611825] ? fput+0xd4/0x150 [ 692.615123] ? SyS_write+0x15e/0x230 [ 692.618854] SyS_clone+0x37/0x50 [ 692.622233] ? sys_vfork+0x30/0x30 [ 692.625781] do_syscall_64+0x1e8/0x640 [ 692.629674] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 692.634530] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 692.639721] RIP: 0033:0x459879 18:44:13 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) [ 692.642916] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 692.650803] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 692.658182] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 692.665548] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 692.672923] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 692.680199] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 692.705279] CPU: 1 PID: 26395 Comm: syz-executor.0 Not tainted 4.14.140 #36 [ 692.712420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.712425] Call Trace: [ 692.712442] dump_stack+0x138/0x197 [ 692.712458] should_fail.cold+0x10f/0x159 [ 692.712471] should_failslab+0xdb/0x130 [ 692.712482] kmem_cache_alloc+0x2d7/0x780 [ 692.712497] alloc_inode+0xa9/0x180 [ 692.712506] new_inode_pseudo+0x19/0xf0 [ 692.712518] __ns_get_path.isra.0+0xfd/0x6e0 [ 692.712531] ns_get_path+0x6b/0xc0 [ 692.712546] perf_fill_ns_link_info.isra.0+0x6e/0x1d0 [ 692.732235] ? get_order+0x30/0x30 [ 692.732251] perf_event_namespaces.part.0+0xd1/0x190 [ 692.732259] ? perf_event_task+0x140/0x140 [ 692.732271] ? check_preemption_disabled+0x3c/0x250 [ 692.732294] ? free_nsproxy+0x188/0x200 [ 692.732307] perf_event_namespaces+0x25/0x30 [ 692.740436] SyS_setns+0x20f/0x2c0 [ 692.740447] ? exit_task_namespaces+0x20/0x20 [ 692.740459] do_syscall_64+0x1e8/0x640 [ 692.740467] ? trace_hardirqs_off_thunk+0x1a/0x1c 18:44:13 executing program 2 (fault-call:7 fault-nth:45): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:13 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:13 executing program 3 (fault-call:7 fault-nth:51): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:13 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:13 executing program 5: r0 = syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x10000, 0x0) sendmsg$sock(r1, &(0x7f0000000300)={&(0x7f0000000100)=@can, 0x80, &(0x7f0000000200)=[{&(0x7f00000001c0)="6378f1ca70f61d12eba1a10cc52d35040450c136d2ab2fe702fd8f0c", 0x1c}], 0x1, &(0x7f0000000240)=[@txtime={{0x18, 0x1, 0x3d, 0x8000}}, @mark={{0x14, 0x1, 0x24, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0x7fffffff}}, @txtime={{0x18, 0x1, 0x3d, 0x6}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}, @txtime={{0x18, 0x1, 0x3d, 0xfffffffffffffff2}}, @txtime={{0x18, 0x1, 0x3d, 0x1fb4000}}], 0xa8}, 0x8014) ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000080)={0x0, 0x0, {0x0, 0x1, 0x29}}) ioctl$VIDIOC_SUBDEV_G_FMT(r0, 0xc0585604, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x30, 0x300c, 0x7, 0x2, 0xa9e3851ffea2e270, 0x1, 0x7}}) [ 692.740483] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 692.740489] RIP: 0033:0x459879 [ 692.740495] RSP: 002b:00007fa25bd6fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 692.740506] RAX: ffffffffffffffda RBX: 00007fa25bd6fc90 RCX: 0000000000459879 [ 692.740511] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 692.740517] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 692.740522] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa25bd706d4 18:44:13 executing program 0 (fault-call:9 fault-nth:5): sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:13 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x10000, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000080)=0xe14, &(0x7f00000001c0)=0x4) ioctl(r0, 0x200001000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") r2 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000002a0000000700000000000000950000000000000062d7206903d64063b78f2f2f960ac76c63ec7064d43aa3c6451500000000000088a03f72afb0da83b0ed49875aca9b136dc665ae21c3f3f2020300000000000000b1c46c76c2a5a56f00000000000000009cd2cc2357481bd438107c16a90ea803d33e1d127e40bd47d0aee7d35b18f215b96a828631f46709ad786c9b748fa0b11a1bd072b5bd5a96887f98bdccc7ede7ca57297c5bbcdc"], &(0x7f0000014ff5)='syzka\x00\x00\x00\x05\x00\xf3', 0x2, 0x1000, &(0x7f0000014000)=""/4096}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000240)="f460cdfbef24080000000a9386dd", 0x0, 0x401}, 0x28) [ 692.740528] R13: 00000000004c7923 R14: 00000000004dd2d0 R15: 0000000000000005 [ 692.844808] FAULT_INJECTION: forcing a failure. [ 692.844808] name failslab, interval 1, probability 0, space 0, times 0 18:44:13 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:13 executing program 4: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 692.946990] FAULT_INJECTION: forcing a failure. [ 692.946990] name failslab, interval 1, probability 0, space 0, times 0 [ 692.973141] CPU: 1 PID: 26418 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 692.980291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.990008] Call Trace: [ 692.992602] dump_stack+0x138/0x197 [ 692.996229] should_fail.cold+0x10f/0x159 [ 693.000450] should_failslab+0xdb/0x130 [ 693.007990] kmem_cache_alloc+0x2d7/0x780 [ 693.012133] ptlock_alloc+0x20/0x70 [ 693.015744] pte_alloc_one+0x60/0x100 [ 693.019530] __pte_alloc+0x2a/0x2d0 [ 693.023143] copy_page_range+0x11ba/0x1bd0 [ 693.027369] ? anon_vma_fork+0x358/0x4d0 [ 693.031426] ? __pmd_alloc+0x410/0x410 [ 693.035409] copy_process.part.0+0x4764/0x6a00 [ 693.039988] ? __cleanup_sighand+0x50/0x50 [ 693.044209] ? lock_downgrade+0x6e0/0x6e0 [ 693.048350] _do_fork+0x19e/0xce0 [ 693.051818] ? fork_idle+0x280/0x280 [ 693.055518] ? fput+0xd4/0x150 [ 693.058701] ? SyS_write+0x15e/0x230 [ 693.062400] SyS_clone+0x37/0x50 [ 693.065748] ? sys_vfork+0x30/0x30 [ 693.069282] do_syscall_64+0x1e8/0x640 [ 693.073152] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 693.077984] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 693.083155] RIP: 0033:0x459879 [ 693.086326] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:14 executing program 4: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 693.094018] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 693.101269] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 693.108607] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 693.115861] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 693.123301] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 693.133720] CPU: 0 PID: 26424 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 693.140871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 693.150243] Call Trace: [ 693.152885] dump_stack+0x138/0x197 [ 693.156533] should_fail.cold+0x10f/0x159 [ 693.160706] should_failslab+0xdb/0x130 [ 693.164697] kmem_cache_alloc+0x47/0x780 [ 693.168773] ? __lock_is_held+0xb6/0x140 [ 693.172842] ? check_preemption_disabled+0x3c/0x250 [ 693.177853] anon_vma_clone+0xde/0x470 [ 693.181746] anon_vma_fork+0x87/0x4d0 [ 693.185535] copy_process.part.0+0x45e2/0x6a00 [ 693.190121] ? __cleanup_sighand+0x50/0x50 [ 693.194338] ? lock_downgrade+0x6e0/0x6e0 [ 693.198471] _do_fork+0x19e/0xce0 [ 693.201924] ? fork_idle+0x280/0x280 [ 693.205623] ? fput+0xd4/0x150 [ 693.208800] ? SyS_write+0x15e/0x230 [ 693.212498] SyS_clone+0x37/0x50 [ 693.215889] ? sys_vfork+0x30/0x30 [ 693.219435] do_syscall_64+0x1e8/0x640 [ 693.223305] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 693.228228] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 693.233400] RIP: 0033:0x459879 [ 693.236570] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 693.244367] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 693.251614] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 693.258866] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 693.266304] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 693.273560] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 693.285037] FAULT_INJECTION: forcing a failure. [ 693.285037] name failslab, interval 1, probability 0, space 0, times 0 [ 693.312604] CPU: 1 PID: 26433 Comm: syz-executor.0 Not tainted 4.14.140 #36 [ 693.319783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 693.329145] Call Trace: [ 693.331748] dump_stack+0x138/0x197 [ 693.335391] should_fail.cold+0x10f/0x159 [ 693.339553] should_failslab+0xdb/0x130 [ 693.343535] kmem_cache_alloc+0x2d7/0x780 [ 693.347671] ? check_preemption_disabled+0x3c/0x250 [ 693.352675] ? alloc_inode+0xa9/0x180 [ 693.356475] selinux_inode_alloc_security+0xb6/0x2a0 [ 693.361562] security_inode_alloc+0x94/0xd0 [ 693.365872] inode_init_always+0x552/0xaf0 [ 693.370089] alloc_inode+0x81/0x180 [ 693.373963] new_inode_pseudo+0x19/0xf0 [ 693.378095] __ns_get_path.isra.0+0xfd/0x6e0 [ 693.382573] ns_get_path+0x6b/0xc0 [ 693.386099] perf_fill_ns_link_info.isra.0+0x6e/0x1d0 [ 693.391445] ? get_order+0x30/0x30 [ 693.395058] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 693.400147] perf_event_namespaces.part.0+0xd1/0x190 [ 693.405303] ? perf_event_task+0x140/0x140 [ 693.409527] ? check_preemption_disabled+0x3c/0x250 [ 693.414534] ? free_nsproxy+0x188/0x200 [ 693.418492] perf_event_namespaces+0x25/0x30 [ 693.422880] SyS_setns+0x20f/0x2c0 [ 693.426679] ? exit_task_namespaces+0x20/0x20 [ 693.431157] do_syscall_64+0x1e8/0x640 [ 693.435024] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 693.439945] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 693.445127] RIP: 0033:0x459879 [ 693.448297] RSP: 002b:00007fa25bd6fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 693.456085] RAX: ffffffffffffffda RBX: 00007fa25bd6fc90 RCX: 0000000000459879 18:44:14 executing program 4: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:14 executing program 4: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 693.463336] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 693.470588] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 693.477842] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa25bd706d4 [ 693.485094] R13: 00000000004c7923 R14: 00000000004dd2d0 R15: 0000000000000005 18:44:14 executing program 2 (fault-call:7 fault-nth:46): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:14 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:14 executing program 3 (fault-call:7 fault-nth:52): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:14 executing program 5: lsetxattr$trusted_overlay_origin(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='trusted.overlay.origin\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x2) r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r0, 0x104, 0x5, 0x0, &(0x7f0000000040)) 18:44:14 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 693.639214] FAULT_INJECTION: forcing a failure. [ 693.639214] name failslab, interval 1, probability 0, space 0, times 0 [ 693.676260] CPU: 0 PID: 26454 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 693.683404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 693.692780] Call Trace: [ 693.695390] dump_stack+0x138/0x197 [ 693.699059] should_fail.cold+0x10f/0x159 [ 693.703269] should_failslab+0xdb/0x130 [ 693.707259] kmem_cache_alloc+0x47/0x780 [ 693.711342] ? anon_vma_chain_link+0x142/0x1a0 [ 693.715942] anon_vma_clone+0xde/0x470 [ 693.719845] anon_vma_fork+0x87/0x4d0 [ 693.723661] copy_process.part.0+0x45e2/0x6a00 [ 693.728279] ? __cleanup_sighand+0x50/0x50 [ 693.732526] ? lock_downgrade+0x6e0/0x6e0 [ 693.736701] _do_fork+0x19e/0xce0 [ 693.740160] ? fork_idle+0x280/0x280 [ 693.743887] ? fput+0xd4/0x150 [ 693.747095] ? SyS_write+0x15e/0x230 [ 693.750848] SyS_clone+0x37/0x50 [ 693.754225] ? sys_vfork+0x30/0x30 [ 693.757868] do_syscall_64+0x1e8/0x640 [ 693.761766] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 693.766802] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 693.772259] RIP: 0033:0x459879 [ 693.775548] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:14 executing program 0 (fault-call:9 fault-nth:6): sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:14 executing program 4: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:14 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xa, 0x1, 0x100000000000914, 0x8000000005}, 0x2c) socket$kcm(0x29, 0x2, 0x0) r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x335) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x02roup.stap\x00', 0x2761, 0x0) r3 = gettid() perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40042409, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000480)='/dev/net/tun\x00', 0x142, 0x0) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00']) perf_event_open(&(0x7f0000000340)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4040a, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xc6f, 0x1, 0x0, 0x6, 0x0, 0x2, 0x5, 0x6, 0x0, 0xb7, 0x6, 0x3, 0x4, 0x58aa, 0x8, 0x80000001, 0x0, 0x888, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffc1, 0x0, 0xe4, 0x1, @perf_config_ext={0x3}, 0x0, 0x1, 0x0, 0x0, 0x1f, 0x0, 0x6}, r3, 0xd, 0xffffffffffffffff, 0x2) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000000)=@ipx={0x4, 0x0, 0x8, "f3cbafb12fc1"}, 0x80, 0x0}, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0xc0c0583b, 0x20000001) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000200)="18b19932345a6fa4c70f6c17f76eb5f5a5af8c222daa05a0c028ab780802fc7eab9db48ed38be70222932eadb22a704792198ca675fd58d5e3ffcf3b6ed37733cf688fb9e38cc7", &(0x7f00000003c0)=""/91}, 0x18) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f00000005c0)=0x45) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r2, 0x0, 0x0}, 0x18) ioctl$TUNGETSNDBUF(r2, 0x800454d3, 0x0) gettid() bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20\x00', 0x101141, 0x0) 18:44:14 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) 18:44:14 executing program 2 (fault-call:7 fault-nth:47): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 693.783666] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 693.792165] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 693.799786] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 693.807139] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 693.814392] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:14 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) 18:44:14 executing program 4: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 693.958904] FAULT_INJECTION: forcing a failure. [ 693.958904] name failslab, interval 1, probability 0, space 0, times 0 [ 693.971640] FAULT_INJECTION: forcing a failure. [ 693.971640] name failslab, interval 1, probability 0, space 0, times 0 18:44:14 executing program 0: r0 = syz_open_dev$ndb(&(0x7f0000000040)='/dev/nbd#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1000000000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) sched_setaffinity(0x0, 0x0, 0x0) unshare(0x64000200) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$FUSE_STATFS(r3, &(0x7f0000000180)={0x60, 0x0, 0x6, {{0x70000000000000, 0x1000, 0x7, 0x8, 0x9, 0xffffffffffffff68, 0x101, 0x7}}}, 0x60) semget$private(0x0, 0x802, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r4, 0x0) 18:44:14 executing program 5: prctl$PR_GET_DUMPABLE(0x3) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') r2 = getpgid(0x0) sched_rr_get_interval(r2, &(0x7f00000000c0)) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x6000060}, 0xfffffffffffffe3a, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r1, @ANYBLOB="00082abd7000fbdbdf25160000001800070008000100030000000c00040008000000000014000600040002000800010000000100040002000c80361d0000060004000200040002002c000200080001000500000008009ff2082a6b2dc800020008000000080001000100000008000100480a00002c000900080001008100000008000100e4ff0000080002000000008008000100050000000800020009000000890c29fb2e8a7d8c7a3b88d2316c9faf01a550541f20b5a6065a15fa522f925fe7cd3e108a00340000"], 0xa4}, 0x1, 0x0, 0x0, 0xb893f0c8c5f46c08}, 0x10) ioctl(r0, 0x800000000000937e, &(0x7f0000000ac0)="0100000000000000180100000334990000002000000000002f") [ 694.001672] CPU: 1 PID: 26477 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 694.009257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.018707] Call Trace: [ 694.021328] dump_stack+0x138/0x197 [ 694.025028] should_fail.cold+0x10f/0x159 [ 694.029286] should_failslab+0xdb/0x130 [ 694.033285] kmem_cache_alloc+0x2d7/0x780 [ 694.037501] copy_process.part.0+0x444f/0x6a00 [ 694.042476] ? __cleanup_sighand+0x50/0x50 [ 694.046752] ? lock_downgrade+0x6e0/0x6e0 [ 694.051011] _do_fork+0x19e/0xce0 [ 694.054570] ? fork_idle+0x280/0x280 [ 694.058310] ? fput+0xd4/0x150 [ 694.061639] ? SyS_write+0x15e/0x230 [ 694.065456] SyS_clone+0x37/0x50 [ 694.069035] ? sys_vfork+0x30/0x30 [ 694.072591] do_syscall_64+0x1e8/0x640 [ 694.076587] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 694.081458] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 694.086653] RIP: 0033:0x459879 [ 694.089870] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 694.097619] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 694.104980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 694.112265] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 694.119558] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 694.127110] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 694.134406] CPU: 0 PID: 26479 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 694.141619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.141623] Call Trace: [ 694.141639] dump_stack+0x138/0x197 [ 694.141659] should_fail.cold+0x10f/0x159 [ 694.161747] should_failslab+0xdb/0x130 [ 694.165746] kmem_cache_alloc+0x47/0x780 [ 694.169839] ? anon_vma_chain_link+0x142/0x1a0 [ 694.174430] anon_vma_clone+0xde/0x470 [ 694.178346] anon_vma_fork+0x87/0x4d0 [ 694.182162] copy_process.part.0+0x45e2/0x6a00 [ 694.186908] ? __cleanup_sighand+0x50/0x50 [ 694.191159] ? lock_downgrade+0x6e0/0x6e0 [ 694.195324] _do_fork+0x19e/0xce0 [ 694.198794] ? fork_idle+0x280/0x280 [ 694.202524] ? fput+0xd4/0x150 [ 694.205821] ? SyS_write+0x15e/0x230 [ 694.209555] SyS_clone+0x37/0x50 [ 694.212926] ? sys_vfork+0x30/0x30 [ 694.216563] do_syscall_64+0x1e8/0x640 [ 694.220457] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 694.225330] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 694.230722] RIP: 0033:0x459879 [ 694.233892] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 694.241604] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 18:44:15 executing program 3 (fault-call:7 fault-nth:53): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:15 executing program 5: r0 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000100), 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x4, &(0x7f00000001c0)=0xde, 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") accept4$inet(r1, &(0x7f0000000480)={0x2, 0x0, @empty}, &(0x7f00000004c0)=0x10, 0x800) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @remote}, 0x10) fgetxattr(r2, &(0x7f0000000300)=@known='trusted.overlay.opaque\x00', &(0x7f00000003c0)=""/125, 0x7d) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='bcsh0\x00', 0x10) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='lo\x00\x00\x00\x00\xdf\xff\xff\xff\x00', 0x10) openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000500)='/selinux/user\x00', 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14) ioctl$int_in(r2, 0x5421, &(0x7f0000000180)=0x7fff) sendto$inet(r2, 0x0, 0x0, 0x1000000020000000, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10) r3 = gettid() ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x10, &(0x7f0000000440)={0x2}) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000002c0)={0x42a, 0x7, 0x1000}, 0x4) r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x40, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) write$capi20(r4, &(0x7f0000000280)={0x10, 0x400, 0x80, 0xeb9a532ee214c896, 0x8, 0xffffffff}, 0x10) sendto$inet(r2, &(0x7f0000000380)="9d", 0x1, 0xfffffffffffffffe, 0x0, 0x0) close(r0) 18:44:15 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:15 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) [ 694.248858] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 694.256218] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 694.263576] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 694.270888] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:15 executing program 2 (fault-call:7 fault-nth:48): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 694.302996] IPVS: ftp: loaded support on port[0] = 21 18:44:15 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, 0x0, 0x0) 18:44:15 executing program 5: r0 = socket$inet_sctp(0x2, 0xa2f1510733eccfa9, 0x84) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000040)=ANY=[@ANYBLOB="736563757269747900000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000e83623c000"/104], 0x68) 18:44:15 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 694.398891] FAULT_INJECTION: forcing a failure. [ 694.398891] name failslab, interval 1, probability 0, space 0, times 0 [ 694.438956] CPU: 0 PID: 26510 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 694.446092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.446098] Call Trace: [ 694.446114] dump_stack+0x138/0x197 [ 694.446133] should_fail.cold+0x10f/0x159 [ 694.446149] should_failslab+0xdb/0x130 [ 694.446161] kmem_cache_alloc+0x47/0x780 [ 694.446172] ? __lock_is_held+0xb6/0x140 [ 694.446185] ? check_preemption_disabled+0x3c/0x250 [ 694.446198] anon_vma_clone+0xde/0x470 [ 694.446214] anon_vma_fork+0x87/0x4d0 [ 694.470147] copy_process.part.0+0x45e2/0x6a00 18:44:15 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r1 = socket$inet6(0xa, 0x801, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x74, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60d8652b00140600fe8000000000000000000d00000000aafe8000000000000000000000000000aa00004e20", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5400000090780010"], 0x0) 18:44:15 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, 0x0, 0x0) [ 694.470180] ? __cleanup_sighand+0x50/0x50 [ 694.483290] ? lock_downgrade+0x6e0/0x6e0 [ 694.483310] _do_fork+0x19e/0xce0 [ 694.491058] ? fork_idle+0x280/0x280 [ 694.491072] ? fput+0xd4/0x150 [ 694.491082] ? SyS_write+0x15e/0x230 [ 694.491096] SyS_clone+0x37/0x50 [ 694.500237] ? sys_vfork+0x30/0x30 [ 694.500249] do_syscall_64+0x1e8/0x640 [ 694.500254] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 694.500265] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 694.500270] RIP: 0033:0x459879 [ 694.500273] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 694.500280] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 694.500284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 694.500287] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 694.500291] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 694.500294] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 694.568420] FAULT_INJECTION: forcing a failure. [ 694.568420] name failslab, interval 1, probability 0, space 0, times 0 [ 694.602229] CPU: 0 PID: 26523 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 694.611802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.630436] Call Trace: [ 694.630453] dump_stack+0x138/0x197 [ 694.630474] should_fail.cold+0x10f/0x159 [ 694.630489] should_failslab+0xdb/0x130 [ 694.646914] kmem_cache_alloc+0x2d7/0x780 [ 694.646924] ? anon_vma_clone+0x310/0x470 [ 694.646941] anon_vma_fork+0xe9/0x4d0 [ 694.646955] copy_process.part.0+0x45e2/0x6a00 [ 694.646984] ? __cleanup_sighand+0x50/0x50 [ 694.653202] ? lock_downgrade+0x6e0/0x6e0 [ 694.653221] _do_fork+0x19e/0xce0 [ 694.661319] ? fork_idle+0x280/0x280 [ 694.661333] ? fput+0xd4/0x150 [ 694.661343] ? SyS_write+0x15e/0x230 [ 694.661358] SyS_clone+0x37/0x50 [ 694.673431] ? sys_vfork+0x30/0x30 [ 694.673447] do_syscall_64+0x1e8/0x640 [ 694.673463] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 694.682440] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 694.682450] RIP: 0033:0x459879 [ 694.682456] RSP: 002b:00007f8cec836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 694.733054] RAX: ffffffffffffffda RBX: 00007f8cec836c90 RCX: 0000000000459879 [ 694.740341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 694.747603] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 694.754972] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8376d4 [ 694.762506] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:15 executing program 0: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000080)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0}, &(0x7f0000000180)=0xc) sched_setaffinity(r0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:44:15 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:15 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, 0x0, 0x0) 18:44:15 executing program 2 (fault-call:7 fault-nth:49): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:15 executing program 5: timer_create(0x3, 0x0, &(0x7f00000002c0)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xf9, 0x20000) getpeername$netlink(r1, &(0x7f0000000080), &(0x7f00000000c0)=0xc) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0) timer_gettime(0x0, 0x0) 18:44:15 executing program 3 (fault-call:7 fault-nth:54): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:15 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:15 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0) [ 694.917870] FAULT_INJECTION: forcing a failure. [ 694.917870] name failslab, interval 1, probability 0, space 0, times 0 [ 694.952845] FAULT_INJECTION: forcing a failure. [ 694.952845] name failslab, interval 1, probability 0, space 0, times 0 [ 694.982054] CPU: 0 PID: 26540 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 694.989380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.998776] Call Trace: [ 694.998795] dump_stack+0x138/0x197 [ 694.998815] should_fail.cold+0x10f/0x159 [ 695.011693] should_failslab+0xdb/0x130 [ 695.015668] kmem_cache_alloc+0x2d7/0x780 [ 695.019829] ? anon_vma_clone+0x310/0x470 [ 695.023968] anon_vma_fork+0xe9/0x4d0 [ 695.027783] copy_process.part.0+0x45e2/0x6a00 [ 695.032454] ? __cleanup_sighand+0x50/0x50 [ 695.036673] ? lock_downgrade+0x6e0/0x6e0 [ 695.040808] _do_fork+0x19e/0xce0 [ 695.044262] ? fork_idle+0x280/0x280 [ 695.048046] ? fput+0xd4/0x150 [ 695.051482] ? SyS_write+0x15e/0x230 [ 695.055200] SyS_clone+0x37/0x50 [ 695.058566] ? sys_vfork+0x30/0x30 [ 695.062111] do_syscall_64+0x1e8/0x640 [ 695.065990] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 695.070921] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 695.076094] RIP: 0033:0x459879 18:44:15 executing program 5: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000240)={0xffffffffffffffff}) mmap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x2000000, 0x10032, r0, 0xffffffffffffffff) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0xd, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x7, &(0x7f0000000280), &(0x7f00000002c0)=0x14) mmap(&(0x7f0000000000/0x22000)=nil, 0x22000, 0xfffffbffffffffff, 0x2000000000032, 0xffffffffffffffff, 0x0) close(r1) r3 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x80, 0x440) ioctl$sock_x25_SIOCADDRT(r3, 0x890b, &(0x7f0000000140)={@null=' \x00', 0x8, 'vcan0\x00'}) r4 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000080)={&(0x7f000000e000/0x2000)=nil, 0x2000}, &(0x7f00000000c0)=0x10) [ 695.079267] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 695.086959] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 695.094211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 695.101477] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 695.108829] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 695.116095] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 695.127520] CPU: 1 PID: 26541 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 695.134656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 695.144020] Call Trace: [ 695.146622] dump_stack+0x138/0x197 [ 695.150268] should_fail.cold+0x10f/0x159 [ 695.154557] should_failslab+0xdb/0x130 [ 695.158562] kmem_cache_alloc+0x2d7/0x780 [ 695.162731] ? anon_vma_clone+0x310/0x470 [ 695.166909] anon_vma_fork+0x1ce/0x4d0 [ 695.170821] copy_process.part.0+0x45e2/0x6a00 [ 695.175438] ? __cleanup_sighand+0x50/0x50 18:44:16 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0) [ 695.179768] ? lock_downgrade+0x6e0/0x6e0 [ 695.183940] _do_fork+0x19e/0xce0 [ 695.187405] ? fork_idle+0x280/0x280 [ 695.191130] ? fput+0xd4/0x150 [ 695.194423] ? SyS_write+0x15e/0x230 [ 695.198411] SyS_clone+0x37/0x50 [ 695.201818] ? sys_vfork+0x30/0x30 [ 695.205367] do_syscall_64+0x1e8/0x640 [ 695.209263] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 695.214124] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 695.219314] RIP: 0033:0x459879 [ 695.222526] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:16 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0) 18:44:16 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:16 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x100, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = gettid() r2 = shmget(0x1, 0x3000, 0x200, &(0x7f0000ffc000/0x3000)=nil) shmctl$SHM_STAT(r2, 0xd, &(0x7f0000000100)=""/191) r3 = syz_open_procfs$namespace(r1, &(0x7f0000000540)='ns/ipc/\xe2\x04\xe8\xc3\xb6\xd9(K\xa2C \xf2\x7f\x92O\xea6\xf8\rZU\x96g\x84\fO\xd0\xfa\x1d\xa1\r\xdb\xa5K\x89\xb5\bR\xb3yi]\xe9\xf2\xb5vG\a\x80\xc4\xa3#\xce\x00\x14\xf7\x82.\xcf\x16z\x1d \xc2\xa9\xce\xcd\xc8d\\\x9d(\xd0\xcf\xd2\xa2\b\x0f\xeb\xde\xc4\xf7\x14\xa59\x01d\x13\xa0\xb3?\xbc\x9f\x93Z\xa3\xc8\x88`\xbf \x93\x1fr\xae\xb8\xef6RV\xed\x85\x85\xb9kHn\xc9\x98\xfa\xe0\x8d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\v`c\x01\x872\x1f\xfa\xc0\x1e\x8a\xfa\\~i.C\xb5\xbb\x7fU0O\xab\x82\x87\xc8X>\x16G\xd4\xb8\x14O\xa1|\xbb\xe1*\xb8\xff\x86\x1b\x98\x8c\"\x0e\xd8\b\xe1\x06\xfaG\x97>\t\xe67\xb2G.\xb4\x02y\xd4JX&\xe8A\ny\x88\xca\x9db\xff\xf2\x85\xe2\xf7\x879\xbcnz\xb1c\xc8\xf2\x1f\x94\xc5\x9c\b.\xa0\x9a\xaa\xac\xcb9M\x95\x04\xb3\x92l\v\x9b\xf4\x85\x9d\n\x00'/276) setns(r3, 0x0) [ 695.230357] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 695.237720] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 695.245082] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 695.252362] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 695.259640] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:16 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:16 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}}, 0x0) 18:44:16 executing program 2 (fault-call:7 fault-nth:50): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:16 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:16 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}}, 0x0) 18:44:16 executing program 0: getpgid(0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) sched_setaffinity(r0, 0xfffffffffffffdbc, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000100)=0x8) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) 18:44:16 executing program 3 (fault-call:7 fault-nth:55): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 695.483619] FAULT_INJECTION: forcing a failure. [ 695.483619] name failslab, interval 1, probability 0, space 0, times 0 [ 695.527418] FAULT_INJECTION: forcing a failure. [ 695.527418] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 695.536281] CPU: 1 PID: 26580 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 695.557499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 695.568865] Call Trace: [ 695.571462] dump_stack+0x138/0x197 [ 695.575094] should_fail.cold+0x10f/0x159 [ 695.579241] should_failslab+0xdb/0x130 [ 695.583216] kmem_cache_alloc+0x2d7/0x780 [ 695.587360] ? anon_vma_clone+0x310/0x470 [ 695.591511] anon_vma_fork+0x1ce/0x4d0 [ 695.595402] copy_process.part.0+0x45e2/0x6a00 [ 695.600002] ? __cleanup_sighand+0x50/0x50 [ 695.604317] ? lock_downgrade+0x6e0/0x6e0 [ 695.608467] _do_fork+0x19e/0xce0 [ 695.611921] ? fork_idle+0x280/0x280 [ 695.615805] ? fput+0xd4/0x150 [ 695.619096] ? SyS_write+0x15e/0x230 [ 695.622844] SyS_clone+0x37/0x50 [ 695.626221] ? sys_vfork+0x30/0x30 [ 695.629776] do_syscall_64+0x1e8/0x640 [ 695.633662] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 695.638513] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 695.643693] RIP: 0033:0x459879 [ 695.646874] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 695.654591] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 695.662001] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 695.669267] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 695.676616] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 695.683884] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 695.692897] CPU: 0 PID: 26584 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 695.700021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 695.709359] Call Trace: [ 695.711954] dump_stack+0x138/0x197 [ 695.715569] should_fail.cold+0x10f/0x159 [ 695.719700] ? __might_sleep+0x93/0xb0 [ 695.723583] __alloc_pages_nodemask+0x1d6/0x7a0 [ 695.728232] ? save_stack+0x45/0xd0 [ 695.731840] ? kasan_kmalloc+0xce/0xf0 [ 695.735726] ? kasan_slab_alloc+0xf/0x20 [ 695.739831] ? __alloc_pages_slowpath+0x2930/0x2930 [ 695.744839] alloc_pages_current+0xec/0x1e0 [ 695.749147] pte_alloc_one+0x1a/0x100 [ 695.752944] __pte_alloc+0x2a/0x2d0 [ 695.756552] copy_page_range+0x11ba/0x1bd0 [ 695.760772] ? anon_vma_fork+0x358/0x4d0 [ 695.764827] ? __pmd_alloc+0x410/0x410 [ 695.768717] copy_process.part.0+0x4764/0x6a00 [ 695.773324] ? __cleanup_sighand+0x50/0x50 [ 695.777651] ? lock_downgrade+0x6e0/0x6e0 [ 695.781791] _do_fork+0x19e/0xce0 [ 695.785238] ? fork_idle+0x280/0x280 [ 695.788957] ? fput+0xd4/0x150 [ 695.792133] ? SyS_write+0x15e/0x230 [ 695.795850] SyS_clone+0x37/0x50 [ 695.799214] ? sys_vfork+0x30/0x30 [ 695.802826] do_syscall_64+0x1e8/0x640 [ 695.806704] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 695.811542] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 695.816720] RIP: 0033:0x459879 [ 695.819895] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 695.827587] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 695.834858] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 695.842117] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 695.849468] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 695.856772] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:19 executing program 5: getpgid(0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) sched_setaffinity(r0, 0xfffffffffffffdbc, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000100)=0x8) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) 18:44:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}}, 0x0) 18:44:19 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={&(0x7f0000000000), &(0x7f0000000080)=""/7, 0x7}) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) 18:44:19 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:19 executing program 3 (fault-call:7 fault-nth:56): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:19 executing program 2 (fault-call:7 fault-nth:51): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 698.344461] FAULT_INJECTION: forcing a failure. [ 698.344461] name failslab, interval 1, probability 0, space 0, times 0 [ 698.348653] FAULT_INJECTION: forcing a failure. [ 698.348653] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 698.373715] CPU: 1 PID: 26599 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 698.380957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 698.390334] Call Trace: [ 698.392931] dump_stack+0x138/0x197 [ 698.396579] should_fail.cold+0x10f/0x159 [ 698.400731] should_failslab+0xdb/0x130 [ 698.404715] kmem_cache_alloc+0x2d7/0x780 [ 698.408870] ptlock_alloc+0x20/0x70 [ 698.412490] pte_alloc_one+0x60/0x100 [ 698.416283] __pte_alloc+0x2a/0x2d0 [ 698.419912] copy_page_range+0x11ba/0x1bd0 [ 698.424146] ? anon_vma_fork+0x358/0x4d0 [ 698.428228] ? __pmd_alloc+0x410/0x410 [ 698.432204] copy_process.part.0+0x4764/0x6a00 [ 698.436803] ? __cleanup_sighand+0x50/0x50 [ 698.441031] ? lock_downgrade+0x6e0/0x6e0 [ 698.445180] _do_fork+0x19e/0xce0 [ 698.448724] ? fork_idle+0x280/0x280 [ 698.452440] ? fput+0xd4/0x150 [ 698.455623] ? SyS_write+0x15e/0x230 [ 698.459332] SyS_clone+0x37/0x50 [ 698.462688] ? sys_vfork+0x30/0x30 [ 698.466222] do_syscall_64+0x1e8/0x640 [ 698.470365] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 698.475214] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 698.480410] RIP: 0033:0x459879 [ 698.483679] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 698.491387] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 698.498650] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 698.506016] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 698.513371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 698.520635] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 698.527917] CPU: 0 PID: 26598 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 698.535042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 698.544385] Call Trace: [ 698.546965] dump_stack+0x138/0x197 [ 698.550580] should_fail.cold+0x10f/0x159 [ 698.554715] ? __might_sleep+0x93/0xb0 [ 698.558588] __alloc_pages_nodemask+0x1d6/0x7a0 [ 698.563242] ? save_stack+0xa9/0xd0 [ 698.566853] ? __alloc_pages_slowpath+0x2930/0x2930 [ 698.571850] ? anon_vma_fork+0x1ce/0x4d0 [ 698.575979] ? copy_process.part.0+0x45e2/0x6a00 [ 698.580716] ? _do_fork+0x19e/0xce0 [ 698.584344] ? __lock_acquire+0x5f7/0x4620 [ 698.588564] alloc_pages_current+0xec/0x1e0 [ 698.592882] ? trace_hardirqs_on+0x10/0x10 [ 698.597107] pte_alloc_one+0x1a/0x100 [ 698.600889] copy_huge_pmd+0x7d/0x8c0 [ 698.604673] ? add_mm_counter_fast.part.0+0x30/0x30 [ 698.609673] copy_page_range+0x69a/0x1bd0 [ 698.613805] ? anon_vma_fork+0x358/0x4d0 [ 698.617854] ? find_held_lock+0x35/0x130 [ 698.622020] ? vma_compute_subtree_gap+0x190/0x1f0 [ 698.626938] ? __rb_insert_augmented+0x22f/0xdf0 [ 698.631702] ? __pmd_alloc+0x410/0x410 [ 698.635570] ? __vma_link_rb+0x247/0x340 [ 698.639619] copy_process.part.0+0x4764/0x6a00 [ 698.644199] ? __cleanup_sighand+0x50/0x50 [ 698.648421] ? lock_downgrade+0x6e0/0x6e0 [ 698.652559] _do_fork+0x19e/0xce0 [ 698.656010] ? fork_idle+0x280/0x280 [ 698.659898] ? fput+0xd4/0x150 [ 698.663072] ? SyS_write+0x15e/0x230 [ 698.666870] SyS_clone+0x37/0x50 [ 698.670243] ? sys_vfork+0x30/0x30 [ 698.673773] do_syscall_64+0x1e8/0x640 [ 698.677644] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 698.682478] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 698.687649] RIP: 0033:0x459879 18:44:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) 18:44:19 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) setns(r0, 0x0) [ 698.690836] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 698.698544] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 698.705800] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 698.713053] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 698.720324] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 698.727675] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:19 executing program 2 (fault-call:7 fault-nth:52): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:19 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) [ 698.844122] FAULT_INJECTION: forcing a failure. [ 698.844122] name failslab, interval 1, probability 0, space 0, times 0 [ 698.869930] CPU: 1 PID: 26616 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 698.877185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 698.886559] Call Trace: [ 698.889346] dump_stack+0x138/0x197 18:44:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) 18:44:19 executing program 3 (fault-call:7 fault-nth:57): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1}, 0x14}}, 0x0) [ 698.892997] should_fail.cold+0x10f/0x159 [ 698.897165] should_failslab+0xdb/0x130 [ 698.901246] kmem_cache_alloc+0x2d7/0x780 [ 698.905423] copy_process.part.0+0x444f/0x6a00 [ 698.910045] ? __cleanup_sighand+0x50/0x50 [ 698.914292] ? lock_downgrade+0x6e0/0x6e0 [ 698.918453] _do_fork+0x19e/0xce0 [ 698.921921] ? fork_idle+0x280/0x280 [ 698.925640] ? fput+0xd4/0x150 [ 698.928839] ? SyS_write+0x15e/0x230 [ 698.932565] SyS_clone+0x37/0x50 [ 698.935939] ? sys_vfork+0x30/0x30 [ 698.939490] do_syscall_64+0x1e8/0x640 18:44:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1}, 0x14}}, 0x0) [ 698.943380] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 698.948317] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 698.953511] RIP: 0033:0x459879 [ 698.956709] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 698.964563] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 698.978840] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 698.986112] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:44:19 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:19 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:19 executing program 2 (fault-call:7 fault-nth:53): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 698.986118] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 698.986123] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1}, 0x14}}, 0x0) [ 699.086609] FAULT_INJECTION: forcing a failure. [ 699.086609] name failslab, interval 1, probability 0, space 0, times 0 18:44:20 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000000), 0xffffff5d) r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg(r0, &(0x7f00000006c0)={&(0x7f0000000100)=@in={0x2, 0x0, @local={0xac, 0x2c0}}, 0xffd6, &(0x7f0000000640), 0x98, &(0x7f0000000000)=[{0x18, 0x84}], 0x1f}, 0xfc) sched_setaffinity(0x0, 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x1e1600, 0x0) ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000200)) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f00000001c0)={0x2, r2}) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r3, 0x0) 18:44:20 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 699.160385] FAULT_INJECTION: forcing a failure. [ 699.160385] name failslab, interval 1, probability 0, space 0, times 0 [ 699.177745] CPU: 1 PID: 26629 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 699.184983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 699.194349] Call Trace: [ 699.196954] dump_stack+0x138/0x197 [ 699.200607] should_fail.cold+0x10f/0x159 [ 699.204772] should_failslab+0xdb/0x130 18:44:20 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 699.208936] kmem_cache_alloc+0x2d7/0x780 [ 699.213092] ? __lock_acquire+0x5f7/0x4620 [ 699.217342] ptlock_alloc+0x20/0x70 [ 699.221296] pte_alloc_one+0x60/0x100 [ 699.225275] copy_huge_pmd+0x7d/0x8c0 [ 699.229083] ? add_mm_counter_fast.part.0+0x30/0x30 [ 699.234880] copy_page_range+0x69a/0x1bd0 [ 699.239046] ? anon_vma_fork+0x358/0x4d0 [ 699.243638] ? find_held_lock+0x35/0x130 [ 699.247884] ? vma_compute_subtree_gap+0x190/0x1f0 [ 699.252835] ? __rb_insert_augmented+0x22f/0xdf0 [ 699.257609] ? __pmd_alloc+0x410/0x410 [ 699.261551] ? __vma_link_rb+0x247/0x340 [ 699.265727] copy_process.part.0+0x4764/0x6a00 [ 699.270770] ? __cleanup_sighand+0x50/0x50 [ 699.275007] ? lock_downgrade+0x6e0/0x6e0 [ 699.279167] _do_fork+0x19e/0xce0 [ 699.282622] ? fork_idle+0x280/0x280 [ 699.286435] ? fput+0xd4/0x150 [ 699.289643] ? SyS_write+0x15e/0x230 [ 699.293549] SyS_clone+0x37/0x50 [ 699.296916] ? sys_vfork+0x30/0x30 [ 699.300463] do_syscall_64+0x1e8/0x640 [ 699.304734] ? trace_hardirqs_off_thunk+0x1a/0x1c 18:44:20 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) [ 699.309589] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 699.314801] RIP: 0033:0x459879 [ 699.318001] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 699.326789] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 699.334068] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 699.341429] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 699.348714] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 699.356865] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 699.365024] CPU: 0 PID: 26640 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 699.372243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 699.381885] Call Trace: [ 699.384494] dump_stack+0x138/0x197 [ 699.388223] should_fail.cold+0x10f/0x159 [ 699.392388] should_failslab+0xdb/0x130 [ 699.396372] kmem_cache_alloc+0x47/0x780 [ 699.400448] ? __lock_is_held+0xb6/0x140 [ 699.404515] ? check_preemption_disabled+0x3c/0x250 18:44:20 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 699.409656] anon_vma_clone+0xde/0x470 [ 699.413566] anon_vma_fork+0x87/0x4d0 [ 699.417388] copy_process.part.0+0x45e2/0x6a00 [ 699.422120] ? __cleanup_sighand+0x50/0x50 [ 699.426366] ? lock_downgrade+0x6e0/0x6e0 [ 699.430720] _do_fork+0x19e/0xce0 [ 699.434214] ? fork_idle+0x280/0x280 [ 699.437937] ? fput+0xd4/0x150 [ 699.441135] ? SyS_write+0x15e/0x230 [ 699.444854] SyS_clone+0x37/0x50 [ 699.448240] ? sys_vfork+0x30/0x30 [ 699.451787] do_syscall_64+0x1e8/0x640 [ 699.455680] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 699.460526] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 699.460534] RIP: 0033:0x459879 [ 699.460538] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 699.460548] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 699.460553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 699.460558] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 699.460563] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 18:44:20 executing program 3 (fault-call:7 fault-nth:58): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:20 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:20 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) 18:44:20 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 699.460568] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:20 executing program 2 (fault-call:7 fault-nth:54): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:20 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:20 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x28000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000000)=0x0) r2 = syz_open_procfs$namespace(r1, &(0x7f0000000140)='ns/ipc\x00') setns(r2, 0x0) [ 699.600372] FAULT_INJECTION: forcing a failure. [ 699.600372] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 699.609970] FAULT_INJECTION: forcing a failure. [ 699.609970] name failslab, interval 1, probability 0, space 0, times 0 [ 699.643709] CPU: 1 PID: 26667 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 699.651037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 699.660398] Call Trace: [ 699.662998] dump_stack+0x138/0x197 [ 699.667131] should_fail.cold+0x10f/0x159 [ 699.672727] should_failslab+0xdb/0x130 [ 699.682786] kmem_cache_alloc+0x2d7/0x780 [ 699.688482] ? anon_vma_clone+0x310/0x470 [ 699.697438] anon_vma_fork+0xe9/0x4d0 [ 699.702643] copy_process.part.0+0x45e2/0x6a00 [ 699.707265] ? __cleanup_sighand+0x50/0x50 [ 699.712895] ? lock_downgrade+0x6e0/0x6e0 [ 699.719330] _do_fork+0x19e/0xce0 [ 699.724678] ? fork_idle+0x280/0x280 [ 699.728392] ? fput+0xd4/0x150 [ 699.732697] ? SyS_write+0x15e/0x230 [ 699.741666] SyS_clone+0x37/0x50 [ 699.748318] ? sys_vfork+0x30/0x30 [ 699.755156] do_syscall_64+0x1e8/0x640 [ 699.762691] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 699.772068] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 699.777338] RIP: 0033:0x459879 [ 699.780844] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:20 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) 18:44:20 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) [ 699.788566] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 699.795823] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 699.803103] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 699.810738] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 699.818108] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 699.825486] CPU: 0 PID: 26663 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 699.832607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 699.832616] Call Trace: [ 699.832638] dump_stack+0x138/0x197 [ 699.832654] should_fail.cold+0x10f/0x159 [ 699.849373] ? __might_sleep+0x93/0xb0 [ 699.849388] __alloc_pages_nodemask+0x1d6/0x7a0 [ 699.849400] ? __alloc_pages_slowpath+0x2930/0x2930 [ 699.862237] ? lock_downgrade+0x6e0/0x6e0 [ 699.862251] alloc_pages_current+0xec/0x1e0 [ 699.862264] pte_alloc_one+0x1a/0x100 [ 699.876504] __pte_alloc+0x2a/0x2d0 [ 699.876519] copy_page_range+0x11ba/0x1bd0 [ 699.876533] ? anon_vma_fork+0x358/0x4d0 [ 699.876549] ? vma_compute_subtree_gap+0x190/0x1f0 [ 699.897462] ? __pmd_alloc+0x410/0x410 [ 699.897481] copy_process.part.0+0x4764/0x6a00 [ 699.897509] ? __cleanup_sighand+0x50/0x50 [ 699.906031] ? lock_downgrade+0x6e0/0x6e0 [ 699.906052] _do_fork+0x19e/0xce0 [ 699.906065] ? fork_idle+0x280/0x280 [ 699.906079] ? fput+0xd4/0x150 [ 699.914432] ? SyS_write+0x15e/0x230 [ 699.914451] SyS_clone+0x37/0x50 [ 699.914460] ? sys_vfork+0x30/0x30 [ 699.914474] do_syscall_64+0x1e8/0x640 [ 699.921698] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 699.921715] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 699.921723] RIP: 0033:0x459879 [ 699.921728] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 699.921739] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 699.921745] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 699.921751] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 699.921757] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 18:44:20 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) 18:44:20 executing program 3 (fault-call:7 fault-nth:59): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:21 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 699.921763] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:21 executing program 0: sched_setaffinity(0x0, 0xffffff5d, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={0xffffffffffffffff}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000000)={0x0, 0xfffffffffffff107}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={r2, 0xc085}, 0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-monitor\x00', 0x9c85f7041bedca9d, 0x0) ioctl$KVM_S390_UCAS_MAP(r3, 0x4018ae50, &(0x7f0000000180)={0x2, 0xd7, 0x7}) semget$private(0x0, 0x802, 0x0) setns(0xffffffffffffffff, 0x0) 18:44:21 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) 18:44:21 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) 18:44:21 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, 0x0, 0xb01}, 0x14}}, 0x0) [ 700.109288] FAULT_INJECTION: forcing a failure. [ 700.109288] name failslab, interval 1, probability 0, space 0, times 0 [ 700.222010] CPU: 1 PID: 26686 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 700.229175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 700.238629] Call Trace: [ 700.241232] dump_stack+0x138/0x197 [ 700.244882] should_fail.cold+0x10f/0x159 [ 700.249057] should_failslab+0xdb/0x130 [ 700.253043] kmem_cache_alloc+0x2d7/0x780 [ 700.257237] ? lock_downgrade+0x6e0/0x6e0 [ 700.257253] ptlock_alloc+0x20/0x70 [ 700.257265] pte_alloc_one+0x60/0x100 [ 700.268838] __pte_alloc+0x2a/0x2d0 [ 700.272515] copy_page_range+0x11ba/0x1bd0 [ 700.276751] ? anon_vma_fork+0x358/0x4d0 [ 700.276769] ? vma_compute_subtree_gap+0x190/0x1f0 [ 700.285847] ? __pmd_alloc+0x410/0x410 [ 700.289750] copy_process.part.0+0x4764/0x6a00 [ 700.294461] ? __cleanup_sighand+0x50/0x50 [ 700.298797] ? lock_downgrade+0x6e0/0x6e0 [ 700.302963] _do_fork+0x19e/0xce0 [ 700.306425] ? fork_idle+0x280/0x280 [ 700.310165] ? fput+0xd4/0x150 [ 700.313356] ? SyS_write+0x15e/0x230 [ 700.317079] SyS_clone+0x37/0x50 [ 700.320449] ? sys_vfork+0x30/0x30 [ 700.324257] do_syscall_64+0x1e8/0x640 [ 700.328146] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 700.333000] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 700.338193] RIP: 0033:0x459879 [ 700.341381] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 700.349094] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 700.356454] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 700.363728] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 18:44:21 executing program 2 (fault-call:7 fault-nth:55): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:21 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:21 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) 18:44:21 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x80, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x0) 18:44:21 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) 18:44:21 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 700.371004] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 700.378278] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:21 executing program 3 (fault-call:7 fault-nth:60): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:21 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:21 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:21 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) 18:44:21 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={0xffffffffffffffff}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e24, 0x8000, @remote, 0x1d71}}, 0x1000, 0xfffffffffffff5a1, 0x6, 0x4, 0x1}, &(0x7f0000000000)=0x98) setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000080)={r2, 0x9, 0x6, 0x2}, 0x10) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x440, 0x0) 18:44:21 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 700.535192] FAULT_INJECTION: forcing a failure. [ 700.535192] name failslab, interval 1, probability 0, space 0, times 0 [ 700.586378] CPU: 0 PID: 26726 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 700.587792] FAULT_INJECTION: forcing a failure. [ 700.587792] name failslab, interval 1, probability 0, space 0, times 0 [ 700.593636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 700.593641] Call Trace: [ 700.593662] dump_stack+0x138/0x197 [ 700.593681] should_fail.cold+0x10f/0x159 [ 700.593696] should_failslab+0xdb/0x130 [ 700.593706] kmem_cache_alloc+0x2d7/0x780 [ 700.593714] ? anon_vma_clone+0x310/0x470 [ 700.593731] anon_vma_fork+0x1ce/0x4d0 [ 700.593747] copy_process.part.0+0x45e2/0x6a00 [ 700.593783] ? __cleanup_sighand+0x50/0x50 [ 700.649653] ? lock_downgrade+0x6e0/0x6e0 [ 700.654086] _do_fork+0x19e/0xce0 [ 700.657545] ? fork_idle+0x280/0x280 [ 700.661257] ? fput+0xd4/0x150 [ 700.664446] ? SyS_write+0x15e/0x230 [ 700.668198] SyS_clone+0x37/0x50 [ 700.671604] ? sys_vfork+0x30/0x30 [ 700.675182] do_syscall_64+0x1e8/0x640 [ 700.679087] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 700.683966] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 700.690281] RIP: 0033:0x459879 [ 700.693459] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 700.701250] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 700.708527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 700.715796] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 700.723062] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 700.730341] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 700.747901] CPU: 1 PID: 26729 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 700.756133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 700.768745] Call Trace: [ 700.771678] dump_stack+0x138/0x197 [ 700.777199] should_fail.cold+0x10f/0x159 [ 700.783666] should_failslab+0xdb/0x130 [ 700.787652] kmem_cache_alloc+0x2d7/0x780 [ 700.791812] ? __pmd_alloc+0x410/0x410 [ 700.795745] copy_process.part.0+0x444f/0x6a00 [ 700.800356] ? __cleanup_sighand+0x50/0x50 [ 700.804600] ? lock_downgrade+0x6e0/0x6e0 [ 700.808762] _do_fork+0x19e/0xce0 [ 700.812306] ? fork_idle+0x280/0x280 [ 700.816028] ? fput+0xd4/0x150 [ 700.819214] ? SyS_write+0x15e/0x230 [ 700.819233] SyS_clone+0x37/0x50 [ 700.826294] ? sys_vfork+0x30/0x30 [ 700.829842] do_syscall_64+0x1e8/0x640 [ 700.833730] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 700.838673] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 700.843862] RIP: 0033:0x459879 18:44:21 executing program 2 (fault-call:7 fault-nth:56): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:21 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:21 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r0, 0xb01}, 0x14}}, 0x0) 18:44:21 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:21 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 700.847739] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 700.855454] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 700.862730] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 700.870196] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 700.877470] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 700.884925] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 700.979652] FAULT_INJECTION: forcing a failure. [ 700.979652] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 700.996626] CPU: 1 PID: 26752 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 701.007368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 701.016761] Call Trace: [ 701.019399] dump_stack+0x138/0x197 [ 701.023046] should_fail.cold+0x10f/0x159 [ 701.027204] ? __might_sleep+0x93/0xb0 [ 701.031114] __alloc_pages_nodemask+0x1d6/0x7a0 [ 701.035820] ? save_stack+0xa9/0xd0 [ 701.039461] ? __alloc_pages_slowpath+0x2930/0x2930 [ 701.044586] ? anon_vma_fork+0x1ce/0x4d0 [ 701.048656] ? copy_process.part.0+0x45e2/0x6a00 [ 701.053502] ? _do_fork+0x19e/0xce0 [ 701.057129] ? __lock_acquire+0x5f7/0x4620 [ 701.061543] alloc_pages_current+0xec/0x1e0 [ 701.065876] ? trace_hardirqs_on+0x10/0x10 [ 701.070117] pte_alloc_one+0x1a/0x100 [ 701.073921] copy_huge_pmd+0x7d/0x8c0 [ 701.078087] ? add_mm_counter_fast.part.0+0x30/0x30 [ 701.083117] copy_page_range+0x69a/0x1bd0 [ 701.087275] ? anon_vma_fork+0x358/0x4d0 [ 701.091343] ? find_held_lock+0x35/0x130 [ 701.095414] ? vma_compute_subtree_gap+0x190/0x1f0 [ 701.100365] ? __rb_insert_augmented+0x22f/0xdf0 [ 701.106524] ? __pmd_alloc+0x410/0x410 [ 701.110422] ? __vma_link_rb+0x247/0x340 [ 701.114496] copy_process.part.0+0x4764/0x6a00 [ 701.119200] ? __cleanup_sighand+0x50/0x50 [ 701.123449] ? lock_downgrade+0x6e0/0x6e0 [ 701.127604] _do_fork+0x19e/0xce0 [ 701.131059] ? fork_idle+0x280/0x280 [ 701.134787] ? fput+0xd4/0x150 [ 701.137978] ? SyS_write+0x15e/0x230 [ 701.141704] SyS_clone+0x37/0x50 [ 701.145073] ? sys_vfork+0x30/0x30 [ 701.148704] do_syscall_64+0x1e8/0x640 [ 701.152605] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 701.157552] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 701.162931] RIP: 0033:0x459879 [ 701.166142] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 18:44:21 executing program 3 (fault-call:7 fault-nth:61): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:21 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r0, 0x4e000001) 18:44:21 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:22 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:22 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:22 executing program 2 (fault-call:7 fault-nth:57): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) 18:44:22 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) 18:44:22 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) 18:44:22 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000011c0)={0x14, r1, 0xb01}, 0x14}}, 0x0) [ 701.174386] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 701.181763] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 701.189458] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 701.196730] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 701.203996] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 18:44:22 executing program 0: sched_setaffinity(0x0, 0x0, 0x0) unshare(0x8020000) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) ptrace$setopts(0x4200, r0, 0x3f, 0x1) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x802, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') setns(r1, 0x4000000) ioctl$KDDISABIO(r1, 0x4b37) 18:44:22 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000001080)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={0x0}}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) [ 701.357440] FAULT_INJECTION: forcing a failure. [ 701.357440] name failslab, interval 1, probability 0, space 0, times 0 [ 701.360712] FAULT_INJECTION: forcing a failure. [ 701.360712] name failslab, interval 1, probability 0, space 0, times 0 [ 701.398586] CPU: 0 PID: 26779 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 701.405741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 701.415223] Call Trace: [ 701.417816] dump_stack+0x138/0x197 [ 701.421469] should_fail.cold+0x10f/0x159 [ 701.425720] should_failslab+0xdb/0x130 [ 701.429778] kmem_cache_alloc_trace+0x2e9/0x790 [ 701.434438] ? pat_pagerange_is_ram+0x90/0xf0 [ 701.438947] ? __init_cache_modes+0x240/0x240 [ 701.443444] reserve_memtype+0x164/0x640 [ 701.447508] ? lock_downgrade+0x6e0/0x6e0 [ 701.451655] ? pat_init+0x420/0x420 [ 701.455299] ? __init_cache_modes+0x240/0x240 [ 701.459792] reserve_pfn_range+0x11c/0x390 [ 701.464023] ? arch_io_reserve_memtype_wc+0x80/0x80 [ 701.469039] ? copy_process.part.0+0x444f/0x6a00 [ 701.473799] ? SyS_clone+0x37/0x50 [ 701.477424] ? do_syscall_64+0x1e8/0x640 [ 701.481480] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 701.486841] track_pfn_copy+0x14a/0x190 [ 701.491100] ? reserve_pfn_range+0x390/0x390 [ 701.495503] ? trace_hardirqs_on+0x10/0x10 [ 701.499741] copy_page_range+0x1255/0x1bd0 [ 701.504061] ? save_trace+0x290/0x290 [ 701.507861] ? copy_process.part.0+0x41de/0x6a00 [ 701.512622] ? vma_compute_subtree_gap+0x190/0x1f0 [ 701.517546] ? vma_gap_callbacks_rotate+0x62/0x80 [ 701.522388] ? __rb_insert_augmented+0x22f/0xdf0 [ 701.527141] ? __pmd_alloc+0x410/0x410 [ 701.531018] ? __vma_link_rb+0x247/0x340 [ 701.535083] copy_process.part.0+0x4764/0x6a00 [ 701.539767] ? __cleanup_sighand+0x50/0x50 [ 701.544008] ? lock_downgrade+0x6e0/0x6e0 [ 701.548249] _do_fork+0x19e/0xce0 [ 701.551716] ? fork_idle+0x280/0x280 [ 701.555439] ? fput+0xd4/0x150 [ 701.558632] ? SyS_write+0x15e/0x230 [ 701.562354] SyS_clone+0x37/0x50 [ 701.565716] ? sys_vfork+0x30/0x30 [ 701.569253] do_syscall_64+0x1e8/0x640 [ 701.573139] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 701.578165] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 701.583347] RIP: 0033:0x459879 [ 701.586528] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 701.594231] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 701.601494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 701.608929] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 701.616197] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 701.623553] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 701.630851] CPU: 1 PID: 26780 Comm: syz-executor.2 Not tainted 4.14.140 #36 [ 701.637974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 701.647343] Call Trace: [ 701.649931] dump_stack+0x138/0x197 [ 701.653582] should_fail.cold+0x10f/0x159 [ 701.657747] should_failslab+0xdb/0x130 [ 701.659936] ------------[ cut here ]------------ [ 701.661731] kmem_cache_alloc+0x2d7/0x780 [ 701.666496] WARNING: CPU: 0 PID: 26779 at arch/x86/mm/pat.c:1020 untrack_pfn+0x1dc/0x220 [ 701.666502] Kernel panic - not syncing: panic_on_warn set ... [ 701.666502] [ 701.709142] ? __lock_acquire+0x5f7/0x4620 [ 701.713463] ptlock_alloc+0x20/0x70 [ 701.725913] pte_alloc_one+0x60/0x100 [ 701.729765] copy_huge_pmd+0x7d/0x8c0 [ 701.733662] ? add_mm_counter_fast.part.0+0x30/0x30 [ 701.738676] copy_page_range+0x69a/0x1bd0 [ 701.742814] ? anon_vma_fork+0x358/0x4d0 [ 701.746866] ? find_held_lock+0x35/0x130 [ 701.750920] ? vma_compute_subtree_gap+0x190/0x1f0 [ 701.755936] ? __rb_insert_augmented+0x22f/0xdf0 [ 701.760775] ? __pmd_alloc+0x410/0x410 [ 701.764650] ? __vma_link_rb+0x247/0x340 [ 701.768703] copy_process.part.0+0x4764/0x6a00 [ 701.773383] ? __cleanup_sighand+0x50/0x50 [ 701.777613] ? lock_downgrade+0x6e0/0x6e0 [ 701.781758] _do_fork+0x19e/0xce0 [ 701.785207] ? fork_idle+0x280/0x280 [ 701.788952] ? fput+0xd4/0x150 [ 701.792149] ? SyS_write+0x15e/0x230 [ 701.795854] SyS_clone+0x37/0x50 [ 701.799206] ? sys_vfork+0x30/0x30 [ 701.802744] do_syscall_64+0x1e8/0x640 [ 701.806620] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 701.811470] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 701.816690] RIP: 0033:0x459879 [ 701.819870] RSP: 002b:00007f8cec878c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 701.827743] RAX: ffffffffffffffda RBX: 00007f8cec878c90 RCX: 0000000000459879 [ 701.835101] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 701.842357] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 701.849876] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8cec8796d4 [ 701.857225] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 701.864680] CPU: 0 PID: 26779 Comm: syz-executor.3 Not tainted 4.14.140 #36 [ 701.871798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 701.881257] Call Trace: [ 701.883946] dump_stack+0x138/0x197 [ 701.887597] panic+0x1f2/0x426 [ 701.890900] ? add_taint.cold+0x16/0x16 [ 701.895038] ? untrack_pfn+0x1dc/0x220 [ 701.899016] ? __warn.cold+0x14/0x36 [ 701.902877] ? untrack_pfn+0x1dc/0x220 [ 701.906911] __warn.cold+0x2f/0x36 [ 701.910447] ? ist_end_non_atomic+0x10/0x10 [ 701.914751] ? untrack_pfn+0x1dc/0x220 [ 701.918625] report_bug+0x216/0x254 [ 701.922242] do_error_trap+0x1bb/0x310 [ 701.926318] ? math_error+0x360/0x360 [ 701.930369] ? lock_downgrade+0x6e0/0x6e0 [ 701.934522] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 701.939443] do_invalid_op+0x1b/0x20 [ 701.943170] invalid_op+0x1b/0x40 [ 701.946728] RIP: 0010:untrack_pfn+0x1dc/0x220 [ 701.951392] RSP: 0018:ffff88803be4f948 EFLAGS: 00010246 [ 701.956753] RAX: 0000000000040000 RBX: ffff88808b844eb0 RCX: ffffc90008440000 [ 701.964009] RDX: 0000000000040000 RSI: ffffffff812a659c RDI: 0000000000000001 [ 701.999111] RBP: ffff88803be4f9d8 R08: ffff88805e606740 R09: 0000000000000000 [ 702.006740] R10: 0000000000000000 R11: ffff88805e606740 R12: 1ffff110077c9f2a [ 702.014046] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88803be4f9b0 [ 702.021355] ? untrack_pfn+0x1dc/0x220 [ 702.025255] ? untrack_pfn+0x1dc/0x220 [ 702.029303] ? track_pfn_insert+0x150/0x150 [ 702.033743] ? vm_normal_page_pmd+0x360/0x360 [ 702.038316] ? uprobe_munmap+0x94/0x210 [ 702.042307] unmap_single_vma+0x182/0x2c0 [ 702.046549] unmap_vmas+0xac/0x170 [ 702.050083] exit_mmap+0x285/0x4e0 [ 702.053631] ? SyS_munmap+0x30/0x30 [ 702.057486] ? kmem_cache_free+0x244/0x2b0 [ 702.061883] ? __khugepaged_exit+0xcf/0x3d0 [ 702.066208] ? lock_downgrade+0x6e0/0x6e0 [ 702.070366] mmput+0x114/0x440 [ 702.073545] copy_process.part.0+0x4743/0x6a00 [ 702.078122] ? __cleanup_sighand+0x50/0x50 [ 702.082447] ? lock_downgrade+0x6e0/0x6e0 [ 702.086607] _do_fork+0x19e/0xce0 [ 702.090061] ? fork_idle+0x280/0x280 [ 702.093770] ? fput+0xd4/0x150 [ 702.096961] ? SyS_write+0x15e/0x230 [ 702.100672] SyS_clone+0x37/0x50 [ 702.104020] ? sys_vfork+0x30/0x30 [ 702.107639] do_syscall_64+0x1e8/0x640 [ 702.111536] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 702.116373] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 702.121808] RIP: 0033:0x459879 [ 702.124980] RSP: 002b:00007fed359dac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 702.132686] RAX: ffffffffffffffda RBX: 00007fed359dac90 RCX: 0000000000459879 [ 702.140032] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 702.147295] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 702.154552] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fed359db6d4 [ 702.161829] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 0000000000000006 [ 702.171454] Kernel Offset: disabled [ 702.175119] Rebooting in 86400 seconds..