3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 331.840552] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 [ 331.870234] cgroup: fork rejected by pids controller in [ 331.887685] ORIG_RAX: 0000000000000010 [ 331.887697] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 331.887706] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 331.887716] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 331.887727] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 23:02:02 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)="c38630062e61bb56cda228492d2dae9f508c2f5d3188ac6015b3f09bfdd9399b98840ed06063be91dd40e511bcb3499b7acb2202e8e007c2bcb3904507a4b688ca84ee3ef9eff9f930ff14292d6c2b019cd439c3d48ee2a934034fad6fd1dcae908cd5a2d9218421014f6f61204b319b28a5d9be0acf55e7aa5baf9f851ea311034e3c692cf25ea8706ac2e74d485c42911d1408eac9b1de552f13bc02d481aa0e3c430d88e89f7fb4a0021e705873238ebac7f983e3b229f2f054066339e61335670feaf40310accf96475d7066c98f153bbb276e6d993c3214e6be1a55cdf470493c15f151c69dab5ba93200", 0x200002, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x10000, 0x0) dup3(r1, r1, 0x80000) ioctl$sock_bt(r1, 0xdd1f, &(0x7f0000000040)="f37dc627bc4c9bc506aef8a8a4ebb2d8ac5fd8c8b184a54f359b8270be1745248c2dcb16578c77e27792fc4693ba58fc2d1a3511171202a3167613e4793bb4") r2 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r2, r2, &(0x7f00000000c0), 0xfdef) 23:02:02 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f00000000c0), 0x0) [ 331.887736] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 331.955773] /syz5 [ 334.009648] device bridge_slave_1 left promiscuous mode [ 334.015161] bridge0: port 2(bridge_slave_1) entered disabled state [ 334.059893] device bridge_slave_0 left promiscuous mode [ 334.065394] bridge0: port 1(bridge_slave_0) entered disabled state 23:02:05 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x200000000000000) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:05 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) r2 = msgget(0x1, 0x0) msgctl$IPC_RMID(r2, 0x0) sendfile(r1, r1, &(0x7f0000000040), 0xfdf4) 23:02:05 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='memory.low\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0) 23:02:05 executing program 4 (fault-call:7 fault-nth:3): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:05 executing program 3: ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f00000013c0)=0x0) timer_create(0xfffffffffffffffc, &(0x7f0000001440)={0x0, 0x80040000012, 0xfffffffffffffffc, @tid=r0}, &(0x7f0000001480)=0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(r1, 0x0, &(0x7f000006b000)={{0x77359400}}, &(0x7f0000000000)) r2 = accept4$unix(0xffffffffffffff9c, &(0x7f0000000040)=@abs, &(0x7f0000000180)=0x6e, 0x80000) listen(r2, 0x9) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_mr_cache\x00') ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000240)={0x0, 0x0, 0x5, &(0x7f0000000200)=0x4}) tkill(0x0, 0x1000000000016) 23:02:05 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'ip6gre0\x00', 0x0}) r2 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x4, 0x8401) fdatasync(r0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$TUNGETVNETHDRSZ(r2, 0x800454d7, &(0x7f0000000280)) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x8800, 0x0) ioctl$KVM_NMI(r4, 0xae9a) getpeername$netlink(r2, &(0x7f0000000000), &(0x7f0000000240)=0xc) sendmsg$nl_route(r3, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c000104000000000000000000000000", @ANYRES32=r1, @ANYBLOB="000000000c000200aaaaaaaa000100e0000002d890afea177b53129b383da54328891714257e60d4ba35968e"], 0x30}}, 0x0) [ 334.537898] FAULT_INJECTION: forcing a failure. [ 334.537898] name failslab, interval 1, probability 0, space 0, times 0 [ 334.558485] CPU: 1 PID: 12439 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 334.565862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 334.575221] Call Trace: [ 334.577837] dump_stack+0x1c4/0x2b4 [ 334.581495] ? dump_stack_print_info.cold.2+0x52/0x52 [ 334.586719] ? __kernel_text_address+0xd/0x40 [ 334.591244] ? unwind_get_return_address+0x61/0xa0 [ 334.596194] should_fail.cold.4+0xa/0x17 [ 334.600283] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 334.605409] ? save_stack+0xa9/0xd0 [ 334.609047] ? graph_lock+0x170/0x170 [ 334.612858] ? kasan_slab_alloc+0x12/0x20 [ 334.617019] ? kmem_cache_alloc+0x12e/0x730 [ 334.621355] ? mmu_topup_memory_caches+0xf7/0x390 [ 334.626213] ? kvm_mmu_load+0x21/0xfa0 [ 334.630114] ? vcpu_enter_guest+0x3dbe/0x6380 [ 334.634636] ? graph_lock+0x170/0x170 [ 334.638441] ? ksys_ioctl+0xa9/0xd0 [ 334.642071] ? __x64_sys_ioctl+0x73/0xb0 [ 334.646137] ? do_syscall_64+0x1b9/0x820 [ 334.650205] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 334.655596] ? find_held_lock+0x36/0x1c0 [ 334.659677] ? __lock_is_held+0xb5/0x140 [ 334.663758] ? ___might_sleep+0x1ed/0x300 [ 334.667916] ? arch_local_save_flags+0x40/0x40 [ 334.672518] __should_failslab+0x124/0x180 [ 334.676768] should_failslab+0x9/0x14 [ 334.680578] kmem_cache_alloc+0x2be/0x730 [ 334.684739] ? vmx_flush_tlb_gva+0x380/0x380 [ 334.689155] ? print_usage_bug+0xc0/0xc0 [ 334.693227] ? ima_get_action+0x7e/0xa0 [ 334.697209] ? mmu_topup_memory_caches+0xf7/0x390 [ 334.702069] mmu_topup_memory_caches+0xf7/0x390 [ 334.706755] kvm_mmu_load+0x21/0xfa0 [ 334.710479] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 334.715420] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 334.720966] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 334.725560] vcpu_enter_guest+0x3dbe/0x6380 [ 334.729909] ? emulator_read_emulated+0x50/0x50 [ 334.734604] ? vmx_vcpu_load+0xb06/0x1030 [ 334.738772] ? vmx_write_tsc_offset+0x680/0x680 [ 334.743445] ? graph_lock+0x170/0x170 [ 334.747249] ? lock_downgrade+0x900/0x900 [ 334.751420] ? check_preemption_disabled+0x48/0x200 [ 334.756471] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 334.762018] ? check_preemption_disabled+0x48/0x200 [ 334.767039] ? check_preemption_disabled+0x48/0x200 [ 334.772074] ? __lock_is_held+0xb5/0x140 [ 334.776144] ? lock_acquire+0x1ed/0x520 [ 334.780122] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 334.785148] ? lock_release+0x970/0x970 [ 334.789128] ? kvm_gen_update_masterclock+0x350/0x350 [ 334.789147] ? kvm_arch_dev_ioctl+0x630/0x630 [ 334.789162] ? preempt_notifier_dec+0x20/0x20 [ 334.789196] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 334.806180] IPVS: ftp: loaded support on port[0] = 21 [ 334.808208] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 334.818423] kvm_vcpu_ioctl+0x72b/0x1150 [ 334.822495] ? kvm_vcpu_block+0x1030/0x1030 [ 334.826832] ? find_held_lock+0x36/0x1c0 [ 334.830909] ? __fget+0x4aa/0x740 [ 334.834381] ? check_preemption_disabled+0x48/0x200 [ 334.839424] ? kasan_check_read+0x11/0x20 [ 334.843584] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 334.848879] ? rcu_bh_qs+0xc0/0xc0 [ 334.852443] ? __fget+0x4d1/0x740 [ 334.855916] ? ksys_dup3+0x680/0x680 [ 334.859658] ? find_held_lock+0x36/0x1c0 [ 334.863748] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 334.868693] ? kvm_vcpu_block+0x1030/0x1030 [ 334.873022] do_vfs_ioctl+0x1de/0x1720 [ 334.876920] ? __lock_is_held+0xb5/0x140 [ 334.880998] ? ioctl_preallocate+0x300/0x300 [ 334.885413] ? __fget_light+0x2e9/0x430 [ 334.889398] ? fget_raw+0x20/0x20 [ 334.892865] ? __sb_end_write+0xd9/0x110 [ 334.896941] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 334.902511] ? fput+0x130/0x1a0 [ 334.905799] ? do_syscall_64+0x9a/0x820 [ 334.909778] ? do_syscall_64+0x9a/0x820 [ 334.913761] ? lockdep_hardirqs_on+0x421/0x5c0 [ 334.918357] ? security_file_ioctl+0x94/0xc0 [ 334.922785] ksys_ioctl+0xa9/0xd0 [ 334.926247] __x64_sys_ioctl+0x73/0xb0 [ 334.930141] do_syscall_64+0x1b9/0x820 [ 334.934050] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 334.939428] ? syscall_return_slowpath+0x5e0/0x5e0 [ 334.944368] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 334.949230] ? trace_hardirqs_on_caller+0x310/0x310 [ 334.954317] ? prepare_exit_to_usermode+0x291/0x3b0 [ 334.959351] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 334.964214] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 334.969407] RIP: 0033:0x457569 23:02:05 executing program 1: r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x1f, 0x100) ioctl$TIOCLINUX7(r0, 0x541c, &(0x7f0000000080)={0x7, 0x3}) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4) openat$cgroup_int(r1, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) 23:02:05 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x5ccc, 0x101000) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f0000000100)={'nat\x00'}, &(0x7f0000000080)=0x54) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) [ 334.972617] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 334.991518] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 334.999238] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 335.006517] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 335.013790] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 335.021061] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 335.028329] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:05 executing program 4 (fault-call:7 fault-nth:4): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:05 executing program 1: openat$cgroup_int(0xffffffffffffffff, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x2c6, 0x400) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000100)={r0, 0x10, &(0x7f0000000000)={&(0x7f0000000080)=""/126, 0x7e, 0x0}}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=r1, 0x4) 23:02:05 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000040)) 23:02:05 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)="102f6367726f757100d31c7d115ed0dc43c80ba892abca66f48d320d1ec98d444c11c7101023db0f86bca948983d817b9c4839d61d308b1ac4071a3894e7b9931e5f9ccfa4f23d7db16ae2debe136106c172d23c0b3599963be54ca5761ace4eaf9b9cf35dc541ef0263b89b175fb29f89a162af66cf69276513ea93d2016a7b9a93b1f1f026aad950bd", 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) r2 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x2, 0x400000) perf_event_open$cgroup(&(0x7f0000000100)={0x3, 0x70, 0x15, 0x800, 0x0, 0x3, 0x0, 0x1, 0x40, 0x1, 0x7fffffff, 0x10000, 0x5, 0xa23, 0x3, 0x2, 0x5, 0x6c20, 0x554444d7, 0x3, 0xffffffff00000000, 0x2, 0x6, 0x400, 0x3, 0xe000000000000000, 0x3, 0x6e485246, 0x401, 0xaa, 0x4, 0x2, 0x1, 0x100000000, 0x0, 0x3, 0x5, 0x850, 0x0, 0x5, 0x3, @perf_bp={&(0x7f0000000040), 0x1}, 0x8000, 0x0, 0x2, 0x6, 0xfff, 0x81, 0x10000}, r0, 0x6, r2, 0x0) [ 335.197217] FAULT_INJECTION: forcing a failure. [ 335.197217] name failslab, interval 1, probability 0, space 0, times 0 [ 335.248525] CPU: 0 PID: 12467 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 335.255906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.265263] Call Trace: [ 335.267878] dump_stack+0x1c4/0x2b4 [ 335.271540] ? dump_stack_print_info.cold.2+0x52/0x52 [ 335.276769] ? __kernel_text_address+0xd/0x40 [ 335.281294] ? unwind_get_return_address+0x61/0xa0 [ 335.286249] should_fail.cold.4+0xa/0x17 [ 335.290342] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 335.295457] ? save_stack+0xa9/0xd0 [ 335.299101] ? graph_lock+0x170/0x170 [ 335.302912] ? kasan_slab_alloc+0x12/0x20 [ 335.307069] ? kmem_cache_alloc+0x12e/0x730 [ 335.311402] ? mmu_topup_memory_caches+0xf7/0x390 [ 335.316246] ? kvm_mmu_load+0x21/0xfa0 [ 335.320145] ? vcpu_enter_guest+0x3dbe/0x6380 [ 335.324645] ? graph_lock+0x170/0x170 [ 335.328468] ? ksys_ioctl+0xa9/0xd0 [ 335.332115] ? __x64_sys_ioctl+0x73/0xb0 [ 335.336190] ? do_syscall_64+0x1b9/0x820 [ 335.340258] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.345639] ? find_held_lock+0x36/0x1c0 [ 335.349730] ? __lock_is_held+0xb5/0x140 [ 335.353895] ? ___might_sleep+0x1ed/0x300 [ 335.358052] ? arch_local_save_flags+0x40/0x40 [ 335.362660] __should_failslab+0x124/0x180 [ 335.367094] should_failslab+0x9/0x14 [ 335.370908] kmem_cache_alloc+0x2be/0x730 [ 335.375074] ? mmu_topup_memory_caches+0xf7/0x390 [ 335.379929] mmu_topup_memory_caches+0xf7/0x390 [ 335.384625] kvm_mmu_load+0x21/0xfa0 [ 335.388353] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 335.393298] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 335.398847] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 335.403451] vcpu_enter_guest+0x3dbe/0x6380 [ 335.407797] ? emulator_read_emulated+0x50/0x50 [ 335.412484] ? vmx_vcpu_load+0xb06/0x1030 [ 335.416708] ? vmx_write_tsc_offset+0x680/0x680 [ 335.421385] ? graph_lock+0x170/0x170 [ 335.425194] ? lock_downgrade+0x900/0x900 [ 335.429354] ? check_preemption_disabled+0x48/0x200 [ 335.434378] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 335.439926] ? check_preemption_disabled+0x48/0x200 [ 335.444952] ? check_preemption_disabled+0x48/0x200 [ 335.449988] ? __lock_is_held+0xb5/0x140 [ 335.454067] ? lock_acquire+0x1ed/0x520 [ 335.458069] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 335.463101] ? lock_release+0x970/0x970 [ 335.467086] ? kvm_gen_update_masterclock+0x350/0x350 [ 335.472284] ? kvm_arch_dev_ioctl+0x630/0x630 [ 335.476790] ? preempt_notifier_dec+0x20/0x20 [ 335.481308] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 335.486165] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 335.491211] kvm_vcpu_ioctl+0x72b/0x1150 [ 335.495348] ? kvm_vcpu_block+0x1030/0x1030 [ 335.499718] ? find_held_lock+0x36/0x1c0 [ 335.503809] ? __fget+0x4aa/0x740 [ 335.507277] ? check_preemption_disabled+0x48/0x200 [ 335.512307] ? kasan_check_read+0x11/0x20 [ 335.516466] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 335.521755] ? rcu_bh_qs+0xc0/0xc0 [ 335.525318] ? __fget+0x4d1/0x740 [ 335.528794] ? ksys_dup3+0x680/0x680 [ 335.532515] ? find_held_lock+0x36/0x1c0 [ 335.536603] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 335.541564] ? kvm_vcpu_block+0x1030/0x1030 [ 335.545909] do_vfs_ioctl+0x1de/0x1720 [ 335.549819] ? __lock_is_held+0xb5/0x140 [ 335.553924] ? ioctl_preallocate+0x300/0x300 [ 335.558343] ? __fget_light+0x2e9/0x430 [ 335.562359] ? fget_raw+0x20/0x20 [ 335.565848] ? __sb_end_write+0xd9/0x110 [ 335.569930] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 335.575475] ? fput+0x130/0x1a0 [ 335.578770] ? do_syscall_64+0x9a/0x820 [ 335.582756] ? do_syscall_64+0x9a/0x820 [ 335.586741] ? lockdep_hardirqs_on+0x421/0x5c0 [ 335.591334] ? security_file_ioctl+0x94/0xc0 [ 335.595759] ksys_ioctl+0xa9/0xd0 [ 335.599225] __x64_sys_ioctl+0x73/0xb0 [ 335.603126] do_syscall_64+0x1b9/0x820 [ 335.607026] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 335.612415] ? syscall_return_slowpath+0x5e0/0x5e0 [ 335.617349] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.622201] ? trace_hardirqs_on_caller+0x310/0x310 [ 335.627230] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 335.632262] ? prepare_exit_to_usermode+0x291/0x3b0 [ 335.637296] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.642158] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.647349] RIP: 0033:0x457569 [ 335.650554] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 335.669464] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 335.677181] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 335.684470] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 335.691754] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 335.699024] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 335.706317] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:06 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0xe00000000000000) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:06 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x80, 0x0) ioctl$BLKPBSZGET(r2, 0x127b, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) write$evdev(r2, &(0x7f0000000180)=[{{0x0, 0x7530}, 0x0, 0xffffffffffffffe0, 0x1f}, {{0x0, 0x7530}, 0x3, 0x5, 0x7}, {{r3, r4/1000+10000}, 0x17, 0x100000001, 0x2}, {{r5, r6/1000+30000}, 0x1f, 0x100000000, 0x55ee8410}], 0x60) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) 23:02:06 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = shmget$private(0x0, 0x4000, 0x501, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_RMID(r1, 0x0) r2 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(r2, 0x4008af13, &(0x7f0000000180)={0x3, 0x81}) sendfile(r2, r2, &(0x7f00000000c0), 0xfdef) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x242080, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000080)={0x0, 0x1ff}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000140)=@sack_info={r4, 0x9, 0x100}, 0xc) write$FUSE_OPEN(r3, &(0x7f00000001c0)={0x20, 0x0, 0x7, {0x0, 0x2}}, 0x20) 23:02:06 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x4, 0x902) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:02:06 executing program 4 (fault-call:7 fault-nth:5): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 335.871015] FAULT_INJECTION: forcing a failure. [ 335.871015] name failslab, interval 1, probability 0, space 0, times 0 [ 335.916722] CPU: 1 PID: 12490 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 335.924102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.933457] Call Trace: [ 335.936071] dump_stack+0x1c4/0x2b4 [ 335.939722] ? dump_stack_print_info.cold.2+0x52/0x52 [ 335.944920] ? __kernel_text_address+0xd/0x40 [ 335.949411] ? unwind_get_return_address+0x61/0xa0 [ 335.954361] should_fail.cold.4+0xa/0x17 [ 335.958414] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 335.963507] ? save_stack+0xa9/0xd0 [ 335.967135] ? graph_lock+0x170/0x170 [ 335.970933] ? kasan_slab_alloc+0x12/0x20 [ 335.975078] ? kmem_cache_alloc+0x12e/0x730 [ 335.979414] ? mmu_topup_memory_caches+0xf7/0x390 [ 335.984252] ? kvm_mmu_load+0x21/0xfa0 [ 335.988125] ? vcpu_enter_guest+0x3dbe/0x6380 [ 335.992613] ? graph_lock+0x170/0x170 [ 335.996409] ? ksys_ioctl+0xa9/0xd0 [ 336.000021] ? __x64_sys_ioctl+0x73/0xb0 [ 336.004071] ? do_syscall_64+0x1b9/0x820 [ 336.008135] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 336.013521] ? find_held_lock+0x36/0x1c0 [ 336.017571] ? __lock_is_held+0xb5/0x140 [ 336.021636] ? ___might_sleep+0x1ed/0x300 [ 336.025774] ? arch_local_save_flags+0x40/0x40 [ 336.030350] __should_failslab+0x124/0x180 [ 336.034616] should_failslab+0x9/0x14 [ 336.038409] kmem_cache_alloc+0x2be/0x730 [ 336.042543] ? vmx_flush_tlb_gva+0x380/0x380 [ 336.046941] ? mark_held_locks+0xc7/0x130 [ 336.051080] ? mmu_topup_memory_caches+0xf7/0x390 [ 336.055909] mmu_topup_memory_caches+0xf7/0x390 [ 336.060569] kvm_mmu_load+0x21/0xfa0 [ 336.064278] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 336.069206] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 336.074736] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 336.079308] vcpu_enter_guest+0x3dbe/0x6380 [ 336.083626] ? emulator_read_emulated+0x50/0x50 [ 336.088286] ? vmx_vcpu_load+0xb06/0x1030 [ 336.092426] ? vmx_write_tsc_offset+0x680/0x680 [ 336.097091] ? graph_lock+0x170/0x170 [ 336.100880] ? lock_downgrade+0x900/0x900 [ 336.105021] ? check_preemption_disabled+0x48/0x200 [ 336.110040] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 336.115576] ? check_preemption_disabled+0x48/0x200 [ 336.120585] ? check_preemption_disabled+0x48/0x200 [ 336.125609] ? __lock_is_held+0xb5/0x140 [ 336.129661] ? lock_acquire+0x1ed/0x520 [ 336.133656] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 336.138711] ? lock_release+0x970/0x970 [ 336.142699] ? kvm_gen_update_masterclock+0x350/0x350 [ 336.147890] ? kvm_arch_dev_ioctl+0x630/0x630 [ 336.152379] ? preempt_notifier_dec+0x20/0x20 [ 336.156870] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 336.161727] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 336.166753] kvm_vcpu_ioctl+0x72b/0x1150 [ 336.170817] ? kvm_vcpu_block+0x1030/0x1030 [ 336.175154] ? find_held_lock+0x36/0x1c0 [ 336.179205] ? __fget+0x4aa/0x740 [ 336.182648] ? check_preemption_disabled+0x48/0x200 [ 336.187651] ? kasan_check_read+0x11/0x20 [ 336.191790] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 336.197061] ? rcu_bh_qs+0xc0/0xc0 [ 336.200618] ? __fget+0x4d1/0x740 [ 336.204109] ? ksys_dup3+0x680/0x680 [ 336.207809] ? find_held_lock+0x36/0x1c0 [ 336.211878] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 336.216846] ? kvm_vcpu_block+0x1030/0x1030 [ 336.221170] do_vfs_ioctl+0x1de/0x1720 [ 336.225044] ? __lock_is_held+0xb5/0x140 [ 336.229105] ? ioctl_preallocate+0x300/0x300 [ 336.233517] ? __fget_light+0x2e9/0x430 [ 336.237492] ? fget_raw+0x20/0x20 [ 336.240953] ? __sb_end_write+0xd9/0x110 [ 336.245028] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 336.250551] ? fput+0x130/0x1a0 [ 336.253820] ? do_syscall_64+0x9a/0x820 [ 336.257844] ? do_syscall_64+0x9a/0x820 [ 336.261806] ? lockdep_hardirqs_on+0x421/0x5c0 [ 336.266397] ? security_file_ioctl+0x94/0xc0 [ 336.270797] ksys_ioctl+0xa9/0xd0 [ 336.274241] __x64_sys_ioctl+0x73/0xb0 [ 336.278116] do_syscall_64+0x1b9/0x820 [ 336.282006] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 336.287369] ? syscall_return_slowpath+0x5e0/0x5e0 [ 336.292292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 336.297126] ? trace_hardirqs_on_caller+0x310/0x310 [ 336.302130] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 336.307136] ? prepare_exit_to_usermode+0x291/0x3b0 [ 336.312145] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 336.316992] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 336.322178] RIP: 0033:0x457569 [ 336.325364] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 336.344255] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 336.351947] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 336.359199] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 336.366451] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 336.373705] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 336.380961] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 337.808548] team0 (unregistering): Port device team_slave_1 removed [ 337.818823] team0 (unregistering): Port device team_slave_0 removed [ 337.829582] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 337.873441] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 337.928215] bond0 (unregistering): Released all slaves [ 338.630931] bridge0: port 1(bridge_slave_0) entered blocking state [ 338.637375] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.645161] device bridge_slave_0 entered promiscuous mode [ 338.691363] bridge0: port 2(bridge_slave_1) entered blocking state [ 338.697807] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.705631] device bridge_slave_1 entered promiscuous mode [ 338.749721] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 338.794367] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 338.929630] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 338.977417] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 339.024925] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 339.031858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 339.077134] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 339.084037] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 339.220162] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 339.227606] team0: Port device team_slave_0 added [ 339.266951] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 339.274307] team0: Port device team_slave_1 added [ 339.300407] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 339.331482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 339.367292] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 339.374630] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 339.391402] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 339.429831] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 339.437261] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 339.445365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 339.782614] bridge0: port 2(bridge_slave_1) entered blocking state [ 339.789020] bridge0: port 2(bridge_slave_1) entered forwarding state [ 339.795738] bridge0: port 1(bridge_slave_0) entered blocking state [ 339.802106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 339.809804] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 340.009569] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 340.724368] 8021q: adding VLAN 0 to HW filter on device bond0 [ 340.809763] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 340.894944] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 340.901147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 340.908113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 340.995631] 8021q: adding VLAN 0 to HW filter on device team0 [ 341.558287] netlink: 8 bytes leftover after parsing attributes in process `syz-executor5'. [ 341.568789] netlink: 8 bytes leftover after parsing attributes in process `syz-executor5'. 23:02:12 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='/exe\x00\x00\x00\x00\x00\x00') fanotify_mark(r0, 0x1, 0x48000023, r0, &(0x7f0000000100)='./file0\x00') io_setup(0x1, &(0x7f0000000040)=0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x4, 0x4000) ioctl$BLKZEROOUT(r2, 0x127f, 0xfffffffffffffffd) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000140)={@dev={0xac, 0x14, 0x14, 0xc}}, 0x8) io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f0000000000)={0xd00, 0x0, 0x7, 0x0, 0x0, r0, &(0x7f0000000140)}]) write$smack_current(r0, &(0x7f0000000080)='\x00', 0x1) 23:02:12 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)="077c0c116bfb8de2a24668062389890dce0ef7bb9a964534cc1e27e10816c699084a017245682ac4b95961343b66399ddfa9a10e15eae814a4a3c654180c2fee", 0x200002, 0x0) r1 = fcntl$getown(r0, 0x9) r2 = syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0x4, 0x2) perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x6, 0x8000, 0xa58, 0xe5ed, 0x0, 0x5, 0x4000, 0x8, 0x1, 0x7fff, 0x8, 0x1, 0x40, 0x3, 0x20, 0x7, 0xfffffffffffff8bf, 0x6, 0x1f, 0x9, 0x7fffffff, 0x2, 0x480, 0x7, 0x14000000000000, 0xa8b7, 0x8, 0x7ff, 0x7f, 0x41, 0x4, 0x7fffffff, 0x2, 0x8, 0x7, 0x2, 0x0, 0x8000, 0x3, @perf_config_ext={0x8001, 0x7}, 0x4048, 0x5, 0xffffffffffffff04, 0x6, 0x3f, 0x4, 0x7}, r1, 0xd, r2, 0x1) r3 = openat$cgroup_int(r0, &(0x7f0000000000)="58a6f949e895032221ad0a01ad4a53ff7416", 0x2, 0x0) sendfile(r3, r3, &(0x7f00000000c0), 0xfdef) openat$cgroup_int(r0, &(0x7f0000000040)='cgroup.max.descendants\x00', 0x2, 0x0) 23:02:12 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x90000, 0x0) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000080), &(0x7f0000000100)=0x4) 23:02:12 executing program 4 (fault-call:7 fault-nth:6): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:12 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x18, 0x0, @thr={&(0x7f0000000240)="a491d6891775be997fc513d4400ebf9fbcdd13c88d57813ca06511d45286644aed28f71b51092044e6a718cfcf669676d358ba09dd5e6424db04672e303a3b27b55cdee04df913cf6e5040c4fb0e18511c682bfb4086699558f748bd895ebd190bcec217e735182ca434cba7329bca58f4f5b3fa8817a5c1f6bd5f0015f929a172d59c50cfd71c5be5364a3b8fc41ee06f3daf84e927b9e7b2a657b553e1887db710752fc6c93f4ea0f46b35d5d22a357fe6e2f9f0373221d6430ecb2fd97711d92e5837e2bc1201acfcb84a067670c51be217dc19e28370", &(0x7f0000000340)="04884d90130cbc8b7a3c10ce1673a922f01a09c5062004bc84d2a4674096eeacf64d50df2ce183c2e2ce8fc5b475e66ac81d87c8352a7e32db7b8b2574e314c4e5ecbc1f36424a0108d063133b279abfc2ff4c008ff6a2f4a4c1ac53917aec4ef1400adeddf3cf997f59212ea38accc959281e8bb139a95d9f900fdabc371c1f00fc21967e72ee2e3ee5c83e4ec15376233fdb39ca52ddecad0d3876e63480a2a857ed004c9286d17e0623f5b3ad7cf009c91ef9eb0046aa0cf0f1a32102a78945762b3f0107ab6f3a47d4d97a8af101141c55d841aedce153efbe94a3874f852b3db78a8af1ec86a289b44bb0ca65"}}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffff9c) fcntl$addseals(r1, 0x409, 0x4000000005) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000200)={0xffffffffffffffff}, 0x13f}}, 0x39c) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000080)={0x4, 0x8, 0xfa00, {r2, 0x5}}, 0x10) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x400100, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) write$evdev(r3, &(0x7f0000000440)=[{{r4, r5/1000+30000}, 0x5, 0x4, 0x2}, {{0x0, 0x7530}, 0x0, 0x94, 0x5}, {{0x77359400}, 0x12, 0x9, 0x2}], 0x48) 23:02:12 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x4000) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:12 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000100)=0x3, 0x4) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x20000, 0x0) write$cgroup_int(r2, &(0x7f0000000080)=0x1, 0x12) r3 = openat$cgroup_int(r1, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r3, r3, &(0x7f00000000c0), 0xfdef) [ 341.692940] FAULT_INJECTION: forcing a failure. [ 341.692940] name failslab, interval 1, probability 0, space 0, times 0 [ 341.712261] CPU: 0 PID: 12777 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 341.719642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.728996] Call Trace: [ 341.729028] dump_stack+0x1c4/0x2b4 [ 341.729060] ? dump_stack_print_info.cold.2+0x52/0x52 [ 341.729085] ? __kernel_text_address+0xd/0x40 [ 341.735323] ? unwind_get_return_address+0x61/0xa0 [ 341.735363] should_fail.cold.4+0xa/0x17 [ 341.735383] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 341.735415] ? save_stack+0xa9/0xd0 [ 341.762780] ? graph_lock+0x170/0x170 [ 341.766608] ? kasan_slab_alloc+0x12/0x20 [ 341.770768] ? kmem_cache_alloc+0x12e/0x730 [ 341.775101] ? mmu_topup_memory_caches+0xf7/0x390 [ 341.779952] ? kvm_mmu_load+0x21/0xfa0 [ 341.783854] ? vcpu_enter_guest+0x3dbe/0x6380 [ 341.788367] ? graph_lock+0x170/0x170 23:02:12 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r1, r0, &(0x7f0000000080), 0x5) 23:02:12 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) listxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)=""/124, 0x7c) close(r1) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) [ 341.792181] ? ksys_ioctl+0xa9/0xd0 [ 341.795815] ? __x64_sys_ioctl+0x73/0xb0 [ 341.799900] ? do_syscall_64+0x1b9/0x820 [ 341.803975] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.809358] ? find_held_lock+0x36/0x1c0 [ 341.813434] ? __lock_is_held+0xb5/0x140 [ 341.813465] ? ___might_sleep+0x1ed/0x300 [ 341.813485] ? arch_local_save_flags+0x40/0x40 [ 341.821691] __should_failslab+0x124/0x180 [ 341.821713] should_failslab+0x9/0x14 [ 341.821731] kmem_cache_alloc+0x2be/0x730 [ 341.821745] ? vmx_flush_tlb_gva+0x380/0x380 23:02:12 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x800) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) [ 341.821761] ? print_usage_bug+0xc0/0xc0 [ 341.821782] ? ima_get_action+0x7e/0xa0 [ 341.850931] ? mmu_topup_memory_caches+0xf7/0x390 [ 341.855788] mmu_topup_memory_caches+0xf7/0x390 [ 341.860476] kvm_mmu_load+0x21/0xfa0 [ 341.864202] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 341.869143] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 341.874696] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 341.879302] vcpu_enter_guest+0x3dbe/0x6380 [ 341.883650] ? emulator_read_emulated+0x50/0x50 [ 341.888345] ? vmx_vcpu_load+0xb06/0x1030 23:02:12 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000180)="0ace799349f01646e178a795e625", 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) setitimer(0x3, &(0x7f0000000080)={{r2, r3/1000+30000}}, &(0x7f0000000100)) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) [ 341.892513] ? vmx_write_tsc_offset+0x680/0x680 [ 341.897196] ? graph_lock+0x170/0x170 [ 341.901009] ? lock_downgrade+0x900/0x900 [ 341.905169] ? check_preemption_disabled+0x48/0x200 [ 341.910199] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 341.915751] ? check_preemption_disabled+0x48/0x200 [ 341.920784] ? check_preemption_disabled+0x48/0x200 [ 341.925825] ? __lock_is_held+0xb5/0x140 [ 341.929915] ? lock_acquire+0x1ed/0x520 [ 341.933914] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 341.938951] ? lock_release+0x970/0x970 23:02:12 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000100)={0x8000, 0x8, 0x1, 0x40, 0x6, [{0xfff, 0x50000, 0x4, 0x0, 0x0, 0x80}, {0xbc, 0x7, 0xffffffff80000001, 0x0, 0x0, 0x200}, {0x0, 0x6bf, 0xfffffffffffffffe, 0x0, 0x0, 0x208}, {0xfff, 0x200, 0x800, 0x0, 0x0, 0x1100}, {0x4, 0x1f, 0x0, 0x0, 0x0, 0x80}, {0x6, 0x9, 0xfff, 0x0, 0x0, 0x3000}]}) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$EBT_SO_GET_INFO(r2, 0x0, 0x80, &(0x7f0000000280)={'broute\x00'}, &(0x7f0000000080)=0x78) [ 341.942943] ? kvm_gen_update_masterclock+0x350/0x350 [ 341.948151] ? kvm_arch_dev_ioctl+0x630/0x630 [ 341.952663] ? preempt_notifier_dec+0x20/0x20 [ 341.957191] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 341.962043] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 341.967090] kvm_vcpu_ioctl+0x72b/0x1150 [ 341.971168] ? kvm_vcpu_block+0x1030/0x1030 [ 341.975508] ? find_held_lock+0x36/0x1c0 [ 341.979597] ? __fget+0x4aa/0x740 [ 341.983066] ? check_preemption_disabled+0x48/0x200 [ 341.988088] ? kasan_check_read+0x11/0x20 [ 341.992251] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 341.997539] ? rcu_bh_qs+0xc0/0xc0 [ 342.001102] ? __fget+0x4d1/0x740 [ 342.004579] ? ksys_dup3+0x680/0x680 [ 342.008316] ? find_held_lock+0x36/0x1c0 [ 342.012406] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 342.017357] ? kvm_vcpu_block+0x1030/0x1030 [ 342.021692] do_vfs_ioctl+0x1de/0x1720 [ 342.025585] ? __lock_is_held+0xb5/0x140 [ 342.025619] ? ioctl_preallocate+0x300/0x300 [ 342.025636] ? __fget_light+0x2e9/0x430 [ 342.025653] ? fget_raw+0x20/0x20 [ 342.025672] ? __sb_end_write+0xd9/0x110 [ 342.034138] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 342.034152] ? fput+0x130/0x1a0 [ 342.034170] ? do_syscall_64+0x9a/0x820 [ 342.034189] ? do_syscall_64+0x9a/0x820 [ 342.062389] ? lockdep_hardirqs_on+0x421/0x5c0 [ 342.067023] ? security_file_ioctl+0x94/0xc0 [ 342.071453] ksys_ioctl+0xa9/0xd0 [ 342.074927] __x64_sys_ioctl+0x73/0xb0 [ 342.078831] do_syscall_64+0x1b9/0x820 [ 342.082734] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 342.088114] ? syscall_return_slowpath+0x5e0/0x5e0 [ 342.093055] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 342.097921] ? trace_hardirqs_on_caller+0x310/0x310 [ 342.102959] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 342.107987] ? prepare_exit_to_usermode+0x291/0x3b0 [ 342.108011] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 342.108040] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.123071] RIP: 0033:0x457569 [ 342.126275] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 342.145179] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 342.152878] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 342.160133] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 342.167387] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 342.174641] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 342.181894] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:12 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x805, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) getsockopt$inet_buf(r1, 0x0, 0x2f, &(0x7f00000001c0)=""/156, &(0x7f0000000280)=0x9c) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000880)={{0x8, 0x1ff, 0x6, 0xffffffffffffffaa}, 'syz1\x00', 0x56}) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000140), 0x4) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000200), 0xffffffffffffffff) rt_sigtimedwait(&(0x7f0000000000), 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, 0x8) r2 = getpid() rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f0000000100)) ptrace(0x10, r2) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000240)) ptrace$cont(0x20, r2, 0x0, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000002c0)={0x0, {0x2, 0x4e24, @broadcast}, {0x2, 0x0, @local}, {0x2, 0x4e24, @broadcast}, 0xfdfd, 0x0, 0x2, 0x3}) seccomp(0x1, 0x1, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{0x1000, 0x212f, 0x0, 0xf682}, {0xad, 0x0, 0x8}, {}]}) sched_getattr(r2, &(0x7f0000000380), 0x30, 0x0) membarrier(0x32, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x80, 0xa1) fallocate(r3, 0x22, 0x0, 0x80) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r3, 0x84, 0x20, &(0x7f0000000600), &(0x7f0000000640)=0x4) ioctl$UI_DEV_SETUP(r0, 0x5501, &(0x7f0000000300)={{}, 'syz0\x00'}) ioctl$UI_DEV_DESTROY(r0, 0x5502) write$P9_RLERRORu(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="150000000701000800730000000000000000000000"], 0x15) 23:02:12 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000180)="e638676574d5012e324d422e696e5f628a2dcc01009c00079add74040000000000000038ab7e8c9f84dfc9defc8339f40000070000000000000003002000788a8dc6e59b0a185ab83d89b792a449d5aa02b5581d8dae5adc1d5139fe1d77bdc7b496b14cc3b92ffeef106230e59f11754446bc207a67c35e4dcc6acf81e3d4eb6725fe6dfb57b3fd70ade45b56258031a6635977fcd8ea3e34a7f09026daaad0f54b1b2df7e6ada254035a9f6aaa8c4515281902fe0e54b0fc9b97d73bad67676764ae4aab11e144dbae26b2cd1a13a5f1de1498b8bff1f0ba6a920fa0af07ae26a5f4f094e222564655", 0x2, 0x0) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) 23:02:12 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xffff, 0x80) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000080)={'IDLETIMER\x00'}, &(0x7f0000000100)=0x1e) r2 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r2, r2, &(0x7f00000000c0), 0xfdef) 23:02:12 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000300)={{r2, r3+10000000}, {0x77359400}}, &(0x7f0000000380)) r4 = accept4(0xffffffffffffff9c, &(0x7f0000000000)=@can, &(0x7f0000000080)=0x80, 0x800) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x54, &(0x7f0000000180)=[@in6={0xa, 0x4e23, 0x81, @dev={0xfe, 0x80, [], 0x1a}}, @in6={0xa, 0x4e20, 0x5, @ipv4={[], [], @loopback}, 0xbaa}, @in6={0xa, 0x4e22, 0x5, @local, 0x6}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000280)={r5, 0x6, 0xcafa, 0xffffffffffffffff}, &(0x7f00000002c0)=0x10) tkill(r0, 0x1000000000016) sched_getattr(r0, &(0x7f00000003c0), 0x30, 0x0) 23:02:12 executing program 4 (fault-call:7 fault-nth:7): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 342.316491] FAULT_INJECTION: forcing a failure. [ 342.316491] name failslab, interval 1, probability 0, space 0, times 0 [ 342.329348] CPU: 1 PID: 12818 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 342.336737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.346095] Call Trace: [ 342.346129] dump_stack+0x1c4/0x2b4 [ 342.346170] ? dump_stack_print_info.cold.2+0x52/0x52 [ 342.352365] ? __kernel_text_address+0xd/0x40 [ 342.362036] ? unwind_get_return_address+0x61/0xa0 [ 342.366984] should_fail.cold.4+0xa/0x17 [ 342.367007] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 342.367027] ? save_stack+0xa9/0xd0 [ 342.376175] ? graph_lock+0x170/0x170 [ 342.376190] ? kasan_slab_alloc+0x12/0x20 [ 342.376207] ? kmem_cache_alloc+0x12e/0x730 [ 342.376224] ? mmu_topup_memory_caches+0xf7/0x390 [ 342.376236] ? kvm_mmu_load+0x21/0xfa0 [ 342.376257] ? vcpu_enter_guest+0x3dbe/0x6380 [ 342.405305] ? graph_lock+0x170/0x170 [ 342.409101] ? ksys_ioctl+0xa9/0xd0 [ 342.412727] ? __x64_sys_ioctl+0x73/0xb0 [ 342.416777] ? do_syscall_64+0x1b9/0x820 [ 342.420843] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.426202] ? find_held_lock+0x36/0x1c0 [ 342.430268] ? __lock_is_held+0xb5/0x140 [ 342.434342] ? ___might_sleep+0x1ed/0x300 [ 342.438479] ? arch_local_save_flags+0x40/0x40 [ 342.443061] __should_failslab+0x124/0x180 [ 342.447298] should_failslab+0x9/0x14 [ 342.451100] kmem_cache_alloc+0x2be/0x730 [ 342.455235] ? vmx_flush_tlb_gva+0x380/0x380 [ 342.459644] ? print_usage_bug+0xc0/0xc0 [ 342.463711] ? ima_get_action+0x7e/0xa0 [ 342.467676] ? mmu_topup_memory_caches+0xf7/0x390 [ 342.472520] mmu_topup_memory_caches+0xf7/0x390 [ 342.477189] kvm_mmu_load+0x21/0xfa0 [ 342.480896] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 342.485826] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 342.491382] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 342.495968] vcpu_enter_guest+0x3dbe/0x6380 [ 342.500303] ? emulator_read_emulated+0x50/0x50 [ 342.504976] ? vmx_vcpu_load+0xb06/0x1030 [ 342.509131] ? vmx_write_tsc_offset+0x680/0x680 [ 342.513806] ? graph_lock+0x170/0x170 [ 342.517604] ? lock_downgrade+0x900/0x900 [ 342.521746] ? check_preemption_disabled+0x48/0x200 [ 342.526754] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 342.532277] ? check_preemption_disabled+0x48/0x200 [ 342.537292] ? check_preemption_disabled+0x48/0x200 [ 342.542312] ? __lock_is_held+0xb5/0x140 [ 342.546387] ? lock_acquire+0x1ed/0x520 [ 342.550366] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 342.555397] ? lock_release+0x970/0x970 [ 342.559381] ? kvm_gen_update_masterclock+0x350/0x350 [ 342.564561] ? kvm_arch_dev_ioctl+0x630/0x630 [ 342.569042] ? preempt_notifier_dec+0x20/0x20 [ 342.573548] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 342.578384] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 342.583402] kvm_vcpu_ioctl+0x72b/0x1150 [ 342.587465] ? kvm_vcpu_block+0x1030/0x1030 [ 342.591780] ? find_held_lock+0x36/0x1c0 [ 342.595831] ? __fget+0x4aa/0x740 [ 342.599274] ? check_preemption_disabled+0x48/0x200 [ 342.604287] ? kasan_check_read+0x11/0x20 [ 342.608439] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 342.613718] ? rcu_bh_qs+0xc0/0xc0 [ 342.617252] ? __fget+0x4d1/0x740 [ 342.620699] ? ksys_dup3+0x680/0x680 [ 342.624412] ? find_held_lock+0x36/0x1c0 [ 342.628495] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 342.633420] ? kvm_vcpu_block+0x1030/0x1030 [ 342.637759] do_vfs_ioctl+0x1de/0x1720 [ 342.641651] ? __lock_is_held+0xb5/0x140 [ 342.645703] ? ioctl_preallocate+0x300/0x300 [ 342.650101] ? __fget_light+0x2e9/0x430 [ 342.654075] ? fget_raw+0x20/0x20 [ 342.657521] ? __sb_end_write+0xd9/0x110 [ 342.661573] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 342.667103] ? fput+0x130/0x1a0 [ 342.670376] ? do_syscall_64+0x9a/0x820 [ 342.674337] ? do_syscall_64+0x9a/0x820 [ 342.678308] ? lockdep_hardirqs_on+0x421/0x5c0 [ 342.682882] ? security_file_ioctl+0x94/0xc0 [ 342.687283] ksys_ioctl+0xa9/0xd0 [ 342.690728] __x64_sys_ioctl+0x73/0xb0 [ 342.694624] do_syscall_64+0x1b9/0x820 [ 342.698506] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 342.703869] ? syscall_return_slowpath+0x5e0/0x5e0 [ 342.708797] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 342.713628] ? trace_hardirqs_on_caller+0x310/0x310 [ 342.718631] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 342.723635] ? prepare_exit_to_usermode+0x291/0x3b0 [ 342.728657] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 342.733505] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.738688] RIP: 0033:0x457569 [ 342.741886] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 342.760789] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 342.768486] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 342.775743] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 342.782996] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 342.790249] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 342.797511] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:13 executing program 0: r0 = gettid() r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x200, 0x0) fcntl$setpipe(r1, 0x407, 0x5a26) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f00000014c0)) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x2) ioctl$KIOCSOUND(r3, 0x4b2f, 0x5) msgsnd(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000000000045583970a14d65049bb87bcf2200"], 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:13 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000001c0)='hugetlb.2MB.failcnt\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) 23:02:13 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x80, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) write$sndseq(r2, &(0x7f0000000180)=[{0x45, 0x1ff, 0x1, 0x7, @time={r3, r4+30000000}, {0x0, 0x100000000}, {0x9, 0xfffffffffffffe00}, @queue={0x3, {0x5, 0x6}}}, {0x8, 0x7, 0x10000, 0x39, @time, {0x3f, 0x8b}, {0x4, 0xfffffffffffffffa}, @control={0x4, 0x7fffffff, 0xfcba}}, {0x0, 0x6, 0xfffffffffffffbff, 0x3, @tick=0x7fff, {0x4, 0xc2b2}, {0x4, 0x7}, @connect={{0x8ff, 0x100000001}, {0x8000, 0x5}}}, {0x0, 0x9, 0x80000001, 0xfffffffffffff4f8, @tick=0x7, {0x1, 0x7}, {0x3, 0x401}, @time=@time={0x0, 0x1c9c380}}, {0x1, 0x0, 0x1, 0x6, @time, {0x3e, 0x9}, {0x84, 0x7}, @raw8={"a669d25ffd651bc4f485e011"}}, {0x4, 0x40, 0xf5a, 0xd8f, @time={r5, r6+10000000}, {0xffffffff, 0x3}, {0x8, 0x7fff}, @control={0x2, 0x0, 0xa553}}, {0x7, 0x819, 0x13ee7718, 0x3f, @time={r7, r8+30000000}, {0xe36, 0x61}, {0x1f, 0x5}, @time=@time={0x77359400}}, {0x7, 0x1, 0x7, 0x4, @tick=0x6, {0x3, 0x10000}, {0x8ed, 0x2}, @note={0xefd, 0x4, 0x3, 0x0, 0x101}}], 0x180) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) 23:02:13 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4000000000000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0xfff}, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000100)="288fe73c8a55f622d7983896477617e5b520384ee983d7244509df77a63fab3b6473c4ba27747891373680bc4919afacba94dc417bae34be28f1fae98184ac4f19fa805313f736d43eba91ea7cc14df0e2ee5afda53029772f560361d1dc4006f7bd974fe0f56b470f3ad022ce30df78a056155b4468b2ea62cae06cdfd9106712764714faac6744f930369b1c84da4a11e255454903936e52f7f0cadc2e55c8ddb62074b794948ea8330626bc1f3af7a4083fad00000000000000029e5674fbbe7fa8204250366be3a2531d93ea09c16869140a7921baed1744ac55a269759c5b1a3b3176ab22ea66680c130c04a2a75c5d58157d226296cac58b") 23:02:13 executing program 4 (fault-call:7 fault-nth:8): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:13 executing program 2: openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x202000, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x20, &(0x7f0000000100)=[@in={0x2, 0x4e20, @broadcast}, @in={0x2, 0x4e22, @multicast1}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0xffffffffffffff00}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000240)={r3, 0x81, 0x9, 0x3ff, 0xd8f5, 0x6, 0x4, 0x800, {r4, @in6={{0xa, 0x4e23, 0x7fffffff, @remote, 0x8}}, 0x7, 0x885, 0x1, 0x2, 0xd6}}, &(0x7f0000000300)=0xb0) [ 342.935998] FAULT_INJECTION: forcing a failure. [ 342.935998] name failslab, interval 1, probability 0, space 0, times 0 [ 342.955825] CPU: 1 PID: 12847 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 342.963401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.972768] Call Trace: [ 342.975395] dump_stack+0x1c4/0x2b4 [ 342.979047] ? dump_stack_print_info.cold.2+0x52/0x52 [ 342.984252] ? __kernel_text_address+0xd/0x40 [ 342.988774] ? unwind_get_return_address+0x61/0xa0 [ 342.993736] should_fail.cold.4+0xa/0x17 [ 342.997817] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 343.002942] ? save_stack+0xa9/0xd0 [ 343.006587] ? graph_lock+0x170/0x170 [ 343.010409] ? kasan_slab_alloc+0x12/0x20 [ 343.014565] ? kmem_cache_alloc+0x12e/0x730 [ 343.018905] ? mmu_topup_memory_caches+0xf7/0x390 [ 343.023756] ? kvm_mmu_load+0x21/0xfa0 [ 343.027653] ? vcpu_enter_guest+0x3dbe/0x6380 [ 343.032168] ? graph_lock+0x170/0x170 [ 343.035985] ? ksys_ioctl+0xa9/0xd0 [ 343.039635] ? __x64_sys_ioctl+0x73/0xb0 [ 343.043711] ? do_syscall_64+0x1b9/0x820 [ 343.047784] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.053171] ? find_held_lock+0x36/0x1c0 [ 343.057248] ? __lock_is_held+0xb5/0x140 [ 343.061335] ? ___might_sleep+0x1ed/0x300 [ 343.065508] ? arch_local_save_flags+0x40/0x40 [ 343.070117] __should_failslab+0x124/0x180 [ 343.074381] should_failslab+0x9/0x14 [ 343.078199] kmem_cache_alloc+0x2be/0x730 [ 343.082359] ? vmx_flush_tlb_gva+0x380/0x380 [ 343.086789] ? print_usage_bug+0xc0/0xc0 [ 343.090865] ? ima_get_action+0x7e/0xa0 [ 343.094854] ? mmu_topup_memory_caches+0xf7/0x390 [ 343.099845] mmu_topup_memory_caches+0xf7/0x390 [ 343.104530] kvm_mmu_load+0x21/0xfa0 [ 343.108260] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 343.113203] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 343.118756] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 343.123357] vcpu_enter_guest+0x3dbe/0x6380 [ 343.127716] ? emulator_read_emulated+0x50/0x50 [ 343.132406] ? vmx_vcpu_load+0xb06/0x1030 [ 343.136571] ? vmx_write_tsc_offset+0x680/0x680 [ 343.141260] ? graph_lock+0x170/0x170 [ 343.145066] ? lock_downgrade+0x900/0x900 [ 343.149222] ? check_preemption_disabled+0x48/0x200 [ 343.149243] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 343.149260] ? check_preemption_disabled+0x48/0x200 [ 343.149280] ? check_preemption_disabled+0x48/0x200 [ 343.169848] ? __lock_is_held+0xb5/0x140 [ 343.169871] ? lock_acquire+0x1ed/0x520 [ 343.169887] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 343.169909] ? lock_release+0x970/0x970 [ 343.169925] ? kvm_gen_update_masterclock+0x350/0x350 [ 343.169947] ? kvm_arch_dev_ioctl+0x630/0x630 [ 343.177965] ? preempt_notifier_dec+0x20/0x20 [ 343.177997] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 343.178013] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 343.178043] kvm_vcpu_ioctl+0x72b/0x1150 [ 343.187009] ? kvm_vcpu_block+0x1030/0x1030 [ 343.187033] ? find_held_lock+0x36/0x1c0 [ 343.187059] ? __fget+0x4aa/0x740 [ 343.187082] ? check_preemption_disabled+0x48/0x200 [ 343.196893] ? kasan_check_read+0x11/0x20 23:02:13 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x3}, 0x2c) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x10, 0xffffffffffffffff, 0xffffffffffffffff) fcntl$getown(r0, 0x9) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0xc) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) fsetxattr$system_posix_acl(r1, &(0x7f0000000380)='system.posix_acl_access\x00', &(0x7f00000003c0)={{}, {0x1, 0x4}, [{0x2, 0x2, r2}, {0x2, 0x2, r2}, {0x2, 0x7, r2}, {0x2, 0x1, r2}], {0x4, 0x2}, [{0x8, 0x2, r3}, {0x8, 0x5, r3}, {0x8, 0x2, r3}, {0x8, 0x4, r3}], {0x10, 0x4}, {0x20, 0x4}}, 0x64, 0x3) openat$zero(0xffffffffffffff9c, &(0x7f0000000580)='/dev/zero\x00', 0x40, 0x0) 23:02:13 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) ioctl$int_in(r0, 0x5473, &(0x7f00000001c0)=0x1) r1 = accept4(0xffffffffffffff9c, &(0x7f0000000040)=@in={0x2, 0x0, @multicast1}, &(0x7f0000000100)=0x80, 0x80000) r2 = syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x922, 0x2000) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, r2, 0x0, 0x0, 0x2, 0x3, {0xa, 0x4e23, 0x1, @loopback, 0xbc5c}}}, 0x3a) r3 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r3, r3, &(0x7f00000000c0), 0xfdef) 23:02:13 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x3}, 0x2c) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x10, 0xffffffffffffffff, 0xffffffffffffffff) fcntl$getown(r0, 0x9) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0xc) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) fsetxattr$system_posix_acl(r1, &(0x7f0000000380)='system.posix_acl_access\x00', &(0x7f00000003c0)={{}, {0x1, 0x4}, [{0x2, 0x2, r2}, {0x2, 0x2, r2}, {0x2, 0x7, r2}, {0x2, 0x1, r2}], {0x4, 0x2}, [{0x8, 0x2, r3}, {0x8, 0x5, r3}, {0x8, 0x2, r3}, {0x8, 0x4, r3}], {0x10, 0x4}, {0x20, 0x4}}, 0x64, 0x3) openat$zero(0xffffffffffffff9c, &(0x7f0000000580)='/dev/zero\x00', 0x40, 0x0) 23:02:13 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) r2 = dup2(r1, r0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000100)={0x0, 0xd3, "3d3eaf714b14175797dcdf9085e30472c2b9d6214ba98e9dbabae89e3783acd00c1017f1c65e93384fa6e16dec88172be78483f429737ca250470d9adce3d5c1da6161e30f01f6f95adc99d008f5e187db22ed74c032561881aa2525d774361b19532cd6efb67e954f9b230da9f798a4f3493ac87e9f547f386b6f9833f9b16b203b5af93e6aa158feef732132604da48481fc7e09306a6b2fad7ed32291e42dca1cd37352c4eb6602c80c9a0b3c450f30a13c57dae897f327f750eaf1ed718733f49bf9c6617471623003df0e625196a04386"}, &(0x7f0000000040)=0xdb) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000200)={r3, @in={{0x2, 0x4e21, @remote}}, 0x4350, 0x6}, 0x90) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) [ 343.196914] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 343.196932] ? rcu_bh_qs+0xc0/0xc0 [ 343.196963] ? __fget+0x4d1/0x740 [ 343.206287] ? ksys_dup3+0x680/0x680 [ 343.206305] ? find_held_lock+0x36/0x1c0 [ 343.206331] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 343.206355] ? kvm_vcpu_block+0x1030/0x1030 [ 343.215432] do_vfs_ioctl+0x1de/0x1720 [ 343.215450] ? __lock_is_held+0xb5/0x140 [ 343.215471] ? ioctl_preallocate+0x300/0x300 [ 343.215488] ? __fget_light+0x2e9/0x430 [ 343.215506] ? fget_raw+0x20/0x20 [ 343.223873] ? __sb_end_write+0xd9/0x110 [ 343.223896] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 343.223910] ? fput+0x130/0x1a0 [ 343.223928] ? do_syscall_64+0x9a/0x820 [ 343.223947] ? do_syscall_64+0x9a/0x820 [ 343.232409] ? lockdep_hardirqs_on+0x421/0x5c0 [ 343.232431] ? security_file_ioctl+0x94/0xc0 [ 343.232452] ksys_ioctl+0xa9/0xd0 [ 343.232473] __x64_sys_ioctl+0x73/0xb0 [ 343.232492] do_syscall_64+0x1b9/0x820 [ 343.232513] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 343.241939] ? syscall_return_slowpath+0x5e0/0x5e0 [ 343.241955] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 343.241975] ? trace_hardirqs_on_caller+0x310/0x310 [ 343.242008] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 343.242026] ? prepare_exit_to_usermode+0x291/0x3b0 [ 343.242051] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 343.249045] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.249059] RIP: 0033:0x457569 [ 343.249076] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 343.249085] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 343.249102] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 343.249112] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 343.249121] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 343.249131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 343.249145] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:15 executing program 5: r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000180)="2e65f32efe0a6766c7442400008000006766c7442402000000006766c744240600000000670f011c24b866000f00d066b88044a2b20f23c80f21f866350400d0000f23f80f0766b80500000066b9080000000f01c10f0766b8010000000f01c10f01dfb835008ee0", 0x68}], 0x1, 0x0, &(0x7f00000000c0), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/arp\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00') ioctl$SNDRV_SEQ_IOCTL_PVERSION(0xffffffffffffffff, 0x80045300, &(0x7f0000000000)) sendfile(r2, r1, &(0x7f0000000100)=0x5d, 0x79ffff00000011) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000100)="460f300f07c483614804ee08440f20c03506000000440f22c0c402f93473230f09f20f013cb9b805000000b9c00000000f01d90fc728c4c1f9e79f2e000000", 0x3f}], 0x1, 0x0, &(0x7f0000000400), 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@remote, @in6=@loopback}}, {{@in6=@mcast2}, 0x0, @in=@remote}}, &(0x7f00000000c0)=0xe8) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80, 0x80}, {0x0, 0x0, 0x8000, 0x0, 0x2, 0x0, 0xff, 0xc15}, {0x5}, 0x3, 0x0, 0x0, 0x0, 0x564183119be0e478}, {{@in6=@loopback, 0x4d3}, 0x0, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0xe8) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000480)) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000140)) 23:02:15 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f0000000240)=""/148, 0xffffffffffffff74, 0x1) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:02:15 executing program 1: r0 = socket$nl_generic(0xa, 0x5, 0x84) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x200, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000006c0)={'yam0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)=@mpls_newroute={0x2c, 0x18, 0x0, 0x70bd28, 0x25dfdbfd, {0x1c, 0x14, 0x14, 0x0, 0x0, 0x3, 0xfd, 0x7, 0x900}, [@RTA_OIF={0x8, 0x4, r2}, @RTA_OIF={0x8, 0x4, r3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x80) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000140)={"62726964676530000000008000", &(0x7f0000000100)=@ethtool_cmd={0xe, 0x0, 0x2}}) 23:02:15 executing program 4 (fault-call:7 fault-nth:9): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:15 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) fstat(0xffffffffffffff9c, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000280)={{0x3, r2, r3}, 0x1f, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:15 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x80, 0x0) getsockname$inet(r1, &(0x7f0000000140)={0x2, 0x0, @multicast2}, &(0x7f0000000180)=0x10) r2 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x4, 0x8000) ioctl$LOOP_SET_FD(r3, 0x4c00, r0) setsockopt$inet6_int(r3, 0x29, 0x49, &(0x7f0000000080)=0x3, 0x4) sendfile(r2, r2, &(0x7f00000000c0), 0xfdef) [ 345.348979] FAULT_INJECTION: forcing a failure. [ 345.348979] name failslab, interval 1, probability 0, space 0, times 0 [ 345.364996] CPU: 1 PID: 12891 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 345.372388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.381762] Call Trace: [ 345.384385] dump_stack+0x1c4/0x2b4 [ 345.388038] ? dump_stack_print_info.cold.2+0x52/0x52 [ 345.393244] ? __kernel_text_address+0xd/0x40 [ 345.397750] ? unwind_get_return_address+0x61/0xa0 [ 345.402701] should_fail.cold.4+0xa/0x17 [ 345.406781] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 345.411895] ? save_stack+0xa9/0xd0 [ 345.415536] ? graph_lock+0x170/0x170 [ 345.419348] ? kasan_slab_alloc+0x12/0x20 [ 345.423515] ? kmem_cache_alloc+0x12e/0x730 [ 345.427841] ? mmu_topup_memory_caches+0xf7/0x390 [ 345.432689] ? kvm_mmu_load+0x21/0xfa0 [ 345.436602] ? vcpu_enter_guest+0x3dbe/0x6380 [ 345.441111] ? graph_lock+0x170/0x170 [ 345.444923] ? ksys_ioctl+0xa9/0xd0 [ 345.448564] ? __x64_sys_ioctl+0x73/0xb0 [ 345.452650] ? do_syscall_64+0x1b9/0x820 [ 345.456722] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.456749] ? find_held_lock+0x36/0x1c0 [ 345.456768] ? __lock_is_held+0xb5/0x140 [ 345.456798] ? ___might_sleep+0x1ed/0x300 [ 345.470397] ? arch_local_save_flags+0x40/0x40 [ 345.470427] __should_failslab+0x124/0x180 [ 345.483363] should_failslab+0x9/0x14 [ 345.483389] kmem_cache_alloc+0x2be/0x730 [ 345.483408] ? vmx_flush_tlb_gva+0x380/0x380 [ 345.491343] ? print_usage_bug+0xc0/0xc0 [ 345.491360] ? ima_get_action+0x7e/0xa0 [ 345.491388] ? mmu_topup_memory_caches+0xf7/0x390 [ 345.491409] mmu_topup_memory_caches+0xf7/0x390 [ 345.491427] kvm_mmu_load+0x21/0xfa0 [ 345.491445] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 345.491463] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 345.491478] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 345.491497] vcpu_enter_guest+0x3dbe/0x6380 [ 345.491522] ? emulator_read_emulated+0x50/0x50 [ 345.491542] ? vmx_vcpu_load+0xb06/0x1030 [ 345.491561] ? vmx_write_tsc_offset+0x680/0x680 23:02:16 executing program 5: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0x2) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000740)={@ethernet={0x0, @dev}, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x2}, 0xa0) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f00000000c0)={0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x4d, 0x7}, 0xfffffffffffffdb9) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x101000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47744279}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$eventfd(0xffffffffffffffff, &(0x7f0000000140), 0x8) getsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000380)={0x3, [0x1ff, 0xf5, 0x0]}, &(0x7f00000003c0)=0xa) ioctl$ASHMEM_GET_PIN_STATUS(r0, 0x7709, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x2}, 0xb) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0x2eca) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000001940)={0x0, 0xebe5}, &(0x7f0000001980)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000003540)={0x0, 0x10000}, &(0x7f0000003580)=0x8) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000004c0)={0x0, @speck128, 0x1, "e27f5eb025e91e06"}) ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0x0) writev(r3, &(0x7f0000000c00), 0x0) semtimedop(0x0, &(0x7f00000002c0)=[{0x0, 0xffffffffffffffff, 0x1800}], 0x2aaaaaaaaaaaabe5, &(0x7f0000000300)={0x0, 0x1c9c380}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, &(0x7f00000000c0)={0x0, 0x0, 0xfffffffffffffff7, 'queue0\x00'}) [ 345.491576] ? graph_lock+0x170/0x170 [ 345.491600] ? lock_downgrade+0x900/0x900 [ 345.491619] ? check_preemption_disabled+0x48/0x200 [ 345.491635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.491651] ? check_preemption_disabled+0x48/0x200 [ 345.491667] ? check_preemption_disabled+0x48/0x200 [ 345.491692] ? __lock_is_held+0xb5/0x140 [ 345.508944] ? lock_acquire+0x1ed/0x520 [ 345.508961] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 345.508981] ? lock_release+0x970/0x970 [ 345.595571] ? kvm_gen_update_masterclock+0x350/0x350 [ 345.600788] ? kvm_arch_dev_ioctl+0x630/0x630 [ 345.605298] ? preempt_notifier_dec+0x20/0x20 [ 345.609817] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 345.615015] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 345.620056] kvm_vcpu_ioctl+0x72b/0x1150 [ 345.624487] ? kvm_vcpu_block+0x1030/0x1030 [ 345.628827] ? find_held_lock+0x36/0x1c0 [ 345.632908] ? __fget+0x4aa/0x740 [ 345.636387] ? check_preemption_disabled+0x48/0x200 [ 345.641419] ? kasan_check_read+0x11/0x20 [ 345.645583] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 345.650881] ? rcu_bh_qs+0xc0/0xc0 [ 345.654446] ? __fget+0x4d1/0x740 [ 345.657914] ? ksys_dup3+0x680/0x680 [ 345.661638] ? find_held_lock+0x36/0x1c0 [ 345.665727] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 345.670676] ? kvm_vcpu_block+0x1030/0x1030 [ 345.675008] do_vfs_ioctl+0x1de/0x1720 [ 345.678906] ? __lock_is_held+0xb5/0x140 [ 345.682981] ? ioctl_preallocate+0x300/0x300 [ 345.687408] ? __fget_light+0x2e9/0x430 [ 345.691399] ? fget_raw+0x20/0x20 [ 345.694864] ? __sb_end_write+0xd9/0x110 [ 345.698948] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 345.704490] ? fput+0x130/0x1a0 [ 345.707782] ? do_syscall_64+0x9a/0x820 [ 345.711764] ? do_syscall_64+0x9a/0x820 [ 345.715750] ? lockdep_hardirqs_on+0x421/0x5c0 [ 345.720346] ? security_file_ioctl+0x94/0xc0 [ 345.724775] ksys_ioctl+0xa9/0xd0 [ 345.728242] __x64_sys_ioctl+0x73/0xb0 [ 345.732142] do_syscall_64+0x1b9/0x820 [ 345.736038] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 345.741413] ? syscall_return_slowpath+0x5e0/0x5e0 [ 345.746349] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.751212] ? trace_hardirqs_on_caller+0x310/0x310 [ 345.756245] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 345.761277] ? prepare_exit_to_usermode+0x291/0x3b0 [ 345.766313] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.771179] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.776382] RIP: 0033:0x457569 [ 345.779583] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 23:02:16 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp\x00') sendmsg(0xffffffffffffffff, &(0x7f0000002fc8)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000540), 0x0, &(0x7f0000000240)=ANY=[]}, 0x0) recvfrom$unix(r0, &(0x7f0000000100)=""/191, 0xbf, 0x0, 0x0, 0x0) preadv(r0, &(0x7f00000017c0), 0x1fe, 0x400000000000) 23:02:16 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f00000000c0), 0x2) r2 = fcntl$getown(r0, 0x9) sched_getparam(r2, &(0x7f0000000100)) 23:02:16 executing program 4 (fault-call:7 fault-nth:10): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 345.798500] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 345.806222] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 345.813500] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 345.820773] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 345.828050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 345.835327] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 346.093586] FAULT_INJECTION: forcing a failure. [ 346.093586] name failslab, interval 1, probability 0, space 0, times 0 [ 346.106729] CPU: 0 PID: 12910 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 346.114110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 346.123467] Call Trace: [ 346.126069] dump_stack+0x1c4/0x2b4 [ 346.129726] ? dump_stack_print_info.cold.2+0x52/0x52 [ 346.134932] ? __kernel_text_address+0xd/0x40 23:02:16 executing program 1: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000100)="120000001200e7ef007b0000f4afd7030a7c", 0x12, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500), 0x0, &(0x7f00000000c0)=""/7, 0x7}, 0x0) recvmmsg(r0, &(0x7f0000004a40)=[{{&(0x7f00000001c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000001300)=[{&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/146, 0x92}], 0x2}}], 0x1, 0x0, &(0x7f0000000140)) [ 346.139437] ? unwind_get_return_address+0x61/0xa0 [ 346.144387] should_fail.cold.4+0xa/0x17 [ 346.148465] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 346.153582] ? save_stack+0xa9/0xd0 [ 346.157224] ? graph_lock+0x170/0x170 [ 346.161019] ? kasan_slab_alloc+0x12/0x20 [ 346.165175] ? kmem_cache_alloc+0x12e/0x730 [ 346.169501] ? mmu_topup_memory_caches+0xf7/0x390 [ 346.174349] ? kvm_mmu_load+0x21/0xfa0 [ 346.178233] ? vcpu_enter_guest+0x3dbe/0x6380 [ 346.182716] ? graph_lock+0x170/0x170 [ 346.186554] ? ksys_ioctl+0xa9/0xd0 [ 346.190167] ? __x64_sys_ioctl+0x73/0xb0 [ 346.194219] ? do_syscall_64+0x1b9/0x820 [ 346.198270] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.203641] ? find_held_lock+0x36/0x1c0 [ 346.207703] ? __lock_is_held+0xb5/0x140 [ 346.211757] ? ___might_sleep+0x1ed/0x300 [ 346.215906] ? arch_local_save_flags+0x40/0x40 [ 346.220484] __should_failslab+0x124/0x180 [ 346.224728] should_failslab+0x9/0x14 [ 346.228536] kmem_cache_alloc+0x2be/0x730 [ 346.232671] ? vmx_flush_tlb_gva+0x380/0x380 [ 346.237069] ? print_usage_bug+0xc0/0xc0 [ 346.241118] ? ima_get_action+0x7e/0xa0 [ 346.245084] ? mmu_topup_memory_caches+0xf7/0x390 [ 346.249915] mmu_topup_memory_caches+0xf7/0x390 [ 346.254572] kvm_mmu_load+0x21/0xfa0 [ 346.258283] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 346.263201] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 346.268725] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 346.273297] vcpu_enter_guest+0x3dbe/0x6380 [ 346.277619] ? emulator_read_emulated+0x50/0x50 [ 346.282279] ? vmx_vcpu_load+0xb06/0x1030 [ 346.286418] ? vmx_write_tsc_offset+0x680/0x680 [ 346.291076] ? graph_lock+0x170/0x170 [ 346.294862] ? lock_downgrade+0x900/0x900 [ 346.299010] ? check_preemption_disabled+0x48/0x200 [ 346.304013] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 346.309538] ? check_preemption_disabled+0x48/0x200 [ 346.314540] ? check_preemption_disabled+0x48/0x200 [ 346.319547] ? __lock_is_held+0xb5/0x140 [ 346.323641] ? lock_acquire+0x1ed/0x520 [ 346.327619] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 346.332835] ? lock_release+0x970/0x970 [ 346.336798] ? kvm_gen_update_masterclock+0x350/0x350 [ 346.342066] ? kvm_arch_dev_ioctl+0x630/0x630 [ 346.346551] ? preempt_notifier_dec+0x20/0x20 [ 346.351043] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 346.355896] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 346.360913] kvm_vcpu_ioctl+0x72b/0x1150 [ 346.364965] ? kvm_vcpu_block+0x1030/0x1030 [ 346.369278] ? find_held_lock+0x36/0x1c0 [ 346.373331] ? __fget+0x4aa/0x740 [ 346.376780] ? check_preemption_disabled+0x48/0x200 [ 346.381785] ? kasan_check_read+0x11/0x20 [ 346.385923] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 346.391188] ? rcu_bh_qs+0xc0/0xc0 [ 346.394736] ? __fget+0x4d1/0x740 [ 346.398197] ? ksys_dup3+0x680/0x680 [ 346.401910] ? find_held_lock+0x36/0x1c0 [ 346.405963] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 346.410888] ? kvm_vcpu_block+0x1030/0x1030 [ 346.415197] do_vfs_ioctl+0x1de/0x1720 [ 346.419072] ? __lock_is_held+0xb5/0x140 [ 346.423130] ? ioctl_preallocate+0x300/0x300 [ 346.427525] ? __fget_light+0x2e9/0x430 [ 346.431504] ? fget_raw+0x20/0x20 [ 346.434947] ? __sb_end_write+0xd9/0x110 [ 346.439001] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 346.444522] ? fput+0x130/0x1a0 [ 346.447791] ? do_syscall_64+0x9a/0x820 [ 346.451753] ? do_syscall_64+0x9a/0x820 [ 346.455718] ? lockdep_hardirqs_on+0x421/0x5c0 [ 346.460307] ? security_file_ioctl+0x94/0xc0 [ 346.464726] ksys_ioctl+0xa9/0xd0 [ 346.468203] __x64_sys_ioctl+0x73/0xb0 [ 346.472083] do_syscall_64+0x1b9/0x820 [ 346.475961] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 346.481315] ? syscall_return_slowpath+0x5e0/0x5e0 [ 346.486231] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.491064] ? trace_hardirqs_on_caller+0x310/0x310 [ 346.496072] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 346.501077] ? prepare_exit_to_usermode+0x291/0x3b0 [ 346.506082] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.510916] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.516090] RIP: 0033:0x457569 [ 346.519271] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 346.538176] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 23:02:17 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000080)=0x400) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000100)) sendfile(r2, r2, &(0x7f00000000c0), 0xfdef) 23:02:17 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f00000014c0)) msgsnd(r2, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(r1, 0x0, &(0x7f0000000300)={{0x77359400}, {0x0, 0x9}}, &(0x7f00000002c0)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) [ 346.545885] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 346.553139] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 346.560396] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 346.567668] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 346.574924] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:19 executing program 3: r0 = gettid() r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000000000)) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000180)=[@in={0x2, 0x4e22, @remote}, @in={0x2, 0x4e20, @multicast2}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x16}}, @in6={0xa, 0x4e22, 0x4fc, @loopback, 0xffffffffffff7030}, @in6={0xa, 0x4e24, 0x0, @mcast2, 0x6}, @in6={0xa, 0x4e21, 0x800, @mcast1, 0x1}, @in={0x2, 0x4e23, @remote}, @in6={0xa, 0x4e21, 0x1, @mcast1}], 0xb0) 23:02:19 executing program 4 (fault-call:7 fault-nth:11): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:19 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fd/3\x00') epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000080)={0x80000000}) sendfile(r0, r2, &(0x7f00000000c0), 0xfdec) 23:02:19 executing program 5: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0x2) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000740)={@ethernet={0x0, @dev}, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x2}, 0xa0) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f00000000c0)={0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x4d, 0x7}, 0xfffffffffffffdb9) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x101000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47744279}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$eventfd(0xffffffffffffffff, &(0x7f0000000140), 0x8) getsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000380)={0x3, [0x1ff, 0xf5, 0x0]}, &(0x7f00000003c0)=0xa) ioctl$ASHMEM_GET_PIN_STATUS(r0, 0x7709, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x2}, 0xb) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0x2eca) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000001940)={0x0, 0xebe5}, &(0x7f0000001980)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000003540)={0x0, 0x10000}, &(0x7f0000003580)=0x8) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000004c0)={0x0, @speck128, 0x1, "e27f5eb025e91e06"}) ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0x0) writev(r3, &(0x7f0000000c00), 0x0) semtimedop(0x0, &(0x7f00000002c0)=[{0x0, 0xffffffffffffffff, 0x1800}], 0x2aaaaaaaaaaaabe5, &(0x7f0000000300)={0x0, 0x1c9c380}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, &(0x7f00000000c0)={0x0, 0x0, 0xfffffffffffffff7, 'queue0\x00'}) 23:02:19 executing program 1: clone(0x0, &(0x7f0000000440), &(0x7f00000003c0), &(0x7f0000000500), &(0x7f0000000400)) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpid() waitid(0x2, r0, &(0x7f0000003ff8), 0xa1000004, 0x0) [ 348.390814] FAULT_INJECTION: forcing a failure. [ 348.390814] name failslab, interval 1, probability 0, space 0, times 0 [ 348.402875] CPU: 1 PID: 12939 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 348.410252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 348.410261] Call Trace: [ 348.410293] dump_stack+0x1c4/0x2b4 [ 348.410323] ? dump_stack_print_info.cold.2+0x52/0x52 [ 348.410346] ? __kernel_text_address+0xd/0x40 [ 348.435730] ? unwind_get_return_address+0x61/0xa0 [ 348.435758] should_fail.cold.4+0xa/0x17 [ 348.435780] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 348.444764] ? save_stack+0xa9/0xd0 [ 348.444786] ? graph_lock+0x170/0x170 [ 348.444805] ? kasan_slab_alloc+0x12/0x20 [ 348.453520] ? kmem_cache_alloc+0x12e/0x730 [ 348.453540] ? mmu_topup_memory_caches+0xf7/0x390 [ 348.453553] ? kvm_mmu_load+0x21/0xfa0 [ 348.453570] ? vcpu_enter_guest+0x3dbe/0x6380 [ 348.453599] ? graph_lock+0x170/0x170 [ 348.461531] ? ksys_ioctl+0xa9/0xd0 [ 348.461547] ? __x64_sys_ioctl+0x73/0xb0 [ 348.461565] ? do_syscall_64+0x1b9/0x820 [ 348.461583] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.461620] ? find_held_lock+0x36/0x1c0 [ 348.461643] ? __lock_is_held+0xb5/0x140 [ 348.479169] ? ___might_sleep+0x1ed/0x300 [ 348.479190] ? arch_local_save_flags+0x40/0x40 [ 348.479222] __should_failslab+0x124/0x180 [ 348.479243] should_failslab+0x9/0x14 [ 348.486655] kmem_cache_alloc+0x2be/0x730 [ 348.486672] ? vmx_flush_tlb_gva+0x380/0x380 [ 348.486689] ? print_usage_bug+0xc0/0xc0 [ 348.486710] ? ima_get_action+0x7e/0xa0 [ 348.494821] ? mmu_topup_memory_caches+0xf7/0x390 [ 348.494845] mmu_topup_memory_caches+0xf7/0x390 [ 348.494871] kvm_mmu_load+0x21/0xfa0 [ 348.504283] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 348.504308] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 348.504325] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 348.504348] vcpu_enter_guest+0x3dbe/0x6380 [ 348.512552] ? emulator_read_emulated+0x50/0x50 [ 348.512578] ? vmx_vcpu_load+0xb06/0x1030 [ 348.512615] ? vmx_write_tsc_offset+0x680/0x680 [ 348.521411] ? graph_lock+0x170/0x170 [ 348.521428] ? lock_downgrade+0x900/0x900 [ 348.521448] ? check_preemption_disabled+0x48/0x200 [ 348.521468] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 348.521486] ? check_preemption_disabled+0x48/0x200 [ 348.521503] ? check_preemption_disabled+0x48/0x200 [ 348.521530] ? __lock_is_held+0xb5/0x140 [ 348.529470] ? lock_acquire+0x1ed/0x520 [ 348.529488] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 348.529512] ? lock_release+0x970/0x970 [ 348.529529] ? kvm_gen_update_masterclock+0x350/0x350 [ 348.529547] ? kvm_arch_dev_ioctl+0x630/0x630 [ 348.529568] ? preempt_notifier_dec+0x20/0x20 [ 348.538048] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 348.538066] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 348.538101] kvm_vcpu_ioctl+0x72b/0x1150 [ 348.538121] ? kvm_vcpu_block+0x1030/0x1030 [ 348.546931] ? find_held_lock+0x36/0x1c0 [ 348.546959] ? __fget+0x4aa/0x740 [ 348.546982] ? check_preemption_disabled+0x48/0x200 [ 348.547005] ? kasan_check_read+0x11/0x20 [ 348.682482] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 348.687752] ? rcu_bh_qs+0xc0/0xc0 [ 348.691290] ? __fget+0x4d1/0x740 [ 348.694750] ? ksys_dup3+0x680/0x680 [ 348.698466] ? find_held_lock+0x36/0x1c0 [ 348.702523] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 348.707445] ? kvm_vcpu_block+0x1030/0x1030 [ 348.711757] do_vfs_ioctl+0x1de/0x1720 [ 348.715635] ? __lock_is_held+0xb5/0x140 [ 348.719691] ? ioctl_preallocate+0x300/0x300 [ 348.724089] ? __fget_light+0x2e9/0x430 [ 348.728054] ? fget_raw+0x20/0x20 [ 348.731499] ? __sb_end_write+0xd9/0x110 [ 348.735566] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 348.741096] ? fput+0x130/0x1a0 [ 348.744368] ? do_syscall_64+0x9a/0x820 [ 348.748335] ? do_syscall_64+0x9a/0x820 [ 348.752298] ? lockdep_hardirqs_on+0x421/0x5c0 [ 348.756874] ? security_file_ioctl+0x94/0xc0 [ 348.761275] ksys_ioctl+0xa9/0xd0 [ 348.764724] __x64_sys_ioctl+0x73/0xb0 [ 348.768610] do_syscall_64+0x1b9/0x820 [ 348.772490] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 348.777853] ? syscall_return_slowpath+0x5e0/0x5e0 [ 348.782785] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 348.787622] ? trace_hardirqs_on_caller+0x310/0x310 [ 348.792633] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 348.797642] ? prepare_exit_to_usermode+0x291/0x3b0 [ 348.802670] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 348.807523] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.812708] RIP: 0033:0x457569 [ 348.815903] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 348.834790] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 23:02:19 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)="01000100000000002e5270752f73797a3000", 0x200002, 0x0) tee(r0, r0, 0x8, 0x7) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) r2 = openat$cgroup_int(r0, &(0x7f0000000000)='memory.high\x00', 0x2, 0x0) r3 = getpgrp(0xffffffffffffffff) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x40, 0x0) perf_event_open(&(0x7f0000000340)={0x7, 0x70, 0x1, 0x8, 0x8, 0xffffffff, 0x0, 0x3, 0x10000, 0x8, 0x2, 0x0, 0x8, 0x6, 0x7fffffff, 0x80000000, 0x2, 0x5, 0x2, 0x4, 0x8, 0xfffffffffffffffd, 0x9, 0x1, 0x2, 0x6b, 0x9, 0x2, 0x2, 0x9, 0x6, 0x5, 0xffffffff, 0x6, 0x4, 0xffffffffffff93ec, 0x3, 0x100, 0x0, 0x200, 0x1, @perf_config_ext={0x1, 0xfff}, 0x2200, 0x0, 0x9, 0x0, 0x0, 0x2, 0xb711}, r3, 0x0, r4, 0x9) r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x101201, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r4, 0x114, 0x7, &(0x7f0000000500)={@un=@file={0x3e42959741353cd3, './file0\x00'}, {&(0x7f0000000280)=""/14, 0xe}, &(0x7f0000000440), 0x2a}, 0xa0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000100)={0x4, 0xd, 0x4, 0x10000, 0x0}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f00000001c0)={r6, 0x10000000007f, 0x30, 0xcac, 0x9}, &(0x7f0000000480)=0x18) sendfile(r2, r1, &(0x7f0000000200)=0x4, 0xfded) getsockopt$inet_sctp6_SCTP_NODELAY(r5, 0x84, 0x3, &(0x7f00000002c0), &(0x7f0000000300)=0x4) r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x20004, 0x0) ioctl$KVM_DIRTY_TLB(r7, 0x4010aeaa, &(0x7f0000000240)={0x10001, 0x400000190000000}) ioctl$sock_inet_SIOCGIFPFLAGS(r7, 0x8935, &(0x7f00000000c0)={'bcsh0\x00', 0x2}) ioctl$DRM_IOCTL_GET_MAGIC(r7, 0x80046402, &(0x7f00000004c0)) 23:02:19 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x3) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)) 23:02:19 executing program 4 (fault-call:7 fault-nth:12): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 348.842484] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 348.849746] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 348.857013] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 348.864267] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 348.871521] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:19 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) syz_open_pts(r0, 0x0) syz_open_pts(r0, 0x4000) 23:02:19 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000000100)="120000001200e7ef007b0000f4afd7030a7c", 0x12, 0x0, 0x0, 0x0) recvmsg(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500), 0x0, &(0x7f00000000c0)=""/7, 0x7}, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) recvmmsg(r1, &(0x7f0000004a40)=[{{&(0x7f00000001c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000001300)=[{&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/146, 0x92}], 0x2}}, {{0x0, 0x0, &(0x7f0000002a80), 0x0, &(0x7f0000002b00)=""/13, 0xd}}], 0x2, 0x0, &(0x7f0000000140)={0x0, r2+30000000}) [ 349.153030] FAULT_INJECTION: forcing a failure. [ 349.153030] name failslab, interval 1, probability 0, space 0, times 0 [ 349.199445] CPU: 0 PID: 12966 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 349.206836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 349.216195] Call Trace: [ 349.218810] dump_stack+0x1c4/0x2b4 [ 349.222468] ? dump_stack_print_info.cold.2+0x52/0x52 [ 349.227679] ? __kernel_text_address+0xd/0x40 [ 349.232192] ? unwind_get_return_address+0x61/0xa0 [ 349.237143] should_fail.cold.4+0xa/0x17 [ 349.241227] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 349.246335] ? save_stack+0xa9/0xd0 23:02:19 executing program 1: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) mount(&(0x7f00000002c0)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f00000013c0)='ramfs\x00', 0x0, &(0x7f000000a000)) chroot(&(0x7f0000000080)='./file0\x00') mount(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x201000, &(0x7f00000002c0)) mount(&(0x7f0000000080)=ANY=[], &(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='sysfs\x00', 0x0, &(0x7f0000000240)='9p\x00') pivot_root(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='./file0\x00') pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='./file0\x00') pivot_root(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') [ 349.249971] ? graph_lock+0x170/0x170 [ 349.253806] ? kasan_slab_alloc+0x12/0x20 [ 349.257968] ? kmem_cache_alloc+0x12e/0x730 [ 349.257987] ? mmu_topup_memory_caches+0xf7/0x390 [ 349.257999] ? kvm_mmu_load+0x21/0xfa0 [ 349.258016] ? vcpu_enter_guest+0x3dbe/0x6380 [ 349.258034] ? graph_lock+0x170/0x170 [ 349.267468] ? ksys_ioctl+0xa9/0xd0 [ 349.283244] ? __x64_sys_ioctl+0x73/0xb0 [ 349.287321] ? do_syscall_64+0x1b9/0x820 [ 349.291391] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.296777] ? find_held_lock+0x36/0x1c0 [ 349.300906] ? __lock_is_held+0xb5/0x140 [ 349.304992] ? ___might_sleep+0x1ed/0x300 [ 349.309154] ? arch_local_save_flags+0x40/0x40 [ 349.313769] __should_failslab+0x124/0x180 [ 349.318021] should_failslab+0x9/0x14 [ 349.321841] kmem_cache_alloc+0x2be/0x730 [ 349.326006] ? vmx_flush_tlb_gva+0x380/0x380 [ 349.330425] ? print_usage_bug+0xc0/0xc0 [ 349.334497] ? ima_get_action+0x7e/0xa0 [ 349.338483] ? mmu_topup_memory_caches+0xf7/0x390 [ 349.343344] mmu_topup_memory_caches+0xf7/0x390 [ 349.348026] kvm_mmu_load+0x21/0xfa0 [ 349.351756] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 349.357182] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 349.362737] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 349.367336] vcpu_enter_guest+0x3dbe/0x6380 [ 349.367367] ? emulator_read_emulated+0x50/0x50 [ 349.367392] ? vmx_vcpu_load+0xb06/0x1030 [ 349.376378] ? vmx_write_tsc_offset+0x680/0x680 [ 349.376396] ? graph_lock+0x170/0x170 [ 349.376411] ? lock_downgrade+0x900/0x900 [ 349.376434] ? check_preemption_disabled+0x48/0x200 [ 349.398170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 349.403714] ? check_preemption_disabled+0x48/0x200 [ 349.408720] ? check_preemption_disabled+0x48/0x200 [ 349.413735] ? __lock_is_held+0xb5/0x140 [ 349.417803] ? lock_acquire+0x1ed/0x520 [ 349.421780] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 349.426803] ? lock_release+0x970/0x970 [ 349.430781] ? kvm_gen_update_masterclock+0x350/0x350 [ 349.435993] ? kvm_arch_dev_ioctl+0x630/0x630 [ 349.440479] ? preempt_notifier_dec+0x20/0x20 [ 349.444967] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 349.449797] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 349.454821] kvm_vcpu_ioctl+0x72b/0x1150 [ 349.458911] ? kvm_vcpu_block+0x1030/0x1030 [ 349.463225] ? find_held_lock+0x36/0x1c0 [ 349.467278] ? __fget+0x4aa/0x740 [ 349.470747] ? check_preemption_disabled+0x48/0x200 [ 349.475779] ? kasan_check_read+0x11/0x20 [ 349.479919] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 349.485183] ? rcu_bh_qs+0xc0/0xc0 [ 349.488716] ? __fget+0x4d1/0x740 [ 349.492162] ? ksys_dup3+0x680/0x680 [ 349.495897] ? find_held_lock+0x36/0x1c0 [ 349.499955] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 349.504890] ? kvm_vcpu_block+0x1030/0x1030 [ 349.509222] do_vfs_ioctl+0x1de/0x1720 [ 349.513097] ? __lock_is_held+0xb5/0x140 [ 349.517146] ? ioctl_preallocate+0x300/0x300 [ 349.521610] ? __fget_light+0x2e9/0x430 [ 349.525571] ? fget_raw+0x20/0x20 [ 349.529023] ? __sb_end_write+0xd9/0x110 [ 349.533074] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 349.538610] ? fput+0x130/0x1a0 [ 349.541883] ? do_syscall_64+0x9a/0x820 [ 349.545879] ? do_syscall_64+0x9a/0x820 [ 349.549842] ? lockdep_hardirqs_on+0x421/0x5c0 [ 349.554412] ? security_file_ioctl+0x94/0xc0 [ 349.558811] ksys_ioctl+0xa9/0xd0 [ 349.562255] __x64_sys_ioctl+0x73/0xb0 [ 349.566133] do_syscall_64+0x1b9/0x820 [ 349.570047] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 349.575403] ? syscall_return_slowpath+0x5e0/0x5e0 [ 349.580322] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 349.585156] ? trace_hardirqs_on_caller+0x310/0x310 [ 349.590158] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 349.595161] ? prepare_exit_to_usermode+0x291/0x3b0 23:02:20 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f00000014c0)) msgsnd(r2, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) timer_settime(r1, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f0000000040)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) [ 349.600181] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 349.605047] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.610240] RIP: 0033:0x457569 [ 349.613442] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 349.632349] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 349.632368] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 23:02:20 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x2000, 0x0) ioctl$INOTIFY_IOC_SETNEXTWD(r1, 0x40044900, 0xfff) tkill(r0, 0x1000000000016) 23:02:20 executing program 5: r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r1 = creat(&(0x7f0000000180)='./file0\x00', 0x0) write$P9_RREMOVE(r1, &(0x7f0000000280)={0x1}, 0xff7f) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)='T', 0x1}], 0x1, 0x0) fcntl$setstatus(r2, 0x4, 0x6100) ftruncate(r2, 0x8200) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000200)={0x0, r1}) 23:02:20 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) r2 = dup2(r1, r1) setsockopt$inet_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x4) sendfile(r1, r1, &(0x7f00000000c0), 0xfdef) 23:02:20 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003500)=[{{&(0x7f0000000200)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000002580)=[{&(0x7f00000012c0)=""/115, 0x73}], 0x1}}], 0x1, 0x0, &(0x7f0000007d80)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0)=0x0) migrate_pages(r0, 0x0, &(0x7f0000000280), &(0x7f0000000300)) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_mr_cache\x00') getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140), &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f00000002c0), &(0x7f0000000340)=0x8) preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0) write$P9_ROPEN(r1, &(0x7f00000001c0)={0x18, 0x71, 0x2, {{0x1, 0x0, 0x6}, 0xff}}, 0x18) [ 349.632377] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 349.632386] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 349.632396] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 349.632405] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:20 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000040)={0xffffffffffffff9c}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x10000, 0x7, 0x5, 0x80}, &(0x7f0000000100)=0x14) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000140)={r2}, &(0x7f0000000180)=0x8) r3 = openat$cgroup_int(r0, &(0x7f00000003c0)='io.bfq.weight\x00', 0x2, 0x0) sendfile(r3, r3, &(0x7f00000000c0), 0xfdef) [ 349.777642] QAT: Invalid ioctl 23:02:20 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x1) fcntl$setstatus(r1, 0x4, 0x2800) write(r1, &(0x7f0000000400)="bf", 0x1) dup2(r0, r1) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/180, 0xb4}], 0x1) 23:02:20 executing program 4 (fault-call:7 fault-nth:13): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:20 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0xa06, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000040)) r1 = syz_open_procfs(0x0, &(0x7f0000000080)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f79805854fa07424adee901d2da75af1f0200f5ab26d7a071fb1f331ce39c5a") sendfile(r0, r1, &(0x7f0000000000)=0xe4240, 0x2b428a52) 23:02:20 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x805, 0x0) write$uinput_user_dev(r0, &(0x7f0000000540)={'syz0\x00', {0x100, 0xfffffffffffffffa, 0x1, 0x7}, 0x48, [0x1f, 0x100, 0x7, 0x9, 0xff, 0x7, 0x6, 0x9, 0x9, 0x2, 0x7fff, 0x1, 0x8000, 0x8, 0xc5, 0x5, 0x800, 0x4, 0x4b2b, 0x100000001, 0x7, 0x7, 0x9, 0x6, 0x8, 0x5, 0xea9, 0x2, 0x6, 0x8, 0x4, 0x5, 0x10001, 0x33b, 0x0, 0x8, 0x9, 0x9, 0x0, 0xed9c, 0x4, 0x5, 0x400, 0x8000, 0x7, 0xaa6, 0x5, 0x2, 0x10001, 0x2, 0xe31a, 0x9, 0x8, 0x10000, 0x8, 0x800, 0x78, 0xc000000000, 0xfff, 0xcfa, 0x9, 0x9, 0x4, 0x90b8], [0x2, 0x7, 0x10001, 0x7, 0x4, 0x8, 0xfffffffffffffffe, 0x6, 0x6, 0x4, 0x3, 0x7fff, 0x1000, 0x1, 0x38, 0x2c, 0x2, 0x0, 0x947, 0xe000000000, 0x80000000, 0x10001, 0xe2ec, 0x80000001, 0x0, 0xfffffffffffffffc, 0x80000001, 0x123, 0x3f, 0x80000001, 0x7, 0x7ff, 0x9, 0x8001, 0x5, 0x1, 0xffffffff, 0x100000001, 0x3, 0x1000, 0x1, 0x1ff, 0x2, 0x2, 0x6, 0x3ff, 0x9e8, 0x4, 0xffff, 0x7fffffff, 0x10001, 0x9e97, 0x2, 0x100000001, 0x2, 0x4, 0x400, 0x3ff, 0x401, 0x100000001, 0x3ff, 0x6, 0x2, 0x200], [0x1f, 0x10001, 0x0, 0x3, 0x3, 0x5, 0x57, 0x8001, 0x7, 0x6, 0x1f, 0x3, 0x5, 0x2b2, 0xf7fc, 0x731, 0xfffffffeffffffff, 0x3a, 0x400, 0x400, 0x531, 0x8, 0x800, 0x0, 0x7fff, 0x3, 0x5, 0xfffffffffffffff9, 0x4, 0x937c, 0x10001, 0x0, 0x7, 0x5, 0x4a8000, 0x1ff, 0x9, 0x1, 0x1, 0x401, 0xffffffff, 0x81bfbc7, 0x4731f1c1, 0x8001, 0x1, 0x6, 0x800, 0x9, 0x5f5, 0x6f723fcf, 0x771, 0x4, 0x6, 0x7, 0x3, 0xfffffffeffffffff, 0x7, 0x8, 0x7f, 0xfffffffffffffffc, 0x8, 0x800, 0x9, 0x2], [0x3ff, 0x3, 0x1ff, 0x8, 0xc58, 0x3, 0x7fff, 0x2, 0x0, 0x8, 0x3, 0x1, 0x7, 0x1, 0x928, 0x7, 0x2, 0x81, 0x89, 0xffffffffffff40b1, 0x1, 0x100000001, 0xfffffffffffffffc, 0x9, 0x8, 0x0, 0xf4, 0x3, 0xffffffffffff8000, 0x4f8000000, 0x8, 0x3, 0x8, 0x3, 0x9, 0x80, 0x8, 0x100000000, 0x4, 0x1000, 0x5, 0x2, 0x3ff, 0x101, 0xfffffffffffffffe, 0x0, 0x2638, 0x3f, 0x9, 0x2, 0x0, 0xffffffffffffe27c, 0x43b, 0x7ff, 0x6, 0x5, 0x9, 0xfffffffffffffff7, 0xffffffffffffffff, 0x6, 0x59d, 0x2, 0x73a]}, 0x45c) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000a00)='/dev/snapshot\x00', 0x40, 0x0) ioctl$UI_SET_ABSBIT(r1, 0x40045567, 0x4) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) write$uinput_user_dev(r0, &(0x7f00000000c0)={'syz1\x00', {}, 0x0, [], [0x4]}, 0x45c) [ 349.962307] FAULT_INJECTION: forcing a failure. [ 349.962307] name failslab, interval 1, probability 0, space 0, times 0 [ 349.990399] CPU: 0 PID: 13013 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 349.997783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 350.007147] Call Trace: [ 350.009763] dump_stack+0x1c4/0x2b4 [ 350.013423] ? dump_stack_print_info.cold.2+0x52/0x52 [ 350.018640] ? __kernel_text_address+0xd/0x40 [ 350.023156] ? unwind_get_return_address+0x61/0xa0 [ 350.028111] should_fail.cold.4+0xa/0x17 [ 350.032196] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 350.037318] ? save_stack+0xa9/0xd0 [ 350.042173] ? graph_lock+0x170/0x170 [ 350.045985] ? kasan_slab_alloc+0x12/0x20 [ 350.050143] ? kmem_cache_alloc+0x12e/0x730 [ 350.054479] ? mmu_topup_memory_caches+0xf7/0x390 [ 350.059328] ? kvm_mmu_load+0x21/0xfa0 [ 350.063228] ? vcpu_enter_guest+0x3dbe/0x6380 [ 350.067735] ? graph_lock+0x170/0x170 [ 350.071545] ? ksys_ioctl+0xa9/0xd0 [ 350.075177] ? __x64_sys_ioctl+0x73/0xb0 [ 350.079251] ? do_syscall_64+0x1b9/0x820 [ 350.083327] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.088712] ? find_held_lock+0x36/0x1c0 [ 350.092793] ? __lock_is_held+0xb5/0x140 [ 350.096887] ? ___might_sleep+0x1ed/0x300 [ 350.101054] ? arch_local_save_flags+0x40/0x40 [ 350.105660] __should_failslab+0x124/0x180 [ 350.109915] should_failslab+0x9/0x14 [ 350.113733] kmem_cache_alloc+0x2be/0x730 [ 350.117898] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 350.117920] ? mmu_topup_memory_caches+0xf7/0x390 [ 350.117942] mmu_topup_memory_caches+0xf7/0x390 [ 350.117963] kvm_mmu_load+0x21/0xfa0 [ 350.117984] ? kvm_cpu_has_injectable_intr+0x11/0x1f0 [ 350.141130] ? kvm_cpu_has_injectable_intr+0x13c/0x1f0 [ 350.146437] vcpu_enter_guest+0x3dbe/0x6380 [ 350.150787] ? emulator_read_emulated+0x50/0x50 [ 350.155479] ? vmx_vcpu_load+0xb06/0x1030 [ 350.159651] ? vmx_write_tsc_offset+0x680/0x680 23:02:20 executing program 1: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x20201, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000080)=[@in={0x2, 0x9, @rand_addr=0x20}, @in6={0xa, 0x4e24, 0x4, @mcast2, 0x5}, @in={0x2, 0x4e20, @broadcast}, @in6={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x1f}, 0x735}], 0x58) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x201, 0x0) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000300)="0b964c0f080319", 0x7}], 0x1) 23:02:20 executing program 5: io_setup(0x203, &(0x7f0000000040)=0x0) r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x0, 0x0) close(r1) r2 = inotify_init1(0x20003) fcntl$dupfd(r2, 0x0, r2) io_submit(r0, 0x1, &(0x7f0000000b00)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) [ 350.164329] ? graph_lock+0x170/0x170 [ 350.168138] ? lock_downgrade+0x900/0x900 [ 350.172300] ? check_preemption_disabled+0x48/0x200 [ 350.177333] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 350.182890] ? check_preemption_disabled+0x48/0x200 [ 350.187926] ? check_preemption_disabled+0x48/0x200 [ 350.187956] ? __lock_is_held+0xb5/0x140 [ 350.187978] ? lock_acquire+0x1ed/0x520 [ 350.187994] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 350.188015] ? lock_release+0x970/0x970 [ 350.197305] ? kvm_gen_update_masterclock+0x350/0x350 [ 350.197325] ? kvm_arch_dev_ioctl+0x630/0x630 [ 350.197341] ? preempt_notifier_dec+0x20/0x20 [ 350.197369] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 350.229277] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 350.234320] kvm_vcpu_ioctl+0x72b/0x1150 [ 350.238393] ? kvm_vcpu_block+0x1030/0x1030 [ 350.242730] ? find_held_lock+0x36/0x1c0 [ 350.246809] ? __fget+0x4aa/0x740 [ 350.250274] ? check_preemption_disabled+0x48/0x200 [ 350.255305] ? kasan_check_read+0x11/0x20 [ 350.259464] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 350.264753] ? rcu_bh_qs+0xc0/0xc0 [ 350.268318] ? __fget+0x4d1/0x740 [ 350.271789] ? ksys_dup3+0x680/0x680 [ 350.275512] ? find_held_lock+0x36/0x1c0 [ 350.279603] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 350.284558] ? kvm_vcpu_block+0x1030/0x1030 [ 350.288898] do_vfs_ioctl+0x1de/0x1720 [ 350.292797] ? __lock_is_held+0xb5/0x140 [ 350.296876] ? ioctl_preallocate+0x300/0x300 [ 350.301339] ? __fget_light+0x2e9/0x430 [ 350.305333] ? fget_raw+0x20/0x20 [ 350.308800] ? __sb_end_write+0xd9/0x110 [ 350.312880] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 350.318425] ? fput+0x130/0x1a0 [ 350.321711] ? do_syscall_64+0x9a/0x820 [ 350.325693] ? do_syscall_64+0x9a/0x820 [ 350.329860] ? lockdep_hardirqs_on+0x421/0x5c0 [ 350.334458] ? security_file_ioctl+0x94/0xc0 [ 350.338890] ksys_ioctl+0xa9/0xd0 [ 350.342362] __x64_sys_ioctl+0x73/0xb0 [ 350.346260] do_syscall_64+0x1b9/0x820 [ 350.350158] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 350.355531] ? syscall_return_slowpath+0x5e0/0x5e0 [ 350.360479] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.365333] ? trace_hardirqs_on_caller+0x310/0x310 [ 350.370501] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 350.375533] ? prepare_exit_to_usermode+0x291/0x3b0 [ 350.380565] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.385437] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.390635] RIP: 0033:0x457569 [ 350.393834] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 350.412736] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 350.420453] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 350.427723] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 350.434995] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 350.442271] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 350.449544] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:21 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) r2 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x4000) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000200)={{0x8b, 0x1}, 'port0\x00', 0x4, 0x40000, 0x101, 0x100, 0x24e, 0x0, 0xe9, 0x0, 0x4, 0x2}) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) [ 350.573048] QAT: Invalid ioctl 23:02:21 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) r1 = socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x8) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x2b) 23:02:21 executing program 4 (fault-call:7 fault-nth:14): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:21 executing program 2: rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xffffffffffffff7f}, 0x0, 0x8) r0 = memfd_create(&(0x7f000088f000)='\x00\x00\x00', 0x4) r1 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r1, &(0x7f0000001740)=[{&(0x7f0000000000)=@in={0x2, 0x0, @local}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000180)='5', 0x1}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000a68a756fd747e1536ea8111dc234000084000000050000003000000000000000"], 0x18}], 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r4, 0x84, 0x65, &(0x7f0000013e95), 0x4) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000100)={0x0, @empty, @multicast1}, 0xc) close(r4) close(r3) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) ftruncate(r0, 0x2) 23:02:21 executing program 1: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x6, 0x0) write$P9_RWSTAT(r1, &(0x7f0000000040)={0x7}, 0x7) poll(&(0x7f0000000080)=[{r0, 0x400}, {r0}, {r0, 0x8000}], 0x3, 0x8) 23:02:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000100)=ANY=[@ANYRESHEX=r1, @ANYRESDEC=r0, @ANYRESOCT=r1, @ANYPTR]) fsetxattr$trusted_overlay_origin(r1, &(0x7f0000000000)='trusted.overlay.origin\x00', &(0x7f0000000040)='y\x00', 0x2, 0x1) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x76) [ 350.708684] FAULT_INJECTION: forcing a failure. [ 350.708684] name failslab, interval 1, probability 0, space 0, times 0 [ 350.723979] CPU: 0 PID: 13057 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 350.731369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 350.740728] Call Trace: [ 350.743335] dump_stack+0x1c4/0x2b4 [ 350.747009] ? dump_stack_print_info.cold.2+0x52/0x52 [ 350.752224] should_fail.cold.4+0xa/0x17 [ 350.756296] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 350.761422] ? save_stack+0xa9/0xd0 [ 350.765073] ? graph_lock+0x170/0x170 [ 350.768908] ? kasan_slab_alloc+0x12/0x20 [ 350.773060] ? kmem_cache_alloc+0x12e/0x730 [ 350.777383] ? mmu_topup_memory_caches+0xf7/0x390 [ 350.782227] ? kvm_mmu_load+0x21/0xfa0 [ 350.786116] ? vcpu_enter_guest+0x3dbe/0x6380 [ 350.790622] ? graph_lock+0x170/0x170 [ 350.794427] ? ksys_ioctl+0xa9/0xd0 [ 350.798054] ? __x64_sys_ioctl+0x73/0xb0 [ 350.802122] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.807497] ? find_held_lock+0x36/0x1c0 [ 350.811571] ? __lock_is_held+0xb5/0x140 [ 350.815659] ? ___might_sleep+0x1ed/0x300 [ 350.819815] ? arch_local_save_flags+0x40/0x40 [ 350.824449] __should_failslab+0x124/0x180 [ 350.828705] should_failslab+0x9/0x14 [ 350.832512] kmem_cache_alloc+0x2be/0x730 [ 350.836661] ? vmx_flush_tlb_gva+0x380/0x380 [ 350.841079] ? mmu_topup_memory_caches+0xf7/0x390 [ 350.845933] mmu_topup_memory_caches+0xf7/0x390 [ 350.850619] kvm_mmu_load+0x21/0xfa0 [ 350.854341] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 350.859280] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 350.864821] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 350.869416] vcpu_enter_guest+0x3dbe/0x6380 [ 350.873757] ? emulator_read_emulated+0x50/0x50 [ 350.878433] ? zap_class+0x640/0x640 [ 350.882151] ? vmx_vcpu_load+0xb06/0x1030 [ 350.886309] ? vmx_write_tsc_offset+0x680/0x680 [ 350.890982] ? graph_lock+0x170/0x170 [ 350.894786] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 350.900363] ? check_preemption_disabled+0x48/0x200 [ 350.905407] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 350.910992] ? check_preemption_disabled+0x48/0x200 [ 350.916042] ? check_preemption_disabled+0x48/0x200 [ 350.921077] ? __lock_is_held+0xb5/0x140 [ 350.925148] ? lock_acquire+0x1ed/0x520 [ 350.929124] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 350.934154] ? lock_release+0x970/0x970 [ 350.938142] ? kvm_gen_update_masterclock+0x350/0x350 [ 350.943336] ? kvm_arch_dev_ioctl+0x630/0x630 [ 350.947835] ? preempt_notifier_dec+0x20/0x20 [ 350.952379] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 350.957227] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 350.962274] kvm_vcpu_ioctl+0x72b/0x1150 [ 350.966341] ? kvm_vcpu_block+0x1030/0x1030 [ 350.970675] ? find_held_lock+0x36/0x1c0 [ 350.974751] ? __fget+0x4aa/0x740 [ 350.978212] ? check_preemption_disabled+0x48/0x200 [ 350.983252] ? kasan_check_read+0x11/0x20 [ 350.987411] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 350.992696] ? rcu_bh_qs+0xc0/0xc0 [ 350.996253] ? __fget+0x4d1/0x740 [ 350.999720] ? ksys_dup3+0x680/0x680 [ 351.003455] ? find_held_lock+0x36/0x1c0 [ 351.007527] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 351.012471] ? kvm_vcpu_block+0x1030/0x1030 [ 351.016798] do_vfs_ioctl+0x1de/0x1720 [ 351.020702] ? ioctl_preallocate+0x300/0x300 [ 351.025115] ? __fget_light+0x2e9/0x430 [ 351.029094] ? fget_raw+0x20/0x20 [ 351.032560] ? __sb_end_write+0xd9/0x110 [ 351.036637] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 351.042180] ? fput+0x130/0x1a0 [ 351.045469] ? do_syscall_64+0x9a/0x820 [ 351.049447] ? do_syscall_64+0x9a/0x820 [ 351.053423] ? lockdep_hardirqs_on+0x421/0x5c0 [ 351.058012] ? security_file_ioctl+0x94/0xc0 [ 351.062461] ksys_ioctl+0xa9/0xd0 [ 351.065969] __x64_sys_ioctl+0x73/0xb0 [ 351.069865] do_syscall_64+0x1b9/0x820 [ 351.073766] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 351.079137] ? syscall_return_slowpath+0x5e0/0x5e0 [ 351.084072] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 351.089009] ? trace_hardirqs_on_caller+0x310/0x310 [ 351.094029] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 351.099051] ? prepare_exit_to_usermode+0x291/0x3b0 [ 351.104081] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 351.108936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.114128] RIP: 0033:0x457569 [ 351.117329] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 351.136228] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 351.143947] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 351.151215] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 23:02:21 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x200002000000200) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="07000000010005000600fcff01010000000000003beb432135d3bd4e22db06961afc4901a06efbf180174645f1f205ccf4a710cb864b30327218b4d6fa79304da1496c1c4351ff9f3ff79cddab4d4befc6ed074fadb9b1276ce00e3546ea1fd6d9bdd1ec474b688d1747cf870cd718803e013e7834466dd8404ffbb4fc6149bffc17f2ca8987ea9612e2faea2a0cd735232fa2742f070ab231a19626fb291ad2cf3b6091920e02"], 0x12) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket(0x10, 0x4000000000002, 0x0) ioctl$sock_ifreq(r1, 0x89f0, &(0x7f0000000100)={'gre0\x00', @ifru_ivalue=0x7050e0}) r2 = add_key(&(0x7f0000000000)='blacklist\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="aebdf96b4bc4c848f0656f18dfab866d2d76d6d7e55cfbdb01ffc2a507aa0ffa174af54411b3adfd18d66e9178142af7346b0fc3d1dd8b4531314680464da5a493ed431467b5c02db55217f087b8c70274e952fb2c62b9422eb58d79a7d3097a187ec799", 0x64, 0xfffffffffffffffb) keyctl$revoke(0x3, r2) [ 351.158515] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 351.165796] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 351.173080] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:21 executing program 2: r0 = timerfd_create(0x5, 0x800) timerfd_gettime(r0, &(0x7f0000000100)) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000005ff7)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000009fe8)={0xfff7, 0x1a, 0x0, 0xffffffffffffffff}) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x6012, r2, 0x0) mincore(&(0x7f0000004000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/220) 23:02:21 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000223fd4)=[@in={0x2, 0x0, @loopback}], 0x10) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000662000), 0x4) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000100)) getsockname$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000040)=0x1c) 23:02:21 executing program 3: r0 = gettid() timer_create(0x2, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) recvfrom$inet(r1, &(0x7f0000000180)=""/169, 0xa9, 0x40000000, &(0x7f0000000040)={0x2, 0x4e22, @broadcast}, 0x10) tkill(r0, 0x1000000000016) 23:02:22 executing program 4 (fault-call:7 fault-nth:15): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:22 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000440)='/dev/null\x00', 0x4040, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000500)={r0, r0, 0x9e1e, 0x8001, &(0x7f0000000480)="e4005713b61297b403de0384088a883aaab5059a3f1e87fe926272f6284ed1416d673dd06078446b02c3f53b455126a557ec08498d84020e3fe22e86bafa744355ce6311578b35f952b25a5a5d868969988840427eeff03cc3e6c0164b55533477081fb662653947e75b960855086c33a844e7d694028568", 0x3, 0x40, 0xfffffffffffffffb, 0x200, 0x7, 0x3, 0xcc, "bc64cf532289f3dd6007561aceec7ba851f67f21fc8f0693140b46bbc29452d6869e5e479b9abcb85affb5da138a0f06c00a5361abbea770a02a3c4f73bb757f60f03d90207cf46baf873e796ced"}) sendmsg$nl_route(r0, &(0x7f0000000640)={&(0x7f0000000600), 0xc, &(0x7f0000000580)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c00000010000106000000000000000000000000", @ANYRES32=0x0, @ANYRES32=r1], 0x3}}, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x2000, 0x0) r3 = syz_open_dev$dspn(&(0x7f00000003c0)='/dev/dsp#\x00', 0x81, 0x80000) ioctl$LOOP_GET_STATUS64(r2, 0x4c05, &(0x7f00000002c0)) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x20, r4, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4040000) ioctl$sock_inet_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000400)) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000240), &(0x7f0000000280)=0x14) [ 351.331568] x86/PAT: syz-executor2:13077 map pfn RAM range req write-combining for [mem 0x1856d0000-0x1856d3fff], got write-back [ 351.380663] x86/PAT: syz-executor2:13085 map pfn RAM range req write-combining for [mem 0x1856d0000-0x1856d3fff], got write-back [ 351.411289] FAULT_INJECTION: forcing a failure. [ 351.411289] name failslab, interval 1, probability 0, space 0, times 0 [ 351.443071] CPU: 1 PID: 13087 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 351.450455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.459831] Call Trace: [ 351.462438] dump_stack+0x1c4/0x2b4 [ 351.466090] ? dump_stack_print_info.cold.2+0x52/0x52 [ 351.471333] ? __kernel_text_address+0xd/0x40 [ 351.471356] ? unwind_get_return_address+0x61/0xa0 [ 351.471399] should_fail.cold.4+0xa/0x17 [ 351.480803] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 351.480835] ? save_stack+0xa9/0xd0 [ 351.480854] ? graph_lock+0x170/0x170 [ 351.480871] ? kasan_slab_alloc+0x12/0x20 [ 351.501583] ? kmem_cache_alloc+0x12e/0x730 [ 351.505928] ? mmu_topup_memory_caches+0xf7/0x390 [ 351.510788] ? kvm_mmu_load+0x21/0xfa0 [ 351.514777] ? vcpu_enter_guest+0x3dbe/0x6380 [ 351.519283] ? graph_lock+0x170/0x170 [ 351.523094] ? ksys_ioctl+0xa9/0xd0 [ 351.526749] ? __x64_sys_ioctl+0x73/0xb0 [ 351.530821] ? do_syscall_64+0x1b9/0x820 [ 351.534898] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.540309] ? find_held_lock+0x36/0x1c0 [ 351.540331] ? __lock_is_held+0xb5/0x140 [ 351.540361] ? ___might_sleep+0x1ed/0x300 [ 351.540387] ? arch_local_save_flags+0x40/0x40 [ 351.540414] __should_failslab+0x124/0x180 [ 351.548530] should_failslab+0x9/0x14 [ 351.548548] kmem_cache_alloc+0x2be/0x730 [ 351.548562] ? vmx_flush_tlb_gva+0x380/0x380 [ 351.548581] ? print_usage_bug+0xc0/0xc0 [ 351.577894] ? mmu_topup_memory_caches+0xf7/0x390 [ 351.582742] mmu_topup_memory_caches+0xf7/0x390 [ 351.587407] kvm_mmu_load+0x21/0xfa0 [ 351.591109] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 351.596048] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 351.601574] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 351.606154] vcpu_enter_guest+0x3dbe/0x6380 [ 351.610469] ? emulator_read_emulated+0x50/0x50 [ 351.615129] ? vmx_vcpu_load+0xb06/0x1030 [ 351.619269] ? vmx_write_tsc_offset+0x680/0x680 [ 351.623960] ? graph_lock+0x170/0x170 [ 351.627750] ? find_held_lock+0x36/0x1c0 [ 351.631798] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 351.637344] ? check_preemption_disabled+0x48/0x200 [ 351.642347] ? check_preemption_disabled+0x48/0x200 [ 351.647381] ? __lock_is_held+0xb5/0x140 [ 351.651449] ? lock_acquire+0x1ed/0x520 [ 351.655411] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 351.660432] ? lock_release+0x970/0x970 [ 351.664401] ? kvm_gen_update_masterclock+0x350/0x350 [ 351.669609] ? kvm_arch_dev_ioctl+0x630/0x630 [ 351.674091] ? preempt_notifier_dec+0x20/0x20 [ 351.678577] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 351.683415] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 351.688429] kvm_vcpu_ioctl+0x72b/0x1150 [ 351.692526] ? kvm_vcpu_block+0x1030/0x1030 [ 351.696837] ? find_held_lock+0x36/0x1c0 [ 351.700892] ? __fget+0x4aa/0x740 [ 351.704336] ? check_preemption_disabled+0x48/0x200 [ 351.709343] ? kasan_check_read+0x11/0x20 [ 351.713478] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 351.718756] ? rcu_bh_qs+0xc0/0xc0 [ 351.722322] ? __fget+0x4d1/0x740 [ 351.725768] ? ksys_dup3+0x680/0x680 [ 351.729468] ? find_held_lock+0x36/0x1c0 [ 351.733536] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 351.738477] ? kvm_vcpu_block+0x1030/0x1030 [ 351.742790] do_vfs_ioctl+0x1de/0x1720 [ 351.746694] ? __lock_is_held+0xb5/0x140 [ 351.750761] ? ioctl_preallocate+0x300/0x300 [ 351.755171] ? __fget_light+0x2e9/0x430 [ 351.759136] ? fget_raw+0x20/0x20 [ 351.762580] ? __sb_end_write+0xd9/0x110 [ 351.766642] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 351.772166] ? fput+0x130/0x1a0 [ 351.775450] ? do_syscall_64+0x9a/0x820 [ 351.779412] ? do_syscall_64+0x9a/0x820 [ 351.783377] ? lockdep_hardirqs_on+0x421/0x5c0 [ 351.787952] ? security_file_ioctl+0x94/0xc0 [ 351.792349] ksys_ioctl+0xa9/0xd0 [ 351.795794] __x64_sys_ioctl+0x73/0xb0 [ 351.799672] do_syscall_64+0x1b9/0x820 [ 351.803548] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 351.808904] ? syscall_return_slowpath+0x5e0/0x5e0 [ 351.813821] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 351.818655] ? trace_hardirqs_on_caller+0x310/0x310 [ 351.823662] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 351.828667] ? prepare_exit_to_usermode+0x291/0x3b0 [ 351.833676] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 351.838510] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.843684] RIP: 0033:0x457569 [ 351.846868] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 351.865771] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 351.873467] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 351.880721] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 351.887980] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 351.895247] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 351.902501] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:22 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) r2 = syz_open_dev$vcsa(&(0x7f00000003c0)='/dev/vcsa#\x00', 0x0, 0x200000) ioctl$sock_SIOCBRDELBR(r2, 0x89a1, &(0x7f0000000400)='tunl0\x00') msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) time(&(0x7f0000000000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x400, 0x0) getsockopt$inet6_dccp_int(r3, 0x21, 0x1a, &(0x7f0000000480), &(0x7f00000004c0)=0x4) r4 = request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000200)='\x00', 0xfffffffffffffffe) keyctl$restrict_keyring(0x1d, r4, &(0x7f0000000240)='rxrpc\x00', &(0x7f0000000280)='#\\\'em0\x00') tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:22 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x800000000002) ioctl$TUNGETFILTER(r0, 0x801054db, &(0x7f0000000080)=""/223) ioctl(r0, 0x8912, &(0x7f0000000040)="153f62344885d25d766070") unshare(0x2000400) fgetxattr(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0773322e766d6e6574316db5c5c5774fada05d3a0066d0e18eb650835f6572d90c85021755cd873bd5fe09574593a1dcf7b41f0010ac3bfdd16b15a48e37f4ac368749e93514da871ec72d775363dbfed93968ea93e06c6822a326f334edaa4b5aa52843899ad31fe39897f1dcd6c3be6af76f86c193dfcdf98547bb990de8e9bb88fb1b230c650088d7e5cfc80000"], &(0x7f0000000640)=""/4096, 0x1000) 23:02:22 executing program 5: socketpair$unix(0x1, 0x1000000000005, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000021ff0)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffffffffffff010}, {0x6}]}, 0x10) sendto$inet6(r1, &(0x7f0000000000), 0x133, 0x0, &(0x7f0000000140), 0x1c) 23:02:22 executing program 2: lsetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@random={'os2.', 'md5sum]user/-\x00'}, &(0x7f00000000c0)='/dev/vhci\x00', 0xa, 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000003e40)='/dev/vhci\x00', 0x2001, 0x0) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000100)=0x0) waitid(0x1, r2, &(0x7f0000000140), 0x20000008, &(0x7f0000000180)) io_setup(0x40, &(0x7f0000000300)=0x0) io_submit(r3, 0x1400, &(0x7f0000000240)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r0, &(0x7f0000000140), 0x2}]) socket$nl_generic(0x10, 0x3, 0x10) 23:02:22 executing program 4 (fault-call:7 fault-nth:16): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 352.018508] FAULT_INJECTION: forcing a failure. [ 352.018508] name failslab, interval 1, probability 0, space 0, times 0 [ 352.039414] CPU: 0 PID: 13102 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 352.046798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 352.056156] Call Trace: [ 352.058766] dump_stack+0x1c4/0x2b4 [ 352.062415] ? dump_stack_print_info.cold.2+0x52/0x52 23:02:22 executing program 5: r0 = socket$l2tp(0x18, 0x1, 0x1) r1 = fcntl$dupfd(r0, 0x406, r0) getsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000000)=0x80, &(0x7f0000000100)=0x4) openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/attr/keycreate\x00', 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="153f6234488dd25d766070") mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, 0x40011, r0, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000240)="2f65786500000000000489004bddd9de91be10eebf000ee91e18f0c76fbb232a07424ae1e901d2da75af1f0200f5ab26d7e071fb35331ce39c5a0000") ioctl$FS_IOC_FSGETXATTR(r3, 0x40086602, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x6) getsockopt$SO_COOKIE(r3, 0x1, 0x39, &(0x7f0000000080), &(0x7f0000000140)=0x8) [ 352.067631] ? __kernel_text_address+0xd/0x40 [ 352.072138] ? unwind_get_return_address+0x61/0xa0 [ 352.072165] should_fail.cold.4+0xa/0x17 [ 352.072186] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 352.072204] ? save_stack+0xa9/0xd0 [ 352.072222] ? graph_lock+0x170/0x170 [ 352.072271] ? kasan_slab_alloc+0x12/0x20 [ 352.097922] ? kmem_cache_alloc+0x12e/0x730 [ 352.102275] ? mmu_topup_memory_caches+0xf7/0x390 [ 352.107129] ? kvm_mmu_load+0x21/0xfa0 [ 352.111030] ? vcpu_enter_guest+0x3dbe/0x6380 [ 352.115537] ? graph_lock+0x170/0x170 [ 352.119354] ? ksys_ioctl+0xa9/0xd0 [ 352.122996] ? __x64_sys_ioctl+0x73/0xb0 [ 352.127069] ? do_syscall_64+0x1b9/0x820 [ 352.131146] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.136529] ? find_held_lock+0x36/0x1c0 [ 352.140617] ? __lock_is_held+0xb5/0x140 [ 352.144707] ? ___might_sleep+0x1ed/0x300 [ 352.148881] ? arch_local_save_flags+0x40/0x40 [ 352.153491] __should_failslab+0x124/0x180 [ 352.157741] should_failslab+0x9/0x14 [ 352.161577] kmem_cache_alloc+0x2be/0x730 23:02:22 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") socket$inet(0x10, 0x3, 0xc) [ 352.165764] ? vmx_flush_tlb_gva+0x380/0x380 [ 352.170194] ? print_usage_bug+0xc0/0xc0 [ 352.174266] ? ima_get_action+0x7e/0xa0 [ 352.178252] ? mmu_topup_memory_caches+0xf7/0x390 [ 352.183112] mmu_topup_memory_caches+0xf7/0x390 [ 352.183136] kvm_mmu_load+0x21/0xfa0 [ 352.183155] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 352.183176] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 352.191543] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 352.191567] vcpu_enter_guest+0x3dbe/0x6380 [ 352.191606] ? emulator_read_emulated+0x50/0x50 23:02:22 executing program 5: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000100)={0x6, 0x5}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000540)=@filter={'filter\x00', 0xe, 0x2, 0x1e8, [0x0, 0x200005c0, 0x200005f0, 0x200006f0], 0x0, &(0x7f00000000c0), &(0x7f0000000240)=ANY=[@ANYBLOB="00e82800000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000ae460000000000000000000000000000000000000000000000ffffffff0100000009000000000000000000766574683100000000000000000000006970365f76746930000000000000000065727370616e30000000000000000000626f6e64300000000000000000000000aaaaaaaaaaaa0000000000000000000000000000e200000000007000000070000000a00000004e465155455545000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff010000000000000000000000000073797a5f74756e00000000000000000079616d30000000000000000000000000626f6e645f736c6176655f310000000073697430000000000000000000000000aaaaaaaaaa000000000000000180c200000000000000000000007000000070000000b80000005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a3100000000000000000000000000000000000000000000000000000000d1def247d2f2ca15b98972dd8179b7fc4acaf1d2956b1dc5e1423c39f0891b838e05c19add184c53b03bb255ad11daf575feefad6eb66de705b61c4bdf40be7c1fb9d70065dd837c1fe2834d484aaed41239f256cb151367db598f57ebd92024d47ca70a51bed6f1bb1732e05a4cb2cc0e6a5b978365d9efb1e4afe89e9e3976dbe7dc3ba39a0abce98e964e6e9e38e94e2b93d9c457b9e1b8cf60f0881ced162918778c14d75a4c0d91e9096fe6c461ff7d4a72394add804ec99460f665cf9cbb74072d466ceae9a03d48968d07fd3384f2def5c9e33683cc5d68254f1dca3d6e4390a5cc1bbb05c6"]}, 0x349) getpgrp(0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000040)={0x0, 0x0}) tkill(r3, 0x0) [ 352.191629] ? vmx_vcpu_load+0xb06/0x1030 [ 352.191651] ? vmx_write_tsc_offset+0x680/0x680 [ 352.224443] ? graph_lock+0x170/0x170 [ 352.228253] ? lock_downgrade+0x900/0x900 [ 352.232432] ? check_preemption_disabled+0x48/0x200 [ 352.237464] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 352.243011] ? check_preemption_disabled+0x48/0x200 [ 352.243028] ? check_preemption_disabled+0x48/0x200 [ 352.243054] ? __lock_is_held+0xb5/0x140 [ 352.243076] ? lock_acquire+0x1ed/0x520 [ 352.243092] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 352.243112] ? lock_release+0x970/0x970 [ 352.270127] ? kvm_gen_update_masterclock+0x350/0x350 [ 352.275332] ? kvm_arch_dev_ioctl+0x630/0x630 [ 352.279839] ? preempt_notifier_dec+0x20/0x20 [ 352.284370] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 352.288060] kernel msg: ebtables bug: please report to author: Wrong len argument [ 352.289224] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 352.289258] kvm_vcpu_ioctl+0x72b/0x1150 [ 352.289280] ? kvm_vcpu_block+0x1030/0x1030 [ 352.289302] ? find_held_lock+0x36/0x1c0 [ 352.289327] ? __fget+0x4aa/0x740 23:02:23 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgid(0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3}, r1, 0x0, 0xffffffffffffffff, 0x0) prctl$void(0x4000000000000020) syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x80000000, 0x640000) r3 = dup(r2) ioctl$TIOCMBIS(r3, 0x5416, &(0x7f0000000080)=0xfffffffe) r4 = dup2(r2, r0) timer_create(0x4, &(0x7f0000000040)={0x0, 0x41, 0x7, @tid=r1}, &(0x7f0000000100)=0x0) clock_gettime(0x2, &(0x7f00000002c0)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) timer_settime(r5, 0x1, &(0x7f0000000240)={{r6, r7+10000000}, {r8, r9+10000000}}, 0x0) ioctl$VT_ACTIVATE(r4, 0x5606, 0x100000000000) [ 352.289355] ? check_preemption_disabled+0x48/0x200 [ 352.305259] kernel msg: ebtables bug: please report to author: Wrong len argument [ 352.306057] ? kasan_check_read+0x11/0x20 [ 352.306078] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 352.306096] ? rcu_bh_qs+0xc0/0xc0 [ 352.306128] ? __fget+0x4d1/0x740 [ 352.347056] ? ksys_dup3+0x680/0x680 [ 352.350804] ? find_held_lock+0x36/0x1c0 [ 352.354894] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 352.354922] ? kvm_vcpu_block+0x1030/0x1030 [ 352.354940] do_vfs_ioctl+0x1de/0x1720 [ 352.354960] ? __lock_is_held+0xb5/0x140 [ 352.364206] ? ioctl_preallocate+0x300/0x300 [ 352.376526] ? __fget_light+0x2e9/0x430 [ 352.380514] ? fget_raw+0x20/0x20 [ 352.383987] ? __sb_end_write+0xd9/0x110 [ 352.388075] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 352.393627] ? fput+0x130/0x1a0 [ 352.396919] ? do_syscall_64+0x9a/0x820 [ 352.400905] ? do_syscall_64+0x9a/0x820 [ 352.404894] ? lockdep_hardirqs_on+0x421/0x5c0 [ 352.409505] ? security_file_ioctl+0x94/0xc0 [ 352.413967] ksys_ioctl+0xa9/0xd0 [ 352.417433] __x64_sys_ioctl+0x73/0xb0 [ 352.421331] do_syscall_64+0x1b9/0x820 [ 352.425223] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 352.430603] ? syscall_return_slowpath+0x5e0/0x5e0 [ 352.435538] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.440420] ? trace_hardirqs_on_caller+0x310/0x310 [ 352.445447] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 352.450473] ? prepare_exit_to_usermode+0x291/0x3b0 [ 352.455506] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.460393] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.465624] RIP: 0033:0x457569 [ 352.468870] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 352.487777] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 352.495496] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 352.502769] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 352.510054] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 352.517343] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 352.524674] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:25 executing program 3: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SYNC(r0, 0x4) timer_create(0x1, &(0x7f0000000300)={0x0, 0x1, 0x6, @thr={&(0x7f0000000180)="b5f8a6c1f216900f996396bf56ac6d7c381bd0ca3da88870fd0d80186ddbc5038a73af97a9592694d5c749c6aa9a7df97424e1ef77a659ab9a6afa07613f37bd7ece0e674d1d1da83dbd45e9e3e6106bfa37e05b472f90f9090a2c2cd12c3809aa724045baef7b43050e14070a55796f076a64a346193af4b727714b9d5c33024db78b6642991eee5dcc7ca95c88cb6d8ac017d424d874d129787c5441ffedbe2fccce63bbc7ae1718a5d1d87e798777b5283dd6d4adc5a6de62708112bceec32f8cb94597209fa686cf", &(0x7f0000000280)="763d51fc2a0ba26b3d901b9af400b312ec4eaf397fc4e3e93faac802c79ccfe0d4595a7cea9d47ff691865b4f1715946776cc2b46612f96e5df123d8dce7df69a53b3d0703132bfecb8a70cd487f9c38488c25e62bd51bf363483991c8d9ad389b7aac2abcde98e67d3838e479f7dbf927292c2555ff0c94"}}, &(0x7f0000000340)) r1 = gettid() ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000400)=ANY=[@ANYBLOB="00100000000000005a97000000080000020000008300000004000000000000003d0000000000000025240000000000000200000000000000000000000000000000000000000000000001000000000000000000000000000401000000000000009a0900000000000001800000000000000000000000000000000000c124750bcd76000000000000000000000000000000000000000000ff0300ff03000000000000070000000000000000000000000000000000200000000000000200000000000000000000000000000800eb0000000000070000000000000001800000000000000000000000000000000000000000000000010000000000000000"]) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r1, 0x1000000000016) capset(&(0x7f0000000380)={0x20080522, r1}, &(0x7f00000003c0)={0x0, 0xff, 0x368, 0x6, 0x9, 0x9}) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x4f726220, 0xfffffffffffffff8, 0x5, 0x0, 0x0, 0x791d, 0x90198, 0x0, 0x2, 0x100, 0x0, 0xd866, 0x89, 0x6, 0x4, 0x2, 0x2, 0xea, 0x20, 0x9, 0x6, 0x9, 0x100, 0x2, 0xffffffffffff7fff, 0x3, 0x7, 0x7f, 0x3ff, 0x5b, 0x400, 0x3f, 0x7ff, 0x400, 0x9c, 0x8, 0x0, 0x800, 0x3, @perf_config_ext={0x8000, 0x8}, 0x2108, 0x81, 0x3, 0x3, 0x4, 0x4, 0x9}, r1, 0x9, r0, 0xa) 23:02:25 executing program 1: r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x5, 0x100) getsockopt$inet6_dccp_buf(r0, 0x21, 0xcf, &(0x7f0000000100)=""/127, &(0x7f0000000080)=0x7f) r1 = socket$inet(0x2, 0x6000000000000003, 0x6) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f0000000200)={0x7fffffff, 0xd70a, 0x5, 'queue0\x00', 0x200}) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='tunl0\x00', 0x10) sendto$inet(r1, &(0x7f0000000100), 0xc, 0x404c0c0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000180)={0x1a, 0x7, 0x5}) sendto$inet(r1, &(0x7f00000002c0)="579059a2d9393831", 0x8, 0x0, &(0x7f00000001c0)={0x2, 0x0, @rand_addr}, 0x10) 23:02:25 executing program 4 (fault-call:7 fault-nth:17): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:25 executing program 2: r0 = syz_open_dev$amidi(&(0x7f0000000200)='/dev/amidi#\x00', 0x9, 0x201) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000180)={0x0, 0x0}) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4) setsockopt$packet_tx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f00000001c0)) r5 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x9, 0x4000) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x117, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000440)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e22, 0x7fff, @loopback, 0x7ab}, r6}}, 0x30) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'vcan0\x00', 0x0}) setsockopt$inet_mreqn(r5, 0x0, 0x20, &(0x7f00000004c0)={@dev={0xac, 0x14, 0x14, 0x1b}, @dev={0xac, 0x14, 0x14, 0x19}, r7}, 0xc) statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000280)) r8 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r8, &(0x7f0000000580)={0x2, 0x4e23, @rand_addr}, 0x10) sendto$inet(r8, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local, [0x0, 0x0, 0x0, 0x3]}, 0x10) shutdown(r8, 0x1) fchdir(r3) exit(0x0) pivot_root(&(0x7f00004cffff)='.', &(0x7f0000000140)='./file0\x00') getsockopt$kcm_KCM_RECV_DISABLE(r8, 0x119, 0x1, &(0x7f0000000080), 0x4) getpeername$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x0, @broadcast}, &(0x7f00000003c0)=0x10) 23:02:25 executing program 5: r0 = memfd_create(&(0x7f00003ce000)='}\x00', 0x0) clone(0x10000, &(0x7f0000000500)="483a9fb4dda09e43bbede13dd10c94692ea22082d0c597f6b2f4a8b7a38358ebec6a7d1e2b", &(0x7f0000000540), &(0x7f0000000580), &(0x7f00000005c0)="394dee91b2922b2c8666c5339bd31fdec324d4dce94cbbb039ce8b03a253bda65564fc092214e0ea1469d375a4f5a361acb5a7ce39974e0f356acec36b33bcabe2a95c64a53abc9924954478a62b8d0336d7472cade16803e394a746b9c85658fdf5da30dba94018534381f6210dce1df80359a2ce200ac23d1021fc093909d3c6683cb4ff227f80bb26f931e50b18ca00fef45972ca10aa2d3a15a0720a51a79dc554df43877422e4cd466d2126b7950a25a0325d0423bafc6f0d5238d4b6af") socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r0, 0x0) listxattr(&(0x7f0000000180)='./file0\x00', &(0x7f0000000680)=""/32, 0x20) ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, &(0x7f0000000000)={{0x0, 0x0, 0x100000001, 0x0, 0x1}, 0x0, 0x9, 'id1\x00', 'timer1\x00', 0x0, 0x5, 0x7, 0x1, 0xb69}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000480)=0x0) syz_open_procfs$namespace(r3, &(0x7f00000004c0)='ns/net\x00') mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000001c0)={{{@in6=@dev, @in6=@remote}}, {{@in=@dev}, 0x0, @in6=@remote}}, &(0x7f0000000100)=0xe8) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000440)={&(0x7f0000000140), 0xc, &(0x7f0000000400)={&(0x7f0000000300)=ANY=[@ANYBLOB="003db0a0", @ANYRES16=r4, @ANYBLOB="100427bd7000fddbdf250f000000080006000010000064000300080008008800000014000600fe8000000000000000000000000000aa0800030003000000080001000000000014000200766c616e3000000000000000000000000800030003000000080004000100000008000400010000000800040000000000440001000c0007000200000008000000080001000a000000080001000a000000080005000200000014000300fe8000000000000000000000000000bb08000b00736970000400020008000600d80b000008000500ecb50000"], 0xd8}, 0x1, 0x0, 0x0, 0x40000}, 0x800) fcntl$dupfd(r2, 0x0, r1) 23:02:25 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000001880)=ANY=[@ANYBLOB="42dfa43502000000bf72a79ce886604a8413922d4234038a47a4779dd8f29513a8a2ae548e597e8c8f176d87d7c34ee3b34e861374f2c9e8b9da0a1fb021ccffa115ef2876d78348a67a5c1dc301c9c2d4bf890932c3bc965f80a3c256b3c01d051395cb9376877e14e214bb83a83891a8016d861a876ff883e6744f40aaf45b618aa6cc82461aed55a4ab8bf940cdad4797608ebc4e08ab3f4e996d3ad6eb37"], 0x8, 0x0) getrandom(&(0x7f0000000200)=""/148, 0x27c, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r2 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x0, 0x1) pwritev(r2, &(0x7f00000016c0)=[{&(0x7f0000000040)="fc433f8412ddf9366390a45c59a667992924f7fc0a365d46c0b82e3b124c1e68f198f642d4adb6b52b0b10483dba65673f45e9210398dbc34a018d7308428139cdacd2084149d050338f65c034bf91c6254bb39cfd9dfc773fa9698b77e96e81a9af945673a0c5e33ac259175531b4b4565645e54c78c0597362c4491895715f89d37537a130f3280a08a9cd8d79c71f02fa746bb3a69fa83dd18f4686139944994930412da90eed7386151a70c8cec48475eb615edf015c1593b540fde7b6a1575f3dd3e60bb471fc6dafeb42f55b114fd3b06467fa77f8", 0xd8}, {&(0x7f00000002c0)="383b6cbd200af4228ded6491c5e4617f06582ee6c44e036020945d04c2e64e546d0298272b39484e1c5df49f3a6acfc2ac5df9231a62f84ff61953a475f9fb534191acc6d6cba84d11124a6ae1dc5524f452d10345376e4aabfc9c1aab7732047fa6289a1f5eac2f562001c747138464a01e83754b33d194489dbaeec4dd9a1f9dee092f05a144bd03e8072771a7b271693b859b7c8d271d718b188340ec62550a59c202ed4b", 0xa6}, {&(0x7f0000000380)="d429f8b186df4a071e8a1ec5f8217371a3ecc8ca13fb1b9f416d9c10a98d14a0948747869a3dfc108723327ede917e6e29a41cc8f85ed852ef4e6d28ff4cda62edb8c4f573e05bbf91c9d40dc0575c395280ffc6f837443c731c67a0a0d54f95d3de0518b5187bb4010b63401efbc9eb584581a16a6368656ff54c981ec8d132c46cd21a9db1217b2f560f8c8bc9300232e5691d2bb97e27bee12cd9b5bf547b96295c876df031eb5dda6417b2ee323feed865b1a56078d1548f6f7532510b9a92c836a01f5301b1f29e82366ecc708a575d450015ccafc5fe585b728f7255a62696f1515581f7784355a2592a9841c73a464de729d5ed83b55aed8d158469f11e41ceae4cfdaa93c4bf2941333527c2e1b0ed43b21453524aa0c3ec71cb2ab5ba733cfc5978bb505ed334c15c5d29123e91fe863003c974faf5a4db2e72e8f20eef87568b51752e83a303c47e453126daad1138573729735402295ee1368ffe6a45a909cfa204d1b53a3b6a9a1540023b738742ea455f01c79a4ffc8a4e3cf7946633f527807dd82d3ebad00e0a293011c5c8e7ad52f21e63e6f767ecc99d170de656658bdba5c01c19f27cac6523bc750d21458113296d571afb6e0cd47c20a37f9e49122566d1003a53be7893719ff7968a1def74c0044a1acabb7fbce9ce7ef698afcfd8790dbf2273bd6adf696ef9ca0cea4da8c388250a2c6e0277aa5311a427293c4eca3f55b9a025fb5f2f658e39ed46e1507d51bc5fde88ee628b47c3a9f701c817b472d5bfebf7bd0514c770a8381a977816a9598ed8d606196112196502a638a16d05f9957232034be4730a912f74b8e05ccef085914ec93d8e0650d35e9817a23f48fe72c7217f55a732eb330fbc04ea41463f514ae5f7aeb5d58982fa2280e755e625f9192d8e08bd669cb12f2b5300d36d279b66ba1de86c17e8d5ba3bc8091183e837f3b8bf4803ef980dad4f9dcf1718dc84b99351fcfaf79b7a25d65efcc82a78bb5a1969d5c0d466252009ad7b8ad6c64cd272874ac5350cc9b127cf10eff05b59a65685afbf1bb3e814c4684dff37eeebfc287cbe5bff97565279da7e9320638921de5c35b6992c7656cd89b5201ecfc52fd27607f9c12dc4da0d99e30270f03e954c555eece2a408a90dcd78dcb3ca31327b6a13ac3a5e61fa8e9b8ef05afefce8026f47e19b59664c2c7c2625235fe72287b66c3c03b4d9407b716374208e1ac7c483f00070b63d1611ad6bf489e9c25f38eda90a62a6282f6935c03a9f197413a64221c1f46688092a26495b50dcc9d548a077fbcb552408ba7dc82f57112a5fe5ff4f0e47c4f90d1273f27c66861195d5ef4e476d3541177df1a2a1cd5218ee54a992fe356a22bd0f1cbdfe8fc5c8b8e568a6cd543b991b488a2a53b814811de17db07ad6fad5b15e79c22f52d653c1922022c7cd020a4d9f9f0d0e1c51e168a98ea07bd00db99cd38c03eceb3a5ef72db2d9565a18cac068f2f08620582384a765e7a7f158b8e2c98159e84c8abbfa14093e2d6bd93db879e547859bd63dee9c5bd382a6056a4b47365e1715642a6aea7a199af23f8190897a46667bdcff0d1ee7e5d2ca3ca11f21cbeeb530806ca3b5270f37c31aae3fdf2962ddca49d5b91c3e01717a0bdf42c6e14c69942ef14a19c0a434da59692f41cb934e55e54ffcd89385ea065c8598c19bd9971fdca37929238d555f1a239225b4b33a7bd94e33152a968033a145fd1c6732e8e11f9dfee6025f6788b864453ef672a42489def647ee250c69066ac56e495d987b547a3b3bc9e9c862acb51179688b46188aca0c80db23115fdbb059eb6fb725eba00b75baa58997164b328ffad0552e65a69578600372adbc8039d46de47dc64d6d2b950bf22b1db3bb09dfb2d9704943a631117fc4c95ae153ed0120c7e57e7387d2666b5bb6d319fc57e326c6ca7f7a9f8609c72031b3c669964e1a3f9a6535400bd28325e0a7008f16aeb905ce5fa56f16b9f81413f1dcccc4bc0d570516a7fc7b50242fea3bcfdc056dde55d2a6689016f4ba60a13f8d41a695ac68f1b7ad3d08d6b245d0889fdf9d000a240ffa2639a467fc1a23fe0c9d31353f90a93d243d388720bf34f8275bd1ae33dca2d2015532444107c453ce10c18e6b8752c280ed5f2697bee9f0628d0e25433778b4aaa5b3603a8ad8318d5cbac7856be5f1cc2a1f9ffbce239147a1f22d4b8e118478038f5f1e4ca3bf02390942acb8cfe4f32d5f7ae007d0c7e8569b825e983735dace8b0c12bc6c0218896d68597409c2209667c432a18c965deca18da12ed502cf55ef7bf40bd687e0d3992a702ab2b5b9d996b4bba0768ccb912aff410ac5bbbd58c4b3376bccd2ffb872e03012ed1ae960692bc337427fcb19843da154dca0ece4ea18abf8b191413a284da33c6de80b93fb016fd3fb947f0ed13010f3ce6c94ad4a27be98189bc540ffbfccf8da407a93dd5a8e0b51e718bbdc115ea16d7487f9f755c52231af03069e98907f463600f3a04b04e53b9eac3740035affd6a8a8cfea38ba1ca8ef4de725cfc01dcf98914d1edd84c7e0374cb0eedf7c38a660cb1b5e35c9914f56328c9f0e957d76f2a4150275627db32c77667e47391e5cf36ed223a668061439cd531c0accbb31b3895509c6d6fc84cfaecd9ae7d0e4bb214deaa2e7a056b3ec710d468dfc5854c1a3dbcaa9207ea3edd2136393fbc558175c4f51f7b72e4e330c056598e3bed11229e9eed0a56388808d099724b9a05c30c01b72e9f08c9223d3b81ba50587d35027be4a567461cbcb8d981e4e136ebce787929cc221a087c1fe155deb6fab5803ada07fce4c9f3f182bdcefb8c49a577fb0904cd66ea2fd2eb3dc77ea6863b7147002491c85b05e018c09737ced6326afc716e85aaca624c9df53cdec6b4cb684e5b1a69c7d8aa447cfebe82ff4d018f5d235b41bf7a7c5edd47ee62d6f2576ca9e03a27ef5fe8a76b1043bd2ea37507848d759437d26d0813d39f5e9cf8ce1dde1cdf8bb6452f776c7db785f424570db593db64351af2e112b68951f53b5d6884b6d8a9eb6c3e8fb8d643a911b0dddccc5323ae9f5c43da526dc560f4bcaaa4c45bbca32fe88f6378aa888c3311af4abe0b4f6008c1265a009fa71f199c2637dc727dfa58b7c23f00f7545bcd4da89a3a6173a3f624be9ac9e26c38f79c62375c11e465863982c535328149ef63566165c7253b73919713fd09dbc1fcbb1b541e019bb100eb122c948381a193e4504a4f95b1bf51436419f3bb45617b95a4c3243c217572ea73aa4d8b083dddf39b94b3130d8653496266988ceaab428ce119288af904327498edea8b18f45cfdd9afdc4955868a126ae8e7c509ccb52316e506ce9225e28b9c47db97d3d50e9a53489accb05b3d70c41455eecab397d12dd0128781b3a0b31e77ac219471158f916a1a3a9a2532f05191a872c72d00f920081e2c7a89c66a9f0b50ca4248f2ea8bd191e6961333812c2c38aa6b2547f62ce7e01ea7bccfd10e1136ea4e242d654e4b0676a0f7ffb3f6995fd55024215289b2d7e70c15bbd0638bbc001babe55d1de7fc51316fe87b1cb3958b8c1f75cc7478fff4a42f91ac29aff4968c276c028e2755c5203ab9da0d4f58164de1fa111962c6344b28f57e002cf37590269857542d4c4e08539f8b56938b9359cf389383d66ebb0fe250474ae514678866e4f804dc123d585ffe6257842ba209bf8a987f20a000db1dd19ff273a97f0cc892f78e036675543cf044d82a4d0876aa89da0291a3b5367833e7b541030461c9f099507af37dd9313e1d11fbcf8a847b737cfc4b4a546289752ba7ccb1fc3ff5d075f0b48593b0a25c3372b2def028ef31b0f859ee61724c5852f89899f0306f499ef3e27bbb72dcc7c2b220c7c03c335f8acdc2f1df108c643e33af6f938e71d50f2f5605fb859b71ffbac5e9816110688ff1d233a8f4515867de855e1e07cf21251732844f64bce0b7f62a3faba595c3823a5aa9d3cf78e28c090e46ac720b2fa2bb53c449d8314da408ca1f6fae97b30a9eb04f20b38e8d12508bc61ced49328ef4e99d83f67373e76b47fef0298521f04c22edadfe693b008eec07bd539da3dad2beb661b03c6145a9f62eeed0785e47bab24f87ead72763ef15a5554654ae256eb5a4b13b89c1964e5dcdfdafb456e1a28905fc721bb5c70afc76d87ed1694d1cc884afeaec9be0048f91bbb8e518f76b077317b9932df87b4e4ab2c5378985099326aeccafbd2c774e8764b3c830676f1669fd7f138fe63a6e426c4141c2f0e4e80d9c04538cb5dfec2236c08f6b05074d7280855c06010b0b803bca53fae46193c8d9cc37d27494173fb9334fc55e0cf7412bfc248dfed93d147dcfd2fb01dd40c15adbcf3cd91568e3a6c0936da965833ac05f8411a12fc4da3b0b93e4d0e29b0170809c0999c5e617522c5315a707f4ee31b3982fad975fde7b178587a02791f81de8b833484fd702459f4daecd3da8e3018ab5ba6172ad6bcf1578dfa274f70047db7a527df77aa8ff147ee821fbcd70b4938bd10c8b62b5466484ac6bbdc4b66e5c707e0d4b36ae80980969e87dccd96fcdbc7c9e53bdfe9e844beca6fac17cc754a9d7f612b856b15d4f018c26bd485d170097726d8a42f93ea46180e26294432ead3091d209e8d6e7b4cebf3c2f3c6015898f248281d8522c91056bb99cd12322e18f78b3ea0bb91afc14f34e5ff53b16148acb1d2e1760288ceec93078b2b408b3f7401f90fd40b11f5dc8d4cf1fe1d73ffd608884fc7218a5928d0f7b8ec06bc183cc6719563b5b6413e6b3164405c1e903d81f23f41f215d882cd98c4442eea45015c7c70b8410db17b1fac175b796cb444c5696837450bee05a10f1e2cb32c859b33b920d1a66d8736e52b427b3d6589cb309cd87864846fded1b9951673817733c547a52decb8684f88eab72b4d797710cf952e3f22e3bd44c97343e99ac2f02268482acdf16d29397594a59579e7c1dc71bb81d9d05fb746041db6e83e6e8a6e5c03b77e2ad85861409f86f166ee4644b9e58d267b85101eb87c0cf175cb16993a4144d8147358870633cb49ac650da0ac70e9cc0e0a4811e8664fec1ead33102199492cb3858f45def9a7621d7889a31ae620d3e92740032a0e26b144563f5cd4caabbbcf183baa9da71fc041c61d28ed7f745109f4658857a7be0003da45d97ff5eed376ee6ab85141ab830777c932952dc44cb570bece4f2cc1c4176c3a459a53a3d5417be6845ed4bc2325f4479898805dd18ae4ba956096424b85fdff26299111fb3e95dfdf5e209cb04ff57b50a8c22e57a645326ac9a76b95b7d0adfc0e3fb98733fccf911e58a35b94f568084d3f051b247f685089e698234d1f0fa0531b4b7320bfe2d703db29ff21fb7f522488581dc7759e143d8c066bb86ecf1bf723cd97a7122397fb851308cd3d95fbd41a2b2d1dd23ec8331d0040944ae56ecc31dcffa1ff220b7cbdec215c27245ae8c6c9dc17f99d9e6b073ed94cf181a7c3b9738e4f361334c61ed52709dd488785f24fce85e06ff6436aba51ee5abea8668d3b0601ca43996d57fb70614c86f7ac606bf05c45dbfdc0dc6deb0f47eccb2ca402d05dab4d4c1b412bdf38164342ceea1bc5609aa4b67b16c0c3e03d300e092de31288cc2225c7c4d79f69163b801869d303101617ad782264cb9a95f7d8cd187a706557c15217e002e4016b1573657677ff92210270a13d8556881a919bc16d10ab88abb64e7bcb61d589d7ea403c2c94af", 0x1000}, {&(0x7f0000001380)="b39098f29c81982f449acab645d52fc526fef4b853e42f7e9eb02562ef7a6456ed0a3e6eadcbbe60fd44ffe71d9a460cb35cd9b37a285526562a4d0bac5e5845262832a52a8fe795815e9f45f3b46f5bde3ef2f8a4c893353a8c51e0ef136054cbb0d3104af3207683c9c9ca6341de67752a0eb367b7fcfa6b19505a49104adc2cffbc43191d955ca891f58c1f75ec8ab9f7673e8a6499ea06b24c78ec", 0x9d}, {&(0x7f0000001540)="775b41f370357773170c79a5eade9b44415e9ad6028afe661d8e7e7fec06ed5479cd86c4da79aff0ba76073d4af27bcf68ee24a66c4364c78c06926530e12426117ed8a51a503cb1b0c7094bb87b79a661455d61aa4bd0b2291b1f3f9b8f434116e5be16e7d288fd14d24e27d244d76ffbd32d494191fce9d706c9225c8a089a8ece69896f24922b8cde6aac96ec49f67545ae9902a333c7ad3d491b0b9c0396959af5fc019938f57a7276c02b6c", 0xae}, {&(0x7f0000001440)="025132c6260e3aba09b6bc0c695384986b445db01397af2c5e59e8870137f84f50c4dcde88881c4b9df5f7e73680a69b932a4e48b19c6bc69df54ffb49335559e9ecdda04142f0446e", 0x49}, {&(0x7f0000001600)="19138af6c036418b7be640aec025dbc8220bd275963068fd4d7efff80a5c472bcb4d9288ab19ecc55c48a6cdabc98480b74a87c1d1c8f6262700a69c1be1f79a90ce7890445c0fb5b32f30f3310862c3db2e714152aab8dd31937e7f9ae2cfab531f302177052141e87bdebc57ff31c768b26908dabc5d7ffd0e09167ea65238e95c84e71d38f8e4d689d5b6f0813987b44b5ab16ed04e8bda3a059103556a3fb8efba", 0xa3}], 0x7, 0x50) getresgid(&(0x7f0000000140), &(0x7f0000001740), &(0x7f0000001780)=0x0) lstat(&(0x7f00000017c0)='./file0\x00', &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setregid(r3, r4) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) [ 354.375977] QAT: Invalid ioctl [ 354.394298] FAULT_INJECTION: forcing a failure. [ 354.394298] name failslab, interval 1, probability 0, space 0, times 0 [ 354.406708] CPU: 1 PID: 13147 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 354.414087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.423446] Call Trace: [ 354.426085] dump_stack+0x1c4/0x2b4 [ 354.429742] ? dump_stack_print_info.cold.2+0x52/0x52 [ 354.434951] ? __kernel_text_address+0xd/0x40 [ 354.439466] ? unwind_get_return_address+0x61/0xa0 [ 354.444427] should_fail.cold.4+0xa/0x17 [ 354.444451] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 354.444470] ? save_stack+0xa9/0xd0 [ 354.444489] ? graph_lock+0x170/0x170 [ 354.444507] ? kasan_slab_alloc+0x12/0x20 [ 354.453661] ? kmem_cache_alloc+0x12e/0x730 [ 354.453680] ? mmu_topup_memory_caches+0xf7/0x390 23:02:25 executing program 5: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x5) r0 = msgget(0x1, 0x25) msgctl$IPC_INFO(r0, 0x3, &(0x7f0000001180)=""/238) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001280)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xf851, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, r1, 0xb) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x80000, 0x0) epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000180)=""/4096}, 0x18) 23:02:25 executing program 5: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x5) r0 = msgget(0x1, 0x25) msgctl$IPC_INFO(r0, 0x3, &(0x7f0000001180)=""/238) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001280)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xf851, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, r1, 0xb) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x80000, 0x0) epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r1) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000180)=""/4096}, 0x18) [ 354.453694] ? kvm_mmu_load+0x21/0xfa0 [ 354.453710] ? vcpu_enter_guest+0x3dbe/0x6380 [ 354.453729] ? graph_lock+0x170/0x170 [ 354.486747] ? ksys_ioctl+0xa9/0xd0 [ 354.490394] ? __x64_sys_ioctl+0x73/0xb0 [ 354.494467] ? do_syscall_64+0x1b9/0x820 [ 354.498556] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.503951] ? find_held_lock+0x36/0x1c0 [ 354.508071] ? __lock_is_held+0xb5/0x140 [ 354.512175] ? ___might_sleep+0x1ed/0x300 [ 354.516387] ? arch_local_save_flags+0x40/0x40 [ 354.521028] __should_failslab+0x124/0x180 23:02:25 executing program 5: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r0 = socket(0x11, 0x80002, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f000099e000)={0x2, 0x4e20, @multicast1}, 0x10) sendto$inet(r1, &(0x7f0000de1fff), 0xfffffffffffffd43, 0x20008005, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000000)=""/126) recvfrom(r1, &(0x7f0000f9cf9b)=""/101, 0x6478c8501c739ddb, 0x0, 0x0, 0xffffffffffffff39) bind$packet(r0, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10) setsockopt(r0, 0x107, 0x5, &(0x7f0000001000), 0xc5) [ 354.525280] should_failslab+0x9/0x14 [ 354.529098] kmem_cache_alloc+0x2be/0x730 [ 354.533251] ? vmx_flush_tlb_gva+0x380/0x380 [ 354.537670] ? print_usage_bug+0xc0/0xc0 [ 354.541753] ? ima_get_action+0x7e/0xa0 [ 354.545739] ? mmu_topup_memory_caches+0xf7/0x390 [ 354.550607] mmu_topup_memory_caches+0xf7/0x390 [ 354.555300] kvm_mmu_load+0x21/0xfa0 [ 354.559029] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 354.563993] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 354.569545] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 354.573228] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 354.574146] vcpu_enter_guest+0x3dbe/0x6380 [ 354.574177] ? emulator_read_emulated+0x50/0x50 [ 354.574200] ? vmx_vcpu_load+0xb06/0x1030 [ 354.574223] ? vmx_write_tsc_offset+0x680/0x680 [ 354.609544] ? graph_lock+0x170/0x170 [ 354.613357] ? lock_downgrade+0x900/0x900 [ 354.617542] ? check_preemption_disabled+0x48/0x200 [ 354.622618] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.628172] ? check_preemption_disabled+0x48/0x200 [ 354.633200] ? check_preemption_disabled+0x48/0x200 [ 354.638242] ? __lock_is_held+0xb5/0x140 [ 354.642321] ? lock_acquire+0x1ed/0x520 [ 354.646310] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 354.651379] ? lock_release+0x970/0x970 [ 354.655367] ? kvm_gen_update_masterclock+0x350/0x350 [ 354.660567] ? kvm_arch_dev_ioctl+0x630/0x630 [ 354.665060] ? preempt_notifier_dec+0x20/0x20 [ 354.669580] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 354.674416] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 354.679426] kvm_vcpu_ioctl+0x72b/0x1150 [ 354.683479] ? kvm_vcpu_block+0x1030/0x1030 [ 354.687805] ? find_held_lock+0x36/0x1c0 [ 354.691873] ? __fget+0x4aa/0x740 [ 354.695340] ? check_preemption_disabled+0x48/0x200 [ 354.700381] ? kasan_check_read+0x11/0x20 [ 354.704531] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 354.709806] ? rcu_bh_qs+0xc0/0xc0 [ 354.713366] ? __fget+0x4d1/0x740 [ 354.716851] ? ksys_dup3+0x680/0x680 [ 354.720575] ? find_held_lock+0x36/0x1c0 [ 354.724648] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 354.729623] ? kvm_vcpu_block+0x1030/0x1030 [ 354.733949] do_vfs_ioctl+0x1de/0x1720 [ 354.737836] ? __lock_is_held+0xb5/0x140 [ 354.741903] ? ioctl_preallocate+0x300/0x300 [ 354.746330] ? __fget_light+0x2e9/0x430 [ 354.750305] ? fget_raw+0x20/0x20 [ 354.753769] ? __sb_end_write+0xd9/0x110 [ 354.757834] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 354.763360] ? fput+0x130/0x1a0 [ 354.766648] ? do_syscall_64+0x9a/0x820 [ 354.770629] ? do_syscall_64+0x9a/0x820 [ 354.774653] ? lockdep_hardirqs_on+0x421/0x5c0 [ 354.779238] ? security_file_ioctl+0x94/0xc0 [ 354.783652] ksys_ioctl+0xa9/0xd0 [ 354.787101] __x64_sys_ioctl+0x73/0xb0 [ 354.790990] do_syscall_64+0x1b9/0x820 [ 354.794879] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 354.800233] ? syscall_return_slowpath+0x5e0/0x5e0 [ 354.805148] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.809991] ? trace_hardirqs_on_caller+0x310/0x310 [ 354.815005] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 354.820009] ? prepare_exit_to_usermode+0x291/0x3b0 [ 354.825035] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.829885] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.835071] RIP: 0033:0x457569 [ 354.838267] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 354.857153] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 354.864846] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 23:02:25 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000740), &(0x7f0000000780)=0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mq_timedsend(r0, &(0x7f00000009c0)="448ddd1e15f08f5e0624dc59376a7b407d4f5dc241157231683a9282aeeb54b13ef4a27aa54a4d67704d77c241c1cfb85e9139fbc578443856767f568dc7a7c57ee969bf1dd1d6ad438115a79a9bb3b62f43611a31b80033e01e8eef248ddcd371d97323ad3e3cef5474f0503f02d0425ba875a045e7a387ae6b6a3e0c5edb61da9f9aef8ec70a9fb81752a438e19e56cae506dcfc57890905851fd5b3246577485b7f694d273e8baf9e399e44ec3196efc1f6484f05125b5e569b3a4311e295bd24c8dd9c86ac21aaae795eb8a2aa9fc45b9faaa9a6ccd4dadd6578bda20c8f1b4eed4299bbd60a81880d026b0f5ed669ce2d98be7a468430d3f5f48de933f83c9c4f2acd59ec6b3c11808717071d15d2952e8202caf1ec0dc1f8d9bfac7cbc0ed51cd9cc9134c1a74321f8528f790a02c25408ed7e57d26a87a345497c97cec1b5d6cd9da170f9af00862c928b9813da23789db4ca075df72db6298121b97be4a757466d9593ff0d1987798205fa44f6150066579be98749f99c33dad9d5ef25f33f677c1cab61f1a6daf000a03da95a5fe656899cb0f35b40136dc744469fdfa1cad5a5b59278fc08aaac35ec0a44debd9e078457542d89bd51022b878502f41492fe3c6db2089ab869eb51a049c24f35931dbfb30de0d9d6001ad3facbc4ef2ccc92357628c2b5ea7cb2a8c50fc979b2cdb110c7b042b4fef8f9969e8cbae5f8597ef44720e1cd432cf02bc97c8df1b91dcfad6742b473d405cd39f848358e0d43c7acb97f97081d83c8359f765a14237e391f162e40090ecd9eed07dc451a339421788910432e58dcd82dab8d483ead70ccb51a7528ed277bedb42457dda0b8428d8e44290d82d386ed94fd6237cb4169995bdfc6fc399f9b3564d6b63839998fa5b1a50359d5c0bbddf4a99133805fee05e0c15401d871fd68b8a765bc92c41f04275f4af47470e7ad097bfa76e340bbfc8ea5e872968bf7cf3911bf7b1d51e04c45c046a8a1790e9005fcc9e0ab6ab4d7e6e0f4617304f6764a2d022461e92522e4ca53c5f72b7b38fc715195aaf509c8e9bf802d47d4bf30d60e3c5725f91b1bd94e525fe0ed9c3de6c7357b7bdb40a88307a37e38697d6f020e5e3ab1ba96ba565989ed62ed32bd70e4970d902eb7ec6d788e5a756e95416a422e91a8016518f5f521b0c8171139ae4cdd461448cb539bbf0e4116234d6ac261a3cae58ed73d25a186b2396dae92f5d23a2972cf3a4458803137ce7aac469a11b9710ce71b362a90a16d3f5b98eec5dee1b8fa8da17c2408776de07805045a8b7853e8572d8ca750ba04025e9d8ff351ba40e00b62d4cf2ebd41212b9969cfc2f7df1d3a86299122a4f58b1e047ad43356b6901db838e82e488fa23eade869daebefd3ead131f39142e6084ef5f61788d65d834840aebf95bdae050a99427d4210303774caae7d7b377d36f181f51ce0521b15c4009f722d7cdc1d31f0c7c46bca29900eda7d16360f3d36a254ce104bd0ae7045d7566d633962c4630805b83ca986395cc0ed63963a4344f2203e067a0ca84476b375dfa537d5aec110a7d73a07c23e6ec7bf9abca0dc84431478333eee9583035d84a56855f9863f3be88a3e07c936b696e6fed81739545243e2e6116bce948a213a4c59d0ab7c0cf986f5a124fcec8faf1a06354ba6c6bc5133afe8d4b6005923e2a71c78a72b7d4c51b44a2e5bf82299f018f83b3f14a8182e6632fac22187d3e209571ede95275469518b6c8f4f20c369ddeb871d505d1ca292fb0e6c4ec2f0b1f348921a5705b6ae9e7c446921a34c670e0989321eedb8a2be78b9f370f371595466edce092ec0bb06dc5c706df5104660b9d51e562bc1f5c38e4c759445e5c05d0a9883412d199efc126f32989568bc20c128308e409c04770ad2537c4225a9ace4c481180422f64d43d231a15f928cc4320518c34bfef76e0cb6839e7e164ac63d3ad94501b216869278a0501abdb4dd2e56b8e7b9fdabcc224b98f7eea3045e8c328da7ea94ae2414a214cffaa216306d0a99c28e46a8d2d3e73845b7e24bd9157662ca1427139553b3b945d79649832dcfb114da104223ef74a12a3267f17049300ab9c1eeb33f1fa306a93cbefe72aac55e392e1519483344661df19de772555968965562762e0a4ef6c37b4f9702ad4d9479f495a9ff59bc257483771b96cb4aaa5db8568765b557d72ef71c027bf95b78ed0ea995ee5d92ed8e252ef975a948785c03142bd0af7d20606676d951a0f0a0d137243026d26ff37ad8442752dd6f2e3b28821947883a09c847f1a325e462fa7399f93fd79f5fe7f5a2ff05ba410e2249b312c3633936469178fb2c81d67a717c99d0c2615641e9e528702b1717911b1cefbeb5e876a985f4b7db069a99d0777fc7299b2830bde68b837082bb6742b95ad3361de2d99626a70c777c077af1faa5de8c5b5283e936bda35c3cb2d92756f050c39b802bb8aa57c01966c98783845dfca3d4c4abed3891ca760a574356416b33b40bbb6c2f30f6cc0ca41cbefb2024e789125e02c14f4fe75ef6b47a557812c6464af42db5b5470d739014d20a5f5276e7bdba5f77785f01da265a99d7f0a04177fa205aece20d518f0ce5fdc698d678a5a626de1bcbe250186922e4ba47a688e5c3ad6b3b9196c7405330db108e1bf3cb4191017cabfc39a0450912b26b283355001b340fccdd06e960be905f644d0ba9d651afaecb8b773959371959bc9e9538ccd5d089d97f4de490ec3f48205bb8f336c0bac925c81a6187eb5e1ae97ba1be76dffa625f461e1034b4c080050459caa42a985c34a5be563eb9415437fc57f413eecb2339517a573a6b09910e0feefc90bdccc3af99fac478f2fc152a6ff1abc8e967c0bd3234e0a67862dc18d0b1db87dfa3a574e8d818e5b99320c5344cfa1e6611bc0627e630e224832c6a532208693968cee0e8aeffe4da44ddc421402927dc5e6621b41d004dd01ff7111eb55ac02e65c109d3aa3902613f655cee38efd3b175d5de4731e71a176f79343c3b32e41d6a90af150ee3d61e7b856d46727b31f6e9d8aaa3193c1b3f658b9f79d2c8435dae219ef20bff5e090608bb6862377a86cecf0e3102518af927b92bf4c3c65e9f44c303b1c374366e5b6d8348ded23bbefbc3916cb9bd866c4d588e8374e096163ee157014623ca76c3e3cab9171c2ddd61dfedada1ead71534b3d0d1cd1a566a2fb40961c1a56e51fc24aefecea4e4066651b86774015f11c37394f2988dd3f8a64e4c41a2b69c0ebb1b37ec06cebe6075c94c8060541f60ab8dc6a4c1a74da24f4879aa8323e3bb4cda1dba16bd8895f11326a10114c86c5dc93ac1c415eed3ca96f8ec2b28579127616244d3c1162d5d95b7d6df4f56c05c5f8a44784b4ed672c525c6a6289c956de88bfa82852612d21fd7bd899ff7a929dad8e32d2f36916e6138ac7e3f96b516552be1f1cde99e49912fef8217e45bd09fde340d085e58a19ab25e4a6c736eb46f60b4d98773cadad65acaf217a5127ee98977141f633c3ba6c0ca0cffc7991fb881c1d874fcca250abe5deaa7e15ad52731d563ed6ddd8c2c6b65e6fa22f16ff152650999ef27f3083356465191ae9a1c8066f204649ecf8b19d2c9fcecbd2cacee35b00e6ccd5a06956a51d76b5d8ec11f91b6abf957bdaa6f0ad79e0e61b4e2891e98d49518c68999f401bd8eec4d5be90bb6a67b5458a1ac20657907c58188382c6c8cfe559488c92ccdd2a0b96e403214205aa0b9d3d27e90eec508e9e12294d63f96b2609279ec0cf6884d20c2d73bae02ecbf8fe1b20786bc6d793c86edfb190c550c94f7901655accb10b6ad2874e13cb1fb4e605365da29847823c12c8e1724e1b9d42e80e2e4466483e3e8e8ac9be6bea4dd5a89eb69adc9352098eb30fbf245164c14e54ad906283e2c24bf32538a1cd1abecc4fdca5d49b0e862918f930ddd733cad9a5d6db671f44aab9ae5152b683834ebf6baf7cb7dc0ed1c1d655f382dc35f6260f7d3904f683916ba2f63164724aaaeb207dc8d1b4d2e40597a36aee4895a36ab5810f5afb4431484b35638ef3fc4cccfeb5b99700f8a11fb59b7af9aace1a510092122c58aca38157ad1b93f85a5a4e0c96be26ae15bd5a62c38e3debb15831f53dee40e26b376a7c6567d8c3901a90c23702fda4399fae092526c8a81b1a20753099a85d9d706c1aec02efb28d72bef7c427d045d3717106c47a252df59e4182a45297f44d5834b71066273b72c995346880ce2faf0cc73e32f210cd176fd32477409a5725ffb70ce5e2b28d685ae4d92c8199ddd558250a0232073ba1b3c1cb37fe141a4818841c59d9b6b3615d65ff8a8d929e0a8ba0b4fbf9c9f32130a45c1ac0e70903ed7a594797f9c69fe06232b04d258e887f2977b07d713124ab56d0ff2836f762355712fde241bc21587a1103f0a18a1233467eabdf0281632cc002632ad2b1ea9a791624bbc14397c6dbfe3d21d0e82b777264b2be0250ddfab394b1a434dc7701cf437e3e3dc3679c0f22a2b7df36fda9600c65f2b13a4ff8b4300252ebdc691f4e3ec48f9e7dfda534f28b982a24a5b603fee1b4d2d51bc5ff41c49141ebecb7749248da2430cb22c62a8190a316925f81722b09d14d34aa6865f3d105903bdc80822e51be19bb22904b803e283e2f94cf78adbb337bcce15c4a23f9429538b7df632dcd51cc11b6fa2f6dc035a6566ae1658ea7e553f6496b8433f0c5d0dc89166a7357d417c8c9df5af6f754491282a08a187be95e97ee450fc322c11840d4625eb0524a9beff0eb2376d3b3457d9b4e5043cbc98576fafe50fc7b0ff624cbe197d1625295c012987f7f2af6d193bc70cf09a787f739cdd6592742286489871a78a627305d0bb92b315d836917b08c9972be5c86c376c24180220db3136845f4957fe4e6ad771cf769e9a953d48d78c4d9b9be3a5c985eb5c704a7e0d6d8270db10a85ad2d2f59c2860feb3f6799471a482076c5d5990d17f408d2731e5e0cdbf6da03cd6167d56caf68f1754f2fd9d5a5a8e709d923eba7c0e5288bb5ae9bbfbb7b9d7dc0ee7be92072043f1616b9bea3ed42fb475a53399e7205c4830e8b11f1dbb5d3682d9b8dc415022074ed93c7495c9424eb779bee46ab814e8a38d99f966ccaf951a97cb761916d00967075de7480c79dec5fb1bc23219afe0b5e01a7a83a0a8f2ae2ecfa88de8f091a81c570dd81ab5573d6647ea33066340acf0e05c866f37e17e79bf086965cc0a0e3b30edaf6275854f8529a2a59848acb4d179f87550018a82be0e35570d387c546beb49074827659ca471f5a84bc5b4e7f069ee9957b01d223745ce2f8d5900c4e4a9bc07f1ce67b27e2fe743a34c7b669688a88865e3a2d71983fcabbe81970b7be0931e99b3e0d6a1c057ef254ddee5e6e189a353765078e58de23691f4d316ba28a91604e628986edcdadb1c3f02bdd9b5bf78e1173b66a108dcb3f252c56d2900d4cfbbd031802860171a51a925c416e15e5ab1aade01e07e76e74c3bf7e1f08423d51a036c63305c6eb5ae3f2395e5fe8fc31e283afa349d129f3573144663f7736402f6e85744e613e79946fe5a3982fe42565b32e4da5cf659a94af468d6f882e34405206062cabc3b9577511855601bf3d30b34845e38600fe1cda08668b77e3431e859fa31a31efc080d9bc8128468602c728366c62b69e858b9dff0aefd5a8911d623baff9cd7425114a299368c331e7af69e23443144c07a34c8832f2db48e50d21b0ffc31861d", 0x1000, 0x0, &(0x7f0000000000)={0x0, 0x989680}) pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xd, 0xffffffffffffffff) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x3ff, 0x2002) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs={0x0, 0x0, 0x4e21}, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300)}, 0xa0) fcntl$setown(r2, 0x8, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/cpu/syz0\x00', 0x1ff) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x9, 0x20}, &(0x7f0000000200)=0xc) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.net/syz1\'', 0x1ff) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000003c0)=0xfffffffffffff800, 0x4) ioctl$RTC_PIE_ON(r2, 0x7005) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x84000, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) getresuid(&(0x7f0000000440), &(0x7f0000000600), &(0x7f0000000640)) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f00000007c0)={0x0, {{0x2, 0x0, @rand_addr=0xff0000000}}}, 0x88) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0) eventfd2(0x0, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-serpent-sse2\x00'}, 0x58) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f00000000c0)) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000480)={0x0, @in={{0x2, 0x4e21, @broadcast}}}, 0x84) socket$inet6_tcp(0xa, 0x1, 0x0) [ 354.872111] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 354.879419] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 354.886674] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 354.893976] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:25 executing program 4 (fault-call:7 fault-nth:18): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 355.063510] FAULT_INJECTION: forcing a failure. [ 355.063510] name failslab, interval 1, probability 0, space 0, times 0 [ 355.074870] CPU: 1 PID: 13177 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 355.082245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 355.091625] Call Trace: [ 355.094239] dump_stack+0x1c4/0x2b4 [ 355.097916] ? dump_stack_print_info.cold.2+0x52/0x52 [ 355.103155] ? __kernel_text_address+0xd/0x40 [ 355.107665] ? unwind_get_return_address+0x61/0xa0 [ 355.112629] should_fail.cold.4+0xa/0x17 [ 355.116711] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 355.121829] ? save_stack+0xa9/0xd0 [ 355.125469] ? graph_lock+0x170/0x170 [ 355.129308] ? kasan_slab_alloc+0x12/0x20 [ 355.133459] ? kmem_cache_alloc+0x12e/0x730 [ 355.137771] ? mmu_topup_memory_caches+0xf7/0x390 [ 355.142617] ? kvm_mmu_load+0x21/0xfa0 [ 355.146495] ? vcpu_enter_guest+0x3dbe/0x6380 [ 355.151007] ? graph_lock+0x170/0x170 [ 355.154808] ? ksys_ioctl+0xa9/0xd0 [ 355.158446] ? __x64_sys_ioctl+0x73/0xb0 [ 355.162508] ? do_syscall_64+0x1b9/0x820 [ 355.166632] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 355.171985] ? find_held_lock+0x36/0x1c0 [ 355.176047] ? __lock_is_held+0xb5/0x140 [ 355.180123] ? ___might_sleep+0x1ed/0x300 [ 355.184271] ? arch_local_save_flags+0x40/0x40 [ 355.188846] __should_failslab+0x124/0x180 [ 355.193081] should_failslab+0x9/0x14 [ 355.197084] kmem_cache_alloc+0x2be/0x730 [ 355.201234] ? vmx_flush_tlb_gva+0x380/0x380 [ 355.205629] ? print_usage_bug+0xc0/0xc0 [ 355.209688] ? ima_get_action+0x7e/0xa0 [ 355.213665] ? mmu_topup_memory_caches+0xf7/0x390 [ 355.218538] mmu_topup_memory_caches+0xf7/0x390 [ 355.223197] kvm_mmu_load+0x21/0xfa0 [ 355.226906] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 355.231827] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 355.237361] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 355.241966] vcpu_enter_guest+0x3dbe/0x6380 [ 355.246300] ? emulator_read_emulated+0x50/0x50 [ 355.250994] ? vmx_vcpu_load+0xb06/0x1030 [ 355.255151] ? vmx_write_tsc_offset+0x680/0x680 [ 355.259833] ? graph_lock+0x170/0x170 [ 355.263681] ? lock_downgrade+0x900/0x900 [ 355.267827] ? check_preemption_disabled+0x48/0x200 [ 355.272836] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 355.278363] ? check_preemption_disabled+0x48/0x200 [ 355.283378] ? check_preemption_disabled+0x48/0x200 [ 355.288441] ? __lock_is_held+0xb5/0x140 [ 355.292504] ? lock_acquire+0x1ed/0x520 [ 355.296495] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 355.301529] ? lock_release+0x970/0x970 [ 355.305499] ? kvm_gen_update_masterclock+0x350/0x350 [ 355.310745] ? kvm_arch_dev_ioctl+0x630/0x630 [ 355.315271] ? preempt_notifier_dec+0x20/0x20 [ 355.319788] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 355.324644] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 355.329810] kvm_vcpu_ioctl+0x72b/0x1150 [ 355.333862] ? kvm_vcpu_block+0x1030/0x1030 [ 355.338192] ? find_held_lock+0x36/0x1c0 [ 355.342261] ? __fget+0x4aa/0x740 [ 355.345716] ? check_preemption_disabled+0x48/0x200 [ 355.350743] ? kasan_check_read+0x11/0x20 [ 355.354907] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 355.360187] ? rcu_bh_qs+0xc0/0xc0 [ 355.363741] ? __fget+0x4d1/0x740 [ 355.367186] ? ksys_dup3+0x680/0x680 [ 355.370903] ? find_held_lock+0x36/0x1c0 [ 355.374971] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 355.379918] ? kvm_vcpu_block+0x1030/0x1030 [ 355.384262] do_vfs_ioctl+0x1de/0x1720 [ 355.388185] ? __lock_is_held+0xb5/0x140 [ 355.392260] ? ioctl_preallocate+0x300/0x300 [ 355.396680] ? __fget_light+0x2e9/0x430 [ 355.400671] ? fget_raw+0x20/0x20 [ 355.404116] ? __sb_end_write+0xd9/0x110 [ 355.408167] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 355.413708] ? fput+0x130/0x1a0 [ 355.416988] ? do_syscall_64+0x9a/0x820 [ 355.420988] ? do_syscall_64+0x9a/0x820 [ 355.424957] ? lockdep_hardirqs_on+0x421/0x5c0 [ 355.429538] ? security_file_ioctl+0x94/0xc0 [ 355.433947] ksys_ioctl+0xa9/0xd0 [ 355.437407] __x64_sys_ioctl+0x73/0xb0 [ 355.441282] do_syscall_64+0x1b9/0x820 [ 355.445181] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 355.450555] ? syscall_return_slowpath+0x5e0/0x5e0 [ 355.455476] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 355.460327] ? trace_hardirqs_on_caller+0x310/0x310 [ 355.465350] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 355.470380] ? prepare_exit_to_usermode+0x291/0x3b0 [ 355.475418] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 355.480255] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 355.485557] RIP: 0033:0x457569 [ 355.488767] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 355.507669] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 23:02:26 executing program 4 (fault-call:7 fault-nth:19): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 355.515411] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 355.522697] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 355.529957] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 355.537221] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 355.544480] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 355.646953] FAULT_INJECTION: forcing a failure. [ 355.646953] name failslab, interval 1, probability 0, space 0, times 0 [ 355.673575] CPU: 1 PID: 13187 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 355.681016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 355.690388] Call Trace: [ 355.693008] dump_stack+0x1c4/0x2b4 [ 355.696670] ? dump_stack_print_info.cold.2+0x52/0x52 [ 355.701857] ? __kernel_text_address+0xd/0x40 [ 355.706343] ? unwind_get_return_address+0x61/0xa0 [ 355.711267] should_fail.cold.4+0xa/0x17 [ 355.715319] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 355.720416] ? save_stack+0xa9/0xd0 [ 355.724069] ? graph_lock+0x170/0x170 [ 355.727871] ? kasan_slab_alloc+0x12/0x20 [ 355.732011] ? kmem_cache_alloc+0x12e/0x730 [ 355.736328] ? mmu_topup_memory_caches+0xf7/0x390 [ 355.741168] ? kvm_mmu_load+0x21/0xfa0 [ 355.745040] ? vcpu_enter_guest+0x3dbe/0x6380 [ 355.749521] ? graph_lock+0x170/0x170 [ 355.753309] ? ksys_ioctl+0xa9/0xd0 [ 355.756922] ? __x64_sys_ioctl+0x73/0xb0 [ 355.760977] ? do_syscall_64+0x1b9/0x820 [ 355.765031] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 355.770398] ? find_held_lock+0x36/0x1c0 [ 355.774448] ? __lock_is_held+0xb5/0x140 [ 355.778544] ? ___might_sleep+0x1ed/0x300 [ 355.782680] ? arch_local_save_flags+0x40/0x40 [ 355.787254] __should_failslab+0x124/0x180 [ 355.791479] should_failslab+0x9/0x14 [ 355.795267] kmem_cache_alloc+0x2be/0x730 [ 355.799400] ? vmx_flush_tlb_gva+0x380/0x380 [ 355.803793] ? print_usage_bug+0xc0/0xc0 [ 355.807842] ? ima_get_action+0x7e/0xa0 [ 355.811810] ? mmu_topup_memory_caches+0xf7/0x390 [ 355.816642] mmu_topup_memory_caches+0xf7/0x390 [ 355.821299] kvm_mmu_load+0x21/0xfa0 [ 355.825025] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 355.829944] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 355.835469] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 355.840044] vcpu_enter_guest+0x3dbe/0x6380 [ 355.844359] ? emulator_read_emulated+0x50/0x50 [ 355.849025] ? vmx_vcpu_load+0xb06/0x1030 [ 355.853162] ? vmx_write_tsc_offset+0x680/0x680 [ 355.857817] ? graph_lock+0x170/0x170 [ 355.861612] ? lock_downgrade+0x900/0x900 [ 355.865749] ? check_preemption_disabled+0x48/0x200 [ 355.870755] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 355.876279] ? check_preemption_disabled+0x48/0x200 [ 355.881283] ? check_preemption_disabled+0x48/0x200 [ 355.886294] ? __lock_is_held+0xb5/0x140 [ 355.890353] ? lock_acquire+0x1ed/0x520 [ 355.894321] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 355.899335] ? lock_release+0x970/0x970 [ 355.903297] ? kvm_gen_update_masterclock+0x350/0x350 [ 355.908473] ? kvm_arch_dev_ioctl+0x630/0x630 [ 355.912965] ? preempt_notifier_dec+0x20/0x20 [ 355.917498] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 355.922343] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 355.927355] kvm_vcpu_ioctl+0x72b/0x1150 [ 355.931407] ? kvm_vcpu_block+0x1030/0x1030 [ 355.935730] ? find_held_lock+0x36/0x1c0 [ 355.939796] ? __fget+0x4aa/0x740 [ 355.943241] ? check_preemption_disabled+0x48/0x200 [ 355.948245] ? kasan_check_read+0x11/0x20 [ 355.952409] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 355.957676] ? rcu_bh_qs+0xc0/0xc0 [ 355.961211] ? __fget+0x4d1/0x740 [ 355.964655] ? ksys_dup3+0x680/0x680 [ 355.968371] ? find_held_lock+0x36/0x1c0 [ 355.972482] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 355.977425] ? kvm_vcpu_block+0x1030/0x1030 [ 355.981749] do_vfs_ioctl+0x1de/0x1720 [ 355.985638] ? __lock_is_held+0xb5/0x140 [ 355.989689] ? ioctl_preallocate+0x300/0x300 [ 355.994089] ? __fget_light+0x2e9/0x430 [ 355.998052] ? fget_raw+0x20/0x20 [ 356.001495] ? __sb_end_write+0xd9/0x110 [ 356.005559] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 356.011108] ? fput+0x130/0x1a0 [ 356.014393] ? do_syscall_64+0x9a/0x820 [ 356.018356] ? do_syscall_64+0x9a/0x820 [ 356.022331] ? lockdep_hardirqs_on+0x421/0x5c0 [ 356.026931] ? security_file_ioctl+0x94/0xc0 [ 356.031350] ksys_ioctl+0xa9/0xd0 [ 356.034827] __x64_sys_ioctl+0x73/0xb0 [ 356.038713] do_syscall_64+0x1b9/0x820 [ 356.042635] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 356.048000] ? syscall_return_slowpath+0x5e0/0x5e0 [ 356.052919] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.057753] ? trace_hardirqs_on_caller+0x310/0x310 [ 356.062758] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 356.067767] ? prepare_exit_to_usermode+0x291/0x3b0 [ 356.072775] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.077637] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 356.082810] RIP: 0033:0x457569 [ 356.085990] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 356.104879] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 356.112578] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 356.119856] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 356.127128] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 356.134386] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 356.141644] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:28 executing program 3: timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r0 = getuid() ioprio_set$uid(0x3, r0, 0x7c7) tkill(0x0, 0x1000000000016) 23:02:28 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x200, 0x0) ioctl$RTC_WIE_ON(r2, 0x700f) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:28 executing program 5: capset(&(0x7f00002d0ff8)={0x19980330}, &(0x7f0000cc0000)) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x9, 0x0) recvmmsg(r0, &(0x7f0000008ec0)=[{{&(0x7f0000000100)=@in={0x2, 0x0, @multicast2}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)=""/107, 0x6b}], 0x1, &(0x7f0000000240)=""/175, 0xaf, 0x401}, 0xfa5}, {{&(0x7f0000000300)=@alg, 0x80, &(0x7f0000000400)=[{&(0x7f0000000380)=""/98, 0x62}], 0x1, &(0x7f0000000440)=""/255, 0xff, 0x2982}, 0x6}, {{&(0x7f0000000540)=@pppol2tpv3in6, 0x80, &(0x7f00000008c0)=[{&(0x7f00000005c0)=""/175, 0xaf}, {&(0x7f0000000680)=""/229, 0xe5}, {&(0x7f0000000780)=""/165, 0xa5}, {&(0x7f0000000840)=""/62, 0x3e}, {&(0x7f0000000880)=""/2, 0x2}], 0x5, 0x0, 0x0, 0xfff}, 0x100000000}, {{&(0x7f0000000940)=@in={0x2, 0x0, @loopback}, 0x80, &(0x7f0000003c80)=[{&(0x7f00000009c0)=""/64, 0x40}, {&(0x7f0000000a00)=""/180, 0xb4}, {&(0x7f0000000ac0)=""/4096, 0x1000}, {&(0x7f0000001ac0)=""/209, 0xd1}, {&(0x7f0000001bc0)=""/4096, 0x1000}, {&(0x7f0000002bc0)=""/4096, 0x1000}, {&(0x7f0000003bc0)=""/162, 0xa2}], 0x7, &(0x7f0000003d00)=""/203, 0xcb}, 0x4}, {{&(0x7f0000003e00)=@sco, 0x80, &(0x7f0000004000)=[{&(0x7f0000003e80)=""/73, 0x49}, {&(0x7f0000003f00)=""/205, 0xcd}], 0x2, &(0x7f0000004040)=""/179, 0xb3, 0x6}, 0x1f}, {{&(0x7f0000004100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000004340)=[{&(0x7f0000004180)=""/78, 0x4e}, {&(0x7f0000004200)=""/185, 0xb9}, {&(0x7f00000042c0)=""/77, 0x4d}], 0x3, &(0x7f0000009180)=""/134, 0x86, 0x3fffffff80}, 0x1ff}, {{&(0x7f0000004440)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000005880)=[{&(0x7f00000044c0)=""/54, 0x36}, {&(0x7f0000004500)=""/251, 0xfb}, {&(0x7f0000004600)=""/56, 0x38}, {&(0x7f0000004640)=""/4096, 0x1000}, {&(0x7f0000005640)=""/128, 0x80}, {&(0x7f00000056c0)=""/53, 0x35}, {&(0x7f0000005700)=""/31, 0x1f}, {&(0x7f0000005740)=""/7, 0x7}, {&(0x7f0000005780)=""/238, 0xee}], 0x9, 0x0, 0x0, 0x1}, 0x9}, {{&(0x7f0000005940)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000007ac0)=[{&(0x7f00000059c0)=""/214, 0xd6}, {&(0x7f0000005ac0)=""/4096, 0x1000}, {&(0x7f0000006ac0)=""/4096, 0x1000}], 0x3, &(0x7f0000009240)=""/49, 0x31, 0x7fff}, 0x5}, {{&(0x7f0000007b40)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000008e80)=[{&(0x7f0000007bc0)=""/184, 0xb8}, {&(0x7f0000007c80)=""/199, 0xc7}, {&(0x7f0000007d80)=""/4096, 0x1000}, {&(0x7f0000008d80)=""/247, 0xf7}], 0x4, 0x0, 0x0, 0xedce}, 0x5}], 0x9, 0x22, &(0x7f0000009100)) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000009140)={r2, 0x1, 0x6, @remote}, 0x10) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x200001, 0x0) ioctl$IOC_PR_CLEAR(r3, 0x401070cd, &(0x7f0000000080)={0x81}) connect$netlink(r0, &(0x7f0000000000)=@proc={0x10, 0x0, 0x0, 0x81402000}, 0xc) 23:02:28 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000003c0)}, {&(0x7f00000002c0)="12b8962e7d37c7e43f70cc3821486ada2337a53ae86e740b92e7aed7f257a732a59c2262713cedca4f3c1cbc5d8cc9700896e09ceb3cdcacf6125421c2638ef9a0a08f30d03d64f3d39de02ece8432fc7da4fdf882142fc23878c10f21276309a194d896ae18c784a512aba3bec6ae6e91ee8101d05f4e93d920b82bd9e4d20b9fdf58763ca9276cb2d12f9f216a79", 0x8f}], 0x2, &(0x7f0000000040)}, 0x1) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000013c0)=""/4096, 0x1000}], 0x1, &(0x7f0000000100)=""/123, 0x7b}, 0x0) 23:02:28 executing program 4 (fault-call:7 fault-nth:20): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:28 executing program 2: r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x3, 0x101002) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket(0x10, 0x20000000000003, 0x0) clock_gettime(0x5, &(0x7f00000001c0)={0x0}) creat(&(0x7f0000000040)='./file0\x00', 0x0) recvmmsg(r1, &(0x7f0000001cc0), 0x4000000000002c0, 0x10102, &(0x7f0000001540)={r2}) sendmsg$nl_generic(r1, &(0x7f00000000c0)={&(0x7f0000000140), 0xc, &(0x7f0000000080)={&(0x7f0000000300)={0x14, 0x1a, 0x201}, 0x14}}, 0x0) 23:02:28 executing program 1: r0 = socket$kcm(0x29, 0x1000000000000005, 0x0) io_submit(0x0, 0x1, &(0x7f0000001dc0)=[&(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000001440), 0x0, 0xfffffffffffffffd}]) r1 = socket$inet_tcp(0x2, 0x1, 0x0) io_setup(0x2, &(0x7f0000000080)=0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0xbd, &(0x7f00000014c0)}, &(0x7f0000000100)=0x10) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000008, 0x10010, r1, 0x0) io_submit(r2, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000001000)}]) [ 357.448688] FAULT_INJECTION: forcing a failure. [ 357.448688] name failslab, interval 1, probability 0, space 0, times 0 [ 357.460886] CPU: 1 PID: 13201 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 357.468264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.477628] Call Trace: [ 357.480239] dump_stack+0x1c4/0x2b4 [ 357.483907] ? dump_stack_print_info.cold.2+0x52/0x52 [ 357.489129] ? __kernel_text_address+0xd/0x40 [ 357.493652] ? unwind_get_return_address+0x61/0xa0 [ 357.498624] should_fail.cold.4+0xa/0x17 [ 357.502706] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 357.505880] Unknown ioctl 28687 [ 357.507826] ? save_stack+0xa9/0xd0 [ 357.507848] ? graph_lock+0x170/0x170 [ 357.507862] ? kasan_slab_alloc+0x12/0x20 [ 357.507877] ? kmem_cache_alloc+0x12e/0x730 [ 357.507901] ? mmu_topup_memory_caches+0xf7/0x390 [ 357.531882] ? kvm_mmu_load+0x21/0xfa0 [ 357.535786] ? vcpu_enter_guest+0x3dbe/0x6380 [ 357.540294] ? graph_lock+0x170/0x170 [ 357.544105] ? ksys_ioctl+0xa9/0xd0 [ 357.547741] ? __x64_sys_ioctl+0x73/0xb0 [ 357.551812] ? do_syscall_64+0x1b9/0x820 [ 357.555890] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.561278] ? find_held_lock+0x36/0x1c0 [ 357.565355] ? __lock_is_held+0xb5/0x140 [ 357.569453] ? ___might_sleep+0x1ed/0x300 [ 357.573621] ? arch_local_save_flags+0x40/0x40 [ 357.578233] __should_failslab+0x124/0x180 [ 357.582485] should_failslab+0x9/0x14 [ 357.586302] kmem_cache_alloc+0x2be/0x730 [ 357.590459] ? vmx_flush_tlb_gva+0x380/0x380 [ 357.594879] ? print_usage_bug+0xc0/0xc0 [ 357.598951] ? ima_get_action+0x7e/0xa0 [ 357.602939] ? mmu_topup_memory_caches+0xf7/0x390 [ 357.607800] mmu_topup_memory_caches+0xf7/0x390 [ 357.612488] kvm_mmu_load+0x21/0xfa0 [ 357.616221] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 357.621167] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 357.626717] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 357.631318] vcpu_enter_guest+0x3dbe/0x6380 [ 357.635663] ? emulator_read_emulated+0x50/0x50 [ 357.640350] ? vmx_vcpu_load+0xb06/0x1030 [ 357.644513] ? vmx_write_tsc_offset+0x680/0x680 [ 357.649183] ? graph_lock+0x170/0x170 [ 357.652999] ? lock_downgrade+0x900/0x900 [ 357.657159] ? check_preemption_disabled+0x48/0x200 [ 357.662172] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.667712] ? check_preemption_disabled+0x48/0x200 [ 357.672727] ? check_preemption_disabled+0x48/0x200 [ 357.677749] ? __lock_is_held+0xb5/0x140 [ 357.681817] ? lock_acquire+0x1ed/0x520 [ 357.685791] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 357.690826] ? lock_release+0x970/0x970 [ 357.694814] ? kvm_gen_update_masterclock+0x350/0x350 23:02:28 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000000080)='/dev/snd/seq\x00', 0x0, 0x4880) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f0000000380)={0x1fe, 0x0, 'client0\x00', 0xffffffff80000000, "112be2b8eb23a6b2", "843c1e5269de668a9b682245760dc292e24f153f16b9a1558566d26281b14e28", 0x3ff, 0xfff}) [ 357.700012] ? kvm_arch_dev_ioctl+0x630/0x630 [ 357.704521] ? preempt_notifier_dec+0x20/0x20 [ 357.709035] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 357.713885] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 357.713917] kvm_vcpu_ioctl+0x72b/0x1150 [ 357.713937] ? kvm_vcpu_block+0x1030/0x1030 [ 357.723014] ? find_held_lock+0x36/0x1c0 [ 357.723040] ? __fget+0x4aa/0x740 [ 357.723061] ? check_preemption_disabled+0x48/0x200 [ 357.723081] ? kasan_check_read+0x11/0x20 [ 357.723101] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 23:02:28 executing program 2: r0 = socket$rds(0x15, 0x5, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000140)) r2 = open(&(0x7f0000000000)='./file0\x00', 0x800, 0x40) ioctl$DRM_IOCTL_ADD_MAP(r2, 0xc0286415, &(0x7f0000000040)={&(0x7f0000ffa000/0x4000)=nil, 0x1c, 0x5, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x45}) sendto(r0, &(0x7f0000000040), 0x0, 0x0, &(0x7f00000001c0)=@ethernet={0x0, @local}, 0x80) [ 357.723119] ? rcu_bh_qs+0xc0/0xc0 [ 357.752905] ? __fget+0x4d1/0x740 [ 357.756393] ? ksys_dup3+0x680/0x680 [ 357.760123] ? find_held_lock+0x36/0x1c0 [ 357.764207] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 357.769158] ? kvm_vcpu_block+0x1030/0x1030 [ 357.773495] do_vfs_ioctl+0x1de/0x1720 [ 357.777402] ? __lock_is_held+0xb5/0x140 [ 357.781482] ? ioctl_preallocate+0x300/0x300 [ 357.785906] ? __fget_light+0x2e9/0x430 [ 357.789896] ? fget_raw+0x20/0x20 [ 357.793365] ? __sb_end_write+0xd9/0x110 [ 357.793395] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 357.793409] ? fput+0x130/0x1a0 [ 357.793427] ? do_syscall_64+0x9a/0x820 [ 357.793443] ? do_syscall_64+0x9a/0x820 [ 357.793459] ? lockdep_hardirqs_on+0x421/0x5c0 [ 357.793480] ? security_file_ioctl+0x94/0xc0 [ 357.803064] ksys_ioctl+0xa9/0xd0 [ 357.803086] __x64_sys_ioctl+0x73/0xb0 [ 357.803106] do_syscall_64+0x1b9/0x820 [ 357.803123] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 357.803141] ? syscall_return_slowpath+0x5e0/0x5e0 [ 357.803157] ? trace_hardirqs_off_thunk+0x1a/0x1c 23:02:28 executing program 2: r0 = fanotify_init(0x0, 0x1001) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x10000, 0x10000) fanotify_mark(r0, 0x2, 0x48000000, r1, &(0x7f0000000080)='./file0\x00') r2 = socket(0x10, 0x3, 0x0) write(r2, &(0x7f0000000040)="3e0000004e001f00ff03f4f9002304000a04f51108000100020100020800028001cba80054de5a860ba362969c8f849c206d20a880d42f15a4a16748fb53", 0x3e) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000000c0)={[{0x7f, 0x4, 0x8062, 0x8000, 0x10000, 0x401, 0x9, 0x40, 0x3, 0xffffffffffffffff, 0x20, 0x80000001, 0x80000000}, {0x7, 0x8, 0x3, 0x1ff, 0x98b1, 0x400, 0x8, 0x2, 0x1ff, 0xffffffffffffff6e, 0x6, 0x81}, {0x9, 0xb71, 0x101, 0xb4, 0x5, 0x7fff, 0x5, 0x3f, 0xfffffffffffffffe, 0x200, 0x0, 0xe72f, 0x1e5}], 0xe17}) [ 357.803177] ? trace_hardirqs_on_caller+0x310/0x310 [ 357.803194] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 357.803213] ? prepare_exit_to_usermode+0x291/0x3b0 [ 357.803234] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.869584] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.872376] netlink: 'syz-executor2': attribute type 2 has an invalid length. [ 357.874794] RIP: 0033:0x457569 [ 357.874813] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 357.874823] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 357.874841] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 357.874852] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 357.874862] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 357.874871] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 357.874880] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:28 executing program 4 (fault-call:7 fault-nth:21): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 357.895435] netlink: 26 bytes leftover after parsing attributes in process `syz-executor2'. [ 357.968631] netlink: 'syz-executor2': attribute type 2 has an invalid length. [ 357.976382] netlink: 26 bytes leftover after parsing attributes in process `syz-executor2'. [ 358.007560] Unknown ioctl 28687 23:02:28 executing program 1: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[]}, 0x1, 0x0, 0x0, 0x800}, 0x0) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000340)='/dev/null\x00', 0x10400, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000240)={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0xc, {0x2, 0x4e22, @rand_addr=0x8}, 'gre0\x00'}) r1 = socket(0x10, 0x800000000000003, 0x0) recvfrom$inet(r1, &(0x7f0000000100)=""/129, 0x81, 0x0, &(0x7f00000001c0)={0x2, 0x4e20, @multicast2}, 0x10) ioctl$BLKRESETZONE(r0, 0x40101283, &(0x7f00000002c0)={0x3, 0x1}) ioctl$sock_ifreq(r1, 0x89f2, &(0x7f0000000000)={'ip6tnl0\x00', @ifru_data=&(0x7f00000000c0)="a325d3c91116bf66fed2b246a94500aa6593352d29be1746fd84168b6ef37b32"}) [ 358.030869] FAULT_INJECTION: forcing a failure. [ 358.030869] name failslab, interval 1, probability 0, space 0, times 0 [ 358.051042] CPU: 1 PID: 13233 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 358.058429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 358.067778] Call Trace: [ 358.070391] dump_stack+0x1c4/0x2b4 [ 358.074047] ? dump_stack_print_info.cold.2+0x52/0x52 [ 358.079262] ? __kernel_text_address+0xd/0x40 [ 358.083774] ? unwind_get_return_address+0x61/0xa0 [ 358.088732] should_fail.cold.4+0xa/0x17 [ 358.092816] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 358.097933] ? save_stack+0xa9/0xd0 [ 358.097953] ? graph_lock+0x170/0x170 [ 358.097971] ? kasan_slab_alloc+0x12/0x20 [ 358.105401] ? kmem_cache_alloc+0x12e/0x730 [ 358.105419] ? mmu_topup_memory_caches+0xf7/0x390 [ 358.105432] ? kvm_mmu_load+0x21/0xfa0 [ 358.105454] ? vcpu_enter_guest+0x3dbe/0x6380 [ 358.127114] ? graph_lock+0x170/0x170 [ 358.130919] ? ksys_ioctl+0xa9/0xd0 [ 358.134534] ? __x64_sys_ioctl+0x73/0xb0 [ 358.138584] ? do_syscall_64+0x1b9/0x820 [ 358.142649] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.148017] ? find_held_lock+0x36/0x1c0 [ 358.152068] ? __lock_is_held+0xb5/0x140 [ 358.156127] ? ___might_sleep+0x1ed/0x300 [ 358.160263] ? arch_local_save_flags+0x40/0x40 [ 358.164842] __should_failslab+0x124/0x180 [ 358.169066] should_failslab+0x9/0x14 [ 358.172862] kmem_cache_alloc+0x2be/0x730 [ 358.177011] ? vmx_flush_tlb_gva+0x380/0x380 [ 358.181422] ? print_usage_bug+0xc0/0xc0 [ 358.185506] ? ima_get_action+0x7e/0xa0 [ 358.189477] ? mmu_topup_memory_caches+0xf7/0x390 [ 358.194314] mmu_topup_memory_caches+0xf7/0x390 [ 358.198974] kvm_mmu_load+0x21/0xfa0 [ 358.202680] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 358.207610] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 358.213147] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 358.217764] vcpu_enter_guest+0x3dbe/0x6380 [ 358.222109] ? emulator_read_emulated+0x50/0x50 [ 358.226784] ? vmx_vcpu_load+0xb06/0x1030 [ 358.230935] ? vmx_write_tsc_offset+0x680/0x680 [ 358.235613] ? graph_lock+0x170/0x170 [ 358.239423] ? lock_downgrade+0x900/0x900 [ 358.243586] ? check_preemption_disabled+0x48/0x200 [ 358.248625] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.254153] ? check_preemption_disabled+0x48/0x200 [ 358.259170] ? check_preemption_disabled+0x48/0x200 [ 358.264194] ? __lock_is_held+0xb5/0x140 [ 358.268246] ? lock_acquire+0x1ed/0x520 [ 358.272216] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 358.277230] ? lock_release+0x970/0x970 [ 358.281193] ? kvm_gen_update_masterclock+0x350/0x350 [ 358.286377] ? kvm_arch_dev_ioctl+0x630/0x630 [ 358.290859] ? preempt_notifier_dec+0x20/0x20 [ 358.295351] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 358.300187] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 358.305197] kvm_vcpu_ioctl+0x72b/0x1150 [ 358.309247] ? kvm_vcpu_block+0x1030/0x1030 [ 358.313560] ? find_held_lock+0x36/0x1c0 [ 358.317617] ? __fget+0x4aa/0x740 [ 358.321060] ? check_preemption_disabled+0x48/0x200 [ 358.326066] ? kasan_check_read+0x11/0x20 [ 358.330203] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 358.335482] ? rcu_bh_qs+0xc0/0xc0 [ 358.339015] ? __fget+0x4d1/0x740 [ 358.342461] ? ksys_dup3+0x680/0x680 [ 358.346165] ? find_held_lock+0x36/0x1c0 [ 358.350221] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 358.355144] ? kvm_vcpu_block+0x1030/0x1030 [ 358.359470] do_vfs_ioctl+0x1de/0x1720 [ 358.363357] ? __lock_is_held+0xb5/0x140 [ 358.367411] ? ioctl_preallocate+0x300/0x300 [ 358.371809] ? __fget_light+0x2e9/0x430 [ 358.375781] ? fget_raw+0x20/0x20 [ 358.379236] ? __sb_end_write+0xd9/0x110 [ 358.383288] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 358.388808] ? fput+0x130/0x1a0 [ 358.392077] ? do_syscall_64+0x9a/0x820 [ 358.396040] ? do_syscall_64+0x9a/0x820 [ 358.400001] ? lockdep_hardirqs_on+0x421/0x5c0 [ 358.404585] ? security_file_ioctl+0x94/0xc0 [ 358.409016] ksys_ioctl+0xa9/0xd0 [ 358.412488] __x64_sys_ioctl+0x73/0xb0 [ 358.416384] do_syscall_64+0x1b9/0x820 [ 358.420267] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 358.425631] ? syscall_return_slowpath+0x5e0/0x5e0 [ 358.430546] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.435383] ? trace_hardirqs_on_caller+0x310/0x310 [ 358.440391] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 358.445398] ? prepare_exit_to_usermode+0x291/0x3b0 [ 358.450406] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.455240] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.460416] RIP: 0033:0x457569 [ 358.463611] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 23:02:29 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(r1, 0x1, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) getpgid(r0) tkill(r0, 0x1000000000016) r2 = add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000240)="cb7d5aae5357545d9dcc3a03ba3b68c49268442fdd2c4aef4ff0a947d0cb26c226f94b8ecb48e0465a4ab800c03698791f4d72f52d5e46801a1083d727266267785ebc91fafb924c", 0x48, 0xfffffffffffffffa) request_key(&(0x7f0000000040)='pkcs7_test\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000180)='/proc/self/attr/current\x00', r2) openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0) 23:02:29 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)=ANY=[@ANYBLOB="0fefffffff000000"], 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) getpgrp(r0) [ 358.482511] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 358.490211] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 358.497478] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 358.504734] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 358.511990] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 358.519245] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:29 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x5) readv(r0, &(0x7f0000001500)=[{&(0x7f0000001440)=""/130, 0x82}], 0x1) setsockopt$sock_int(r0, 0x1, 0x25, &(0x7f0000000200)=0x7b36, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', 0x0}) getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000c80)={@multicast1, @multicast2, 0x0}, &(0x7f0000000cc0)=0xc) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000004d40)={0x0, @empty, @multicast2}, &(0x7f0000004d80)=0xc) sendmmsg(r0, &(0x7f0000006680)=[{{&(0x7f00000000c0)=@can={0x1d, r1}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000240)="7315343e324411b59bbc9268e0388919959ee17d57963b958e9587a63b394d0aa0413f77059829b516803100620e15c75bfcdc28d34519bb052bd36045a497f91efe5235a6bc409c8a4eadc8a90b37d38b920e3610fee71158dc9e5594169491c13c608d9f19a422de4f1199af12d2204b3ddb521df7645f972f46b86851e1937e80b7b0c912cea37d80cf63ac1bf6a414a41af072ffa9206a4152bf5f42174900b22968339dcb77bb57e2867adeb4dc22b6843d4be56e4ad388f07bfb733e39719fdc9a2cb1a70cceb357abc6d3ef83ad8a2d64d9f8f9aa87a006648b16b25ff81ce94b1443b6b5f48802436bb97ce6109791a25294acf6b7cd", 0xfa}, {&(0x7f0000000140)="f10cbbf135783f3e857c1e8286e8f6fc2096fc5173c2e44de5aae97d380f7d71908bf378cadf9f7f45bca05929f76581ea3822692aaaee68966db5b124e2e52fcdd7ec0a7aea74d82617ff52abd1947184f1b4fc76247e7c5c5907d58164d5a79566c01496df", 0x66}, {&(0x7f00000001c0)="c727b9bb906381b9", 0x8}, {&(0x7f0000000340)="181b41214a0a842181adfdf47afdc1aa3b3c6abc65d9c7cc6104d217b20e936110857164918ba9e2dfd30f6a5fb74d3bcdc91aa3142bf742befa5e4dacefb87f86d4b6247df16ef2f43dd8270805baaa483b39a99342a43160843de633bd3a0490ae", 0x62}], 0x4, &(0x7f0000000400)=[{0xd8, 0x10e, 0x7, "7e19eaddd91600ec3a8f7c32e03e60f314afe2d2be0d0818d9744a7b44ad958fc2935a5f9185b3fa9a11ff96c454fcfd2dfbffc501165177e95cec9d82ad211b9a215fcfe708718244d07e2473051db8e9b4da30d7e04ca0038375ec7b78bed61f6b771f459a510064a42077afe449a211165b3f51219d5198d4027e64ca30b556c38e11f5c467e9440d31aefb5ef61336e9069e55bd4162cc9ccec489d1a28f21da4aff21045281100c0a4258bd86640fb0d521dff2a0c24a76afab2c91b4452c2da4"}, {0xf0, 0x115, 0x1, "4904da198a2683d3e1148e74e13eb1f5e01474cfc89fd0be038eeceafa2951f8869b59310ef3dad47719ec8ec8c73cbbbc41786fa3f5646115524164a96c4083f700367dc20a471a68bf4c7ca6c6329267c826b27a598e16f08e93b829269dfa32d3dba801a53219762ff60d4f390863319729dea30b93b56dfc3ebc4c704a0dda86f4931a0956880fd60d5a82de1c8fef68cd2c6b90255fe2900cbcff5cfd12096128b4176ed6128f026756b0dc68e45d89e0969379c1d70a934db86bffd0d88d15023c6d778f2dd3e45bd5982526c63d95927ba5a7f77eb5a6e4b6d4f02db3"}, {0xc8, 0x10f, 0xc3, "dee3f64dd2a7fb3c36c8d4738bc43433ce6764a8a3b633c28887ac02975c655011816247d9bf9ccfe2e0b2df3f634495485e70a0c9102235beda4cc1516b018367e8bbd38c34f157bf0bd5bf3bd94a309e9c5b284d402da509fb4dd7443425bda01cf6a80e4c11a34aa9b94d0614c70df96c5f45b9671eeca4a3e94b8253c8b69bbee3d1e6366c7c6feaa6d6929eb4152acb8a3d99128e6c7bc58351824bb7af06e92a4d5ad0599fde70f31f577449658a"}], 0x290}, 0x8}, {{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000006c0)="bc055637440992a2cbf48213a9f48a0d291466ed753064e28a85e05c9590124ff4f03a55eeacf1f32736610c558001b017b5d9f90b2b437e27496cac7c88431fb82959a34f68eb8a9bfb70d78d9a02474bddd25593da9775b912977519f610dd5c08354ccc2ed8580cf6519a7c706a80a07282c07dc03d", 0x77}, {&(0x7f0000000740)="d580356f20a230e1640ce742435931fc7fbefc5014d37b0d8da941795af144a12de0eac85ffd23c1e04ac9ecdd926d5b4936114467ecb0405fd35fd6f112262b2e702c8d2e1aa33cee371e5425cedceeb44373a84f113fb3b0c40fdb5881909d8a62c57b4eac8a43ddf20845f9da8afe10712ae466d48d1b58732aad445a06d761e9b80d8817", 0x86}], 0x2, &(0x7f0000000840)=[{0x18, 0x3a, 0x8, "8e3f8dbc0b752e7c"}, {0x18, 0x10f, 0x1ff, "3764a0f5"}, {0xc0, 0x108, 0xe3c0, "3caba0fb8778e8bb506b62dd8fd7be7237b7169b1aac4c54b4fdd1dc6ad32b7429b5a062724db24f13deada02905aea28eaebd783720554fa61136f101a42b1573351da4bbed5a4964c929a9434fdb760ba7e643fed37f722c7d78b424c686e6b5543a9bbdd352e9447f6f43374c8559f183f71420552d7a690253768c9431f22844f26ca21055f5e2f539a8a1cd3cc2c1c11a39968ee1090ce0506cf173b0ec9a5fd8e86548049ac80005c5135094a6"}, {0xb8, 0x88, 0x8, "6022005499dc29e0391b5586278094f95d486e188b912e384e1b38f956fe51801b37be224f24ba326b96795ea3314d597c5410925672a633114ebc76a7e2ed5f9dffd8611fcf2f03efdd8eebf068872eab3d7297b4be959a66f8facbe017c62c448aba52d83c48fe9bd4931d1ec4fb54de9afe5427d981ac6ebf33053e423562bcd238ae531a158f03df225ac2a536ab3ba14941f595656b61e10f98e324bc55ba492a5a5b04b56f"}, {0xc0, 0x102, 0x0, "05bbd3ddf0df8905bd262559cec2c0d119728b832a57af845e8e89da67c5f083f96453e99c673ef572cbc5af06a78f5e66a329413fbf823f8258258d15b78a4150710e215414f982a11b4197448458c55119988f5e2150dde5f28d55eb0730932882fe785abc74a925f8e8f383caca0ba2b05bc9cbf00297250d4a20812cc2ada965d9c68b12f250c0bb483a91e691cd25a422d109236b43eda73d06456d5024184d84eb63ad210b34"}, {0xb8, 0x107, 0x6, "4624d01609c4143d55d2b779b0e55113d1149f4899be9159d8c7d55704e21d28bb5f9d07fe82adfb9983b2395da87f3df1b28a7eb585dc411e662bcd229b869f58d0a5d2110b5c6987809f7527b798d80118cd3c6c86b1eed60e7ad2e9ef85708fff521a952a682f73d8a8e1a06e7143773926b8056cfc95aedf290dd62675fa097eff109c5c9a2eb920f86b70b908a9f204b74a666982812ba5ff413402f675379408"}], 0x320}, 0x5}, {{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000b80)="661de94fa547f10547bbd055098409b416306a83006716c8083de965c004b3437d988c8db21cd1bc9c2c2a8d0d12199ad98ab22572ca3925044cd45ae7969238f5b678a58f03dffef01656edcd73246de7611543e63c60bbffe90ae8d741c8a82fd853086525fc0d9353243795e7a37462f5cfd1b32f38effc0a142ed459f2b07e2e06d0194d3e23a2", 0x89}], 0x1, 0x0, 0x0, 0x10}, 0x7}, {{&(0x7f0000000d00)=@xdp={0x2c, 0x1, r2, 0x33}, 0x80, &(0x7f00000012c0)=[{&(0x7f0000000d80)="4119cf0d9a0aceb084eed9986881ff88555d6d6db50e0a9e73a61f96914fb5bbe58e56575415d5497870b7ef9ee46b727e6b3211dddc4d25b9e46204f6ba27613a9345a848911eea39bec95228749210265943b8bd56415a1d3a940c907598d303d57be0af80c0d903e85d9eb397a9787332dc770fe478c326a7dc85bd570ecc3574f74ab1e4b5cf5d8328bc2d9eaca714e67abc48d02d1f38b02ac853d8c88374f66d53dc1d8780f6f523e6411e89ed0c3448af82b3d4f379f22372fbc955a08b32472e1580e6e43e4d7d3bed08c12273eb80298df0a5", 0xd7}, {&(0x7f0000000e80)="15818751721306f47c2ae8e9c135efaa06ccc16f0399a26b7e3d2100e7b208035542242d6e044d475bfb0118f8b00bc543ff5186fb8a689af296e2f20fb0ceaca939357080813550f7f020ef6bb31db198d2210f053b9826acbc83213871d017c9879570f677cfe8f2b3b1520305bd92e67bd23227ae12286954221b7b0d6faa4ec9a4420abc7956cd1c609ff7afcc60b1cd32487a04cf99845b09bd57e64ffdf1dc9dc3340513a2ecfc707a5432cccf9ae13d08be774fb7a09c49f318b7c5d3bbbdc43808e0c573d50e3dd1d4f628c11648b1a27d10757a3d282332270b8aab0c5350c51ff103d43d8598e773d9a7bd70bcfe887c717148cf7459a28d", 0xfd}, {&(0x7f0000000f80)="2607ed137b8c5b99efccfee7d83c8d32f3cbfa2de175f305e59281d5b7345a5c9167e1045540f95d6a67470ad7287bb1322d952c9393005adaaf1f38aedf54802739ce223a2ac25896fcab10c769a37e2ad73f0689cec059f3736231c5c834fd0f5ab4af7d994f605833abdd9a987fee6be0ecd5a9007df83192fb7c0cb577a84424dc9e0a68c7e235045ef1cbfffc4942b74ba3cb601ae6c4832a6b3d6b56ecf7431de804609326f1d871df07cf5706ed90c10836b37145b3cad8bea00e162ed4919b6569f80b945fe92e67dd52768f25e43156492f39092c", 0xd9}, {&(0x7f0000001080)="2cf130bccea6bd4a7680e5f15aeda8e30c2af4e749bfebf93e9324df4c4c6a11ab9a8184432d140c55b2e6689281580e72eb7d269654a69abb8f72d656389c2c0710ecb8fa46a3c2b0556c6058c2b00855ad2a7e43d3866bf16274410cec1b1cfe511b9e232df7eacc1fc64889ef30061ded2cd2bb15428f45ae16428224ed", 0x7f}, {&(0x7f0000001100)="67b800b229b11a90c23c83db5d2367b5733acad0c9b8481f04cd9e7a349290a39bd4308f0e5bd9f647d9f333abf32d177abba795aad8287203b97817f76ea29aaba5827727cb2501b012d7e472961f5a1ceebe185323239d873fe374faa950d7e6208e8201b77f059b64f9651cdbc45da1fca9a6c4c3137c2174e88204a9754dfcc559ca263c13c28506268d315c2ef851e28a00ef384f461a6a4c64ab00ca5b28e6c4e68220ff513510dbbdc7bf4377691b658035d384a4698705db7470c538", 0xc0}, {&(0x7f00000011c0)="5a8caf7a810347e59409702230d20201ace920d326d0aa887bf5d814df5936d19399a55df537b2c7a4d48ff6a50f8b5b21b6735c3e6795bce292bdff1bc753daa928bd1ba047050e810cc58d9af35a84fadf0a270d95a8cf05b01558c11204a2acd41ef8417d6f35e6840cbb0b54ce02c6bba2eeda512188136c59d28297a1f575b8e402eacb9ab62328bed74618d57dc17db199e65aa4853916385e53582c4873c7d0bc73fddf738e519541cfc551017b58aab7fcfdcdf6f4e129903c06e5218644ce2bdb5e56794773d0a871963e7ca46ef29c2ea84a8a51f96ec785e44925a8e9f4", 0xe3}], 0x6, 0x0, 0x0, 0x4080}, 0x4}, {{&(0x7f0000001340)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x10}}, 0x2}}, 0x80, &(0x7f0000002600)=[{&(0x7f0000001540)="b8172a97315e010308c7a2f5bd8dd73881d483fe32b58029772952b96f2e0b2543a7f91614f004a97c425da78043e44d8e779e3dabad13d57a53eea027bd9060936eed6a800d06c3834055d82917c6816d83895b5103825ed6aa78fcf9b188c1b522db11b8198947ff5452b73705fe93182d4dbea374357f3eff1887a67397415c22de7fe35d7eedd18e22fc112c0ff0c0419c5aa820e138dda4f6e010d631a1fe", 0xa1}, {&(0x7f00000013c0)}, {&(0x7f0000001400)="400bf7ad7bcc5e6d412e94d76e71b6", 0xf}, {&(0x7f0000001600)="1619b6a46f94f34d40802ffce718c9e474a36179cb0d91202250803c679389b642f198783c6ebe6fd4904ef78f3fc56f574fe571c4f91bed04224b75dcb89fbf0120af4452c59864bbb1bd0ba7422eb43577a198f846a6bc22638e4231295d2bee8b8978dd8d286e92b040c6f1f9f793938fd2ef43b3b08fcaacd58a85b63c68b526b83430bd6550d55c32471cd044a87c559a8a4890b6303df6695f5821e61cb912e871cf75bbb81f4a2e30e1f9286d62059ab36d0dc7284adfbda37619a50e522efbdff4209fda1e3ccfca6802cf7298831367b19aa5d704f2e330f8b640ffd631ced13024516d2f7782deb5dcec8daba7bd9cb2c50cf3205e056cfbb991d8adec2334b161580cc84bfb962f8d5c822994db3355097a4df1c6ba4534466c2210bc16294a87808fff96dfd1d2a9634f08446cf023f46bbc3ccb842f20207bcb5578d62a3ff0d479447e6abf45852a36fe7ec41d36eef340ae4502b77a6fc712fd5b1f8b8d912814c76522d2f4014abf4065117831b1fdbf576c64bc2dbf539ed24090b88e0f43e9593be019dc48f3044cd23c690a0e72f080afa7457d7e233049261491eaea49ce5bd428c8615b29adbeafcf764908f6903c1e7ce4b00b7152bf1c75c8be93506e2261f4aea82096e86bf9af3fc341ae16785ce87cde3e7c236139abd0f8112d13c56f72f137bc398054af5ae697b292d4f78bc8856113b29605a8a16e25737a2fce31171ef642b9e52b64242832447a865a87ee6fcbafcc5b9bb13b4ecb96659d2c71a917c42118fa450dce43383a48c22b5a3e00b30a870846e9544322c4f341ae3d6c6b3f612b7379d1443598811f6951b2ef20d6b0d9414fb42234b1293c33c1dd42eacf43543bb55ed5eb981fb14a6548a289667eb78db1d9dd4de7f020d250a564f4fbf22faaeeb8b255b2aafc470ca5b0bcd27b08f425fb168e2ea2722da23eba4f87ab3259a8ebbf0cd791a66c32ea175af1be8718394727ad03727688407de46edda89f04e1920cb87c6f231b1bf8eb7965e4884b0e242ddffd29928473aba3044d22e7f978fbc4f460af426b092ecfcb121dd8f2923c212a5c536ab11f25bcaa7f8a80159c9f5b0f7bec9cc50f8cd48e389c500b1326441849d11e99c2295157729b2265deae19ece9706e6a8f0fa1a2ce0421ef2c14deff678aa77839ae39f4dca09833af038506082eb713a0b3aa6725d03ad8609d05f597f08ee7b44c481fae323302d52ae8773e2c762df97b2376313b6564f8cc871f7218aeb1e1441a7433c9cec0d11dc9004252ac5d9ed4d5851477be8423c4e2f245862440c67665f642fcb10773ea194c7d22e32172a5f535bf4ebe2fb5c8764c9e00a66ed154bc0c5b3b7ec87d4ac0595f0131cdf5a539122e31467245724a9bc7bf597c56fb11c8c258e9d51e4a8e37ed6f1913331bf021827153301f8d8dafdeaa7d9d4032f630273ccb97a162b26a3252e3a6d09b0a6db6f0dc403211681aa2cc5bbe26033a7caece84bc05c266075af7e797f5aaa63096eebe839f8a7e11fe178333d90201d95e0784759f87fa76b2f95f9e0402339a078f379ddb5171ab79835e8645b7d2a1aadeb5653c84c537391176e86fa3bc14ce7a8eceb41079b30ea3c9a39ea393e7984936ab72c70fc059bbdada0b1f45cd7fbad214a92560ebc535945a9b0b4014e740ea385567f97a7364ef75f2b5963ba71b3d01bb951ecb76b955a4ffb48fc5781389748e8ab30e6b4f4b0bb673de228b13c92fa15b98a74980d482735a9934045ddb342af7c8fd45c406652107b8e343cb4d0ed035d8bcda609cbc51ee6a77cdb5cafb1cde9965418516af87578ce7eeae5404dec90fb6dca8db2423b50ae81655f5bed23ecae489c5e776b7127ca061361a92e033a16331ed7c5b4299aef4527de7377f637edfc040828d61a8ce13f637fa17b2c0b157c91cab7ec4c0acb32588a4d33d3760ed9716486d1219460a3dfaeac98c809c0f0958aa3912c1fa2eb0f1e06d7ccdfd62247c0d59b3404661ecb93862bf50c6774b013314884413216e17ee82182f2c691a7d49340e457266e521184ad55b5d916b014ca4c13bd4446dda1e132ca40c5cf7ede74f20222bc000de78824016a925271a002c4fd1e811ec59d39a4c6a5cdafaf6dd725648dfaeacc3e2fef90de90d836904ccdb86fefae0f5d2c0f8e98256debd820f61472329c68ce580c3922b3865e7f4e7034464e8236c76d24e9f236eb70e76d0c95dc738195cc73a311dd992a3e2423e71c8da3ff84b0b39dd6e6b8fd24b00af7633bb3165a6ae07c40c135d893edec2c058d8f550c1ce9c79652be3a9acc37c1acf2d62a301c8d7e5a65102b9f2d56f704d96f4d9c1b7ef8bf288f707f0f0a0e3b9f1911c6f747ff7fbdffb7aa7afe75cb419a569712ed8e9bac77871aaa03716bcdf1bb0a5b4c9d38adaa5ed79038eece0e61d459a8655ce9b9396a2e2eabb477d50a3bffba8d223a5581b00c19085f3b40ac40a3789ea4950d603e102f40c4c949e67ccbe6d7dc0ad5622108e51787d975dc6ee96fb3866f3885d7273dff78272c2a5161ef68e5517b5f80f346181c4f00c9c3d5000730a76a09787b0f2ab5be166effbec9b172ee6466cee8b90e92b6391cc96f591f132f91a1f56aa4864452aac1e0a4559dc6eb62b45f06e07519ee0aa88e730a1cae55e7154e29fed661a4c3fc7a3a4c5ad65881b088c84d0e73124b743b899c09a15b08adbc8a1698c81ededf82bf35398232d55b9e5834b323992ad440e04a6f3e375db9f3cfc35118f2ac710dc6388e1989a1190951d2865f8c36f04a35579f200337772bc35e615a832ea24172f6412d66baa9cef4d1bfd7c42ac00949f6825a021087c980e1b43c63916f77d4399483b10c8210414167c5060b60d7eba4086acec17719f5ac25fbef0fd42e807e1d194c384f35ebe17a03357b72f7f343122326274ace5f68482a4efb10d7ab5d2418ab49cc8b188dd427c43f35348cf87e8828bc14063ccfde7310b123e8f79f48bff1b079d895b7724eb43248d13dc0652c6f00c0a02727e6898c10a7114ccb0655d1196d73bd787f1aa7e3563331a77144c88f7d21602559a44f85dd1a080d3f2b8ef422ebd0bdfdb555c2de543372d31078ebd2705e532c165f4c412eabd0b6b00f6d365de1abef569682017d1aaff0146c47eba3d59994234252613066b2c5f985236316591a557633f27c4e5cf1ff0055f63b18cdfedfeb66ed3c870091f60217f1d822448f577f7e0de7f68ac1b8303028939cca44c2d38307b67b233841410869204eaa3e8af3fa50d42dd6e5daf6d275a27d6497a5f1e84fa762b280755c88a7e756e757c7736afb3bb4404a01b9160b77dcaa69429d71baac011b64c4896d9add2ceb4457a7f8fd201d48bb15b7f877979116853f996ade83aab096b5c6a7be81c3f63f44259a55d47c11440bbdcfea81e882e82e2d3116e304fcf31a6fb92f5e65da7eb81fed6c4f3c7327105ebd20f99d8066f2505027a372b9d139be732d3ae960c37d1a2107dab438c88f1c9724ab504cc80d942a930c3bc9757658a61cc0a3f0e40cb66ec69dfacc706420f232dffd3ce1d2745503852b83967421d5a194834d812279064b2e2cd16fc02d6fc1f597f595985a2bff0bbe3f08db41e14931e57f40a44f0a7341fbd2c25854887f94f3ad1b991e12ac925724181331b17c34974f146f7a1ca858f16944ea876d107168389b943b04da631ffde4ddb2b5a82bc92e022e48a8e28287b523cf835ad4a4c2c9113046b7cd1ba08b55c461e037bd738280986504ddd686fdd2c9ebedf28ce12c3e699320bb2d8fd9456cb6f79c65aa66671fe25c664b600d7b8b431bdd258b35b8f1d8c1014546cbcbe7121f37098f44f2a5b69298f8e1431f0da8cf33dd5201574d092ad829178f3f1e5036049868c8cbd2b57770c63dd34aca3ee8133e30c95a885c4c3bd095f7fb9be325251eb0bb2a9728372367c89e56a6ed1db821e2e679a771c54779ca0d981fdf8a961fd743e4fc3eec2d7c165e2f1d3789cced077f1363e6a17bb3b8aea8bbed77fb95ee0df291cd109eeaef4923186937ec9502962effd657593f59836f56f2793532b5e7901b0238fcd0edd1a6150deb4934e61df0d5b1505f5db5bff664c7fc8b135ef154052a978bfae286665c96d792b5120b287270b4bc409907732f4283d5496438f3a1d48e6c7f6dd9db0e72c27f790003a8f4819d086756d4d204e8dde8fa10df8d60eac5e12e9df1e173df89a6c81004849c00852643b987f8d5a55750f7d391557ce75f0f444a6b9aecee3ab7ed2b40f6e913cc6a85c330fdba736e468918af816a75b88b7853cd085a59141eb2af17ad8ae75feaa611a9d8051a1a489192a65383d889900ba2828cb4b6f435f66caf517916c1e869459bd477b3444a60edfb8bc9d2ad3f66702912c9ae1047f8c2cfd076f6c095ba6e85cd54fe0acc7fe283b8a80621858600b9538cb6c47edd384b8fea370134ab0fe6bce7f6472d3eb436b23fe034924b2078185afd47817eb07a8a7227d729e32efaa9a81e130c3a04267aa29f190dbdb9edf1fa9c62f53d81ffcd2eb6aee17c6d42b79dc41aee38971221f19d641f802c8a94555fbd82bbc3320fd418b7d181a9f3c6436417372a5aa09ce9a0ee6bad418c41d4c397e43224020ae8ad927c9f1d8fd841d47a9052438260d9457a07ca833ebc40c65093d1bed1a15a3b870dd2441fa42a79801d9df791bd641d8048dbf930a780d44df7aaa2e9f35cbea0a2b78ae1a0dceabb9caebf388206f08788264c9056136fd6827b3a4873d8061e8dd55e6bb505eed32ef8a3fd6708ae2a286e58c52caa62a63caf566c3b2a6d5d9b4f83a8d933174ce446211d37bed6648d4b093f03e461c33434bdc7aa98d15be84af9c933f5c2e8ed7f7cb30c5782b6b2192c420302dffab80ec0232640f9f84857411934e463c195ab25120adf57a37fdf5e0367b5891d5fd44687f7e341fcc1d54012ef6c51ead0e1bd17473a6ba4a2b41810406d2af6cc493573231dae5d2ef4b4b4ab946898e1486b27b3df770a11ea68f89e4b0453f3a055ec86e2765de15e9f5543a52eaf4aa4a14c328c101ca59bd4358383a410583da27c3dcde933d40253f2165cd82545cb4bf866eabbbde4ed2325ce8f0792a8c7efb62195c35b1d4b574a4ac971a65fab2abbb2f9909186d1a266c61e19fd85ce1051785e5898c04a0830ca36c4bb37cf55b9f003b40d694dd2005d90275d3350e572965e70becdc2d6dda6b738bc34222039818d4610c258741c92e2061ad1a04f5d2a03182871209ee997011d9c7aaa9278db3c628f7e5910a495ebb8d2aeddf6a50c41d08c5e7fc60afb6e0ca65c141b08c7d827e447e24d687ddca3e359915c47896f019587d1beb1b86e802720c06fa015b226ac1ad8e2a6bf37f76dd6634838466a7e68767f3d20866265f28c9ac287ee245695de1de933ba9362a16b0dd6a1105b43f1ae5f9f9a88f79adb4aa2de3f65deac54d1158ea5d6e9f4cc5769cd46e1048d285d027cfb67a309a7f4ec4a409f771fdb25908a138b011a05780e7ccc05ee70ae63dae146813f9e379b8d6fcdb585eea164c98aafb1ae84bc55eaa95906aeb466c4f42f82dd385bb3fbf289677986e5f8d50a633cf1168dcb276e6aa411879bc3e610c4391271b5351375ada665d82d4086d9e5cb9409a74a4bd106cda3488a0ddef201e9d7bd389d28cfeb3e53d2a66dd757aec9ef6d3140eb09dbb5a1a934003f41bb715e30c", 0x1000}], 0x4, &(0x7f0000002640)=[{0x98, 0x11f, 0xffff, "93835f0f395f11faa7ef35be2179b23099d18fb754317ae1dfe37d482a4e60f7fc5d6d312ba7b2021186b2e20c8901c8e338318251ddb8c0ff6b5b66fe007a3ee57247026015d043bcb5995da3a4a4f82d604c2817116581e9f12b5fb1b467bf6fd585ad8d13305c50139b4f5cdb8a9b064ba195abf5825fb264a480074da255ff6653e099d9"}], 0x98, 0x20004890}, 0x20}, {{&(0x7f0000002700)=@generic={0x0, "d4ce1f3343c44ae0672bced66422a2d9db22922a588779a472c7f3af323c71604ce70fd8a8f0ab00258b4ef09a18b06d15745f34ba0f25f89ff0a6bee1e32719cc4817420be355581281965730b436d32e7b9f668a35e4e53645b973192238e6bb724a6e45d9dbac2d224d3d2c869dec2639f18d803f088034405b86b1f9"}, 0x80, &(0x7f0000004a80)=[{&(0x7f0000002780)="c7dfddf8e02e2b5cbd9e1ebea929304690ab886aea533ffd7d4ef5fae8ced1187c86468184e87cb1f2794204bc373b046a43c3c897241ad59494d0ad7eb84b0950e4fe6817dbc6e83881ae2b6f5999ba31f12e8b0612b5b1b7290ca6b1a9c179985d9d2896c6500aaa9437d6f6c37f39ac8326e827af1561b4444d8c424b0eab9abc0e381912b9cdfe0c63c38121d180793ce5fdfbf108824fbe31e200c1e509cfd96def8c9e55", 0xa7}, {&(0x7f0000002840)="2f18cabe37fd5b7153ebc5e97150ac9b2fa91b585be0ae77b33cf97d5b3065e6785bc0872cd667e83eb367c0ee330c3edbf64f4debba0173cdc60c018996f1cdf48995688f7bb70ca1931c47a1c70a4e9960d175c716e1ad9fdc8453bd12e78565df4543b5601c42cb7ceeb3433a0d5b5a78d83d6a333bac629e4ef6ac552ae2947eebab290c03bec262ca0a7b001002b2a215b6df2a3a29643c7ac8bdec644ce9012860982f86990e4cc90ed723556aad55de716a206c14fdb88ccef6eee3397aea5f71a82dd5fe5b9ea2d5acc351acf44ca7398034d20a27ca8c1fdd75aedd5c5ef2c335ffd7fa6ec29fd9818e52ab9976f4dd71e41cc998c18897f85324e46a26655f7449ad50e1ba92e29ebc938b1f08d2b6596239e72a63b4612618cacbcd33e54122f11f3016945b462ca3ee207028308ea7601a2c331e1a928fc5982fe0b4d171df161388ec7239d4f439c92e3f55d57c786823a7b8a1b9a795926123fe077645d4fbd1f0d3977c75f97bf4cbad7eab8e5af76c0098238e6f499b6ac1912ea754ddd0be709148d493b0206f4d1b7a395ef69851dd996f90ec57b92c979f9ec84fa86dab7931e570ba23449d5e540350ab075f0e6391ef7bf56b95c27329567f0fb8fbcbf57ee80bcccc733dd83363b8308925b31c80df861f879f3c94b0b084e33eea7896d2beeea7f5710a7e8ada173ecc86e4d562859d66c2ba1001d709cf8d97a2d54b549ed33e49af7c308b1bd027d90ca74b787881e3ec4851ca6216cc51f006e55fcf5213c9c3da5d17580f7ff4edbdad2d6830a614142bb051e4f24a020f219c00292e102215de83c911e076b77aafef817879108f149fbff9460a130c7ad3d977937d8a2af8422e91cc195fd2268272842dcc14d8a55f626d276d06d765c2e0aab4ffe47da356d945b8e07b930ede448c379d495e2aa1ed63d7b0e3c9d9ada5f370b6b631b36207c6f770138f65891b4a56b6382ecd0bca023d9947050b24a1dadf80a2be2f79f01cec0293e943f3a72e93ccdfb821f756d1571f0fe13d8de3767f4bea022098a1ee36c667640d7813dcd34c86ac935abdf47fb23ab06d521ff2222c94758a1725bd56b57a3aae04b6d303e16dc92c2ce9f71aea8c7854ae0b02e91b4d2da63ef445170a4f4c86c2100c2a5c72f13f71b7b9764ad2b4f4c5b71cef080928a266d649c8d8d0bbe72bea34c1b1c509763ac3eef07740ea0127ffd13c0b5bae4ba82bdf0118c16d6eb3ba04da47dfb143c20dfbc4b15b82c345b289198813417b937fd29657fcad3780ef13c9ce9174423b85b9fa89515ba9216630fe71713e97f4d02db8ac2d5b31fd555d94295d4bc3158506cd6eb6e78b377aeee1d32b32a9c1d67781e927a2fd782439fe6eefec599a3a814a935670ba01643877685f90d89044714b917d057a8f6b7de50f3742bb4c2f408dfe1510d1b8f245c24407aaf131b811f7d05d420f7cb5b1e29d21ff0a4c8b4f13d6c4333679f935bc0fae393d69051d5ad21b169e07ca8ce26f3bd5cce2d2a4f69bed8e37fe59e3cb190367634aef42948e899e3ad89b1aa18d6ecbe3b268ae539866675ebd763fd395ef0fb8f26b4e09c09e1af7a8727849bdee48f79c728df5cd6ab17354138a56ee11a28ba0da650a44a5493f71721bb9c09c276c2ce463c5e05a0bcfd3801842daf1a752c605979a7141cc0a99a2dfa90f0086de57ed1638ccb9a72e0b74e8db1f54558ef1a6521f2d40dc6afebca7bbf6abd0910b2efde487c08d64de23d938e3eb934333e0f362c626644ffe8d9cd6c1c68a32c6f41b222f5a57b31f83dc339b40eba4c31327b1a18e7b9aec0349fcfa72d4b5bb34f6ab3ed66966b0569531845b5078fb697851a7c00726dda78d019bc7d030933b5c3c6ab459a4817e49d7cc715b6d6ed1086a5efffb064bdb2c3052c597c1203f6ff4cf3ef6f15acbbd463503f9e30970be64cdd2146b14917a21405e1c3ba2ea85399639f2c902ab5b9396eb9486ebe28998451af07484613ee6c8df5114425a50b0dcf8990ef78d6223c3e83f8e4376ac3b959b4136b90842ca08e367e115b4f50edb5b42f30a6adfea05be4b2e0937ef2ef939285be90f4f30bad097179ced6b037baf03221d87d52fcf37276311dec455e035f80d53f2eca7ca572ecfc9ecda7db321d086b62f8c0d47ff5e7e02f4adc84f8a8b54087c180690e704012ac9e19567891ab215dbe41c272c1c958c32b6dfd3e0d4e28bea55032171b5eab37db40ba7187a098b161ef5612ca060750587edba6f2ee90fff63590f0e2da89dae5e07806fd0b4f8919d7037fcb6c97a32363f52114e73a70cad5a67350e456f5883952800088d65494d89cf799c8640bf455855acd7fa948e8dcbcf6bb8775890d92585d351efcd682d57ea30429b0484eedf397b3372aa112ef0928fccf2f7f1c944a1fdfafeadf9dcd7ba179c594c64beb5adf552eb6683b39cd94db5e7a1972dbc98aaad7c6f73653d415d5c38f102f7afa9c4ef7595384195ccf7a4544874a4a5afeb04cc8d6c34c69872a9f4d461874bbe7f2c692995d99c0dceddb66b182c7981f7b996c8f158375ae675f6a77ce90ed644f3196ebc97dac8f7be28c48a173d9f6045b205642338efb4b4e8caa6df7a320c67799727ecdfbceb5e66559127b64711224e6ceb32ff99fbb3f0bbc460ff96fb0abdb7418d98e20bb271fd70de7515bc77ffc93c3d32b6b8ae09afe8a92b553027e635f24be9519faa2fc29dfbaf0dae515978de655a3d2ad9264861fb382480da9ccaf9987f1c82f163da7379bd1e306c8e3d685764f38b73d562b5559717b6680e8f271a1c36d7523e44d29d54ee9fbe5596c21749876dd4a1ca2b2f73d7891e32dead5a2e1d93729e9242b2d4a843d3e602f85c047e0c86e7caf4b03940f122bed4cf373ca9ff54bfa9ca7062a7017337d30880de5a59fce6ee5a4625b3aa53a2a518221308f1fd12e3138064beda6611a144ec6612f05bcf0789dff873986d99a4f10bed901d847ed5a524939c02921da9233434df1a6a605a03597740d3662bcb84f1c3e69efcddba9c5ac788b0ad1f999b5db4c4ffa13ea4b34fb156e99e02e91f405fa36ca3628663f45044d03ab2fc53e8ac15f2001f34498ab61e3c976058dc3774686ad276d5a6687ba7f535d22d686ad07cd34b6c9611b3ccce6ca3139aebc3bf9a01d1e22de64b7e982043ce58ddb1ea96d25e93fd892bf300c69a52e3238de6b540e52d31a350b5472878eb9a0b04455e602e76238022ec4fdcb57ef731e8ef934aff7dd9933952363af0d0b7b0a7f2534559a12367801d58faecd9ba86a4592c10419d7e1b17dfcf6027c2160b566470642aef14dbc32929ad4ffb4ae2d9b95db744a344ab2e8fe47764fb05d9b8a460391158df5df1e212c96bbcb382c04202bcd1d678877ddb6efa6a2f1d23bc4ba95c95a45aa3ab310c7cca1cdc307626ab822766c8bbf1ef129b9ca3660c572f1358546d0965de265cac49d1d9e933a498735956b05cffd2c7418a044c8adbd1701b5b8e3b35a6fe77b2b3ec13bb004cdb2e4449dc7486c988456b6d50d71d7977490b80cbd712a0afbf0678c0a4c6038a41022030f93838a1521f1230497dcb108e662d8e2ddb743521c542e5338b21c750c409ea9d3e401dbc6af3e64f96dc7a061f62332f2b51089f4980f7d2cdddc9a6849d74c1bb6fbd164f829bd1d02cc700b10bc8ad8eee68ee92056f713973f7e303bc32c7af6b6dfc9451f4a6e757c6e39f0f98f5e56f81063639cb3d1662a4b4f9bb234fbf98e386003fc434601a9bffa3bf30bfac3085c19d10473f36c43da76e78b7da08690b728d6b60c996891607522ff0a8b464887f34419572fae74d97d62a132df87a29efc9f2f50e1e12bf02d4b45909d340a52e6d55883d4ec26f6cf9152b96fd2faf24d24d87716fc44c7d6de9fc2c26ddb32748558c9136c1e61aab91e4bf285670e97203cca850dcf58a603769bbaf577439b277ee68bee635e3053cd4f7a8836a6af4f3aa4f0307f412bc5a1a9d690cadc1cf04dea90e30de4ce94d497eaec3714c6da25da9bd64b0283a81279fb5bc35576932a629b7866cac2de2af1862d617e1da2d1174b797d42559273d54b4fe48227a8c83dc957aa2c56078a3d2471baa71d6edea722f6aa7fe551d22a36d1793d05fbbc5698d8d2adc9c21da489f7c91ac84b31b9da3a729689783547a0331175b6ed74e3982f4405baa96da1f3898dcec7b3a1a4e175a215ff0b68704100b4395ab7d75b55120cf90d84d3bd6e5423a105d8a794489f71f041053b8d6c709ac7a41ae7dfe981b4773e436a4ee1b38784fcbaf61e4c14a193b88b5f7c2e68402baba4cedff4de9504ee11093698d7798ff3dfe02ca392e02907240717bf520351e5707aeab9cdf35395b98cfa166f252192e20dcfc238679e9cdb5255b1e5e8378c42e4724ad47a5b2486a7b5fd8560e54699a7c24f4c815d3d9bc0f8a8d98f7dd24c0609c967ee8982f43c57b95d1bbb21661db19b91081c22894a8ce2350bbf4f1cec0b850f9102c9cc9dfdd122a2ee252fb8c9696558ddbe865cf6937086a23b2f32555119b8a2c24c94a03e6712eacac627e359148d8df6a438bbf8eb99f1226467830b0bb0e1b1a1406479df49144d470b1d5d0ed20724f090de7076b04d720a4c9af09c79f8d7dc82dc140d37b39e6a1771488af2299a2d4de5853a4b8ad9161215bcc0ee2f0659ce2f03d0f74ccadb05b0b110ceb24023a1a67a933a50555c63c508ca89afba59dd66eaaa544086bdf791e6fe85da32258c5f67e191a9a6ebbb113bd09a1257bb1744db28f47f57c90d79801a2d206e9b2252bb64c90c1cc58023a0a29ac1a0faeb3b80ef803ebd1cf0f63a48b91a4f349e12f8743928bb7f50bea4a975d6b0f71125791949c29964e787d1d00214aadc369949a48819815f924441c0301bbbe977e313f4fe94451c468dcede6c1e454611efe022e93a9382f3f14b0330e39580d15d3db392a760010b9a79b58b964383cb7735f31c4f1ff9ad93f63fbcabc942a52ac639818888b3c426d57322f3611d14231f3582eea1134dbfa09c90acd2f7df317f12f9034e8abaf38b6ee6dd3a7eda1f3fc81a51f4a2265ac2ce19cc4723e1100a9e4440390ce0ac547abadab4f5e749e78562085b6e8dd1239b75c41d9c747e12ef769e549d09f725dd6452ada72745ad2b54902416990248151f1b3167c1bb3a24f4ccebfce223b680cba1e5b8129a9d844165af3807aac43d9c4ed3dc2eb4721da5cc1ab94f12e71c4802a2035cd31b5140d6157de7325c4c2b369b5282341eba89cea32911d180d31d6db78ce220cca372c0d04b160ff5bd57ef02719dcb4d0bde1aa0b1349f82532f536cd01dc3824962d1b44c1c90aa0ab84562e171aca9d8d1317ec8c307094f1d6b222639489b4cebccb7cb1925408e15f54005cd529a22104db4d8f6a6c43e1a97510bb3d82d09042b77b60dc5ff4c50987e7ad343fe78dc57990fbf835994c53ecce7f25196badbc64a7597e138de7392b737d1fb571f49006272efd66c15c50ff16b8209a85e7a5fa476b2b6c8140c7aac6bd63b16a4682f6b29c75a2316d76f4ee31e4c5e64855a194fb1eaee4020860bc31efd44f1d4c81396d9eea95a07de74602b969613c74ca7c5da7ae3812e9fbdc95827fc0fc0a89f22f7674c896c99c1bda53da8e7c69694335cb2742b94ce58a2b873004cd23fedc1415048aed797239084864f76248999f16fe938f829d05a7df586dcd", 0x1000}, {&(0x7f0000003840)="6abd3ee60bc1f6321998acb4121f26291011d04c7396ac954aa095d4d99e130d8fe48e7f3ac9c5b3b51f5ad75836cb3d0b8ca41aa0511a0183258e18bbfb0643c8340777b7ae2a41c49f219470ab7fc513693b5b306309e817202b89b1833648a1eac7d646bc1d4afdb6ae130ea0dea13a0228062fcc29807d0acf11c9161b8da6f6a4e25aee146e9867b05f330f66cc181849a283cd31e832ff318eaa2a4be5709fc1665a92ad57be31d0682a6fa3036a177fd7a1f2e256ae8de3e761ca22be9a1ccf05", 0xc4}, {&(0x7f0000003940)="c46e51ef543509ff4cf38254f7c6ba4adf19378ef629da4a293865713434fdd8a766b3d460751b27167e57c159de4edab63425506a3e5323f42d91456f5710adbe3a74100e82da2217a2dee303a9be2bab5a3cd9975daf0a59ba2d29de7e497225646cac5f0b06ab18bff0e4e955b9b9edcc92d32b953ae1d6505484c94d9688e7035f5eb2afe8174b05913fa8233c045859de69bf2184c26b5144d9cf4c07162c4babaae0586e4fb2f9343ecfb7a5111ea6d2df5135127b2b31a56f6be7d841393bba8ca0a20ccd96ed835698a76376fb1ccda798ecf889f6c8104de2eed7baff6858199d3b668ff33fefb24f4e93bd21d4dee6425cbb75cb31677d4034f1f2f80ecf2768cf06c56929c68850454c290382d1035a9ab700b1e8682585643dae3811fdfc743f7f7cde25561455363c5d94d85687237ec19c61841c4156f95c3521b9ed8fb2a6b31ea051d43f7e82410c8a53bdf4d00b8c6415471853ab9a725a4686ae166713c7184d8e86556c98ca2ffc50eb9db12c2e04882dd5f56ed6ce2bf3f615f7ca8eded380ec4fe7144beb9c2fc75ccd2b736eac820943784a6a1a6e1ef006937bde48add37c22914c66f99d60cce180837e6b7cde9787b378997d58c63d01aa3888004f86b8d5bf0fbd02dac55fcad3489ba85095cbf5fa0e46d1a53a9b3d6117436cbe9c5f036b7e46f8bfd12094e1ca2172af31dd06c5f90c6bdebad783f1f4e23b5cafcd5a6eac0d5d726f02dee0f17fea936b60cda8e23f59bbc16b33303669008318c9320ba8539626e138428ba69f8a64ed7ee7bd6ee7e4941cc6a9beb29222c5077803f4e248dbb2e4ae9dd5f07dc971b8bc20d9c5fcbf057adb431129da0ad857989b0f1965e452747d15a540425ef050b2ffba8969707196b0254b12cc544582dfee2ed4bcb1855f19477f351eb2d2001132bf3f24f9a9d7a4d76a500696864f60ec47210895c6c95aca9ef02be8a16800a6000f96d81e01cd79408b892a833bce7b710831536b2559102d407269d7a0da3c9f0da545eadd25bd7c8230b2f455270a9e1e4a4b2aff1904fc839b06d70fe139d3b8865c240b7dca7439387024a8651bd67d9e1d89858db7d526075d668e543cc656854e97ae2a8f7e83fe4c8181eeb6665046b655d78e12cb1d2ff3f64c291714fa7f0d968e3a51e0c70d2f7ea4dc31360b01a50669faaceb1b6d08edf66ff64428d43ad4c1b3d605a5f642329b7f44711f1125c2884cde9dabe0dabcc1c0bd217457141d63717a89e4bfbe3d16a7c655f1c6c6054aec3849cad469b6c99f21442830f2d33f4da8f926e93c5223d451b041803083fd9499a875dc6aabcd67b397e29463dc4d787131b2b743352fef561398dac5d56fec6b2b6dba8db2b111c3e947d75c47613a51dbbb1e45eac4f0c251ebf84175b139f2e8f0f1dd34fd99a0540838b8691b05ac80dbcb49da5431728639b123bdf1ecfd4df3a5b54ebb30199470fbf6e4c78738ef5d2757e31f64144b84595f14f678fdd7192c4ee24d77e9c4ad22ebf0f014f0290f89ed90564f95965bf23edfb6221b1c0139bc605baba22a4277e060ddedeca1cd56cab8ba51dea2518646aad69f94c884908aae93692827b179cce62dbb7c1507ac64f286f3cc65740a7df655a6fd20296f24acbbfd65343dd65be2cbf3abeadcec99712ecd93038d04e2d682dc239876ef5af50e43ae16ac0086ab5f40a5c38280b5c2436977cdfdc7e7d75a621db27410a894e82faadf7d094b5b8594387ef8c10010929f4098a6f95dbc60a9ba86fa6df046fcf6af0175e4a1181a88a442ef86782c95e9e1c25d9dfe82c4e5a39cabc46cb2dafb32821d12d0258b6b2c89d61d29f01d36a122c6c3661c3ed7b47862c7fef7be5c0321f1c9433c39b4f48007cc20a30a5715070ff84ceb0af51173c51661fd7190234d1db817495c80975555715e65c677811fc8600165ed94c213a82abd590df6183427a01df5d4651d17c6d1110c9d49cf786d67cfa37540879a44faa3b01c9d08c6e582a00b30a786c52e58edc989ec347136e2dcc4dd78dfc758e4d990e02511bcd8c8d8a48a58e2c88fb922f57553b5cd28d1c30ef73dde51a35c3c7783008aeb2412e44b49d4ec0272334dbf3caf859ba6440f9648bddd03526177caafb4e468c898cc9c0a08a2e17036bf131a4da6f181a6689eacb3311a1f593145944881c356c07a4bfa35175554effa9ca1310fcb5ce2e73f12f696994464d0da02e120e9fa230ac8578fb36f96a8b1c3e880adee19333ff4762b9ce572e5011e3caaac1e40c86267f0b675ed3e0ff0b62ee3175cff4176093559cd8afb0ac01995df0bf21bbf44c8ed2584203aff0ddcbd21429c8d87b4146dd23c374314b35e83860e7c9b5958bfb8656a9724328afa00b13464b82461572e4cc388ffeab949742b1677e91742bab2ca19ac1d239c94e2bec863421f73af431e2067581967b65f9d7b6747f5b8f1ca7352e6fe084fc26b4f66fff6a1093af146f5157296df08bca1e4c2720227db8af4a8b9efecd2a69742b7726daa6f4e782ea019d1ca2cce57c86452f20751c7df5276b39ad51c75af0b167e8a3d98d4ae18e88b66fd84e2cb4b118cd4a83e6cd34b748e5b4474637a4279c6e357df6b711216addd87eeadb9978222d2bb4b597d1b6e8c6bea1296071d6c0abc3f4a264c945321b1abc1cbb26165346fcf66017462e3a4a724fbdd503702d2b581db82a0a19ee6e739f7cc38c1433465d0c3eec86253440463b8bdb6998e1d75e74462b4cad930ad852ffc8b24fe511cd06dbed7c6a218f95d4f7fc0f64bded7ea7d304e74ddc1d6da7ca98bfaf3ef035f1448156135e6386a2504ff2e16e9cf16992e31510e97e0a1b96b6074154b8297ad39e1780c236e605f68f4f1131ba54ec7045369bb009dc97db3cba9fe8f3b464ffaa75bf630d2f4c0a1220d968c24b5164804bda41a10d74ca07539f73a916f89e1a99a1b5abfb3bcc09250e7b7d0e43e872ab14ec7f0d20e23175eab415faff4ea7314f386e49d9a08fb5f8903c93a5af80dae358de69d30a6de89e1c2ca368b455c64eaa811ac4763fcc12cc217560f78f70bfb270977fffdbe7020fcf5c04a33125411348e98fddf4ce5b05d67a5c53a1a6547c62a0581f46863b7cfe5d74f35192ab7183f9e3c5ddfa281fe9293d9a318a5509d22b976e55fcce8669d1cb36a56d39418c1e4b73acbcd968077b873811b529979fbecc9a98b0dabb14327d651949ce932c96b9cba1c94d8ce6fe3eedc86a5010b0e27a9d4940a68fc32e80879ce6c15d9243a5d5f72930c40afaef59218c8c24f493aaa1f3f9e74de82dda7e0bc57a3a2235f99b8efdb39eedc9aaa7b289eb08ef19ebc7962761359baf7bfc87bd26b3db3c379a665ced018eccffe6d18142dc550116bf2d160b27b0b1a02394b8462cf630212dfb2f4086c00620a395d44ef50a5958f13ae0d4e016a56c3e2c36c9a566b7dda794037370353d52cbb452802efbc7c46b677ce088319b2fe425588f1b2b03c9b8912d46d740e30fe9bca6c4b69c30069eebf45d7f0cdf8944e06fb4af8c21d97c71c619e9ee8799f540cf4ba7b52b9b0f0fc0e01fc513aa73ce36e969ddcb3aa7f431a2b2199888a8b1c6dcc97b8f86827de1be5f59edda2c5a228bdfa685da76acadfe940e7af1957edac2eecb4a0e3e85a658310a0c3f60af44eaefab96f3faa4e568743f41b0cd932caee8444dccbfa2c0527bb8589d48cf334c21eee5007b06a7591b8a881fc123237d309063177454f645e0c5e3bc9a6c80f44ffb911b38eff68edd730226206f7ef9f72a7b0a28719a92f99dc8a44b4d3799eae046256216495c51ee5a9dded9412338b297aa0f1d7eb7997b348bf9fcf39aee68c5685421600d2d1bd73ab0cf18a16d74fe1e27a12f49738aa99755b00b4145d150a6366b0eb07ef46dc718c5a0122536fc11b55383c5d945f32adb1a91d2948144f99fdd5ac6c69a11675c1a12b35c0a25ea812e3fbe911f8e8bda3b5d3850b35f45647ca601a78887881ba6bf2c6e0b4df420637b246875c9a1a6f2b82c4efd16bdbaeb6f0e6fac91444115c8dc7aae68318cab8f908ca6bcb6ca0751bfcb8f0e097e88e05d4969f74655a31f53fd04698259bbbd372c3a1b1facb7e4710f7436490e9d85ca50dba54cee16e8a5e8e396431f32c74466fb5d8021e5e9b92c2d24068926352970b3386056c528307904dc0dbb89777ef7f16a47159c0ff4fe74fa32106c0a8046566b2b5d7b4fdfefef8f84957a2c87bdeecc0adf790535a79da62c1946f1a60989bb5d2d2a0ef05baf2a51e1274ffec72450abf35f8f5588ed04a3a5b8d7040b1698beef2d9ab0ce5c55b0510ccde2f861ba059cb4a92dde5fc3ee8bbe6506ff841f7848810013d490c9fe3158da150e7701dc787b5b5eb88fe4ca65e68d6502e01fcef2663e5fe16a8825bd7bdb8ed373570502880f32aa45d90025ce5e31aa152f556880e41b3b4b05808760374fb737341390882eff0a72eee02ef7aa4145973ba09e877ad33c498264cea4e5c6d46d1b05ec2301d8418fd790e7f49b3b83b8ac1b135e84d20d69f9d3a95988a0d1d950712f9a015a2f5e05471462e2830970013b6a49093085618c6e8706b1fb463a130587ee7f8fcb810ab8648c08fa0ac004ec6a5e62fc501297de9da3e9eb43c22df69a64b3f9e091c48c682a83a1ed21b23f754472c808209713c12470707f3fa282abe2b8791993b4b9e1c119eb0edf9c7ac4a55616a2dc7dfb9fbaf7d881991b652843c255e535470069401959097c4e2a92189d8085a491aa2df9bc66aaf61aead98448c2e1365417f31832a218f4eab32f253b5b4cd0205a3e557cff4138910990c5c944de8a907a0d2d61dec84ebf5fba5fb48d0a48671f43aa1c12c71f48d29346a3b9c053073d402db3557365b16c2bb4ff7c76b9b1644c679517e2307f6622651e50510b73685c99b6c21ac91fa6244eedfe6e98e06ef2c1aa0ebd248fbde35eba18b4bbaa9afc1cd112d6fb76f11c6084587361c419eb2bd07fe5584036d254079f19742920f4d2cd5aae8c2274bbc2a53cfeccaf8015dfa97ba34768d7cb8539713cf252a78fdbb4b6d6da5af00dfbb2a868a9185a241e58d7c9cada7be3d9db0da448f887328160f1523ce6488f27442df51f872837a93ee07d6a18417a116e267d9a58375304fdb78d33a4fa086435171f46f6b524b0fb2b03d2fa8767d84319bb10cebc08936c6c7350b0e98aa0d9add5a878c1c2e7426055da1b27cb05ae6d1cef12dd05d10f2ef2d6de3b38d19695245878b4b92bac96d8da7ab3e43af7a9b24fc9e7229a994f3d1195d7f70680499b669c0ac893d96df95eecb03e533de8714d791f56ad12efa5f8c51e355e21f6524710794fe1d3a57fe20163142e38d5e84af2ac0e7667542891635385672604f90357d28a8d83af33ff0d520ebd1cd48af403b3e2f862b2fbb482d310d4b5ced2c950d9be41c70af0e9dfd2de7d8b7e2963517cd62d0853a7deb734da56c63b204c17962b1c7ca4b3702380ad431134cfc99bff52bb5b1c022f999d85ecd9764704be296bc3756ce72fc650dcc0ed5eaad3f0d8764eac09faa04dcf2ccdeee5e6390c5e66f07bee059eb5d92d5d06ced31ca8e211ec305beca3f4ad4068963411ae8930c6b237aa251db1a7bf719477cb78706bdcebcdb58bc38da9d92f863489e2a9f84caf99ea77ce2b369dc04b6ed43bd0a9382a72a1bcb8ae970fe2d03830d86cccb972bfe9feeecb6864e", 0x1000}, {&(0x7f0000004940)="9597460970337571b214e2d28139abf9fa9bf4f03a39e5984a80785c8a3b777107c7ba47", 0x24}, {&(0x7f0000004980)="e7843a52190ecab7b6d6b5306859d072fd78b626631caed7a8a8d645cf68f549df677eafc4362d5feefed8d4ca8a69cfdabf8058988d1e5efbf597d1c68f8771b20e5e4df4352700ff16f49a1cefc36fe637af75512cf5e1678a9ac3df5108a4c47422fc44c8f7955f7b32e24e6cf1675c4c51c319907db932eeeb04eefd7f1ce2afbd74500618afbde6a44d08b40ccadb604f56ecebe8f03ce69e5ec35b479b4edda07ca1bf488b3bec23da52cd806c188764ae5722c39414558aeb29ba91c0d4b28b7b5d7776e21074cfda3807a9ad87bd7e079acbe4ffd2743b5629db891b2b0cd19f439fb8e3c5ab21e2d8c439a102185e532581fcd5d0", 0xf9}], 0x6, &(0x7f0000004b00)=[{0x100, 0x3a, 0x9, "c58ed52edbc87344845af58ed5503d374cec51cc8d67ab9b3a87cad189ca9a7c453c14fb1aaf6a44eda24c48ff7db0f1a8c38be39e2999bc3100ac58f1f5b9ae0bee6eee3072bf799fc97ab1a2e47f39c50270b0405233caa31af22a2e64e1829d89e30efd9836a7fbc1b7b3627250e41c80da2b959300451ff22ce448c09e6985f32fbef4674eb5b6c7cb54e5e7c849811964ac57a59979bd66ccecd4f928b5ba834c6088c8341afab2160e4a42ae49b09432397bf9ab3e3d8d20161d64567b351122f7a51a715b30797119bf101d512de36414da02f1f8fb0c6878c707530d232e2619bb0747c24d"}, {0xf0, 0x105, 0xffffffffffff2f02, "b1949f915d3bf2fce51ee54473fa951cd8163876a9996511dcee7b7c18ece55bf6ecaf75c018bec03c65506f5f52593342c73827b8bd4050e90dc560aa9360b9db786213ff5ce150312b53bd857f9219d3f51798f7d86a5143ea836076b6ebb9828f98b0ffebf5fd8d037db8476670bb8c9b15176ae055c7fd3175318ce442679e9d45a01e31123686117c6fd804695e8bafefcdeb64a0592c87e3ee2455c52edd3d277adab333dcfd7182197ba0f2c2893c2d4d039c4a4b54ab9bead6fb4ba886239f768a304787774145f4ae6c5d481830a4ea6c68e17de7f8ee4410e2"}, {0x48, 0x0, 0x6, "602469dda14bb8280ba504c5e7c8c71df43ef5136b0cb719caa309e9a4090d84c90cdfe82221be2705ac3200b819c1e94a1ea8b2"}], 0x238, 0x24000880}, 0x10001}, {{&(0x7f0000004dc0)=@can={0x1d, r3}, 0x80, &(0x7f0000006440)=[{&(0x7f0000004e40)="830ecce364348a5d83efa1f08b0ccb76397d1419642c5db007d12d0023b31e8db0b4a122ce4a9ed85316d2bfb13b3e292f3edd8427864f292c4a7a554a45af110cf61466e6a1347bd10d3a45704b3b4f865441ea8ea09ce103de4a9d600e029d268f8b5c47bfe01d4f641bf5d21e97143fcda7b8d91dbe326ca2ffe13359cdd4bc65a32f577c687dcce8de8ea9e76e31f3a347da53d8fc802ba4f71b718a426ca3670a5c88322d074a", 0xa9}, {&(0x7f0000004f00)="ac3878315fbf36a5a141099f7de23ecd8af8f052a2c90cd1b2bcc2efd3aec14274f3d5ec34c555", 0x27}, {&(0x7f0000004f40)="4cbccd79a112229e1a6a6542395217d67d18657f30cbaa9fb46f41ef51dbf1cc395266f16cb7e566f3d9bf186f0812fe3a922d7cba477dddebe26bd065f8506b5bd8f4e1d7d68bd8beaa27ce1ca576a01f5a9526b672741e483b65c7ed18cc68b0afb542914ed79e2099201cee534540451065919aeab59c9fe254d32e3b1ea4e18464ded39aef04acf52affb654e9eb82ec132f320723dfa11c711ba724532029326139e77c6c880a5197ce6657b7c512bbbf701fb82899ca8960587abb9938d12f7bfe5d101a8e2ad6d090e9e8f985ea33063c2067f475f3a0f85256d847edd38633d1e6c94c02fda60e9de7b080", 0xef}, {&(0x7f0000005040)="9def6557482aebb3dbdef659d54f060d447e4aac196f3f7d725765ccaa2836d4330ebe96c18efb628295e623bf7fb7fb005d6e74db8d49bddd1b3cadfcc8019a76cfce0e029d8fff7fc4de57d1d91c2fd12290265435f6b68675b90a015def24e5d4cafaf74affc4565acfd5bf388969793ed9b10c72040812ce9efa41007d733808131d3fbf653dfcc0b6258685609e9c86f5bdce504622f120b7936fa901657405ce5ea7bb7ae6723e181b81479b89be413056ba416c51d0133e756ff2f97d4833f899b7aab23a9075538dde07ee3e0539c66afed8abd67f74be615dceb3a23cb643ce5c", 0xe5}, {&(0x7f0000005140)="2a117a77889566ee1150d98075f613193083af9e97280a22ea4fc7b9e8e4173d74b555c0cd3e86e1879dd098b016fea8187e0e4ed53dcdd3f5220df49388a13221ba31b8a4a6a862782b2a302004fa9fca8df16f56ec8602fedb851aac54bea97c13c1deee06687f7db49c5806f3ef31c98b96901393c9efde936504192a222b7cdc94b1f94e1abd9e86e7ec9812b4640690ace6ac3c51efe8a9098350c0e146f763a990c67b52e364a4c0f88333992456", 0xb1}, {&(0x7f0000005200)="23c0178d1b57ce739aba33b1f2571907ffcb81f6474cdc5a366666a2b48fe48fbba0a130b075b3a474037cd119bd2b0add1fa1aec0da82d037d844d3567ec898cd231854d0a0237b079dbb00aaaeb0dd053f5318810f5032d2084c07b0e16664620a817a1e4358fd6016128435d7a802bec15a6b5bd2cb3442f235ae0cda0d0d85e0f94651a755f9327b9f5f00933aa786a76d49d153322882be5e71c30ba22a3d8fd9af9f99921ea514a5f2f22066395c2973bad3e5a4d21caafacc4663c4413263eb056ee20ce5", 0xc8}, {&(0x7f0000005300)="cb10bfe56be01aa00d6e283f7e7359a79582e2a83ed930224dcc5d1da97a947537faedb46c656338514c561de5109a7ebe613411a658c815c8b233b2c395133318e934c49aa13ff0e9b0ab7d22a99171b926ac611b64eef066cb1146d3a5352abcfd8464a3c845091b6f8926c017790b8fa0b8b76c0b5a92dab6d3f8c1909c1641940ca34e1d2dc1b5dac55df2cb4dbfac206141208607a4c81d506ef8ed4defbe46c9fde7ab", 0xa6}, {&(0x7f00000053c0)="bb4e99123ecc68e297744d17f4b73fa39f546b83def52cc5245f68eb15731eff80171153d2dd521fd4bef497763a49aaff14218e7f606f89833e822bc0a47deb00781a0814b82ed576a1bffd61664b5d099b9e8db633e76f829c249280b94473a33f7bbcfb829abf491e0ebba9aded96307b1cd307158cc94fb49a4ce581929b78f68d3dad753340c5eb5c0a59ec65362cd271c939ce43fad2231200acc147937d4f8cb9b68544fca380c5d82e6a2fce7d15af974ccbbcee95bb5d5b697eac8eedb2fedee6599a314da96a10e01934f2c4790c7780f8bf03f34a487ee75d3ef77f76cb7cf529c16cad5dd4c70f35bbdc0ca939f8acfffeb2033a6841eb08fdec14f9aaa45e53f0a44d2b58b9874d2e44b56ff20e15bb9e81a0c27e2a379665ff7e2124a25b23c88344ecf8350f2dc7eea0a49218f18dddfcce859bfad6c952cab95047f497cb681f6ae9a2e535421f9b2f58767a1e263d64ad1ea37dbfbbd2a730d5cfe180ece2f34a90a9a9727a00951af838ad389be29a5284c6946216f6beea63a39f9165864fd4f1ded8dbbf3131340b143252526825602b25b834cca6391bd1a48e74349b8a5e9665456398c7b576893410ac5d5054bc89eba5f2cf789df7bc9423f0f4603ed03efa378b8ccc78ec0b5c79735c91941e0116d074186a8149e15f1c11ffb7213804f0a146fd26f02a313a618f2841aaa172f87606ff1f6b888acbe2891eb8255e6455cd2fdc6fc9fd5acd4fd98910ed28b2ce20fe90689ecddc2f0988214b3e39582f8985c9701cd276e3b43f71645c8fe73b1563d1e3a2b4fd965e65b039fe5e10a522017b92701a284835418789aee867d04ee2ca82dbe9c96ab4468609d4d8fb369835fe5e72fb9b58aed6adb20653b27cbf1d907a81ad2c4c0a8a8abbb659471b3ccfacc0f5d30cf222ff00ee0a8e571d9f7d59aa31aa4e1329eb8028dfc62029871f7f2ab0d5b95e5bc15ba41e268229e5ffa80b6af4f1463092461c9a72ca449453e066a91913909b387dbdaff36b8adfb91e27456e794909eea69c567f7a0c6fbcda4e9753baab98eb54fa89454b059d628e91a340b6ebf0e6d324e52b674a26e136ce9c81372218ae460c4ee1bcc0be4cdc6b5d7cfb39b3a973ba5e9692c3af3a33832d17d953b00247243e8881d616e7c3c1ef939df2d8de00de12b964ae4a4b1eaef04bedf5435e64633d38c751912bff67a669c5cca689312bd6d94120589c110e384adcd78070e408aa9757266d2e9bfddc94203eb4d19e30f6f34be88bece57f1a2540443d976886893cf542f10621777a451a008aed672059f3313c52e19cf5da8921c9325028e4d6fe6a9de842f1275a86a59ade48a44feeaecf2c9b60003e26622d9e7ecb75e16f1e385fa6ab4a9e500cbcb32101bfcd92a1d244669fea505c5083ac9b5c57ccfd82a533403b62146a68f8481fcd87df5820aa9168362944072d74c6974e3728e16e160c3cf65ad4c558165a130c0e84dc8cdbf44c4a19545768d875ac0f3b07d85fad6337c8a4b5cc0e76f664afb9695c4379231d140db4eb21cdfe810120ab7f84b2dab54a6a8a367a17d07f61178ac2a28d94816d9ac865013715a630991e5389a8621fe904afdb147ae65fa1bb224102c6e1ab379fb8d05377d57e2535fabfde2e604c5cd0873418bc9faaeed167e599e118436c989192a28d4f4211771609c0c4801f1c6377dfa3f4d50fb959fdbdd13403d3e7a16422f6de53708bfaaba2a12a8e492cda81eb53af382908872c3ab73a752e526b3f725dfedfb222f0c95be9bf71c1c0491bfbaa64ac981b8536931dac2c52c06513e924c6530a7b71a505db49909010419339f873a559de6bd29aabb3ab601c5c03edd9e8b19390cabe774717bbad6b725ec3d0b1e26353ac9187536c1c1f12173b0986ba0fe2b9aa43aea7481685aba5b1f4a20dbee5552605d6e6ced9bceb18060b6d9d2f7ec56d656b7f624ce15dd8f744603aebbe1aeaf7b5e64c589c536c31c7b5672be9a7c5faabc3d9ddc86ff88f4b6e4550b37e0447b4248c79ac6a0ac0d3220e00fd0f510e9faceb724343d33ffb576e34d8733d4df04be11c1c302b9bc2bb7b7445f4c1049414f7a1326ee57ef8423493240fbcf19fed8ab57b2eacf4a72c97edd0918f10682ff92b7c50c9e5858c5d88cc1a4249bc8d2511525eb524a51c7496fcc1005b34feba956f44e7c0998ebea59bafcb6054d508e5f1914f68f66697f270cebfdaf1d30a5956aabbad0fa98c0ab3525d5c60498b7e5a97bcceaf477d4c3ebb1fa9142d86ac58822681a301cfdadd699803635938b14cafefaddf6969a50d1c7d0774edf30bcf16bfde5f21c8b03b8d4a4af24673ae97fab22f5f1dd5e6fbf922c257624a8420410838403daccbdba210223d24e6f6f1d623e3b0196cc752d32a83cb66ff42c316f4403aeaf28d61149a14b02d416ce0dd0c3840326c1564729290d798ad000521e007af3da2da16001702065af6a3d9d127b5d26f18b2b95a097ccfcd4ed6124bb6e00d63cb42dba1f875aa49473d9815e25b8813dca09a43304c0a800d452eb6d694c79af2834f56bebd2d69018e7c11a80ab678e12f31965a6d027e645211cb123abba69fc0fbf8fbf9912b4939acc2e92e0a0e883f2ca31cb8461fbb4d3ea4b3b77914f31568c4f2b3c6c059d86cbe960fa56a55da554f0f9edeadeac9c28e4328a6520ec28378ef17b2279953282c19adb748d35c40054cc2920a0220190959750011ff3939a78baa16c37f6996377d11bffb4d8e8585e6beca863b6ca297881886bed8521c78d9016a9a40bb2edc1c00aed8197153cf7a0593137923c9b8d550997a1d2b2f4f6a487723f149547153a7bc16698b82dcfbc2c6df37bf12d161722417c0cb31bda1bea05c47fa411c0c8a021b63c9522db0982195bc8b806c54ddb3f648b413d7912097eb9d29755a519950420f3877105a52d2240b34fd628fa04ceb0b063fed87fa5b8d34e080bdc0b96753936f528b0863298b57c58976a86fba689755596fedd8456b310dacf4c859d4edaaf0d6691f27b18155c91d547e2f9e640ff08920af6373e792db5a11f7398f3d457f914253e0ebbd81f0fee4d92956445287ae9d62ad0c1e895cb8d5d809bc7d5e3ef55950a0d79c70d8ecbcb820138ed52af71d8849180338881b92456782ef63e56e997f4eee5ea510d1eeba7c22778855fe9d196d4c06c1111d7be8356d6f6118255212c2abc2a8118b5caa93e568e2442e92fe39e6acd6299636b5128c90df129f5b416d259f9f0b10365d4774f4a9c5ddec4261c563029c688ca59410200cad27a66869b944eca24a566101d6f31d25398e1361adc9c8e40624186110659dc560486957c8a963472c379dcd1d32966f114b00b3ad71c8f0da6cd230829708319989bbf75953b060c382888ff3c771fa4794264d90b30fd2dac55e34a87f934086e48eb2e2d739a3a66d4cb2e02efd41778c3ce40c35f62eb2e812e437df837f2acb56a8ccc76bc7006b8d511db092c602e70c16613175dd9682cc5d8b68682a7906bb67f702ccfb165ebaebba91b1e75d5eb1327687b2cd3ceb9b72c4f5d3c85a4b60ac784e26db1b77f1e8466da99bbfb1fc28852a2b3f49086e698e32f767ca1451c9c0221978c11e4f3bd064e2fb8a795dac07655acde72d370b1f8e66fc9458f2d5743f86cc553edd3f0f2e4c3bfc91eee08caa8e40149dfd1e183f7f9f023451d940e588dab567973c79d130cf82020609b30fa4a56338c1a0e980fbe89dc1e4224969fc495c2f498526ca4b1c092baa52e2f67c26ba151bd9d103ffe80ba1e7f9729be70c346966aa20b486d22e0edee93f16b8ba616627b306739e50cc80f0667063fa80a45a57cc4ccf35ddee17a49c14fed517bcc8c4623fc8a1682f220ebe98b6fa933115b26ac29b59f24b286a2f4e89dd270c0e984a280011432ab03e9ceff777b0b21615f1b7177c8266bdf86cca01abdeb1f380ae65a4ab9ff41052d3c5f60318fb012982f8635cee85525e69ccf8aa350a0686d12a344951940ac74b0aad752cbba2aa5982a7e3649aaec53edb3651a4473d734baf7047728d0e5399a235bc199dbe31e286fb84ae32006d3886170e1e116a7923cd58e3d02bc3702ca8531ab5dcc07f36949246d9d4df23a9854b0665d602c45aa6337773c271946496ce99c77c1b17f2cdef2838771f0295c23a7fed314ccb7710bd79e71b9765a693a35ee4f1ff3444e69ce3af9ccd339dd73853d5ec768ada645501cf66a90ffdefc45e989a4558b829b0c2e8fd566f9e72a789d4588f4a5aea55dcdfd6d9db4c07872d839459c17879264188d066954ad1e5252a98c4fb4dd13a96a74dbd65c53436c9ab4a3e459d5ff86bae860127b3053bd39a9ac85fb4ea608ed5f541ba566b99f3c193c5f24162dc1ca7af453c3dd3bc7bb21856156e4e55703eb0fa5a3d8d02126c1b3925bab9590c07238a37d9c4ce7405210c28c0157e634ec283ca2d5a9f8fd03d60a64a87af536e49886f7891032002e313cc9ec4fa8fdb31c6b497e90c175ba3b441d388f26f7405b151210f240fad647a392f324c8e2a6dc8f8437a4b143555c8894548408dfbea22a119b63749c11cb39f1dc5e285807180f07d07d482b00436fcb1a4af710afa11fcf1f46beb19aeb51e2abb2998ce8ae550e13a59b4be3ebf3a6a0e71280aeeb5c21a63bf418feabc0dc7ec17770e09c0cc05aecc66ca84ef91481c071785bff15979c4094e85740fa1846500609bd095c0bf6a00ce04af4c33214f4353d9fe5f7008e048c000cf2c0f1a41741f4657eee22b354b6c2dc82d48cc86cbd8d7fba967253e38e1c3609be88b5e65f80117755efcd0c7e670074a8e2023716ce8a121ed962504d49ad7c431d07fd101e87911d47a250630dba48d6c4f45a75f2a89f70590ce3bb05f9817fff144d065fd82584af456cb3eac6c965dc02ab6fac02bda007f5a8969259fceeb569d2b11b8bf5a4e4a6cd0ed25829be934b00bbb5a60942a76c80e3958b2c890a3e41c23347b8f7593c08e336835c5a8eb19e46210ed8d7a131bb947e60a0a364a28875844a2535c56bec1a3338e1f00f364cfc713db3d5ea43e01a252410fcaf59d1dd67e2fceef493e23a2e8caccc8cb3428e95ef240343267f3d42793faa61d772c2329b2d9ac77900dcc555a90a4884183fcf0aced38b4115b7605f1c37a1a071d732594606e9b5b08e42b02a5394783ca137f023e286338a361803867ff7981b246622a5b78582f19c5685fc90594ad9b78b12eb54fa836a0b94832b9fbbba5b6e51024e4349393e0a7cb99bed1b94a50d78887ba320ec2cbd15fb99456723e8d05bd44f5075b1fea59a78646197306f19a5b402fd3e04e8cd3d0384f3aae2f40e6ed20152c1382e069dd0cf49c1996539128e5cdb084b8cf3b98e36ff5da38a80fcfd9e6d1f45e30ee9cae944f7e8bb5824267436d128e0783c0e62d3dc6d6e9503893ccba6578c0b2a6883ec06ea50f27d1902bc0e4b4293c509ee9f683f4cdf7744342216e8c1cb113e6ce64b58ea03611de75f40f37d29cb711675891a0b89106b179f3e7817725faf5820b96211ea23217edda32a4a98d583ba3299f48e465e414c3fe936306a811cd6b894ebcd48b44c29b6358a1ef1a94946fe44608cce1d0a011e184f4a3ce81767b8681867d8de1b98c0a73cb74a3076781492f1e4351eefee5b602d6a83bd8aa47b57ae3ab76a6df318c2d5ff384306bb716984407da136c15a9f8e77e68775da49e8055", 0x1000}, {&(0x7f00000063c0)="e426a5fa4f324002f40ce5e1e9fb5013812fc10750f67ca82e40301f9132683ba9da652b7dc8568e6b9aeaecaa9c6d429db68dd9e37b2c055cd062eed29143b0cdbd428373b219656f19e1a58bc843a36006be8072e892721546d5106857dde501be563d27d402bc1d1d188d3ce7e5d8", 0x70}], 0x9, &(0x7f0000006500)=[{0xd0, 0x103, 0x5, "6067cb6d430f1d31e823ca660abf77a9b4f89dd2010636185546915825036f5dc83142582448f66686382d3c0b7489017be0fe3e1d6e13f4656e45742539f825c905bd8ebed8c6f2df6aa9bf45f0958d9efaa221412727657cafa0a5ada1c8ccfa31c2542d2749eea638297440a9c0362d2a0ea0015789bb47245ce4fa704cc333bdb908c9bbbde099a0c79b31585f43363b9f8f5519b938dbf6fed9c1c5c53032c084d8ceb33e83d32156353d85b36ead96efac31b1358516d770dcd4"}, {0x80, 0x118, 0x8, "96db66b64b6454967e912eb87f64c6fad1c464dd8f26590c3278f81cf02871118a7650ae8075e10a210db87726b7cbd2b2b46d1670b1506d9ba342bf2a4c1cd34d5ab9539aec5914d831a6b1a05f39fd7596f29bca52a4ca2e1db8dcc92dfdc1eaeb42929730411c86642bbfa5869b46"}], 0x150, 0x40000}, 0x1}], 0x7, 0x4000001) connect$inet6(r0, &(0x7f000000cfe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) write$binfmt_elf64(r0, &(0x7f0000000000)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) 23:02:29 executing program 4 (fault-call:7 fault-nth:22): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:29 executing program 2: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0x40286608, &(0x7f0000000440)={0x2000000000000157, &(0x7f0000000400)}) clone(0x8000000, 0x0, 0xfffffffffffffffe, &(0x7f0000000180), 0xffffffffffffffff) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000008c0), &(0x7f0000000900)=0xc) r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000140), &(0x7f0000000080)=0xc) pipe2(&(0x7f0000000800)={0xffffffffffffffff}, 0x84800) ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000a00)) accept(0xffffffffffffffff, &(0x7f0000007ec0)=@can, &(0x7f0000000880)=0x80) ioctl(r0, 0xfffffffffffffe00, &(0x7f0000000640)="c0e8991b250e3fde541573a273fd4a28dfc2") sendmmsg(0xffffffffffffffff, &(0x7f000000a7c0)=[{{&(0x7f0000008480)=@pppoe={0x18, 0x0, {0x0, @empty, 'nr0\x00'}}, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000940)="f08dde6c7936de7741fe077abc0be5d145922c1ff2131670b3300f2d0404db39a8bd07e4cbe1a64b560d69e4b4a65124c8bbf813c923e0709c3996148d52c617c432a880d2f1090e567bca4db5c57a9d460acd34e4629c9278bbea7de412bc0ca4cc4529bb4e522d23b6e01113a8ef843bb5366bc2051c66230d3083cb0646b31b0e114a6dca7e88aebf454289dba7625ad2324c2bf952f0b257bd3c7f0fb741a8efa56197ea9331236b986fd3a02eda7355e3c2ae68", 0xb6}], 0x1, &(0x7f00000085c0), 0x0, 0x800}, 0x9}], 0x1, 0x80) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x1000000, @remote, [0x3f000000, 0x700]}, 0x10, &(0x7f0000000100), 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {&(0x7f0000000040)=""/156, 0x80328}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}, {&(0x7f00000001c0)=""/67, 0x43}, {&(0x7f0000000240)=""/198, 0xc6}, {&(0x7f0000000140)=""/15, 0xf}, {&(0x7f0000000340)=""/54, 0x7ffff}, {&(0x7f0000000380)=""/42, 0x2a}, {&(0x7f00000003c0)=""/77, 0x4d}, {&(0x7f0000000440)=""/244, 0xf4}, {&(0x7f0000000540)=""/219, 0xdb}], 0x5}}], 0x48}, 0x0) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000680)) [ 358.650335] FAULT_INJECTION: forcing a failure. [ 358.650335] name failslab, interval 1, probability 0, space 0, times 0 [ 358.662367] CPU: 1 PID: 13253 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 358.669785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 358.670113] rdma_op 0000000098edbc8a conn xmit_rdma (null) [ 358.679138] Call Trace: [ 358.679170] dump_stack+0x1c4/0x2b4 [ 358.679196] ? dump_stack_print_info.cold.2+0x52/0x52 [ 358.679218] ? __kernel_text_address+0xd/0x40 [ 358.679242] ? unwind_get_return_address+0x61/0xa0 [ 358.679273] should_fail.cold.4+0xa/0x17 [ 358.679302] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 358.715721] ? save_stack+0xa9/0xd0 [ 358.719368] ? graph_lock+0x170/0x170 [ 358.723188] ? kasan_slab_alloc+0x12/0x20 [ 358.727344] ? kmem_cache_alloc+0x12e/0x730 [ 358.731686] ? mmu_topup_memory_caches+0xf7/0x390 [ 358.736538] ? kvm_mmu_load+0x21/0xfa0 [ 358.740466] ? vcpu_enter_guest+0x3dbe/0x6380 [ 358.744978] ? graph_lock+0x170/0x170 [ 358.748794] ? ksys_ioctl+0xa9/0xd0 [ 358.752430] ? __x64_sys_ioctl+0x73/0xb0 [ 358.756499] ? do_syscall_64+0x1b9/0x820 [ 358.760570] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.765961] ? find_held_lock+0x36/0x1c0 [ 358.770038] ? __lock_is_held+0xb5/0x140 [ 358.774121] ? ___might_sleep+0x1ed/0x300 [ 358.778284] ? arch_local_save_flags+0x40/0x40 [ 358.782908] __should_failslab+0x124/0x180 [ 358.787161] should_failslab+0x9/0x14 [ 358.790974] kmem_cache_alloc+0x2be/0x730 [ 358.795133] ? vmx_flush_tlb_gva+0x380/0x380 [ 358.799549] ? print_usage_bug+0xc0/0xc0 [ 358.803632] ? ima_get_action+0x7e/0xa0 [ 358.807678] ? mmu_topup_memory_caches+0xf7/0x390 [ 358.812533] mmu_topup_memory_caches+0xf7/0x390 [ 358.817219] kvm_mmu_load+0x21/0xfa0 [ 358.820945] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 358.825893] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 358.831446] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 358.836051] vcpu_enter_guest+0x3dbe/0x6380 [ 358.840404] ? emulator_read_emulated+0x50/0x50 [ 358.845089] ? vmx_vcpu_load+0xb06/0x1030 [ 358.849260] ? vmx_write_tsc_offset+0x680/0x680 [ 358.853940] ? graph_lock+0x170/0x170 [ 358.857783] ? lock_downgrade+0x900/0x900 [ 358.861945] ? check_preemption_disabled+0x48/0x200 [ 358.866974] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.872525] ? check_preemption_disabled+0x48/0x200 [ 358.877550] ? check_preemption_disabled+0x48/0x200 [ 358.882585] ? __lock_is_held+0xb5/0x140 [ 358.886685] ? lock_acquire+0x1ed/0x520 [ 358.890676] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 358.895708] ? lock_release+0x970/0x970 [ 358.899692] ? kvm_gen_update_masterclock+0x350/0x350 [ 358.904893] ? kvm_arch_dev_ioctl+0x630/0x630 [ 358.909403] ? preempt_notifier_dec+0x20/0x20 [ 358.914015] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 358.918871] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 358.923912] kvm_vcpu_ioctl+0x72b/0x1150 [ 358.927991] ? kvm_vcpu_block+0x1030/0x1030 [ 358.932329] ? find_held_lock+0x36/0x1c0 [ 358.936412] ? __fget+0x4aa/0x740 [ 358.939884] ? check_preemption_disabled+0x48/0x200 [ 358.939905] ? kasan_check_read+0x11/0x20 23:02:29 executing program 2: ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0x40286608, &(0x7f0000000440)={0x2000000000000157, &(0x7f0000000400)}) clone(0x8000000, 0x0, 0xfffffffffffffffe, &(0x7f0000000180), 0xffffffffffffffff) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000008c0), &(0x7f0000000900)=0xc) r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000140), &(0x7f0000000080)=0xc) pipe2(&(0x7f0000000800)={0xffffffffffffffff}, 0x84800) ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000a00)) accept(0xffffffffffffffff, &(0x7f0000007ec0)=@can, &(0x7f0000000880)=0x80) ioctl(r0, 0xfffffffffffffe00, &(0x7f0000000640)="c0e8991b250e3fde541573a273fd4a28dfc2") sendmmsg(0xffffffffffffffff, &(0x7f000000a7c0)=[{{&(0x7f0000008480)=@pppoe={0x18, 0x0, {0x0, @empty, 'nr0\x00'}}, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000940)="f08dde6c7936de7741fe077abc0be5d145922c1ff2131670b3300f2d0404db39a8bd07e4cbe1a64b560d69e4b4a65124c8bbf813c923e0709c3996148d52c617c432a880d2f1090e567bca4db5c57a9d460acd34e4629c9278bbea7de412bc0ca4cc4529bb4e522d23b6e01113a8ef843bb5366bc2051c66230d3083cb0646b31b0e114a6dca7e88aebf454289dba7625ad2324c2bf952f0b257bd3c7f0fb741a8efa56197ea9331236b986fd3a02eda7355e3c2ae68", 0xb6}], 0x1, &(0x7f00000085c0), 0x0, 0x800}, 0x9}], 0x1, 0x80) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x1000000, @remote, [0x3f000000, 0x700]}, 0x10, &(0x7f0000000100), 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {&(0x7f0000000040)=""/156, 0x80328}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}, {&(0x7f00000001c0)=""/67, 0x43}, {&(0x7f0000000240)=""/198, 0xc6}, {&(0x7f0000000140)=""/15, 0xf}, {&(0x7f0000000340)=""/54, 0x7ffff}, {&(0x7f0000000380)=""/42, 0x2a}, {&(0x7f00000003c0)=""/77, 0x4d}, {&(0x7f0000000440)=""/244, 0xf4}, {&(0x7f0000000540)=""/219, 0xdb}], 0x5}}], 0x48}, 0x0) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000680)) [ 358.939926] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 358.939943] ? rcu_bh_qs+0xc0/0xc0 [ 358.939970] ? __fget+0x4d1/0x740 [ 358.939993] ? ksys_dup3+0x680/0x680 [ 358.940008] ? find_held_lock+0x36/0x1c0 [ 358.940033] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 358.940057] ? kvm_vcpu_block+0x1030/0x1030 [ 358.940075] do_vfs_ioctl+0x1de/0x1720 [ 358.940090] ? __lock_is_held+0xb5/0x140 [ 358.940110] ? ioctl_preallocate+0x300/0x300 [ 358.940130] ? __fget_light+0x2e9/0x430 [ 358.949289] ? fget_raw+0x20/0x20 [ 358.949309] ? __sb_end_write+0xd9/0x110 [ 358.949330] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 358.949343] ? fput+0x130/0x1a0 [ 358.949360] ? do_syscall_64+0x9a/0x820 [ 358.949383] ? do_syscall_64+0x9a/0x820 [ 358.949404] ? lockdep_hardirqs_on+0x421/0x5c0 [ 359.023745] ? security_file_ioctl+0x94/0xc0 [ 359.028170] ksys_ioctl+0xa9/0xd0 [ 359.030886] rdma_op 000000004b614b5d conn xmit_rdma (null) [ 359.031640] __x64_sys_ioctl+0x73/0xb0 [ 359.031662] do_syscall_64+0x1b9/0x820 [ 359.031680] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe 23:02:29 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x2000805, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) r1 = dup(r0) ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0x4) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5) ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x3) ioctl$UI_DEV_SETUP(r0, 0x5501, &(0x7f0000000300)={{}, 'syz1\x00'}) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)={0x0, @speck128, 0x0, "6559dc4244d71aa2"}) write$uinput_user_dev(r1, &(0x7f0000000880)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5]}, 0x45c) r2 = semget(0x0, 0x3, 0x500) semtimedop(r2, &(0x7f0000000040)=[{0x0, 0x5, 0x800}, {0x1, 0x400, 0x1800}, {0x3, 0x9, 0x800}, {0x3, 0x1, 0x1800}, {0x4, 0xf3e, 0x1800}, {0x5, 0x40, 0x800}], 0x6, &(0x7f0000000080)) [ 359.031698] ? syscall_return_slowpath+0x5e0/0x5e0 [ 359.031714] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.031735] ? trace_hardirqs_on_caller+0x310/0x310 [ 359.031756] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 359.071106] ? prepare_exit_to_usermode+0x291/0x3b0 [ 359.076144] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.081008] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 359.081022] RIP: 0033:0x457569 23:02:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) pipe2(&(0x7f0000000000), 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000014000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000380)="0f20e06635080000000f22e0b800018ee80f23220f017ceb663ef20f58900000109e5e70dbe066b8c66200000f23d00f21f866352000000c0f23f866b90d02000066b8141d000066ba000000000f30660f3829f7", 0x54}], 0x37c, 0x0, &(0x7f00000001c0), 0x10000266) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x4, 0x2000, &(0x7f0000023000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 359.081039] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 359.081048] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 359.081071] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 359.089570] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 359.089580] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 359.089601] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 23:02:29 executing program 4 (fault-call:7 fault-nth:23): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 359.089611] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 359.156416] input: syz1 as /devices/virtual/input/input11 23:02:29 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x804e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000280), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) getsockopt$inet_mreqn(r0, 0x0, 0x0, &(0x7f0000000000)={@rand_addr, @multicast2, 0x0}, &(0x7f0000000040)=0xc) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000280)={{{@in6=@local, @in6=@mcast1, 0x4e22, 0x2, 0x4e24, 0xa95, 0x2, 0xa0, 0x80, 0x0, r1, r2}, {0x0, 0x2, 0x4, 0x300, 0x8, 0x6, 0x6, 0xffffffff7fffffff}, {0x8, 0xfffffffffffffffc, 0x78b1, 0x9}, 0x6, 0x6e6bb9, 0x3, 0x1, 0x2, 0x3}, {{@in=@rand_addr=0x4, 0x4d3, 0xff}, 0xa, @in6, 0x3505, 0x4, 0x1, 0xcaf, 0x3, 0x8, 0x8}}, 0xe8) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000240), 0x4) [ 359.258665] input: syz1 as /devices/virtual/input/input12 23:02:30 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x40, 0x0) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000080)=@req={0x4, 0x400, 0x2, 0xfff}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x8031, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(r0, 0x1, 0x3b, &(0x7f00000002c0), &(0x7f00000000c0)=0xffffffffffffffb9) [ 359.310293] FAULT_INJECTION: forcing a failure. [ 359.310293] name failslab, interval 1, probability 0, space 0, times 0 [ 359.335814] CPU: 1 PID: 13285 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 359.343216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 359.352576] Call Trace: [ 359.355202] dump_stack+0x1c4/0x2b4 [ 359.358880] ? dump_stack_print_info.cold.2+0x52/0x52 [ 359.364091] ? __kernel_text_address+0xd/0x40 [ 359.364115] ? unwind_get_return_address+0x61/0xa0 [ 359.364150] should_fail.cold.4+0xa/0x17 [ 359.373554] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 359.373587] ? save_stack+0xa9/0xd0 [ 359.373616] ? graph_lock+0x170/0x170 [ 359.373645] ? kasan_slab_alloc+0x12/0x20 [ 359.373661] ? kmem_cache_alloc+0x12e/0x730 [ 359.373677] ? mmu_topup_memory_caches+0xf7/0x390 [ 359.373695] ? kvm_mmu_load+0x21/0xfa0 [ 359.407468] ? vcpu_enter_guest+0x3dbe/0x6380 [ 359.411976] ? graph_lock+0x170/0x170 [ 359.415791] ? ksys_ioctl+0xa9/0xd0 [ 359.419426] ? __x64_sys_ioctl+0x73/0xb0 [ 359.423501] ? do_syscall_64+0x1b9/0x820 [ 359.427640] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 359.433036] ? find_held_lock+0x36/0x1c0 [ 359.437114] ? __lock_is_held+0xb5/0x140 [ 359.441199] ? ___might_sleep+0x1ed/0x300 [ 359.445359] ? arch_local_save_flags+0x40/0x40 [ 359.449973] __should_failslab+0x124/0x180 [ 359.454228] should_failslab+0x9/0x14 [ 359.458042] kmem_cache_alloc+0x2be/0x730 [ 359.462198] ? vmx_flush_tlb_gva+0x380/0x380 [ 359.466658] ? print_usage_bug+0xc0/0xc0 [ 359.470762] ? ima_get_action+0x7e/0xa0 [ 359.474763] ? mmu_topup_memory_caches+0xf7/0x390 [ 359.479642] mmu_topup_memory_caches+0xf7/0x390 [ 359.484327] kvm_mmu_load+0x21/0xfa0 [ 359.488061] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 359.493528] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 359.499083] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 359.503692] vcpu_enter_guest+0x3dbe/0x6380 [ 359.508040] ? emulator_read_emulated+0x50/0x50 [ 359.512729] ? vmx_vcpu_load+0xb06/0x1030 [ 359.516909] ? vmx_write_tsc_offset+0x680/0x680 [ 359.521617] ? graph_lock+0x170/0x170 [ 359.525433] ? lock_downgrade+0x900/0x900 [ 359.529607] ? check_preemption_disabled+0x48/0x200 [ 359.534637] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 359.540184] ? check_preemption_disabled+0x48/0x200 [ 359.545230] ? check_preemption_disabled+0x48/0x200 [ 359.550268] ? __lock_is_held+0xb5/0x140 [ 359.554387] ? lock_acquire+0x1ed/0x520 [ 359.558385] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 359.563421] ? lock_release+0x970/0x970 [ 359.567412] ? kvm_gen_update_masterclock+0x350/0x350 [ 359.572630] ? kvm_arch_dev_ioctl+0x630/0x630 [ 359.577152] ? preempt_notifier_dec+0x20/0x20 [ 359.581671] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 359.586524] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 359.591571] kvm_vcpu_ioctl+0x72b/0x1150 [ 359.595658] ? kvm_vcpu_block+0x1030/0x1030 [ 359.600001] ? find_held_lock+0x36/0x1c0 [ 359.604084] ? __fget+0x4aa/0x740 [ 359.607576] ? check_preemption_disabled+0x48/0x200 [ 359.612657] ? kasan_check_read+0x11/0x20 [ 359.616840] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 359.622134] ? rcu_bh_qs+0xc0/0xc0 [ 359.625700] ? __fget+0x4d1/0x740 [ 359.629173] ? ksys_dup3+0x680/0x680 [ 359.632902] ? find_held_lock+0x36/0x1c0 [ 359.637000] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 359.641974] ? kvm_vcpu_block+0x1030/0x1030 [ 359.646312] do_vfs_ioctl+0x1de/0x1720 [ 359.650214] ? __lock_is_held+0xb5/0x140 [ 359.654290] ? ioctl_preallocate+0x300/0x300 23:02:30 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fstatfs(r0, &(0x7f0000000700)=""/57) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000800)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000cc0)={0x7f, {{0xa, 0x4e21, 0x87, @remote, 0x100}}, {{0xa, 0x4e22, 0x8001, @loopback, 0x3}}}, 0x108) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f00000001c0)={0xffffffffffffffff}) r4 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x100082) tee(r4, r3, 0x4, 0xe) r5 = memfd_create(&(0x7f0000000c80)='[trusted$\x00', 0x100000000) fsync(r2) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f00000004c0)={{{@in=@multicast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@dev}}, &(0x7f0000000740)=0xe8) quotactl(0x1000, &(0x7f0000000340)='./file0\x00', r6, &(0x7f0000000900)="b3953b6324374e987efe0d899ed59a5eff1554e761e7908b639025f76f154f895790ced95cdbb8356e6bce2483e6248025d8507b09a5319a6af4c8c76fc5086aa24500b7a9485eb9bf557b03c528069f73da61dde177883bd41157a72c340d3fff4d76ded092376b6e8af7fa7171b165a9be427319f268b9e6202327656eeea71d789132a816515ac404a8499f5cfa0bf497c01a9945d072e645b3bc06a7e9e6d90e3a041f9e0aeeb08a827ac7330e8ef8f0a32fdb4ddbb39a1c49b401cda6ccd95bbc490ed61297d8a9a21cd2b5941b70843bf6ad607eda3cadcb7e") pwritev(r5, &(0x7f00000000c0)=[{&(0x7f00000005c0)='\'', 0x1}], 0x1, 0x81806) sendto$inet6(0xffffffffffffffff, &(0x7f00000002c0)="d9aa00", 0x3, 0x40000, 0x0, 0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000007c0)={@empty, 0x41}) mlockall(0x0) getpeername$unix(0xffffffffffffffff, &(0x7f0000000a00), &(0x7f0000000300)=0x6e) ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f0000000080)) ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5) sendfile(r4, r5, &(0x7f0000000240)=0xe, 0x20000102000007) getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000ac0)={{{@in=@loopback}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000780)=0xfffffebd) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000180)=0xc) removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=@random={'btrfs.', ')em1.-\x00'}) getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000380)={'filter\x00', 0x0, 0x4, 0x27, [], 0x0, &(0x7f00000001c0), &(0x7f0000000200)=""/39}, &(0x7f0000000400)=0x78) ioctl$EVIOCGBITKEY(r5, 0x80404521, &(0x7f0000000440)=""/123) ioctl$FICLONE(r5, 0x40049409, r0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x500ffe, 0x0) ioctl$EVIOCGKEYCODE(0xffffffffffffffff, 0x80084504, &(0x7f0000000600)=""/247) [ 359.658715] ? __fget_light+0x2e9/0x430 [ 359.662714] ? fget_raw+0x20/0x20 [ 359.666194] ? __sb_end_write+0xd9/0x110 [ 359.670283] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 359.675843] ? fput+0x130/0x1a0 [ 359.679131] ? do_syscall_64+0x9a/0x820 [ 359.683118] ? do_syscall_64+0x9a/0x820 [ 359.687100] ? lockdep_hardirqs_on+0x421/0x5c0 [ 359.691700] ? security_file_ioctl+0x94/0xc0 [ 359.696127] ksys_ioctl+0xa9/0xd0 [ 359.699641] __x64_sys_ioctl+0x73/0xb0 [ 359.703562] do_syscall_64+0x1b9/0x820 [ 359.703580] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 359.703608] ? syscall_return_slowpath+0x5e0/0x5e0 [ 359.703628] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.712870] ? trace_hardirqs_on_caller+0x310/0x310 [ 359.712887] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 359.712905] ? prepare_exit_to_usermode+0x291/0x3b0 [ 359.712928] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.712957] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 359.747762] RIP: 0033:0x457569 [ 359.750963] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 359.769873] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 359.777606] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 359.784883] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 359.792160] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 359.792170] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 359.792179] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 359.870234] print_req_error: I/O error, dev loop0, sector 124 [ 359.877630] print_req_error: I/O error, dev loop0, sector 8 [ 359.883453] Buffer I/O error on dev loop0, logical block 2, lost async page write [ 359.891216] print_req_error: I/O error, dev loop0, sector 12 [ 359.897031] Buffer I/O error on dev loop0, logical block 3, lost async page write [ 359.904988] print_req_error: I/O error, dev loop0, sector 16 [ 359.910867] Buffer I/O error on dev loop0, logical block 4, lost async page write 23:02:30 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) execve(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=[&(0x7f0000000040)="70726f632f3a2e6370757365742447504c2e867b5c7472757374656400", &(0x7f0000000080)='-ppp0ppp1wlan1\x00', &(0x7f0000000180)='[(securityself\'user\\\x00'], &(0x7f0000000300)=[&(0x7f0000000200)='lo@\\\x00', &(0x7f0000000240)='\x00', &(0x7f0000000280)=').bdev*md5sum*[:\x00', &(0x7f00000002c0)='mime_type)\x00']) [ 359.918530] print_req_error: I/O error, dev loop0, sector 20 [ 359.924444] Buffer I/O error on dev loop0, logical block 5, lost async page write [ 359.932200] print_req_error: I/O error, dev loop0, sector 24 [ 359.938012] Buffer I/O error on dev loop0, logical block 6, lost async page write [ 359.945761] print_req_error: I/O error, dev loop0, sector 28 [ 359.951865] Buffer I/O error on dev loop0, logical block 7, lost async page write [ 359.959625] print_req_error: I/O error, dev loop0, sector 32 23:02:30 executing program 0: r0 = gettid() r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x401, 0x40000) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000040)=""/42) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f00000014c0)) msgsnd(r2, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:30 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/rfkill\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000040)="390000001300090468fe0704000000000000ff3f03000000450001070000001419001a0015000a00040008004000000800005d14a4e91ee438", 0x39}], 0x1) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000100)=&(0x7f0000000080)) ioctl$KVM_GET_MP_STATE(r1, 0x8004ae98, &(0x7f0000000000)) ioctl$KVM_SET_TSC_KHZ(r0, 0xaea2, 0x3f) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000000140)=0xfffffffffffffffb, 0x8) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000180)={'HL\x00'}, &(0x7f00000001c0)=0x1e) 23:02:30 executing program 4 (fault-call:7 fault-nth:24): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:30 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x12) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000040)=0x1b, 0x4) writev(r0, &(0x7f0000fdbff8)=[{&(0x7f0000ac9000)="290000002000190000003fffffffda060200000000e80001040000040d000300ea1100000005000000", 0x29}], 0x1) [ 359.959644] Buffer I/O error on dev loop0, logical block 8, lost async page write [ 359.959676] print_req_error: I/O error, dev loop0, sector 36 [ 359.973223] Buffer I/O error on dev loop0, logical block 9, lost async page write [ 359.981430] print_req_error: I/O error, dev loop0, sector 40 [ 359.986662] Buffer I/O error on dev loop0, logical block 11, lost async page write [ 359.992741] Buffer I/O error on dev loop0, logical block 10, lost async page write [ 360.062045] FAULT_INJECTION: forcing a failure. [ 360.062045] name failslab, interval 1, probability 0, space 0, times 0 [ 360.100850] CPU: 0 PID: 13312 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 360.108236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.117599] Call Trace: [ 360.120219] dump_stack+0x1c4/0x2b4 [ 360.123884] ? dump_stack_print_info.cold.2+0x52/0x52 [ 360.129108] ? __kernel_text_address+0xd/0x40 [ 360.133632] ? unwind_get_return_address+0x61/0xa0 [ 360.138606] should_fail.cold.4+0xa/0x17 [ 360.142687] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 360.147806] ? save_stack+0xa9/0xd0 [ 360.151449] ? graph_lock+0x170/0x170 [ 360.155264] ? kasan_slab_alloc+0x12/0x20 23:02:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000180)="2e65f32efe0a6766c7442400008000006766c7442402000000006766c744240600000000670f011c24b866000f00d066b88044a2b20f23c80f21f866350400d0000f23f80f0766b80500000066b9080000000f01c10f0766b8010000000f01c10f01dfb835008ee0", 0x68}], 0xaaaaab9, 0x0, &(0x7f0000000280)=[@cstype3={0x5, 0x4}], 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe4000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000400)="66b9800000c00f326635000400000f300fc71e4425749e66b8eab9ffdd0f23d80f21f86635400000100f23f866b8ef6700000f23c00f21f8663501000f000f23f866b9860b000066b80300000066ba000000000f306666660fd5ef66b8ca9300000f23d00f21f86635100000010f23f8ba6100ec66b80d0000000f23d00f21f866351000000e0f23f8", 0x89}], 0x1, 0x0, &(0x7f0000000180), 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(0xffffffffffffffff, 0x4040ae75, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x100}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) userfaultfd(0x400000000000bfc) listen(0xffffffffffffffff, 0x5) gettid() r3 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x400) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f00000004c0)={0x16, 0x98, 0xfa00, {&(0x7f0000000340)={0xffffffffffffffff}, 0x3, 0xffffffffffffffff, 0x1c, 0x0, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1f}}}}, 0xa0) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r3, &(0x7f0000000380)={0x11, 0x10, 0xfa00, {&(0x7f0000000300), r4}}, 0x18) geteuid() lstat(&(0x7f0000001880)='./file0\x00', &(0x7f00000018c0)) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x4000, 0x0) setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f0000000200)=@req3={0x1, 0x5, 0x1, 0x2, 0x8, 0x6, 0xffffffffffffffff}, 0x1c) sendmmsg$unix(r0, &(0x7f0000001980)=[{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000017c0)=[{&(0x7f00000016c0)="6097f91441e93fb6363bca2540cf28fc33d41866c85f7a0af7c5adc4936199587d9faef232f0c1106ef4fbc280421cf9f4c9ad410aea24a8a36f38cd5aa6bd2383c0df5d282bfb6e7d7644c9b9fa8b96e44748e9804ebaaf63766ab793e89e7d1b8e0c955e3fd37cd87b4dd18b9ccfaec6e8750da930cc827e0df5b3734f5a739e7dd0eab0e2fbd4d750a5aa38b1d7c30350a3a679419de52b24435ce5d3c56e6e42a07b22e0affc05", 0xa9}], 0x1, &(0x7f0000001940), 0x0, 0x4000011}], 0x1, 0xb245365f2852ab74) syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x0, 0x0) clone(0x0, &(0x7f0000000240), &(0x7f00000001c0), &(0x7f0000000140), &(0x7f0000000200)) [ 360.159429] ? kmem_cache_alloc+0x12e/0x730 [ 360.163791] ? mmu_topup_memory_caches+0xf7/0x390 [ 360.163805] ? kvm_mmu_load+0x21/0xfa0 [ 360.163836] ? vcpu_enter_guest+0x3dbe/0x6380 [ 360.163856] ? graph_lock+0x170/0x170 [ 360.172572] ? ksys_ioctl+0xa9/0xd0 [ 360.172587] ? __x64_sys_ioctl+0x73/0xb0 [ 360.172644] ? do_syscall_64+0x1b9/0x820 [ 360.172661] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.172698] ? find_held_lock+0x36/0x1c0 [ 360.202326] ? __lock_is_held+0xb5/0x140 [ 360.206407] ? ___might_sleep+0x1ed/0x300 [ 360.210562] ? arch_local_save_flags+0x40/0x40 [ 360.215166] __should_failslab+0x124/0x180 [ 360.219408] should_failslab+0x9/0x14 [ 360.223215] kmem_cache_alloc+0x2be/0x730 [ 360.227361] ? vmx_flush_tlb_gva+0x380/0x380 [ 360.231777] ? mark_held_locks+0xc7/0x130 [ 360.235928] ? mmu_topup_memory_caches+0xf7/0x390 [ 360.240781] mmu_topup_memory_caches+0xf7/0x390 [ 360.245460] kvm_mmu_load+0x21/0xfa0 [ 360.249183] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 360.254138] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 360.259678] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 360.264268] vcpu_enter_guest+0x3dbe/0x6380 [ 360.268613] ? emulator_read_emulated+0x50/0x50 [ 360.273292] ? vmx_vcpu_load+0xb06/0x1030 [ 360.277449] ? vmx_write_tsc_offset+0x680/0x680 [ 360.282118] ? graph_lock+0x170/0x170 [ 360.285918] ? lock_downgrade+0x900/0x900 [ 360.290072] ? check_preemption_disabled+0x48/0x200 [ 360.295092] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.300632] ? check_preemption_disabled+0x48/0x200 [ 360.305653] ? check_preemption_disabled+0x48/0x200 [ 360.310688] ? __lock_is_held+0xb5/0x140 [ 360.314759] ? lock_acquire+0x1ed/0x520 [ 360.318735] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 360.323759] ? lock_release+0x970/0x970 [ 360.327856] ? kvm_gen_update_masterclock+0x350/0x350 [ 360.333058] ? kvm_arch_dev_ioctl+0x630/0x630 [ 360.337556] ? preempt_notifier_dec+0x20/0x20 [ 360.342076] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 360.346936] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 360.351971] kvm_vcpu_ioctl+0x72b/0x1150 [ 360.356038] ? kvm_vcpu_block+0x1030/0x1030 [ 360.360367] ? find_held_lock+0x36/0x1c0 [ 360.364439] ? __fget+0x4aa/0x740 [ 360.367903] ? check_preemption_disabled+0x48/0x200 [ 360.372940] ? kasan_check_read+0x11/0x20 [ 360.377097] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 360.382378] ? rcu_bh_qs+0xc0/0xc0 [ 360.385935] ? __fget+0x4d1/0x740 [ 360.389400] ? ksys_dup3+0x680/0x680 [ 360.393115] ? find_held_lock+0x36/0x1c0 [ 360.397185] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 360.402124] ? kvm_vcpu_block+0x1030/0x1030 [ 360.406449] do_vfs_ioctl+0x1de/0x1720 [ 360.410342] ? __lock_is_held+0xb5/0x140 [ 360.414407] ? ioctl_preallocate+0x300/0x300 [ 360.418818] ? __fget_light+0x2e9/0x430 [ 360.422797] ? fget_raw+0x20/0x20 [ 360.426254] ? __sb_end_write+0xd9/0x110 [ 360.430325] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 360.435863] ? fput+0x130/0x1a0 [ 360.439157] ? do_syscall_64+0x9a/0x820 [ 360.443138] ? do_syscall_64+0x9a/0x820 [ 360.447130] ? lockdep_hardirqs_on+0x421/0x5c0 [ 360.451739] ? security_file_ioctl+0x94/0xc0 [ 360.456173] ksys_ioctl+0xa9/0xd0 [ 360.459637] __x64_sys_ioctl+0x73/0xb0 [ 360.463547] do_syscall_64+0x1b9/0x820 [ 360.467436] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 360.472809] ? syscall_return_slowpath+0x5e0/0x5e0 [ 360.477739] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.482583] ? trace_hardirqs_on_caller+0x310/0x310 [ 360.487618] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 360.492665] ? prepare_exit_to_usermode+0x291/0x3b0 [ 360.497705] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.502556] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.507785] RIP: 0033:0x457569 [ 360.510983] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 360.529916] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.537644] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 360.544931] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 360.552213] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 23:02:31 executing program 2: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write$tun(r1, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x1) write(r2, &(0x7f00000001c0), 0xfffffef3) ioctl$SG_SCSI_RESET(r0, 0x2284, 0x0) tee(r0, r2, 0x400ffffffff, 0x2) [ 360.559479] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 360.566747] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:31 executing program 4 (fault-call:7 fault-nth:25): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:31 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) get_mempolicy(&(0x7f00000003c0), &(0x7f0000000400), 0x3, &(0x7f0000ffd000/0x2000)=nil, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) r2 = socket$key(0xf, 0x3, 0x2) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000004c0)=0x0) sched_setscheduler(r3, 0x0, &(0x7f0000000500)=0xd4) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in=@broadcast, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@rand_addr, 0x0, 0x2b}, 0x0, @in, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x800000000000059, 0x0) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(r4, 0x401054d5, &(0x7f0000000100)={0x4, &(0x7f00000000c0)=[{0x5, 0x2, 0x8, 0x7}, {0x100000000, 0x5, 0xfff, 0x7}, {0x7, 0x66, 0xbda, 0x9}, {0x6, 0x40, 0x8001, 0xff}]}) rt_sigaction(0x1, 0x0, &(0x7f0000000600)={&(0x7f0000000580)="65f0fe410040dde2f3ad79058fe830875daf2dc4a16e59942d91300000263e66660f38257900c481f557d2f3446fc4a259ac45fe", {}, 0x0, &(0x7f0000000540)="c4e141db616b98de39c46135685b6ff30f52b0ab1ef7e4c402458e910e0000002e67420f1854b5d2f3dbecc462b2f57f07f30f95c23e8fa858cc2a76"}, 0xffffffffffffff44, &(0x7f0000000640)) ioctl$SG_GET_PACK_ID(0xffffffffffffffff, 0x227c, &(0x7f0000000140)) ioctl$sock_inet_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000080)) pread64(0xffffffffffffffff, &(0x7f00000001c0)=""/242, 0xf2, 0x4e) [ 360.726713] FAULT_INJECTION: forcing a failure. [ 360.726713] name failslab, interval 1, probability 0, space 0, times 0 [ 360.749587] CPU: 1 PID: 13339 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 360.756977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.766340] Call Trace: [ 360.768958] dump_stack+0x1c4/0x2b4 [ 360.772622] ? dump_stack_print_info.cold.2+0x52/0x52 [ 360.777846] ? __kernel_text_address+0xd/0x40 [ 360.782395] ? unwind_get_return_address+0x61/0xa0 [ 360.787347] should_fail.cold.4+0xa/0x17 [ 360.791433] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 360.796549] ? save_stack+0xa9/0xd0 [ 360.800192] ? graph_lock+0x170/0x170 [ 360.804021] ? kasan_slab_alloc+0x12/0x20 [ 360.808186] ? kmem_cache_alloc+0x12e/0x730 [ 360.812524] ? mmu_topup_memory_caches+0xf7/0x390 [ 360.817409] ? kvm_mmu_load+0x21/0xfa0 [ 360.821321] ? vcpu_enter_guest+0x3dbe/0x6380 [ 360.825846] ? graph_lock+0x170/0x170 [ 360.829659] ? ksys_ioctl+0xa9/0xd0 [ 360.833323] ? __x64_sys_ioctl+0x73/0xb0 [ 360.837402] ? do_syscall_64+0x1b9/0x820 [ 360.841474] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.846859] ? find_held_lock+0x36/0x1c0 [ 360.850934] ? __lock_is_held+0xb5/0x140 [ 360.855018] ? ___might_sleep+0x1ed/0x300 [ 360.859180] ? arch_local_save_flags+0x40/0x40 [ 360.863790] __should_failslab+0x124/0x180 [ 360.868068] should_failslab+0x9/0x14 [ 360.871907] kmem_cache_alloc+0x2be/0x730 [ 360.876065] ? vmx_flush_tlb_gva+0x380/0x380 [ 360.880486] ? print_usage_bug+0xc0/0xc0 [ 360.884556] ? ima_get_action+0x7e/0xa0 [ 360.888559] ? mmu_topup_memory_caches+0xf7/0x390 [ 360.893426] mmu_topup_memory_caches+0xf7/0x390 [ 360.898113] kvm_mmu_load+0x21/0xfa0 [ 360.901839] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 360.906783] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 360.912335] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 360.916969] vcpu_enter_guest+0x3dbe/0x6380 [ 360.921334] ? emulator_read_emulated+0x50/0x50 [ 360.926024] ? vmx_vcpu_load+0xb06/0x1030 [ 360.930194] ? vmx_write_tsc_offset+0x680/0x680 [ 360.934877] ? graph_lock+0x170/0x170 [ 360.938693] ? lock_downgrade+0x900/0x900 [ 360.942855] ? check_preemption_disabled+0x48/0x200 [ 360.947908] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.953477] ? check_preemption_disabled+0x48/0x200 [ 360.958538] ? check_preemption_disabled+0x48/0x200 [ 360.963582] ? __lock_is_held+0xb5/0x140 [ 360.967672] ? lock_acquire+0x1ed/0x520 [ 360.971661] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 360.976693] ? lock_release+0x970/0x970 [ 360.980683] ? kvm_gen_update_masterclock+0x350/0x350 [ 360.985883] ? kvm_arch_dev_ioctl+0x630/0x630 [ 360.990395] ? preempt_notifier_dec+0x20/0x20 [ 360.994915] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 360.999766] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 361.004811] kvm_vcpu_ioctl+0x72b/0x1150 [ 361.008923] ? kvm_vcpu_block+0x1030/0x1030 [ 361.013284] ? find_held_lock+0x36/0x1c0 [ 361.017401] ? __fget+0x4aa/0x740 [ 361.020866] ? check_preemption_disabled+0x48/0x200 [ 361.025908] ? kasan_check_read+0x11/0x20 [ 361.030075] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 361.035388] ? rcu_bh_qs+0xc0/0xc0 [ 361.038954] ? __fget+0x4d1/0x740 [ 361.042425] ? ksys_dup3+0x680/0x680 [ 361.046162] ? find_held_lock+0x36/0x1c0 [ 361.050247] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 361.055210] ? kvm_vcpu_block+0x1030/0x1030 [ 361.059574] do_vfs_ioctl+0x1de/0x1720 [ 361.063513] ? __lock_is_held+0xb5/0x140 [ 361.067608] ? ioctl_preallocate+0x300/0x300 [ 361.072058] ? __fget_light+0x2e9/0x430 [ 361.076045] ? fget_raw+0x20/0x20 [ 361.079510] ? __sb_end_write+0xd9/0x110 [ 361.083585] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 361.089138] ? fput+0x130/0x1a0 [ 361.092427] ? do_syscall_64+0x9a/0x820 [ 361.096441] ? do_syscall_64+0x9a/0x820 [ 361.100428] ? lockdep_hardirqs_on+0x421/0x5c0 [ 361.105024] ? security_file_ioctl+0x94/0xc0 [ 361.109446] ksys_ioctl+0xa9/0xd0 [ 361.112916] __x64_sys_ioctl+0x73/0xb0 [ 361.116817] do_syscall_64+0x1b9/0x820 [ 361.120719] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 361.126096] ? syscall_return_slowpath+0x5e0/0x5e0 [ 361.131033] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 361.135888] ? trace_hardirqs_on_caller+0x310/0x310 [ 361.140914] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 361.145940] ? prepare_exit_to_usermode+0x291/0x3b0 [ 361.150978] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 361.155843] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 361.161040] RIP: 0033:0x457569 23:02:31 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x0}, {}, {}, {}]}) ioctl$DRM_IOCTL_GET_CTX(r2, 0xc0086423, &(0x7f0000000200)={r3, 0x2}) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) [ 361.164248] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 361.183154] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 361.190874] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 361.190884] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 361.190893] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 361.190903] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 361.190913] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:31 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000000)={0x5, 0xffffffffffffffff}) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x103040, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000200)='/dev/null\x00', 0x4040, 0x0) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000180)={0xfffffffffffffff9, 0x2, 0x2, 0x0, 0x0, [{r2, 0x0, 0x45}, {r3, 0x0, 0xffffffffffff0da2}]}) 23:02:31 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000b80)=@in6={0xa, 0x4e23, 0x0, @mcast2}, 0x1c, &(0x7f0000001040)}, 0x0) 23:02:31 executing program 4 (fault-call:7 fault-nth:26): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:32 executing program 1: sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000440)=@in={0x2, 0x0, @rand_addr}, 0x10, &(0x7f00000007c0), 0x0, &(0x7f0000000900)=ANY=[], 0x0, 0x20000804}, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000008c0)) fcntl$getflags(r0, 0x40b) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0xffffffffffffffff, r0, 0x0, 0x1, &(0x7f0000000200)='\x00', 0xffffffffffffffff}, 0x30) setsockopt$sock_void(r1, 0x1, 0x0, 0x0, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/pid\x00') socket$inet_tcp(0x2, 0x1, 0x0) fsetxattr$security_ima(0xffffffffffffffff, &(0x7f00000001c0)='security.ima\x00', &(0x7f0000000300)=@md5={0x1, "149b9f43d44925ac5d7590e6b6a9adff"}, 0x11, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000340)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f0000000080)={0x0, 0x6e, 0x20, 0x0, 0xb78}) pwritev(r2, &(0x7f00000003c0)=[{&(0x7f0000000140)="25ee203cde0c87c828b1a2f381df41ae181fe01a7e70590ef0b3af5d2a6e", 0x1e}, {&(0x7f0000000540)="866714878213a0637bcaaffd7560de7e227790081d45e30adab8d072e52d6d8a21c3560fb4062f4ff0ce148c27b6ff0f67b5e5e4923945fdd51d6bbd9c0b40f7aaf819902a4fdb072bf6c6de084c1cf073d50b9921936e05633f345581113e2d2c7cdd70cd20945f4765fee0a2c02efdd299d47d4ebb39cd4b9c8e7849701dd0c04962e9c8b25386c8538a284a863320fa7f30035c63e9ad53327f1c87d811dfe1ded44d44a7e5d7c5cf0fe9dd0a37d2cf2e92c3f4e0b891ef409c4118c4fef22fdf8a7d171d237f0d0b0fd51d478ca35bb26425e62f", 0xd6}], 0x2, 0x0) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e22, 0x2, @mcast1}}, 0x7, 0x200}, &(0x7f0000000000)=0x90) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000040)={r4, 0x8}, &(0x7f0000000100)=0x8) request_key(&(0x7f0000000180)='dns_resolver\x00', &(0x7f00000002c0)={'syz'}, &(0x7f0000000380)='\x00', 0xfffffffffffffffe) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'t\x00'}, &(0x7f0000000400)="520972697374e363757367725669643a4465", 0x0) fremovexattr(r1, &(0x7f0000000640)=@known='trusted.overlay.redirect\x00') 23:02:32 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x40, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x100) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x509040, 0x0) setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000180)={0xba, 0x4, 0x6, 0x3, 0x0, 0x6, 0x5, 0x2, 0xe8, 0x81, 0x2040}, 0xb) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x0, 0x0) fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000000)='trusted.overlay.opaque\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x3) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r3, 0x40085112, &(0x7f0000000040)={{0xffffff92}, {0xffffffe0}}) 23:02:32 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x7f, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) getsockopt$EBT_SO_GET_INFO(r1, 0x0, 0x80, &(0x7f0000000040)={'broute\x00'}, &(0x7f00000000c0)=0x78) r2 = socket$inet(0x2b, 0x1, 0x0) dup3(r0, r2, 0x0) [ 361.419397] FAULT_INJECTION: forcing a failure. [ 361.419397] name failslab, interval 1, probability 0, space 0, times 0 [ 361.468974] CPU: 1 PID: 13362 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 361.476380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 361.485759] Call Trace: [ 361.488385] dump_stack+0x1c4/0x2b4 [ 361.492066] ? dump_stack_print_info.cold.2+0x52/0x52 [ 361.497283] ? __kernel_text_address+0xd/0x40 [ 361.501793] ? unwind_get_return_address+0x61/0xa0 [ 361.506744] should_fail.cold.4+0xa/0x17 [ 361.510828] ? fault_create_debugfs_attr+0x1f0/0x1f0 23:02:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="98"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000010000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000300)="f32bb900000000c4a1bdedf4c4427d58eaf23e0f1e410066bad104ecf466460f63ea2e46815ef368000000c4a2318c42000f011a", 0x34}], 0x2f7, 0x0, &(0x7f0000000040), 0x1000000000000237) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:32 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080), 0xc, &(0x7f0000001740)={&(0x7f0000000000)=ANY=[@ANYBLOB="72700525a6474c17b7f17a7702df4f0a58dedeb5c1d1081e5f7347b9798368a164ef4a4ea8adc9338fff61430d0a73f88ebcd77c6728f9c9fb2fa6d7c9239aa4f238fd777be3482d56b797846779489740b4f55c93245e3fa7c65f725481745fbe8550"], 0x1}}, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) sendmmsg(r0, &(0x7f00000002c0), 0x400000000000174, 0x0) [ 361.515952] ? save_stack+0xa9/0xd0 [ 361.519621] ? graph_lock+0x170/0x170 [ 361.523460] ? kasan_slab_alloc+0x12/0x20 [ 361.527626] ? kmem_cache_alloc+0x12e/0x730 [ 361.531960] ? mmu_topup_memory_caches+0xf7/0x390 [ 361.536824] ? kvm_mmu_load+0x21/0xfa0 [ 361.540732] ? vcpu_enter_guest+0x3dbe/0x6380 [ 361.545240] ? graph_lock+0x170/0x170 [ 361.545257] ? ksys_ioctl+0xa9/0xd0 [ 361.545272] ? __x64_sys_ioctl+0x73/0xb0 [ 361.545290] ? do_syscall_64+0x1b9/0x820 [ 361.545312] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 23:02:32 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000b90ffc), 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280), 0x23f) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES64=r0], &(0x7f0000000080)=0x2) [ 361.560851] ? find_held_lock+0x36/0x1c0 [ 361.560872] ? __lock_is_held+0xb5/0x140 [ 361.560899] ? ___might_sleep+0x1ed/0x300 [ 361.560918] ? arch_local_save_flags+0x40/0x40 [ 361.560946] __should_failslab+0x124/0x180 [ 361.560965] should_failslab+0x9/0x14 [ 361.560981] kmem_cache_alloc+0x2be/0x730 [ 361.561000] ? vmx_flush_tlb_gva+0x380/0x380 [ 361.574478] ? print_usage_bug+0xc0/0xc0 [ 361.574494] ? ima_get_action+0x7e/0xa0 [ 361.574513] ? mmu_topup_memory_caches+0xf7/0x390 [ 361.574533] mmu_topup_memory_caches+0xf7/0x390 [ 361.574553] kvm_mmu_load+0x21/0xfa0 [ 361.595507] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 361.595529] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 361.595576] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 361.595608] vcpu_enter_guest+0x3dbe/0x6380 [ 361.595636] ? emulator_read_emulated+0x50/0x50 [ 361.631693] ? vmx_vcpu_load+0xb06/0x1030 [ 361.631718] ? vmx_write_tsc_offset+0x680/0x680 [ 361.631735] ? graph_lock+0x170/0x170 [ 361.631748] ? lock_downgrade+0x900/0x900 [ 361.631771] ? check_preemption_disabled+0x48/0x200 [ 361.662047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 361.672581] ? check_preemption_disabled+0x48/0x200 [ 361.672608] ? check_preemption_disabled+0x48/0x200 [ 361.672636] ? __lock_is_held+0xb5/0x140 [ 361.672658] ? lock_acquire+0x1ed/0x520 [ 361.672673] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 361.672694] ? lock_release+0x970/0x970 [ 361.672710] ? kvm_gen_update_masterclock+0x350/0x350 [ 361.672727] ? kvm_arch_dev_ioctl+0x630/0x630 [ 361.672743] ? preempt_notifier_dec+0x20/0x20 [ 361.672772] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 23:02:32 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.stat\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="2ec3"]) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) sendfile(r2, r0, &(0x7f0000000100), 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000240)={0x104000, &(0x7f0000000200), 0x0, r0, 0x1}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x100000000, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEBUGREGS(r3, 0x4080aea2, &(0x7f0000000180)={[0x0, 0x3000], 0x0, 0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 361.672786] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 361.672817] kvm_vcpu_ioctl+0x72b/0x1150 [ 361.672837] ? kvm_vcpu_block+0x1030/0x1030 [ 361.672858] ? find_held_lock+0x36/0x1c0 [ 361.672881] ? __fget+0x4aa/0x740 [ 361.672906] ? check_preemption_disabled+0x48/0x200 [ 361.699939] ? kasan_check_read+0x11/0x20 [ 361.699959] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 361.699977] ? rcu_bh_qs+0xc0/0xc0 [ 361.700003] ? __fget+0x4d1/0x740 [ 361.732395] ? ksys_dup3+0x680/0x680 [ 361.732411] ? find_held_lock+0x36/0x1c0 23:02:32 executing program 1: syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uhid\x00', 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000001080)={0x0, 'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000000)=""/11, 0xb}, 0x120) readv(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)=""/133, 0x85}], 0x1) [ 361.732438] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 361.732462] ? kvm_vcpu_block+0x1030/0x1030 [ 361.732481] do_vfs_ioctl+0x1de/0x1720 [ 361.754408] ? __lock_is_held+0xb5/0x140 [ 361.782277] ? ioctl_preallocate+0x300/0x300 [ 361.790741] ? __fget_light+0x2e9/0x430 [ 361.790760] ? fget_raw+0x20/0x20 [ 361.790779] ? __sb_end_write+0xd9/0x110 [ 361.790800] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 361.790813] ? fput+0x130/0x1a0 [ 361.790830] ? do_syscall_64+0x9a/0x820 [ 361.790846] ? do_syscall_64+0x9a/0x820 [ 361.790866] ? lockdep_hardirqs_on+0x421/0x5c0 [ 361.807863] ? security_file_ioctl+0x94/0xc0 [ 361.807883] ksys_ioctl+0xa9/0xd0 [ 361.807904] __x64_sys_ioctl+0x73/0xb0 [ 361.807924] do_syscall_64+0x1b9/0x820 [ 361.839315] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 361.839337] ? syscall_return_slowpath+0x5e0/0x5e0 [ 361.839353] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 361.839395] ? trace_hardirqs_on_caller+0x310/0x310 [ 361.839412] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 361.839433] ? prepare_exit_to_usermode+0x291/0x3b0 [ 361.854550] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 361.854575] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 361.854587] RIP: 0033:0x457569 [ 361.854629] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 361.864650] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 361.864669] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 361.864679] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 361.864689] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 361.864698] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 361.864712] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 361.983982] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 362.017338] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 362.049350] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 362.056070] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 362.079482] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 362.086517] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 362.093618] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 362.100660] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 362.107351] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 362.114492] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 362.129483] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 23:02:32 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x400000, 0x0) ioctl$UI_SET_SNDBIT(r2, 0x4004556a, 0x4) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) ioprio_get$pid(0x0, r0) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) [ 362.143647] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 362.151451] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz1 [ 362.174768] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 23:02:32 executing program 3: r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x14, 0x80000) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='em0\x00', 0xffffffffffffff9c}, 0x10) dup2(r0, r1) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r2, 0x1000000000016) 23:02:32 executing program 4 (fault-call:7 fault-nth:27): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:32 executing program 2: r0 = getpgrp(0x0) ptrace$setregset(0x4205, r0, 0x2, &(0x7f0000000300)={&(0x7f0000000200)="a781fdba191b67ae203bb0dae19d72f228cbe071cf4c0c4b9f425ed88ee47b5262c47fdfae45cacea1f4a9bf4aa59e1726010b99ef9afaaa411757eb1e1e744b9fd59ea17681b6fa5f1b1266ea35875c513671842492aca697c11aefea5469f437d85b1189c0df44459eed3244de708430aa0aad3c7a6fcf979695f98bbc62dfe423d473b9dab28c5fd26028888ce1076e669bdfec27a71e40965a670b465ab9a6272dfc38a873c32c6aa342208e2f5764dbbad5ee0318599bfb8002877fcc6aacbbae47638165", 0xc7}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x80000001, 0x200) r3 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0xc19, 0x80000) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f00000001c0)={r3, 0x939, 0xb18a, r4}) r5 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r5, 0x8912, &(0x7f0000000180)="153f6234488dd25d766070") r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r7 = eventfd(0x0) ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000000)={r7}) write$eventfd(r7, &(0x7f0000000080), 0x8) [ 362.220808] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 362.241751] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 362.248530] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 362.278733] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 362.293194] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 362.307779] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 362.323799] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 362.332700] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 362.341728] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 362.350812] FAULT_INJECTION: forcing a failure. [ 362.350812] name failslab, interval 1, probability 0, space 0, times 0 [ 362.362382] CPU: 0 PID: 13427 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 362.369775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 362.369783] Call Trace: [ 362.369815] dump_stack+0x1c4/0x2b4 [ 362.369845] ? dump_stack_print_info.cold.2+0x52/0x52 [ 362.369867] ? __kernel_text_address+0xd/0x40 [ 362.369895] ? unwind_get_return_address+0x61/0xa0 [ 362.369932] should_fail.cold.4+0xa/0x17 [ 362.369957] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 362.382080] ? save_stack+0xa9/0xd0 [ 362.382101] ? graph_lock+0x170/0x170 [ 362.382114] ? kasan_slab_alloc+0x12/0x20 [ 362.382135] ? kmem_cache_alloc+0x12e/0x730 [ 362.425426] ? mmu_topup_memory_caches+0xf7/0x390 [ 362.430265] ? kvm_mmu_load+0x21/0xfa0 [ 362.434175] ? vcpu_enter_guest+0x3dbe/0x6380 [ 362.438674] ? graph_lock+0x170/0x170 [ 362.442479] ? ksys_ioctl+0xa9/0xd0 [ 362.446106] ? __x64_sys_ioctl+0x73/0xb0 [ 362.450167] ? do_syscall_64+0x1b9/0x820 [ 362.454230] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 362.459608] ? find_held_lock+0x36/0x1c0 [ 362.463692] ? __lock_is_held+0xb5/0x140 [ 362.467770] ? ___might_sleep+0x1ed/0x300 [ 362.471939] ? arch_local_save_flags+0x40/0x40 [ 362.476535] __should_failslab+0x124/0x180 [ 362.480780] should_failslab+0x9/0x14 [ 362.484584] kmem_cache_alloc+0x2be/0x730 [ 362.488743] ? vmx_flush_tlb_gva+0x380/0x380 [ 362.493155] ? print_usage_bug+0xc0/0xc0 [ 362.497219] ? ima_get_action+0x7e/0xa0 [ 362.501211] ? mmu_topup_memory_caches+0xf7/0x390 [ 362.506059] mmu_topup_memory_caches+0xf7/0x390 [ 362.510734] kvm_mmu_load+0x21/0xfa0 [ 362.514449] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 362.519399] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 362.524938] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 362.529528] vcpu_enter_guest+0x3dbe/0x6380 [ 362.533880] ? emulator_read_emulated+0x50/0x50 [ 362.538584] ? vmx_vcpu_load+0xb06/0x1030 [ 362.542750] ? vmx_write_tsc_offset+0x680/0x680 [ 362.547420] ? graph_lock+0x170/0x170 [ 362.551222] ? lock_downgrade+0x900/0x900 [ 362.555373] ? check_preemption_disabled+0x48/0x200 [ 362.560390] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 362.565929] ? check_preemption_disabled+0x48/0x200 [ 362.570944] ? check_preemption_disabled+0x48/0x200 [ 362.575983] ? __lock_is_held+0xb5/0x140 [ 362.580052] ? lock_acquire+0x1ed/0x520 [ 362.584025] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 362.589081] ? lock_release+0x970/0x970 [ 362.593064] ? kvm_gen_update_masterclock+0x350/0x350 [ 362.598259] ? kvm_arch_dev_ioctl+0x630/0x630 [ 362.602753] ? preempt_notifier_dec+0x20/0x20 [ 362.607263] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 362.612107] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 362.617154] kvm_vcpu_ioctl+0x72b/0x1150 [ 362.621239] ? kvm_vcpu_block+0x1030/0x1030 [ 362.625580] ? find_held_lock+0x36/0x1c0 [ 362.629688] ? __fget+0x4aa/0x740 [ 362.633150] ? check_preemption_disabled+0x48/0x200 [ 362.638172] ? kasan_check_read+0x11/0x20 [ 362.642329] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 362.647616] ? rcu_bh_qs+0xc0/0xc0 [ 362.651175] ? __fget+0x4d1/0x740 [ 362.654640] ? ksys_dup3+0x680/0x680 [ 362.658356] ? find_held_lock+0x36/0x1c0 [ 362.662426] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 362.667362] ? kvm_vcpu_block+0x1030/0x1030 [ 362.671700] do_vfs_ioctl+0x1de/0x1720 [ 362.675600] ? __lock_is_held+0xb5/0x140 [ 362.679672] ? ioctl_preallocate+0x300/0x300 [ 362.684086] ? __fget_light+0x2e9/0x430 [ 362.688063] ? fget_raw+0x20/0x20 [ 362.691538] ? __sb_end_write+0xd9/0x110 [ 362.695625] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 362.701161] ? fput+0x130/0x1a0 [ 362.704441] ? do_syscall_64+0x9a/0x820 [ 362.708416] ? do_syscall_64+0x9a/0x820 [ 362.712394] ? lockdep_hardirqs_on+0x421/0x5c0 [ 362.716982] ? security_file_ioctl+0x94/0xc0 [ 362.721394] ksys_ioctl+0xa9/0xd0 [ 362.724855] __x64_sys_ioctl+0x73/0xb0 [ 362.728752] do_syscall_64+0x1b9/0x820 [ 362.732644] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 362.738011] ? syscall_return_slowpath+0x5e0/0x5e0 [ 362.742949] ? trace_hardirqs_on_caller+0x310/0x310 [ 362.747965] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 362.752982] ? recalc_sigpending_tsk+0x180/0x180 [ 362.757740] ? kasan_check_write+0x14/0x20 [ 362.761981] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 362.766848] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 362.772042] RIP: 0033:0x457569 [ 362.775237] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 362.794153] RSP: 002b:00007f3ba50d5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 362.801864] RAX: ffffffffffffffda RBX: 00007f3ba50d5c90 RCX: 0000000000457569 [ 362.809139] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 362.816408] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 362.823692] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50d66d4 23:02:33 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='nfs\x00', 0x0, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000040)=0xffffffffffffffff, 0x4) [ 362.830972] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 362.840280] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz1 23:02:33 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.stat\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="2ec3"]) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) sendfile(r2, r0, &(0x7f0000000100), 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000240)={0x104000, &(0x7f0000000200), 0x0, r0, 0x1}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x100000000, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEBUGREGS(r3, 0x4080aea2, &(0x7f0000000180)={[0x0, 0x3000], 0x0, 0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:02:33 executing program 4 (fault-call:7 fault-nth:28): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:33 executing program 2: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x2, 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000180)={0x0, {{0xa, 0x4e21, 0x2, @loopback, 0x3fa}}, 0x0, 0x3, [{{0xa, 0x4e21, 0x2, @mcast2, 0xb956}}, {{0xa, 0x4e22, 0x8, @mcast2, 0x70b6}}, {{0xa, 0x4e22, 0x100, @mcast2, 0xaf48}}]}, 0x210) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_NET_SET_BACKEND(r1, 0x8008af26, &(0x7f0000f1dff8)) 23:02:33 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)=@alg, 0x80, &(0x7f0000000540), 0x0, &(0x7f00000000c0)=""/87, 0x57}, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000000000)=""/8, &(0x7f0000000080)=0x1a08) sync() ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000140)={0x0, 0x0, 0x2, 0x0, [], [{0x100000000, 0x401, 0x8, 0x5, 0x20, 0xa04}, {0x12914cc0, 0x7, 0x800, 0x4, 0xf699, 0xb5}], [[], []]}) [ 363.068612] FAULT_INJECTION: forcing a failure. [ 363.068612] name failslab, interval 1, probability 0, space 0, times 0 [ 363.083529] CPU: 1 PID: 13441 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 363.090913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.100282] Call Trace: [ 363.102886] dump_stack+0x1c4/0x2b4 [ 363.106528] ? dump_stack_print_info.cold.2+0x52/0x52 [ 363.111725] ? __kernel_text_address+0xd/0x40 [ 363.116227] ? unwind_get_return_address+0x61/0xa0 [ 363.121172] should_fail.cold.4+0xa/0x17 [ 363.125240] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 363.130348] ? save_stack+0xa9/0xd0 [ 363.133983] ? graph_lock+0x170/0x170 [ 363.137785] ? kasan_slab_alloc+0x12/0x20 [ 363.141937] ? kmem_cache_alloc+0x12e/0x730 [ 363.146260] ? mmu_topup_memory_caches+0xf7/0x390 [ 363.151099] ? kvm_mmu_load+0x21/0xfa0 [ 363.154991] ? vcpu_enter_guest+0x3dbe/0x6380 [ 363.159488] ? graph_lock+0x170/0x170 [ 363.163291] ? ksys_ioctl+0xa9/0xd0 [ 363.166919] ? __x64_sys_ioctl+0x73/0xb0 [ 363.170986] ? do_syscall_64+0x1b9/0x820 [ 363.175048] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.180419] ? find_held_lock+0x36/0x1c0 [ 363.184484] ? __lock_is_held+0xb5/0x140 [ 363.188573] ? ___might_sleep+0x1ed/0x300 [ 363.192731] ? arch_local_save_flags+0x40/0x40 [ 363.197497] __should_failslab+0x124/0x180 [ 363.201743] should_failslab+0x9/0x14 [ 363.205560] kmem_cache_alloc+0x2be/0x730 [ 363.209715] ? vmx_flush_tlb_gva+0x380/0x380 [ 363.214125] ? print_usage_bug+0xc0/0xc0 [ 363.218191] ? mmu_topup_memory_caches+0xf7/0x390 [ 363.223045] mmu_topup_memory_caches+0xf7/0x390 [ 363.227733] kvm_mmu_load+0x21/0xfa0 [ 363.231452] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 363.236418] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 363.241958] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 363.246552] vcpu_enter_guest+0x3dbe/0x6380 [ 363.250891] ? emulator_read_emulated+0x50/0x50 [ 363.255570] ? vmx_vcpu_load+0xb06/0x1030 [ 363.259732] ? vmx_write_tsc_offset+0x680/0x680 [ 363.264403] ? graph_lock+0x170/0x170 [ 363.268207] ? lock_downgrade+0x900/0x900 [ 363.272361] ? check_preemption_disabled+0x48/0x200 [ 363.277404] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 363.282960] ? check_preemption_disabled+0x48/0x200 [ 363.287979] ? check_preemption_disabled+0x48/0x200 [ 363.293033] ? __lock_is_held+0xb5/0x140 [ 363.297100] ? lock_acquire+0x1ed/0x520 [ 363.301077] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 363.306118] ? lock_release+0x970/0x970 [ 363.310090] ? kvm_gen_update_masterclock+0x350/0x350 [ 363.315327] ? kvm_arch_dev_ioctl+0x630/0x630 [ 363.319827] ? preempt_notifier_dec+0x20/0x20 [ 363.324336] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 363.329691] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 363.334750] kvm_vcpu_ioctl+0x72b/0x1150 [ 363.338815] ? kvm_vcpu_block+0x1030/0x1030 [ 363.343146] ? find_held_lock+0x36/0x1c0 [ 363.347219] ? __fget+0x4aa/0x740 [ 363.350694] ? check_preemption_disabled+0x48/0x200 [ 363.355718] ? kasan_check_read+0x11/0x20 [ 363.359875] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 363.365153] ? rcu_bh_qs+0xc0/0xc0 [ 363.368710] ? __fget+0x4d1/0x740 [ 363.372177] ? ksys_dup3+0x680/0x680 [ 363.375938] ? find_held_lock+0x36/0x1c0 [ 363.380009] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 363.384947] ? kvm_vcpu_block+0x1030/0x1030 [ 363.389273] do_vfs_ioctl+0x1de/0x1720 [ 363.393162] ? __lock_is_held+0xb5/0x140 [ 363.397231] ? ioctl_preallocate+0x300/0x300 [ 363.401658] ? __fget_light+0x2e9/0x430 [ 363.405635] ? fget_raw+0x20/0x20 [ 363.409095] ? __sb_end_write+0xd9/0x110 [ 363.413168] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 363.418705] ? fput+0x130/0x1a0 [ 363.421989] ? do_syscall_64+0x9a/0x820 [ 363.425978] ? do_syscall_64+0x9a/0x820 [ 363.429970] ? lockdep_hardirqs_on+0x421/0x5c0 [ 363.434556] ? security_file_ioctl+0x94/0xc0 [ 363.438969] ksys_ioctl+0xa9/0xd0 [ 363.442428] __x64_sys_ioctl+0x73/0xb0 [ 363.446318] do_syscall_64+0x1b9/0x820 [ 363.450211] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 363.455581] ? syscall_return_slowpath+0x5e0/0x5e0 [ 363.460552] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.465439] ? trace_hardirqs_on_caller+0x310/0x310 [ 363.470462] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 363.475515] ? prepare_exit_to_usermode+0x291/0x3b0 [ 363.480559] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.485434] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.490629] RIP: 0033:0x457569 [ 363.493824] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 363.512736] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 363.520446] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 363.527730] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 363.534994] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 363.542276] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 363.549545] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:34 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7, 0x2000) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000000200)={"b9bcf509b0cd57e6e5a7323f2d1d51b56d015cc820ec60735cb52456acc81792634c1a81111048a53a0e625a8f4cf6081c72166734003cfceb43676b549cb5e7416b98fbd91f0ca7a81464f3e61c4536bf57a3823b7efd0085c5bed6d58ae461155681132c4908cf1b79596a789247e4ab198d481d1baf8342f11c32460b85ae69fa6004e980c70516555ecbd18bb5ead9215137510044f42df7e1ac17eb17f0d206c3c614122200e60f0c0986fe1edbd62fd0d2f5892b193ba26cf8db9c2168343e102466798034b64ade49a9ecb1129e094603e7d637cac3f721c327c5f96b318c8f17e444b950be72b593ce96178c0032fce6531b9a80a689487fd62e2f406f4a166e4a2454e7bacc21eb6b9a5922d14bea373db3429e8b5c450a32c331f9571b55eb229f79f08ac93dfb19faaccae0e9608e74daf90180442d137b5c4c981d0b9b8d3eb849e37747612a6c1d5e8aa6cb74cabf95b66c284bd6bba7a6394a4a552236f9c2fc11e29981427f0d1c8c6283dc9b9b9b428cb68fc8f7a05bd2f1d9077b18efea9df59e3046c0ddd104c67b1741f865773c160dc195ad653ec68cd611d60e63888fe38b0326cf759709d3e117ba7c8b871de6a52257ab1f6247748df1dbaa2ece133f04d96af8e3a73670761af76e74666f93aa053cada794950cfb23f13f6c1fa6afad6106f75c7246c8459c1cba1cac31e4853e23fdc12733bea886ccd3a39b08b113645e549deaf92f98a4f7f83bb4d67ca8cfa785812f44beb281e1ae0f0bacb3e6ca0bd85d96cf05ce650bdac37e6f3746c845fe8ee6ff4c8a98c3f89bd1e83f6b6ee5fbf1fb8334c23331bd5366006e677a2d9b390bdc18479cd52498167c9b145a8b04d8f95ca74ba61e43235a3658c707f02d0b96a07fd97c04edace3417c9a19e958449763ee64f06eaf182be68839059c9b5d93b9463114131b18711fe52a71b57bc9aa7586e47993128c608814a84adafb5959f81e2a632ae6c69457385fff8cd03d6646f38d1b3af9c6de525631200bb1046856a06ad61ee0ef3c6b85e908d10e395d7e6e2e4d5a423fb113d3a68e0d1de3746318cf086330cc3eac18f39247a9fcdf020aed7959c15ccfb443547f5d39f0be532d6da8c95e72bce98cc6871851723341e3c8f984c88547d670ab088e339e570200915e7def1e7dce2daafc5c1395a573007e877f161336528fc8b4eebc2a213bf27fd8a27ce1a74eba3a89659835922ead6331d412d8dab508f75965bdc709f2b3c2a19140e29c4ac12104020928b7618169390b78c7a5e5c2c1c82c65b4913080f9007ead67610e5ed09a3008b8bc1e6011a6ded3b0cede4730012c5d2203f5bfdb07af8cd588726bae298d590976e65aa206fec68209200dc827f72d2b0f5820fb083329e364d3f08677e1e983092ed2b8acce83582b5278477eb5364cffea54"}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:34 executing program 3: uselib(&(0x7f0000000000)='./file0\x00') getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x36e, 0x400) ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x80000000, 0x16, 0x13, 0xd, "3dc2c592d8a49afaeaacc9039f2294cf42bbf31435dc5658a64673cc146573561adfcc2a148fe423c5d96a57b9344e04a7bc9ebfc10e3b70e8c6a2ad4fb6eeed", "7835762aaa136a2faead01bea9cb0e91ea16352f25eac31f004a4ae68b4e6042", [0x0, 0xffffffff]}) tkill(0x0, 0x1000000000016) 23:02:34 executing program 4 (fault-call:7 fault-nth:29): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:34 executing program 2: r0 = socket$inet6(0xa, 0x5, 0xffffffffffffffff) ioctl(r0, 0x9, &(0x7f0000000000)="dce0b8db91e3a4ea307df1cb0697cb251ed0f2a620bc01ded76b4a233193f926904aa5f99001546a09504341ac9349797c478de31f57ff76c4374a82f011f463ed5611298ffdb3a84d1a5dbe03510ff81b119d040000002890f91a037ebb4b6ef2c45bb1ecebfc629aad593732a04b07922e6909a3f64f1218de998d7f6cc980f6b14a55def4b2aa09704120f2ffebfd84fa08226d0a698e1d2b896fe52050f133c0ae60e8b62a773942dc8b10882efeb26ef1377cb46e690c6ca68ecb1a61eb412247d4ce0c3b108f4c7003a70a8279fbf98f187b8f03a8796f4880f54af3277c9ac2db342e7f61e51ccbb6912b2ea66206afcafd1fb7882bfc5e93f43afcd9cd4f21835a3810bee098da9ad1f7f892c526e158d2687989f3f0ff41c2f32c07a1213543d807ade55cea0f2a533e5bd0f55fb20f8de64bab707b8799655f32f4c40868e0820bca5dc865f98b1fced0581e1e6375e25098fa2480b5924c22a5c19b40d53a59460dec5a8d9e7dd18d7d4c709eee394d01fc4f924e68241502c30bb2132a3902c82663e323cd7fc55f138510db0f90d3a5497b45d3a7b07c7ab7fd791a670610e326afe2b59fb81e419e499c576e44570f84002ac79b6373c1eeb1808aba827410b25150f8a9fed482334acd16d778c5007c4ae9ebee9bc42601ace9a1a9495df5fa2023d1ec00e95cb33ba9c97b7f08c9254e4eee4259dd92c63456021976cf8e2cd291565d4a3df3872e3247") r1 = socket(0x1e, 0x5, 0x0) getsockopt(r1, 0x800000010f, 0x20080000000083, &(0x7f00004ad000), &(0x7f0000a3c000)=0xe4) 23:02:34 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000a00)="000000b5534c8cd91c34a07d583a45ba860e69b4fdb2733b06cba783064b019e6bb210582d8819f9842446e7c902f3e1ad6b28c36310f7a26f2703d97cf742c0da1d32a1051ae9811d7b4f9099bc717bf75dfc694e944344e3e98dd59d38db4b5dec6636ed788a55571fc366bc83196f433a025cd20e7abb2ce70d5e44c69f8586d9f96b172c6168c6c4804add9b6f31e1edd519c85b6e959deca0d4b8c59b797c2c5d8980fdcdce649bbd3b5e62ae1b805ba6f3f1a9d15fa07bf8130e423fe28f27814a4d01eda798c97d4cc7037d46d470409ef4d100907abc95adcc1435f359a204f7d556081698271073f562d13aebc74bcab50944f9752abf13e5f5d6c953791bc14b0b1f931630ea0cb313a0c8ee7c61001280b9c08d8e4fcc1abfb296cb2013f6c7bafd4deb46a6059d8ce233e21ebb2d54e9ae40a50f1140ce6f53165aca4bca344885dd108bf57091fab02ccaceb2ce5f130488201705000bcc4990f4f0cbca9dd6a1b3f5d9e7f200006b3237a2e1baf0a4da675f16405e49f0e952e91c37da6c14b41916cd40be7bc57dee829b9b0373aecced5685a52b6fee514db30b339453fc8c020489c8b4d595daa09da982dedd9c3379bc79e1e4e0f59dc032de89b5644f18cff9500912ccbd6d14c2bc4d9b734c455d09c34d7d9d4a526150c7d0cf3ca7ee95ff9cb8ce74c827fdf9bdca20f3093dc0fa8a092327b15e8ad1f2488635b4b65bdbf442") ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f0000000380)) r1 = openat$cgroup_ro(r0, &(0x7f0000000200)="6d656d0001792e737761532e63757272656e7400", 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(r0, &(0x7f0000000180)={0xa, 0x4, 0xfa00, {r2}}, 0xc) mq_notify(r0, &(0x7f0000000340)={0x0, 0x31, 0x2, @thr={&(0x7f0000000240)="ad07181468b87e5fb4778a4bfe133b4ad0ca654f6502fe50009c8acf575838f1af4d5bac6a259c8d9ce4ee3e4d953df8fe38f7166e22c2fb3b3eb5acf1352a4e1df28a4cd0298db47432e639a6dba07c6f645c16d98c21d7af1327673ba114e147a7504a7424980a0a8088ea390cbfdd917f8277052f94e862ad8f6015ea916a810b7a15ab0c90431f11c634483e6e54574704615f2c3041d73c4dc8e6aab444c31dbf38d86318e76604c78a544549a9bf1d625f4f4815202e2c4e333cb3063650a8c389018752d774da591f69d7d79d86d9a508c70d3cc88d9bfb000e41007236c14d", &(0x7f00000001c0)="b33796a392539cf6da3e79d7878382738ce66507a2e6be233666c58a5d09a83e8a67937a63cee5"}}) write$P9_RMKNOD(r0, &(0x7f0000000000)={0x14, 0x13, 0x2, {0x20, 0x0, 0x8}}, 0x14) pread64(r1, &(0x7f00000000c0)=""/136, 0xd8a3046, 0x930000) 23:02:34 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)=@newneigh={0x30, 0x1c, 0x31, 0x0, 0x0, {0xa, 0x0, 0x0, r1, 0x0, 0x8}, [@NDA_DST_IPV6={0x14, 0x1, @dev}]}, 0x30}}, 0x0) r2 = dup3(r0, r0, 0x80000) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000140)={0x8001, 0x2, 0x206, 0xad, 0x3, 0x1, 0x6, 0x9, 0x0}, &(0x7f0000000180)=0x20) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={r3, 0xcc, &(0x7f00000001c0)=[@in={0x2, 0x4e22, @multicast2}, @in6={0xa, 0x4e24, 0x9, @dev={0xfe, 0x80, [], 0x10}, 0x1}, @in6={0xa, 0x4e21, 0x1ff, @empty, 0x9}, @in={0x2, 0x4e21, @broadcast}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e22, 0x3f, @local, 0x1}, @in={0x2, 0x4e24, @remote}, @in6={0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, [], 0xb}, 0x49}, @in6={0xa, 0x4e21, 0x1, @mcast2, 0x6}]}, &(0x7f0000000300)=0x10) [ 363.765244] FAULT_INJECTION: forcing a failure. [ 363.765244] name failslab, interval 1, probability 0, space 0, times 0 [ 363.818284] CPU: 0 PID: 13466 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 363.825665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.825672] Call Trace: [ 363.825743] dump_stack+0x1c4/0x2b4 [ 363.825783] ? dump_stack_print_info.cold.2+0x52/0x52 [ 363.846512] ? __kernel_text_address+0xd/0x40 [ 363.851024] ? unwind_get_return_address+0x61/0xa0 [ 363.855975] should_fail.cold.4+0xa/0x17 [ 363.860059] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 363.865177] ? save_stack+0xa9/0xd0 [ 363.865198] ? graph_lock+0x170/0x170 [ 363.865212] ? kasan_slab_alloc+0x12/0x20 [ 363.865229] ? kmem_cache_alloc+0x12e/0x730 [ 363.865246] ? mmu_topup_memory_caches+0xf7/0x390 [ 363.865264] ? kvm_mmu_load+0x21/0xfa0 [ 363.889856] ? vcpu_enter_guest+0x3dbe/0x6380 [ 363.894384] ? graph_lock+0x170/0x170 [ 363.898205] ? ksys_ioctl+0xa9/0xd0 [ 363.901841] ? __x64_sys_ioctl+0x73/0xb0 [ 363.905981] ? do_syscall_64+0x1b9/0x820 [ 363.910055] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.915441] ? find_held_lock+0x36/0x1c0 [ 363.915463] ? __lock_is_held+0xb5/0x140 [ 363.915493] ? ___might_sleep+0x1ed/0x300 [ 363.915518] ? arch_local_save_flags+0x40/0x40 [ 363.923649] __should_failslab+0x124/0x180 [ 363.923672] should_failslab+0x9/0x14 [ 363.923688] kmem_cache_alloc+0x2be/0x730 [ 363.923707] ? vmx_flush_tlb_gva+0x380/0x380 [ 363.949027] ? print_usage_bug+0xc0/0xc0 [ 363.953101] ? ima_get_action+0x7e/0xa0 [ 363.957091] ? mmu_topup_memory_caches+0xf7/0x390 [ 363.962009] mmu_topup_memory_caches+0xf7/0x390 [ 363.962047] kvm_mmu_load+0x21/0xfa0 [ 363.962065] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 363.962088] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 363.970456] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 363.970494] vcpu_enter_guest+0x3dbe/0x6380 [ 363.970553] ? emulator_read_emulated+0x50/0x50 [ 363.970577] ? vmx_vcpu_load+0xb06/0x1030 [ 363.970611] ? vmx_write_tsc_offset+0x680/0x680 [ 363.970629] ? graph_lock+0x170/0x170 [ 364.007250] ? lock_downgrade+0x900/0x900 [ 364.011432] ? check_preemption_disabled+0x48/0x200 23:02:34 executing program 1: r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f00001bf000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, r0, 0x0, 0x1d, &(0x7f00000000c0)='proc\t!\'@bdev!\'bdevmime_type-\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000180)=r1, 0x4) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f0000000140)={0x0, r2+10000000}, &(0x7f0000000200), 0x8) r3 = socket$inet6(0xa, 0x80003, 0x840000000000006) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000080)=0xc) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f00000002c0)) ioctl(r3, 0x8912, &(0x7f0000000040)="153f6234488dd25d766070") 23:02:34 executing program 2: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000014c0)=0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x0, 0x7}) ptrace$setregset(0x4205, r0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000080)={0x0, 'lo\x00'}, 0xfffffffffffffcc6) r1 = socket$packet(0x11, 0x2, 0x300) r2 = socket$packet(0x11, 0x2, 0x300) openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0xfd, 0x0) r3 = dup2(r2, r1) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f00000003c0)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'team_slave_0\x00', 0x0}) bind$packet(r3, &(0x7f0000000100)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) sendmmsg$inet_sctp(r3, &(0x7f0000007080)=[{&(0x7f0000000040)=@in6={0xa, 0x0, 0x4, @remote}, 0x1c, &(0x7f0000000540)}], 0x0, 0x0) [ 364.016484] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 364.022034] ? check_preemption_disabled+0x48/0x200 [ 364.027062] ? check_preemption_disabled+0x48/0x200 [ 364.032087] ? __lock_is_held+0xb5/0x140 [ 364.036140] ? lock_acquire+0x1ed/0x520 [ 364.040114] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 364.045136] ? lock_release+0x970/0x970 [ 364.049108] ? kvm_gen_update_masterclock+0x350/0x350 [ 364.054314] ? kvm_arch_dev_ioctl+0x630/0x630 [ 364.058816] ? preempt_notifier_dec+0x20/0x20 [ 364.063330] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 364.068178] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 364.073218] kvm_vcpu_ioctl+0x72b/0x1150 [ 364.077294] ? kvm_vcpu_block+0x1030/0x1030 [ 364.081635] ? find_held_lock+0x36/0x1c0 [ 364.085712] ? __fget+0x4aa/0x740 [ 364.089179] ? check_preemption_disabled+0x48/0x200 [ 364.094207] ? kasan_check_read+0x11/0x20 [ 364.098363] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 364.103648] ? rcu_bh_qs+0xc0/0xc0 [ 364.107205] ? __fget+0x4d1/0x740 [ 364.110669] ? ksys_dup3+0x680/0x680 [ 364.114386] ? find_held_lock+0x36/0x1c0 [ 364.118467] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 364.123415] ? kvm_vcpu_block+0x1030/0x1030 [ 364.127748] do_vfs_ioctl+0x1de/0x1720 [ 364.131646] ? __lock_is_held+0xb5/0x140 [ 364.135718] ? ioctl_preallocate+0x300/0x300 [ 364.140136] ? __fget_light+0x2e9/0x430 [ 364.144122] ? fget_raw+0x20/0x20 [ 364.147585] ? __sb_end_write+0xd9/0x110 [ 364.151670] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 364.157212] ? fput+0x130/0x1a0 [ 364.160502] ? do_syscall_64+0x9a/0x820 [ 364.164483] ? do_syscall_64+0x9a/0x820 [ 364.168466] ? lockdep_hardirqs_on+0x421/0x5c0 [ 364.173057] ? security_file_ioctl+0x94/0xc0 [ 364.177479] ksys_ioctl+0xa9/0xd0 [ 364.180943] __x64_sys_ioctl+0x73/0xb0 [ 364.184841] do_syscall_64+0x1b9/0x820 [ 364.188741] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 364.194112] ? syscall_return_slowpath+0x5e0/0x5e0 [ 364.199218] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.204071] ? trace_hardirqs_on_caller+0x310/0x310 [ 364.209095] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 364.214123] ? prepare_exit_to_usermode+0x291/0x3b0 [ 364.219153] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.224011] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.229206] RIP: 0033:0x457569 [ 364.232416] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 364.251358] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 364.259081] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 364.266356] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 364.273640] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 364.280912] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 364.288181] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:35 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.stat\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="2ec3"]) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) sendfile(r2, r0, &(0x7f0000000100), 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000240)={0x104000, &(0x7f0000000200), 0x0, r0, 0x1}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x100000000, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEBUGREGS(r3, 0x4080aea2, &(0x7f0000000180)={[0x0, 0x3000], 0x0, 0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:02:35 executing program 4 (fault-call:7 fault-nth:30): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:35 executing program 1: r0 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x2, 0x40) ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000180)={0xcb6d, 0x42, 0x99, 0x100000001, 0x8, 0x9}) getsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f00000001c0), &(0x7f0000000200)=0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x804, 0x0) ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000100)) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYRES32=r0, @ANYBLOB="06003600ac5486877fac187199670424faac3023509ab9c00845fec7295f5984231123624bdadafade28de76771438a68dc40945c848d5bffb0b801c824b672942b59f74c47133d6aa8622d1fea8fc8b6227dac1fdc60ab65439d3d3cbb25cda5a2323ba43d8101ecc302904279718430c607a8a239311bd8f9e496839ddcea4616dd73f5da669b5", @ANYPTR=&(0x7f0000000280)=ANY=[@ANYBLOB], @ANYBLOB="ff014000090012ab790000000800000062f1d538506083355fd5d72b91372eaa2a14dc15c0fb4c4730e94d73be1b185d19ede7656a9ea71eefd9b9a5cdff6755aef69eb20489083056f5e6bd68dc7cbba47928cba843f0493812f655de821af5a3c8bf47f2b0d4917586d5a4871145f81345a8cb0777c2c6591d93a67a95d3268f131d45e405e11ed447cf4f7235c713c0c5a9f8f361fd3f385e8f2bc41b39c0e5692f07e186af5f8fb27e40a3f1e5d940f7b004b2045d005af5416b99345e600f7a5009cc0f3854b52fccc1abbb3e920e3d433a"]) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r3, 0x40085112, &(0x7f0000000040)={{0xffffff92}, {0xffffffe0}}) [ 364.446982] FAULT_INJECTION: forcing a failure. [ 364.446982] name failslab, interval 1, probability 0, space 0, times 0 [ 364.470125] Unknown ioctl 19268 [ 364.499735] CPU: 1 PID: 13490 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 364.507122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.516476] Call Trace: [ 364.519080] dump_stack+0x1c4/0x2b4 [ 364.522730] ? dump_stack_print_info.cold.2+0x52/0x52 [ 364.527925] ? __kernel_text_address+0xd/0x40 [ 364.532430] ? unwind_get_return_address+0x61/0xa0 [ 364.537368] should_fail.cold.4+0xa/0x17 [ 364.541443] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 364.546549] ? save_stack+0xa9/0xd0 [ 364.550185] ? graph_lock+0x170/0x170 [ 364.553985] ? kasan_slab_alloc+0x12/0x20 [ 364.558135] ? kmem_cache_alloc+0x12e/0x730 [ 364.562499] ? mmu_topup_memory_caches+0xf7/0x390 [ 364.567339] ? kvm_mmu_load+0x21/0xfa0 [ 364.571262] ? vcpu_enter_guest+0x3dbe/0x6380 [ 364.575775] ? graph_lock+0x170/0x170 [ 364.579575] ? ksys_ioctl+0xa9/0xd0 [ 364.583210] ? __x64_sys_ioctl+0x73/0xb0 [ 364.587273] ? do_syscall_64+0x1b9/0x820 [ 364.591336] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.596711] ? find_held_lock+0x36/0x1c0 [ 364.600779] ? __lock_is_held+0xb5/0x140 [ 364.604876] ? ___might_sleep+0x1ed/0x300 [ 364.609046] ? arch_local_save_flags+0x40/0x40 [ 364.613646] __should_failslab+0x124/0x180 [ 364.617891] should_failslab+0x9/0x14 [ 364.621696] kmem_cache_alloc+0x2be/0x730 [ 364.625848] ? vmx_flush_tlb_gva+0x380/0x380 [ 364.630257] ? print_usage_bug+0xc0/0xc0 [ 364.634318] ? ima_get_action+0x7e/0xa0 [ 364.638299] ? mmu_topup_memory_caches+0xf7/0x390 [ 364.643149] mmu_topup_memory_caches+0xf7/0x390 [ 364.647831] kvm_mmu_load+0x21/0xfa0 [ 364.651551] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 364.656515] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 364.662069] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 364.666660] vcpu_enter_guest+0x3dbe/0x6380 [ 364.671003] ? emulator_read_emulated+0x50/0x50 [ 364.675681] ? vmx_vcpu_load+0xb06/0x1030 [ 364.679841] ? vmx_write_tsc_offset+0x680/0x680 [ 364.684515] ? graph_lock+0x170/0x170 [ 364.688314] ? lock_downgrade+0x900/0x900 [ 364.692470] ? check_preemption_disabled+0x48/0x200 [ 364.697516] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 364.703091] ? check_preemption_disabled+0x48/0x200 [ 364.708122] ? check_preemption_disabled+0x48/0x200 [ 364.713246] ? __lock_is_held+0xb5/0x140 [ 364.717319] ? lock_acquire+0x1ed/0x520 [ 364.721294] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 364.726335] ? lock_release+0x970/0x970 [ 364.730314] ? kvm_gen_update_masterclock+0x350/0x350 [ 364.735526] ? kvm_arch_dev_ioctl+0x630/0x630 [ 364.740022] ? preempt_notifier_dec+0x20/0x20 [ 364.744533] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 364.749386] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 364.754423] kvm_vcpu_ioctl+0x72b/0x1150 [ 364.758493] ? kvm_vcpu_block+0x1030/0x1030 [ 364.762835] ? find_held_lock+0x36/0x1c0 [ 364.766918] ? __fget+0x4aa/0x740 [ 364.770386] ? check_preemption_disabled+0x48/0x200 [ 364.775414] ? kasan_check_read+0x11/0x20 [ 364.779565] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 364.784873] ? rcu_bh_qs+0xc0/0xc0 [ 364.788440] ? __fget+0x4d1/0x740 [ 364.791931] ? ksys_dup3+0x680/0x680 [ 364.795646] ? find_held_lock+0x36/0x1c0 [ 364.799718] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 364.804657] ? kvm_vcpu_block+0x1030/0x1030 [ 364.808983] do_vfs_ioctl+0x1de/0x1720 [ 364.812889] ? __lock_is_held+0xb5/0x140 [ 364.816963] ? ioctl_preallocate+0x300/0x300 [ 364.821378] ? __fget_light+0x2e9/0x430 [ 364.825356] ? fget_raw+0x20/0x20 [ 364.828818] ? __sb_end_write+0xd9/0x110 [ 364.832889] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 364.838424] ? fput+0x130/0x1a0 [ 364.841709] ? do_syscall_64+0x9a/0x820 [ 364.845686] ? do_syscall_64+0x9a/0x820 [ 364.849663] ? lockdep_hardirqs_on+0x421/0x5c0 [ 364.854254] ? security_file_ioctl+0x94/0xc0 [ 364.858684] ksys_ioctl+0xa9/0xd0 [ 364.862158] __x64_sys_ioctl+0x73/0xb0 [ 364.866049] do_syscall_64+0x1b9/0x820 [ 364.869939] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 364.875309] ? syscall_return_slowpath+0x5e0/0x5e0 [ 364.880239] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.885116] ? trace_hardirqs_on_caller+0x310/0x310 [ 364.890138] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 364.895160] ? prepare_exit_to_usermode+0x291/0x3b0 [ 364.900185] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.905036] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.910223] RIP: 0033:0x457569 [ 364.913421] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 364.932333] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 364.940060] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 23:02:35 executing program 1: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x100, 0x0) sendto$inet6(r0, &(0x7f0000000040)="ddfa0ca53734f947fc476e4c1350f754a38e422750231c1dd84aaa328feb11a82fefab26f36b318e174fca0e97acf3a1acc6ddecce06298e81480c713d759b000a1780482a1038f86196affa77ed8d56d8415d5f66b435d301c732176444ce4dcb76e4fee18805f38ef157cb4100eb894a01eec796702d9f8628efda00102c36f3c088c8c33c6826b8c86237a87cd4d4599efe4a941223250c0379527a3c88a366db418ffcac1bd05de8b1730aba43b6beed203574259198b903e2e43ab63fd16e3bc0e1377fe9547f1e3cb57c4d6873f70958890cf295640518cdc22757f7a8d9323a3133dfb91627a561be910be70e389a7ed37be7535a85a41373dcfa9e60a81b75e00247fd3df32b704970a3158d0b32a90243ea3883502d9d6333d0b8d3d05e32bc4f1bcc600d2282bc28e5c993c2259274e53b5ee262a9c450e33c3305e6a4da23949a0ea05048a12905e4ef30d330a794656ff53dda806bf6c9c760c31eeb0222085fa896d1400090a78f09e9878b5b4d2ee9698ca2ed800a4982a3dc6f2342e5779b2331fd8782e41b6ba9619453cf0218cc09775e0c7d92046a288f12ebad3b8dce30c8d3205dd1b4a16f805ad8cac955e72cc7e9cf8118772eb4efe6e13dbbef342dd697812c423ebed951f5d1879bbc325e1132f69551ed23da2c7c3cd2a15ecceda1e4229b1829519aac484df7ab64098a4039f8a309ba1c6e0fe9f99745de323b8c2d596fc6d0b755c284635f4df120132e66f8530761b4af760796563d130179d7ccb8667a32d73126ab10bcd92505be3c62f6dc6213ffeeb9e781c464074574bbc5ed384b3029cbf160d9bfbbb634e61c21bfff9f7193c8cd2adfd6dec85fb6f28548cd7e47c01c045160135245247c81e17c73907cb83838d932b24fb95f7881db6dfc17b63d2350a34c0f10eca029a47909f8c059b66cb478159cf91350c56a0e0e06f58092c000d16f4b13f0c2a232900638c21683ef3bf63ed6ac515bdbbab8409ac31963b8fff1d5a9d32b1cd4b3ff865b2c526bf4cd117d994ad8245916da952d3dcec2f733cb7a8766b381f2f9a45e741555b2f501888addf35880dae729eb6caec4fdd32dfc092f0c6b6fcbf58f103ea97c0f89c3fe454497ccda74924ca3adcf54c927a680601f632fa9657ff0997a8ed129800b58e542f0b8df1ce5e1c3b46d6efb0d265466543f4c5a9ffa5fd8611546cf8a740dd5b9c202b472d94891096f428721d400d4e219c801e3061f22ac004eff93ed63831d636d12848aa363399b75454bfb5d6ca7988a1741db2ba0bee053ea420af57d70a4aafb417aed1b33fea449e740e51fa90168088e9fea7905d0bde155deecd4915472985973729096df511f6c76c7518c0595bbe77ea8394ae446bc40272233bb216e4e4ed13a816b7798fccc8921e080b217e19cb822582832a7f652091f78b61435e44ac61a022f29b7c5324fd9525432db8447c3b6ab04e3dd79edb90f39c41f4198456276bb527d6855617e9585e001c92aeba789e1f49bf22ff6a4e352027e301c4a4aa18cb2a4df6cd6c9584f91a7f9422055de85cd6f8add0af720ecac327287e6cd54cf9e31cc9b920ed76c22aae215e3d9d29b996a24f2fd286a5711f51b42d9afbf869ddfd87f253efe1f5c43682c4ee78180c54c9b64ff337c21d1aeddfed207c863ecef091fdba3e4b53927d99117623aedbba4916d17111fbbfe72611ffa13e8b8f84c90dae5a73fff26d778ef1a3aefe62113988a5746a979a045640e3dc2eba4500121690de4743244a7c197f3c8da3342c52d04b0459ebdd99303dc4cabc6294ea9c468f624786a8ba6d7d717dacc53c545aca701288db0ffa68db63f0004516e1d479578de8fb80cf03c154c45e9d2e8a5e85d2372fc2ed0b8252241c63cb71ec25de962c11e6ab9b5ff2216efa816a20856d46d5e533642e927d32949404a33916d5d0a060050f817a23d7c76de92791b41555e91531c03ef8557a82f7c7f6bee344b997d898aba409e81c1c94839146f08598a7e24410f1523841230aa35ee3447a98a549ad1611d087df932df297832be9393e9799e773bdc4b6a5ff4435dfe2cb24117e502d5c7734426193695b8464c24c8482b5d6293e9fd7abd9d28819659e385b4b250122a5ca6e96863a985a4eb64740261e5d7efa30311e1e40d31e70e1444966548bf429c927b3625cbf90b8a1a46e2f80abefe3f314b8a6b63321764191ec87a1ab594617534e8394f35b4da87bc9b124ad97a3f8be687c7544980a1b4e744537ce1e79ac2da631e65e9c5b9aff38239d57fef9a49e930f1d84059ce892346b1a7681e6d6f97e0f4442e100b5a17193fc56f3ab0e89ff332300fe271a2d4f317341dcd1a70fe3111711b5e1d2aef7dd08b08ea5ce8cb6256fbdef4dbde22e3cdb5e8095743daf0b578a5781151a0ab404604d3a4ef4a4d017e5b45cd51a26b559c495a51bf243cfb8ead81f02adbab6ff7f7f0094df4e59fd37491c67163c76888a0cabf38e4fb3d63751dfb591702d683ffef292fadb1cc4f988ec4c70759b89b0cb080ba654bce9fb2c3542526645163ba216196a664ee1d1889e670c186e11ee237ed596b3b708c76caa1bc5fc8421a6019a29f38208c8a51571ee76b31cd56f29b123353c1bb0919778452f986012d10e4c4e66da08c6c0ead2eafd36cecc57c57c6b123b584b61eed01cfb2b1f6b04df6d4ad6f9c31636276a68339a6d14cb6ab4ffc2d88c61ad6f73f9415d022e7ed43ef5b373ae82f34784880ec0ee78a41080d73d77479f80335c8483d7519109f0fdd818c1b3be90a12d61b58a1fb395ea610216629e07b9a9d9a2ce3f687598bceb1f9efa1bc677ce1cc89a8643629379671ca173d1eb4437dea51ef8808789dc44fd2688f312b98bcc686adb1d337a0076d23618ddb4581572257b180f72fd6e9fbeb1a5a8f2b9edf75953d0c66272b2e6687b0dcf9a76464aeafb9ece344b2cc3568170964f223cfae267112185545bcc08c079bc9122e3dbb93eacd16a545959e241438cfecf0278bc9e85ecec16fac773f1d936c867899c77492cb77abc3bc88113b8f18b6cd82061f982cccab45af6b0995a9eb67173cfd631e4bf1abc7f5363684f4dd109a77ac26d9684d04cf8705cabf55a0d2f5ed283b0225e36779dc51f6a4c94db952d2beec8fef1d822e0c7e746281606afa156dee3598666a730f8eb014985af05d0b406e20fa2ba426a63faf2b0012d7c59a0cbb0779ef3e14937e3d2d6d38fda81e5b0c35bd3df081f5072ac31e08d6a4a90e6731edf8d70b45f7b870630c368a4fa9c5c3061c408a28a8202816e83cac8f0a5041ac035e18347b5a6d50b06d382ad512762275840f72051963556dd90f1e28c629479518446fec6d3dd4ea62a1f305c2eca2682355c54f0470e3d882af454db22e3ac289e2d1431da40cb084105f0989fb74ea59e2b116f44dac1b8f816f3f66e7da472cc5e84ea32922343dbe36236994eca1e346da298af73ffef6871fc9a6addb955ee8936d736b4cc2ae7f239dfba7eeeb60bf408d75ac28806ba653a1709e85a06a7903baee1194e4c2e0a099a69406e41d16c20bbb39dbb230e79da0553f43e218e7150276ea142f46500e1af8caee033147220756b2a7653c32716799824ecddcff5f769445fe0712e87ac567082c27577e1c675de151dfa6d4257b8cbc4a5fa80e3b2297c1e47d641e7919b2b477d63af48aff92978c05f3ea237cc59a7e9a12485f446da994810596d6a4d578fc7e3620b2924dfb19196cbac44bb643e4d23f0c51b16a5eff0f766225da8bbe9461eeb84859f3f99db315e8be0ec276dfb89c2617192dfdb19e3e5f3096b07900308de98674563ff234637a79ca0e36ab92e778e4fe3dc2c72cee1e12e8b1057b9c050a60d38a06d8d23a4747982fc71e99ae1c4752c904c5de4eeead733a9d6a31e51ae50c4f98fdfbfcfede03b8f185b1ac124df890b016eb4ca794c479be8d47b29fede0c1cb8ae7253478491c1eae567d0d9919ab20ff60b70ff05ef6889fd1fce97ed3d916a56901285568faff6f979a660dcc7cf53b413cb214949c86e7ef854e4eeb4e97d3bc43fe2b35202ba4b6ebce73c82d00d089ae12462fb182d76f1c075089078bb26b25afa53ed6c371d4897c176a03b10750a4bb63890ebc5f255c67b571d980473cbb056c751c38c2f27a2333a2c644aa0bec3fbed084e4eb64c70e2b317d826b8aae5d87f7bff70f1874fcd5f4b22b2955d5567f3cb7b09fcee7adc8e96f209b49db346cc516ecc7057ed64d7d7796b75ce29951d194a3b1787c60323c9f76205460bd2d145b15e597f7ce69883572cc3aba33224798a59369f8863bd7f0cfae0c726c703a715453eb2f450d604b0e8d396649d174f10b090e16bd9b0ec6d3a16a070bb061fd7c28094affa36ce46dfa684aa2c1fcfd01e38cae5d72c80557a86b29d95269d3df69ffd79b50c4d562c71a0d511923ff0f2fd5fd0ed5c97ad4650dbb1f79e0b1ff50b46e7b7ee4ce0693c454a0740c4603eac852a6e3754b5490ae24c937f045591c0834988a4d32bdfeab5b351e1e2a930ffce70422c63a52499df60fbb836a037ffead265299db1204702184015d6fbc764539268e23efcb45960f99a1357f9b83dfdb385e32486f2f12ab000ef783ab4db6bdc6304177154acc45a1a71447735c4e9e937a603950145fb49154dd8d5c4572807e42bfc828a62fb433fd307e43377ae1dd85799ab8fb9d2b8554223fedf058f69019976723e0c881aee1003c0fa5b72b5d0f65138bb2ef58b47eeaff68ae0e232f0bf305e268f76629a57aed83b28f9ffb5602791c42f413bd9dcb2761261b9fc47c12906049ed4f859a3641ad65ade3962880ea7a351d1cac7e706950d14c9eed4f57fa746f94eda9096e0bb69b852f5f725f6b8795cd61385dd3772c48a1568283d8e5067a41aa866a3e4acf4afbcb5acd50c60bdcf7af3d3f6c0642729b06fdb059258d7d291fc6c2d821e09000c2509192d4f71be9517323aff2dfc0df4791a937b38fabeb1717762a30459ec8d9f169f7862121360c03712cf832d7245dcac5f7e3a5dbc2bc3c8813d59c75b96f5572f4eaf27d7c863470b4e11e121e27a9c6f49a3601d7d1974a6b0e07f26e2f430d912d1e80c362d27f75a4ee8822185d9aaedb34e013ad86c9d9ffe5ffa6dc8db84165d11c222a89713e1f80ecab16dbd347d22729b56084f80f207b4d5661ac25c7211e9ab03620f98c414abb7b6b7ea5ee538be53c28cd0e7bec925a1b4c425a34c4f5dcba36afa6076fef4249e2a22878b613f2bfa6b3a131b2e02c203da746593aad208792c3a9694e7aa54809a02347252c189717291df06c56f7e11785e27f60b852d1ca93d209db0ca9e3a6a5c6dce665a63fb3886368080ee7f578d1dfdcf5b13b07213636a0be3f4285cdfbb8a349d0bf1846c886dc307831844baf63a009e715fc47be99f8cf4be2aee0fe7862c030888d16276aef4f65fdee5785dc0e63ca48add8e08fce175cbdb035608585a777ebc56409e6c7e9013c27b692bed3ffef9394a40164563544587f241f4c80690c01d15627baef8256fbce889b546effcec4543ab5a737fc10d443e67a438deb01e61b5f1821359ce702e6d97ae3b979067a3df1a7b80de39ba07e4a58355f162dec43e3dc29938a227fe24438a5a194f908067c447fc993d8fccbe5b9bad6ba849a6f0d2df9eb17b32788df31210ec25a4a3544959987413da395cf66dcddf3cf4c3f7bd302debf7691", 0x1000, 0x40, &(0x7f0000001040)={0xa, 0x4e22, 0x1, @empty, 0x81}, 0x1c) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = dup(r1) setsockopt$inet_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000001080), 0x4) sendto$inet6(r1, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) connect$unix(r2, &(0x7f0000006780)=@file={0x0, './bus\x00'}, 0x6e) [ 364.947328] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 364.954602] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 364.961889] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 364.969173] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:35 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000400)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r2 = syz_open_dev$mice(&(0x7f0000000480)='/dev/input/mice\x00', 0x0, 0x3fd) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000200)=0x1) tkill(r0, 0x1000000000016) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000004c0)=@filter={'filter\x00', 0xe, 0x4, 0x408, 0x120, 0x0, 0x0, 0x240, 0x0, 0x338, 0x338, 0x338, 0x338, 0x338, 0x4, &(0x7f0000000000), {[{{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@frag={0x30, 'frag\x00', 0x0, {0x40, 0x10000, 0x8, 0x2, 0x1}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x401}}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@frag={0x30, 'frag\x00', 0x0, {0x2, 0x4, 0xffffffff, 0x22, 0x3}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@uncond, 0x0, 0xc8, 0xf8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0xb000000000000000, 0x10000, 0x3f, 0x2}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x468) clone(0x8000000, &(0x7f0000000240)="e607403d06b938f1e82bf683d2b1ffeaa5e41f479dae189a9b5061546bcefa1d3bc8631c874b5b23b21ce765f327088ba72350d49777d0dd30b824f689e20ee7c87951e12f44e0e31e858e9cd20332c354960fc119cd7b55bf51d49189660390f02703eb1a2c31a74aafe55031a6c41d6037c5f2b42bbed11468d076d8fd36691494d465fce6cb76e92d69f2a1bc0505567eaa4165f94bd3e60be039729e5798efaaf5bfd7a6f4aba9c486bb26b27f3bc58ffebd1169b84c54caec0df622123e", &(0x7f0000000040), &(0x7f0000000080), &(0x7f0000000300)="ccc7e6f577117deafdfa7fe1c185cfcd1217e81e52e43ceab1c8b7dcad0b72a85b704b820f238451c61b7bcd5238e1ab35c3ea66e3c640d9296f7ca838c8999f6646067a3067399c63116d1e65756e8b61fb78a2fcfe9c12e0cfe25f09fdee4f01dee4d8486855e7b378f7fc3ed35195e00cb8f367603be55060f84afa51bd7c60d5439a1a44ea7ea234811a0a5d19dab40d652af5f539a46036d01a5697a01f97bd9ad28d7f7f8de57a9836632782739a4345dd9c3eae041f63ee3e9c2a45ca56a89f7962220b003e966bfc42423897d1f9a4509f35604c0779cc0f49326de3f73a2d7031cc") msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:35 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x1) tkill(r0, 0x1000000000016) r1 = socket$inet_tcp(0x2, 0x1, 0x0) recvmmsg(r1, &(0x7f0000006400)=[{{&(0x7f0000000180)=@in={0x2, 0x0, @remote}, 0x80, &(0x7f0000002380)=[{&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000000080)=""/58, 0x3a}, {&(0x7f0000001200)=""/27, 0x1b}, {&(0x7f0000001240)=""/95, 0x5f}, {&(0x7f00000012c0)=""/119, 0x77}, {&(0x7f0000001340)=""/18, 0x12}, {&(0x7f0000001380)=""/4096, 0x1000}], 0x7, &(0x7f0000002400)=""/104, 0x68, 0x7fffffff}, 0xffff}, {{&(0x7f0000002480)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000002640)=[{&(0x7f0000002500)=""/241, 0xf1}, {&(0x7f0000002600)=""/16, 0x10}], 0x2, &(0x7f0000002680)=""/167, 0xa7, 0x8}, 0x3ff}, {{0x0, 0x0, &(0x7f0000003ac0)=[{&(0x7f0000002740)=""/20, 0x14}, {&(0x7f0000002780)=""/242, 0xf2}, {&(0x7f0000002880)=""/231, 0xe7}, {&(0x7f0000002980)=""/139, 0x8b}, {&(0x7f0000002a40)=""/4096, 0x1000}, {&(0x7f0000003a40)=""/115, 0x73}], 0x6, &(0x7f0000003b40)=""/52, 0x34, 0x3}, 0x7}, {{&(0x7f0000003b80)=@nfc, 0x80, &(0x7f0000006080)=[{&(0x7f0000003c00)=""/187, 0xbb}, {&(0x7f0000003cc0)=""/179, 0xb3}, {&(0x7f0000003d80)=""/232, 0xe8}, {&(0x7f0000003e80)=""/4096, 0x1000}, {&(0x7f0000004e80)=""/46, 0x2e}, {&(0x7f0000004ec0)=""/4096, 0x1000}, {&(0x7f0000005ec0)=""/201, 0xc9}, {&(0x7f0000005fc0)=""/158, 0x9e}], 0x8, 0x0, 0x0, 0x20}, 0x80}, {{&(0x7f0000006100)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000006340)=[{&(0x7f0000006180)=""/14, 0xe}, {&(0x7f00000061c0)=""/39, 0x27}, {&(0x7f0000006200)}, {&(0x7f0000006240)=""/217, 0xd9}], 0x4, &(0x7f0000006380)=""/110, 0x6e, 0x5}, 0x5}], 0x5, 0x0, &(0x7f0000006540)={0x77359400}) syz_extract_tcp_res(&(0x7f0000000000), 0x4, 0xfff) 23:02:35 executing program 4 (fault-call:7 fault-nth:31): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:35 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ppoll(&(0x7f0000000080)=[{r1, 0x10}, {r0, 0x40}], 0x2, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000100)={0x8}, 0x8) ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0x80045500, &(0x7f0000000040)) [ 365.158490] FAULT_INJECTION: forcing a failure. [ 365.158490] name failslab, interval 1, probability 0, space 0, times 0 [ 365.180801] CPU: 1 PID: 13511 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 365.188183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 365.197732] Call Trace: [ 365.200340] dump_stack+0x1c4/0x2b4 [ 365.204005] ? dump_stack_print_info.cold.2+0x52/0x52 [ 365.209223] ? __kernel_text_address+0xd/0x40 [ 365.213742] ? unwind_get_return_address+0x61/0xa0 [ 365.218700] should_fail.cold.4+0xa/0x17 [ 365.222787] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 365.227909] ? save_stack+0xa9/0xd0 [ 365.231558] ? graph_lock+0x170/0x170 [ 365.235384] ? kasan_slab_alloc+0x12/0x20 [ 365.239549] ? kmem_cache_alloc+0x12e/0x730 [ 365.243885] ? mmu_topup_memory_caches+0xf7/0x390 [ 365.248742] ? kvm_mmu_load+0x21/0xfa0 [ 365.252638] ? vcpu_enter_guest+0x3dbe/0x6380 23:02:35 executing program 1: r0 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f00000002c0)={'syz'}, &(0x7f0000000480)="2206297b6895b66147b3c7218a9169a85ea0bdc9e1587a57d422b5ae5c135342e33089754c8107c3cd3923dd4a71c2ff0f6e7b6b4816122d2550689eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000000000000000b4ec24c53d3d661ff5ff70e4880617bac218cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe273f4772539844a12876dc0217de9b895c949bc32336eb852064e0791b63d541f79", 0xc0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz'}, &(0x7f00000003c0)="a5", 0x1, 0xffffffffffffffff) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) write$FUSE_NOTIFY_INVAL_ENTRY(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="2800000003ae0800000000001d000000010000f7ff0000000779dab24fd02d1539f3ab00000000004e8fefa401a695eb0c71ab6cc548eddf8ec62324091b447329bfee5a1928c4bb81b7f3e2417d0b03999b30325016cd541a481477cd95bd187f77c8bdae698a75539f44e02e5d770a81dbf55435d19007b93b36d32f920685206599a7977202521186199c59f0d7299aa1d2d08a83ee2138511e71bf747b6b91bc44563bd9ba19430ebbc171ede5bd54e47203f785a937f5c3fb145144ad03e271abc7bddf997376a2e315842bbc647a69407f58dbc9951371c88243f24ac54e76b2001bcd6264a2e06bb605fcc05fddb241d916d796fcefc9ff563a"], 0x28) keyctl$dh_compute(0x17, &(0x7f0000000000)={r1, r0, r1}, &(0x7f00000001c0)=""/114, 0x72, &(0x7f0000000240)={&(0x7f0000000040)={"77703338342d67656e6572696300000000000496eb6c2b0e23a200"}}) [ 365.257140] ? graph_lock+0x170/0x170 [ 365.260951] ? ksys_ioctl+0xa9/0xd0 [ 365.264600] ? __x64_sys_ioctl+0x73/0xb0 [ 365.268673] ? do_syscall_64+0x1b9/0x820 [ 365.272750] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 365.278148] ? find_held_lock+0x36/0x1c0 [ 365.282227] ? __lock_is_held+0xb5/0x140 [ 365.286327] ? ___might_sleep+0x1ed/0x300 [ 365.290491] ? arch_local_save_flags+0x40/0x40 [ 365.295107] __should_failslab+0x124/0x180 [ 365.299360] should_failslab+0x9/0x14 [ 365.303187] kmem_cache_alloc+0x2be/0x730 [ 365.307358] ? vmx_flush_tlb_gva+0x380/0x380 [ 365.311808] ? print_usage_bug+0xc0/0xc0 [ 365.315886] ? ima_get_action+0x7e/0xa0 [ 365.319876] ? mmu_topup_memory_caches+0xf7/0x390 [ 365.324734] mmu_topup_memory_caches+0xf7/0x390 [ 365.329430] kvm_mmu_load+0x21/0xfa0 [ 365.333156] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 365.338101] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 365.343653] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 365.348249] vcpu_enter_guest+0x3dbe/0x6380 [ 365.352634] ? emulator_read_emulated+0x50/0x50 23:02:36 executing program 1: r0 = syz_open_dev$midi(&(0x7f00000009c0)='/dev/midi#\x00', 0x200900, 0x604) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000880)={'nat\x00'}, &(0x7f0000000900)=0x78) lsetxattr(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)=@known='com.apple.system.Security\x00', &(0x7f0000000800)='\x00', 0x1, 0x2) r1 = geteuid() lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='security.capability\x00', &(0x7f0000000140)=@v3={0x3000000, [{0x805, 0x6}, {0x4, 0x105}], r1}, 0x18, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r2 = syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x1, 0x0) ioctl$RTC_WIE_OFF(r0, 0x7010) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000240)={{0x7, 0x3, 0x61, 0x894, 'syz0\x00', 0x2}, 0x1, [0x100, 0x800, 0x1ddc, 0x3ff, 0x3, 0x92, 0x4000000000, 0x7f, 0x29, 0x6, 0x6, 0x5, 0x4, 0xfffffffffffffffa, 0x1, 0x648e, 0xffff, 0x3, 0x80, 0x9, 0x100, 0x4000000000000000, 0x7, 0x2, 0x2, 0x7, 0x4, 0x4fd, 0x80, 0x100000001, 0x49, 0xfffffffffffffffd, 0x4, 0xb15, 0x2, 0xff, 0xffffffffffffff81, 0x0, 0x89b, 0x965, 0x5, 0x2, 0x4, 0x4, 0x1, 0xffffffffffffffc2, 0x1f, 0x6, 0xffffffff, 0x8, 0x8, 0x4, 0x5, 0xffffffffffffffaf, 0x3ff, 0x9, 0x7, 0x27, 0x0, 0x7, 0x8, 0x3, 0x2, 0x6, 0xff, 0x4, 0x7ff, 0x4, 0x10001, 0xfffffffffffffffa, 0x6, 0x2, 0x3ff, 0x8, 0x6, 0x100000001, 0x5, 0x4, 0xfffffffffffffbff, 0x80000000, 0x50a4d642, 0xffffffff, 0x43760eb6, 0x2, 0x3294, 0x1, 0x51, 0x100, 0x3, 0x9, 0x3, 0x4, 0x4, 0x100, 0x8, 0x3ff, 0x1, 0x0, 0x400, 0x8, 0x81, 0x10001, 0x65b, 0x800, 0x83, 0x8, 0x6, 0x3, 0xffffffff, 0x8000, 0x5, 0xc2a, 0x2, 0x1f, 0x6ce6, 0x5, 0x3, 0x243bc2a9, 0x8, 0x704, 0x1f, 0xfffffffffffffff7, 0x9, 0x6, 0x5, 0xfff, 0x12, 0x1], {r3, r4+30000000}}) lsetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=@known='security.evm\x00', &(0x7f0000000180)="03", 0x1, 0x0) chroot(&(0x7f0000000740)='.\x00') [ 365.357937] ? vmx_vcpu_load+0xb06/0x1030 [ 365.362105] ? vmx_write_tsc_offset+0x680/0x680 [ 365.366790] ? graph_lock+0x170/0x170 [ 365.370648] ? lock_downgrade+0x900/0x900 [ 365.374815] ? check_preemption_disabled+0x48/0x200 [ 365.379847] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 365.385402] ? check_preemption_disabled+0x48/0x200 [ 365.390447] ? check_preemption_disabled+0x48/0x200 [ 365.395484] ? __lock_is_held+0xb5/0x140 [ 365.399558] ? lock_acquire+0x1ed/0x520 [ 365.403585] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 23:02:36 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) getgid() getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)) fstat(r0, &(0x7f00000002c0)) stat(&(0x7f0000000400)='./file0\x00', &(0x7f00000004c0)) fstat(0xffffffffffffffff, &(0x7f0000000540)) lstat(&(0x7f0000000440)='./file0\x00', &(0x7f00000005c0)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000640), &(0x7f0000000680)=0xc) stat(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000840), &(0x7f0000000880)=0xc) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000008c0), &(0x7f0000000900)=0xc) stat(&(0x7f0000000940)='./file0\x00', &(0x7f0000000980)) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) sendmsg$alg(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f00000003c0)}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_tables_names\x00') mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x10, 0xffffffffffffffff, 0x0) open_by_handle_at(r2, &(0x7f0000000340)={0x8d, 0x0, "0edd80238e69051e4280b3835cd2cc8c75fae164b6deedf6631d4ecc95cf266bbec293dd1486394a9b700b26305a234dfe5bc3c7f203095aeaa8ad1a8bf4029750a2ea36ed73e0a9d3612c96e92f07562b4df6b3816662b9855c1955649095ef2205d97c04252c78f1aa4a2f2aa8f5db1e5aa475433f6b38d1edd25318e4db179ead32bf6f"}, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f000001e000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000140)="b805000000b9008000000f01c1f080a4b000600000000fc3180f09c744240000000000c744240200080000c7442406000000000f0114240f08f3a5650f050f20da0f01cf", 0x44}], 0x1, 0x0, &(0x7f0000000380), 0x78) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = semget$private(0x0, 0x4, 0x100) semctl$IPC_RMID(r4, 0x0, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={&(0x7f00000000c0), 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2800000010ba000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="030000000000000008001b0000000000"], 0x28}}, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000080)={'team_slave_0\x00\x00\x00`'}) [ 365.408642] ? lock_release+0x970/0x970 [ 365.412634] ? kvm_gen_update_masterclock+0x350/0x350 [ 365.417837] ? kvm_arch_dev_ioctl+0x630/0x630 [ 365.422348] ? preempt_notifier_dec+0x20/0x20 [ 365.426876] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 365.431745] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 365.436787] kvm_vcpu_ioctl+0x72b/0x1150 [ 365.440911] ? kvm_vcpu_block+0x1030/0x1030 [ 365.445253] ? find_held_lock+0x36/0x1c0 [ 365.449339] ? __fget+0x4aa/0x740 [ 365.452841] ? check_preemption_disabled+0x48/0x200 [ 365.457889] ? kasan_check_read+0x11/0x20 [ 365.462086] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 365.467397] ? rcu_bh_qs+0xc0/0xc0 [ 365.470966] ? __fget+0x4d1/0x740 [ 365.474444] ? ksys_dup3+0x680/0x680 [ 365.478172] ? find_held_lock+0x36/0x1c0 [ 365.482298] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 365.487261] ? kvm_vcpu_block+0x1030/0x1030 [ 365.491589] do_vfs_ioctl+0x1de/0x1720 [ 365.495487] ? __lock_is_held+0xb5/0x140 [ 365.499546] ? ioctl_preallocate+0x300/0x300 [ 365.503997] ? __fget_light+0x2e9/0x430 [ 365.508001] ? fget_raw+0x20/0x20 [ 365.511476] ? __sb_end_write+0xd9/0x110 [ 365.515574] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 365.521106] ? fput+0x130/0x1a0 [ 365.524385] ? do_syscall_64+0x9a/0x820 [ 365.528350] ? do_syscall_64+0x9a/0x820 [ 365.532320] ? lockdep_hardirqs_on+0x421/0x5c0 [ 365.536894] ? security_file_ioctl+0x94/0xc0 [ 365.541292] ksys_ioctl+0xa9/0xd0 [ 365.544763] __x64_sys_ioctl+0x73/0xb0 [ 365.548664] do_syscall_64+0x1b9/0x820 [ 365.552614] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 365.557967] ? syscall_return_slowpath+0x5e0/0x5e0 [ 365.562902] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.567747] ? trace_hardirqs_on_caller+0x310/0x310 [ 365.572765] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 365.577779] ? prepare_exit_to_usermode+0x291/0x3b0 [ 365.582829] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.587704] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 365.592927] RIP: 0033:0x457569 23:02:36 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000140), &(0x7f0000000180)=0xc) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={&(0x7f0000000040), 0xfffffffffffffe54, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=0x0, @ANYRES32=0x0, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRES16=r0, @ANYRES16, @ANYRESOCT=r0]], 0x4}}, 0x3) getitimer(0x0, &(0x7f0000000000)) eventfd2(0x401, 0x80801) [ 365.596111] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 365.615006] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 365.622742] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 365.630011] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 365.637295] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 365.644565] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 365.651843] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:36 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x10080) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x14, &(0x7f0000000c00)={r2}, &(0x7f00000000c0)=0x8) 23:02:36 executing program 4 (fault-call:7 fault-nth:32): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:36 executing program 2: clone(0x20020000, &(0x7f0000000080), &(0x7f0000000040), &(0x7f0000fef000), &(0x7f00000001c0)) prctl$intptr(0x22, 0xf91) [ 365.872255] FAULT_INJECTION: forcing a failure. [ 365.872255] name failslab, interval 1, probability 0, space 0, times 0 [ 365.939421] CPU: 0 PID: 13541 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 365.946806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 365.956165] Call Trace: [ 365.958782] dump_stack+0x1c4/0x2b4 [ 365.958810] ? dump_stack_print_info.cold.2+0x52/0x52 [ 365.958831] ? __kernel_text_address+0xd/0x40 [ 365.958852] ? unwind_get_return_address+0x61/0xa0 [ 365.958903] should_fail.cold.4+0xa/0x17 [ 365.967684] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 365.967703] ? save_stack+0xa9/0xd0 [ 365.967721] ? graph_lock+0x170/0x170 [ 365.967749] ? kasan_slab_alloc+0x12/0x20 [ 365.967765] ? kmem_cache_alloc+0x12e/0x730 [ 365.967781] ? mmu_topup_memory_caches+0xf7/0x390 [ 365.967792] ? kvm_mmu_load+0x21/0xfa0 [ 365.967811] ? vcpu_enter_guest+0x3dbe/0x6380 [ 366.015418] ? graph_lock+0x170/0x170 [ 366.019229] ? ksys_ioctl+0xa9/0xd0 [ 366.022886] ? __x64_sys_ioctl+0x73/0xb0 [ 366.026992] ? do_syscall_64+0x1b9/0x820 [ 366.031078] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 366.036460] ? find_held_lock+0x36/0x1c0 [ 366.040524] ? __lock_is_held+0xb5/0x140 [ 366.044644] ? ___might_sleep+0x1ed/0x300 [ 366.048838] ? arch_local_save_flags+0x40/0x40 [ 366.053479] __should_failslab+0x124/0x180 [ 366.057719] should_failslab+0x9/0x14 [ 366.061576] kmem_cache_alloc+0x2be/0x730 [ 366.065735] ? vmx_flush_tlb_gva+0x380/0x380 [ 366.070136] ? print_usage_bug+0xc0/0xc0 [ 366.074204] ? ima_get_action+0x7e/0xa0 [ 366.078191] ? mmu_topup_memory_caches+0xf7/0x390 [ 366.083055] mmu_topup_memory_caches+0xf7/0x390 [ 366.087742] kvm_mmu_load+0x21/0xfa0 [ 366.091467] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 366.096414] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 366.101959] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 366.106561] vcpu_enter_guest+0x3dbe/0x6380 [ 366.110969] ? emulator_read_emulated+0x50/0x50 [ 366.115677] ? vmx_vcpu_load+0xb06/0x1030 [ 366.119847] ? vmx_write_tsc_offset+0x680/0x680 [ 366.124531] ? graph_lock+0x170/0x170 [ 366.128344] ? lock_downgrade+0x900/0x900 [ 366.132524] ? check_preemption_disabled+0x48/0x200 [ 366.137570] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 366.143128] ? check_preemption_disabled+0x48/0x200 [ 366.148153] ? check_preemption_disabled+0x48/0x200 [ 366.153192] ? __lock_is_held+0xb5/0x140 [ 366.157271] ? lock_acquire+0x1ed/0x520 [ 366.161292] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 366.166324] ? lock_release+0x970/0x970 [ 366.166342] ? kvm_gen_update_masterclock+0x350/0x350 [ 366.166361] ? kvm_arch_dev_ioctl+0x630/0x630 [ 366.166376] ? preempt_notifier_dec+0x20/0x20 [ 366.166405] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 366.166424] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 366.184573] kvm_vcpu_ioctl+0x72b/0x1150 [ 366.184606] ? kvm_vcpu_block+0x1030/0x1030 [ 366.184629] ? find_held_lock+0x36/0x1c0 [ 366.184654] ? __fget+0x4aa/0x740 [ 366.184675] ? check_preemption_disabled+0x48/0x200 [ 366.215629] ? kasan_check_read+0x11/0x20 [ 366.219799] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 366.225089] ? rcu_bh_qs+0xc0/0xc0 [ 366.228669] ? __fget+0x4d1/0x740 [ 366.232157] ? ksys_dup3+0x680/0x680 [ 366.235888] ? find_held_lock+0x36/0x1c0 [ 366.239985] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 366.244938] ? kvm_vcpu_block+0x1030/0x1030 [ 366.249307] do_vfs_ioctl+0x1de/0x1720 [ 366.253225] ? __lock_is_held+0xb5/0x140 [ 366.257307] ? ioctl_preallocate+0x300/0x300 [ 366.261728] ? __fget_light+0x2e9/0x430 [ 366.265725] ? fget_raw+0x20/0x20 [ 366.269190] ? __sb_end_write+0xd9/0x110 [ 366.273288] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 366.278834] ? fput+0x130/0x1a0 [ 366.282129] ? do_syscall_64+0x9a/0x820 [ 366.286116] ? do_syscall_64+0x9a/0x820 [ 366.290104] ? lockdep_hardirqs_on+0x421/0x5c0 [ 366.294706] ? security_file_ioctl+0x94/0xc0 [ 366.299133] ksys_ioctl+0xa9/0xd0 [ 366.302617] __x64_sys_ioctl+0x73/0xb0 [ 366.306518] do_syscall_64+0x1b9/0x820 [ 366.310421] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 366.315803] ? syscall_return_slowpath+0x5e0/0x5e0 [ 366.320746] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 366.325615] ? trace_hardirqs_on_caller+0x310/0x310 [ 366.330896] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 366.335925] ? prepare_exit_to_usermode+0x291/0x3b0 [ 366.340975] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 366.345839] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 366.351042] RIP: 0033:0x457569 [ 366.354248] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 366.373153] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 366.380894] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 23:02:36 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = accept4$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000040)=0x1c, 0x80800) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)}, &(0x7f0000000100)=0x10) r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffff9c, 0xae41, 0x0) ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f0000000280)={0x0, 0x0, 0x2080}) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000140)={r2, 0x3}, &(0x7f0000000180)=0x8) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='veth0_to_team\x00', 0x10) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000240)="2e605039f4fa3843e59ac74af0d18b1b", 0x10) 23:02:36 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x490080, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x94, r3, 0x0, 0x70bd26, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_DEST={0x78, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@mcast1}, @IPVS_DEST_ATTR_ADDR={0x14}, @IPVS_DEST_ATTR_U_THRESH={0x8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e20}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_U_THRESH={0x8}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0xc}}]}]}, 0x94}}, 0x1) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) getpgrp(r0) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:37 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) ioctl$ASHMEM_GET_SIZE(r1, 0x7704, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) [ 366.388201] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 366.395476] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 366.402753] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 366.410056] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:37 executing program 2: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0xfffffe) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r1, &(0x7f0000001c80)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/231, 0xe7}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="48ae4d87584f64cc00000000000000140100000100117300", @ANYPTR=&(0x7f0000000780)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="e970270000020000c67c2d906dc50dd1df29193c0a9361782c51641cf1e37f7b35741b750195270b5c377d1b54bf083de91ae21ec2b30a8181176c10bf8a52045a3261098a760cd3fdce6003516a0451d8d76866cbd90b646a655287e7d55e0fb8f588ae1eb9fd1e27a39a469c638d1651a7ff957d0db3ed57c50d9f5bd24c533c005dcc480793d3cc4f2b166349ffa9b24fdf5f2a62a51c8df3a1eb97dc82d177c7d9600fb5cb6fd696bad2a50105773107c7b81c9c212aa96240c99115ac056390af0c503849771ef72a4f334fb6c3614110", @ANYPTR=&(0x7f0000001b80)=ANY=[@ANYPTR=&(0x7f0000001940)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009f4906b887aa0f665c90540e06000000000000150000000000000008000006000000000000000000000000000000"], @ANYBLOB='i\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="01000000000000003d000000000000000000000000000000"], 0x113}, 0x0) 23:02:37 executing program 4 (fault-call:7 fault-nth:33): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:37 executing program 2: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000080)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000ee3fe0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000100)={{&(0x7f0000012000/0x2000)=nil, 0x2000}}) [ 366.656346] FAULT_INJECTION: forcing a failure. [ 366.656346] name failslab, interval 1, probability 0, space 0, times 0 [ 366.673109] CPU: 1 PID: 13577 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 366.680489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 366.689858] Call Trace: [ 366.692464] dump_stack+0x1c4/0x2b4 [ 366.696143] ? dump_stack_print_info.cold.2+0x52/0x52 [ 366.701355] ? __kernel_text_address+0xd/0x40 [ 366.705865] ? unwind_get_return_address+0x61/0xa0 [ 366.710818] should_fail.cold.4+0xa/0x17 [ 366.714895] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 366.720026] ? save_stack+0xa9/0xd0 [ 366.723668] ? graph_lock+0x170/0x170 [ 366.727505] ? kasan_slab_alloc+0x12/0x20 [ 366.731657] ? kmem_cache_alloc+0x12e/0x730 [ 366.735984] ? mmu_topup_memory_caches+0xf7/0x390 [ 366.740831] ? kvm_mmu_load+0x21/0xfa0 [ 366.744724] ? vcpu_enter_guest+0x3dbe/0x6380 [ 366.749223] ? graph_lock+0x170/0x170 [ 366.753029] ? ksys_ioctl+0xa9/0xd0 [ 366.756657] ? __x64_sys_ioctl+0x73/0xb0 [ 366.760725] ? do_syscall_64+0x1b9/0x820 [ 366.764822] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 366.770216] ? find_held_lock+0x36/0x1c0 [ 366.774292] ? __lock_is_held+0xb5/0x140 [ 366.778380] ? ___might_sleep+0x1ed/0x300 [ 366.782538] ? arch_local_save_flags+0x40/0x40 [ 366.787144] __should_failslab+0x124/0x180 [ 366.791405] should_failslab+0x9/0x14 [ 366.795214] kmem_cache_alloc+0x2be/0x730 [ 366.799390] ? vmx_flush_tlb_gva+0x380/0x380 [ 366.803873] ? __perf_event_task_sched_in+0x2a9/0xb60 [ 366.809077] ? mmu_topup_memory_caches+0xf7/0x390 [ 366.813948] mmu_topup_memory_caches+0xf7/0x390 [ 366.818652] kvm_mmu_load+0x21/0xfa0 [ 366.822372] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 366.827318] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 366.832866] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 366.837475] vcpu_enter_guest+0x3dbe/0x6380 [ 366.841822] ? emulator_read_emulated+0x50/0x50 [ 366.846507] ? vmx_vcpu_load+0xb06/0x1030 [ 366.850673] ? vmx_write_tsc_offset+0x680/0x680 [ 366.855402] ? graph_lock+0x170/0x170 [ 366.859208] ? __switch_to_asm+0x40/0x70 [ 366.863270] ? __switch_to_asm+0x34/0x70 [ 366.867332] ? __switch_to_asm+0x40/0x70 [ 366.871396] ? __switch_to_asm+0x34/0x70 [ 366.875465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 366.881019] ? check_preemption_disabled+0x48/0x200 [ 366.886041] ? check_preemption_disabled+0x48/0x200 [ 366.891080] ? __lock_is_held+0xb5/0x140 [ 366.895160] ? lock_acquire+0x1ed/0x520 [ 366.899142] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 366.904179] ? lock_release+0x970/0x970 [ 366.908173] ? kvm_gen_update_masterclock+0x350/0x350 [ 366.913390] ? kvm_arch_dev_ioctl+0x630/0x630 [ 366.917891] ? preempt_notifier_dec+0x20/0x20 [ 366.922421] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 366.927267] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 366.932313] kvm_vcpu_ioctl+0x72b/0x1150 [ 366.936391] ? kvm_vcpu_block+0x1030/0x1030 [ 366.940728] ? find_held_lock+0x36/0x1c0 [ 366.944811] ? __fget+0x4aa/0x740 [ 366.948276] ? check_preemption_disabled+0x48/0x200 [ 366.953304] ? kasan_check_read+0x11/0x20 [ 366.957460] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 366.962750] ? rcu_bh_qs+0xc0/0xc0 [ 366.966312] ? __fget+0x4d1/0x740 [ 366.969783] ? ksys_dup3+0x680/0x680 [ 366.973503] ? find_held_lock+0x36/0x1c0 [ 366.977578] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 366.982534] ? kvm_vcpu_block+0x1030/0x1030 [ 366.986864] do_vfs_ioctl+0x1de/0x1720 [ 366.990759] ? __lock_is_held+0xb5/0x140 [ 366.994835] ? ioctl_preallocate+0x300/0x300 [ 366.999266] ? __fget_light+0x2e9/0x430 [ 367.003252] ? fget_raw+0x20/0x20 [ 367.006735] ? __sb_end_write+0xd9/0x110 [ 367.010811] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 367.016385] ? fput+0x130/0x1a0 [ 367.019692] ? do_syscall_64+0x9a/0x820 [ 367.023674] ? do_syscall_64+0x9a/0x820 [ 367.027660] ? lockdep_hardirqs_on+0x421/0x5c0 [ 367.032289] ? security_file_ioctl+0x94/0xc0 [ 367.036715] ksys_ioctl+0xa9/0xd0 [ 367.040181] __x64_sys_ioctl+0x73/0xb0 [ 367.044077] do_syscall_64+0x1b9/0x820 [ 367.047970] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 367.053365] ? syscall_return_slowpath+0x5e0/0x5e0 [ 367.058302] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.063156] ? trace_hardirqs_on_caller+0x310/0x310 [ 367.068180] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 367.073207] ? prepare_exit_to_usermode+0x291/0x3b0 [ 367.078252] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.083114] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 367.088353] RIP: 0033:0x457569 [ 367.091554] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 367.110475] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 367.118204] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 367.125478] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 367.132748] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 367.140018] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 367.147292] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:37 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) getgid() getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)) fstat(r0, &(0x7f00000002c0)) stat(&(0x7f0000000400)='./file0\x00', &(0x7f00000004c0)) fstat(0xffffffffffffffff, &(0x7f0000000540)) lstat(&(0x7f0000000440)='./file0\x00', &(0x7f00000005c0)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000640), &(0x7f0000000680)=0xc) stat(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000840), &(0x7f0000000880)=0xc) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000008c0), &(0x7f0000000900)=0xc) stat(&(0x7f0000000940)='./file0\x00', &(0x7f0000000980)) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) sendmsg$alg(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f00000003c0)}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_tables_names\x00') mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x10, 0xffffffffffffffff, 0x0) open_by_handle_at(r2, &(0x7f0000000340)={0x8d, 0x0, "0edd80238e69051e4280b3835cd2cc8c75fae164b6deedf6631d4ecc95cf266bbec293dd1486394a9b700b26305a234dfe5bc3c7f203095aeaa8ad1a8bf4029750a2ea36ed73e0a9d3612c96e92f07562b4df6b3816662b9855c1955649095ef2205d97c04252c78f1aa4a2f2aa8f5db1e5aa475433f6b38d1edd25318e4db179ead32bf6f"}, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f000001e000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000140)="b805000000b9008000000f01c1f080a4b000600000000fc3180f09c744240000000000c744240200080000c7442406000000000f0114240f08f3a5650f050f20da0f01cf", 0x44}], 0x1, 0x0, &(0x7f0000000380), 0x78) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = semget$private(0x0, 0x4, 0x100) semctl$IPC_RMID(r4, 0x0, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={&(0x7f00000000c0), 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2800000010ba000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="030000000000000008001b0000000000"], 0x28}}, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000080)={'team_slave_0\x00\x00\x00`'}) 23:02:37 executing program 5: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0xb2080, 0x0) ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f0000000080)=""/150) r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = getpgid(0x0) ioctl$BLKFLSBUF(r0, 0x1261, &(0x7f0000000140)=0x4) syz_open_procfs(r2, &(0x7f0000000280)='net/udplite6\x00') r3 = socket$inet_smc(0x2b, 0x1, 0x0) dup2(r1, r3) personality(0x1000000) 23:02:37 executing program 4 (fault-call:7 fault-nth:34): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:37 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f00000014c0)) msgsnd(r2, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(r1, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000000040)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:38 executing program 2: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000080)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000ee3fe0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000100)={{&(0x7f0000012000/0x2000)=nil, 0x2000}}) 23:02:38 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x5, 0x4, 0x652, 0x1, 0x7fff, 0x200}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000200)={0x0, 0x401, 0x0, 0x7fff, 0x1, 0x7, 0x4, 0x8, {0x0, @in={{0x2, 0x4e23, @rand_addr=0x4}}, 0xb436, 0x8, 0x3f, 0x3, 0x461}}, &(0x7f0000000080)=0xb0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000000c0)={r2, 0xffffffff}, &(0x7f0000000140)=0x8) utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000001140)) 23:02:38 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2000000000000402) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) [ 367.396512] FAULT_INJECTION: forcing a failure. [ 367.396512] name failslab, interval 1, probability 0, space 0, times 0 23:02:38 executing program 5: syz_emit_ethernet(0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaabcaaaa246b37778cba86dd8c00000000000000000000bbfe8a76e099489878550000a8880000eb22b878"], &(0x7f0000000100)={0x0, 0x3}) r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) memfd_create(&(0x7f0000000080)=':posix_acl_access*&\x00', 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000040)={0x0, @aes256, 0x2, "9ca69a8c35edb7cd"}) [ 367.450607] CPU: 1 PID: 13596 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 367.457999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.467365] Call Trace: [ 367.469991] dump_stack+0x1c4/0x2b4 [ 367.473658] ? dump_stack_print_info.cold.2+0x52/0x52 [ 367.478865] ? __kernel_text_address+0xd/0x40 [ 367.483374] ? unwind_get_return_address+0x61/0xa0 [ 367.488328] should_fail.cold.4+0xa/0x17 [ 367.492409] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 367.497523] ? save_stack+0xa9/0xd0 [ 367.501163] ? graph_lock+0x170/0x170 [ 367.504972] ? kasan_slab_alloc+0x12/0x20 [ 367.509130] ? kmem_cache_alloc+0x12e/0x730 [ 367.513462] ? mmu_topup_memory_caches+0xf7/0x390 [ 367.518309] ? kvm_mmu_load+0x21/0xfa0 [ 367.522205] ? vcpu_enter_guest+0x3dbe/0x6380 [ 367.526708] ? graph_lock+0x170/0x170 [ 367.530516] ? ksys_ioctl+0xa9/0xd0 [ 367.534149] ? __x64_sys_ioctl+0x73/0xb0 [ 367.538218] ? do_syscall_64+0x1b9/0x820 [ 367.542287] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 367.547666] ? find_held_lock+0x36/0x1c0 [ 367.551746] ? __lock_is_held+0xb5/0x140 [ 367.555830] ? ___might_sleep+0x1ed/0x300 [ 367.559989] ? arch_local_save_flags+0x40/0x40 [ 367.564604] __should_failslab+0x124/0x180 [ 367.568868] should_failslab+0x9/0x14 [ 367.572695] kmem_cache_alloc+0x2be/0x730 [ 367.576848] ? vmx_flush_tlb_gva+0x380/0x380 [ 367.581262] ? print_usage_bug+0xc0/0xc0 [ 367.585328] ? ima_get_action+0x7e/0xa0 [ 367.589345] ? mmu_topup_memory_caches+0xf7/0x390 [ 367.594207] mmu_topup_memory_caches+0xf7/0x390 [ 367.598903] kvm_mmu_load+0x21/0xfa0 [ 367.602641] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 367.607587] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 367.613142] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 367.617740] vcpu_enter_guest+0x3dbe/0x6380 [ 367.622091] ? emulator_read_emulated+0x50/0x50 [ 367.626777] ? vmx_vcpu_load+0xb06/0x1030 [ 367.630944] ? vmx_write_tsc_offset+0x680/0x680 [ 367.635625] ? graph_lock+0x170/0x170 [ 367.639432] ? lock_downgrade+0x900/0x900 [ 367.643636] ? check_preemption_disabled+0x48/0x200 [ 367.648659] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 367.654204] ? check_preemption_disabled+0x48/0x200 [ 367.659240] ? check_preemption_disabled+0x48/0x200 [ 367.664278] ? __lock_is_held+0xb5/0x140 [ 367.668357] ? lock_acquire+0x1ed/0x520 [ 367.672342] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 367.677386] ? lock_release+0x970/0x970 [ 367.681373] ? kvm_gen_update_masterclock+0x350/0x350 [ 367.686577] ? kvm_arch_dev_ioctl+0x630/0x630 [ 367.691119] ? preempt_notifier_dec+0x20/0x20 [ 367.695659] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 367.700525] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 367.705568] kvm_vcpu_ioctl+0x72b/0x1150 [ 367.709651] ? kvm_vcpu_block+0x1030/0x1030 [ 367.713988] ? find_held_lock+0x36/0x1c0 [ 367.718066] ? __fget+0x4aa/0x740 [ 367.721530] ? check_preemption_disabled+0x48/0x200 [ 367.726562] ? kasan_check_read+0x11/0x20 [ 367.730726] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 367.736016] ? rcu_bh_qs+0xc0/0xc0 [ 367.739619] ? __fget+0x4d1/0x740 [ 367.743106] ? ksys_dup3+0x680/0x680 [ 367.746825] ? find_held_lock+0x36/0x1c0 [ 367.750903] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 367.755850] ? kvm_vcpu_block+0x1030/0x1030 [ 367.760184] do_vfs_ioctl+0x1de/0x1720 [ 367.764082] ? __lock_is_held+0xb5/0x140 [ 367.768154] ? ioctl_preallocate+0x300/0x300 [ 367.772572] ? __fget_light+0x2e9/0x430 [ 367.776579] ? fget_raw+0x20/0x20 [ 367.780049] ? __sb_end_write+0xd9/0x110 [ 367.784124] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 367.789665] ? fput+0x130/0x1a0 [ 367.792958] ? do_syscall_64+0x9a/0x820 [ 367.796940] ? do_syscall_64+0x9a/0x820 [ 367.800922] ? lockdep_hardirqs_on+0x421/0x5c0 [ 367.805513] ? security_file_ioctl+0x94/0xc0 [ 367.809935] ksys_ioctl+0xa9/0xd0 [ 367.813405] __x64_sys_ioctl+0x73/0xb0 [ 367.817303] do_syscall_64+0x1b9/0x820 [ 367.821198] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 367.826588] ? syscall_return_slowpath+0x5e0/0x5e0 [ 367.831530] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.836387] ? trace_hardirqs_on_caller+0x310/0x310 [ 367.841419] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 367.846457] ? prepare_exit_to_usermode+0x291/0x3b0 [ 367.851501] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.856363] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 367.861559] RIP: 0033:0x457569 [ 367.864802] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 367.883705] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 367.891424] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 367.898699] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 367.905976] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 367.913253] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 367.920551] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:38 executing program 1: prctl$getname(0x10, &(0x7f0000000000)) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x200302, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0xffffffffffff02d6}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000100)={r2, 0x7fffffff, 0x1}, &(0x7f0000000140)=0x8) write$FUSE_DIRENT(r1, &(0x7f0000000180)={0xb0, 0x0, 0x4, [{0x2, 0x9, 0xc, 0x0, '/dev/autofs\x00'}, {0x5, 0x1000, 0x15, 0x4, '#mime_typecgroupnodev'}, {0x0, 0x6, 0x1, 0x7, '%'}, {0x4, 0x2, 0xc, 0x8, '/dev/autofs\x00'}]}, 0xb0) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r1, 0x800442d2, &(0x7f00000002c0)={0x4, &(0x7f0000000240)=[{0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @remote}, {}, {0x0, 0x0, 0x0, @dev}]}) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000300)={'bond0\x00'}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000340)={[{0x5a, 0x2c6a2c0f, 0x2, 0x0, 0x7, 0x0, 0x80000001, 0x9, 0x3f, 0x3, 0x83, 0x2, 0x80}, {0x1, 0x38, 0x9, 0x2, 0x4, 0x1, 0x1, 0x5, 0x5504, 0x4, 0x1, 0x1, 0x7f}, {0x8000, 0x27, 0xff, 0x40, 0x3, 0x49, 0x10000, 0x3f, 0x7fff, 0x7fffffff, 0x2, 0x8, 0x6}], 0xffffffffffffff09}) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f00000004c0)=0xe8) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000500), &(0x7f0000000540)=0x4) ioctl$BLKTRACESTOP(r1, 0x1275, 0x0) ioctl$KVM_GET_DEBUGREGS(r1, 0x8080aea1, &(0x7f0000000580)) ioctl$EVIOCGID(r1, 0x80084502, &(0x7f0000000600)=""/174) r5 = geteuid() socketpair$packet(0x11, 0x3, 0x300, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) bind$alg(r1, &(0x7f0000000700)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-aesni\x00'}, 0x58) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000780)={r2, 0xfffffffffffffff8}, &(0x7f00000007c0)=0x8) read$FUSE(r1, &(0x7f0000000800), 0x1000) timer_create(0x7, &(0x7f00000019c0)={0x0, 0x5, 0x1, @thr={&(0x7f0000001800)="8e56ed7960ee2c4ea3b540b7849e3c48d5b0255030ecbf8a79d0f37f042f11109216619e12908585d1b7a5adcf7bf5ea3ed017f03402fc2127a1c6251350fe5faf7c34d7fa199650e5f5866826e386635a027f66d8104d283fbaa1df391ddf6ede00aeb36066efbd2a53daf239ac55114be64bbc8a8de33fb512c36f0bf6e9e2f71924f63d41de7a6b11c0a86bca9816c3b3e22247a952836aea8291a70f767d2172d72c50448b33400de854c6e4ba64968c1501e9d68d987099aa312002295cbd199b8d002a08926cb727b9f1ba7af42b23c3a8", &(0x7f0000001900)="8931cb05e831673980612903962c9ec15e41a64ddada864e5b1572c389017340614452c66d6d97829182be2fdb328f6dd3a5003d0335d678e2348c9e500ee85b309ad1fa5f7425939a41c877013e040446b5b271b3127d97a22eca1b7021779a599579e3f76727fefe2c3e481cd798b5e772bdaae50fac3bb1d4909c920fcca31ac49f0b8aa6a5bc886256b38460f47504c566a2fc1ed767e0dc182357a88c94ed96"}}, &(0x7f0000001a00)=0x0) timer_getoverrun(r8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000001a40)={0x4d2c906f}, 0x1) ioctl$KVM_GET_FPU(r1, 0x81a0ae8c, &(0x7f0000001a80)) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000001c40)={{{@in6=@loopback, @in6=@local, 0x4e22, 0x101, 0x4e21, 0x7, 0xa, 0x20, 0x20, 0x88, r3, r4}, {0x7, 0x100, 0x9, 0x7fff, 0x2cf, 0x6, 0xfffffffffffffe01}, {0x2f24, 0x3f, 0x6, 0xffffffffffffffff}, 0xbe91, 0x0, 0x2, 0x1, 0x2, 0x2}, {{@in=@local, 0x4d3, 0xff}, 0xa, @in=@multicast2, 0x3500, 0x2, 0x1, 0x1, 0xffffffffffffffde, 0x0, 0x4}}, 0xe8) r9 = dup3(r7, r0, 0x80000) getsockopt$bt_BT_POWER(r6, 0x112, 0x9, &(0x7f0000001d40)=0x4, &(0x7f0000001d80)=0x1) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r9, 0x84, 0x16, &(0x7f0000001dc0)={0x5, [0x20, 0x0, 0x236, 0x100000000, 0x7fff]}, &(0x7f0000001e00)=0xe) sendmsg$nl_netfilter(r0, &(0x7f0000002300)={&(0x7f0000001e40), 0xc, &(0x7f00000022c0)={&(0x7f0000001e80)={0x430, 0x10, 0xf, 0x20, 0x70bd25, 0x25dfdbfe, {0x2, 0x0, 0x6}, [@nested={0x2b4, 0x63, [@typed={0x8, 0x17, @uid=r5}, @generic="81c9e937bfe7e65c1430fec281e8227019d2b9473a3a51f413a01ace0722aaf04dc578cd148390b9ee55227191d8c5fc4f4a162a5538e4a0095a1a0c76424e38fa17adb48377dd1ae533b557a61219e5dc6cb519ca65cbb4bc7e305bb189e5e7766635a1466cf824c3d215c412aed7ad8287a7df88345558a86600aceedc13f880f6b69a39310a12c9df8987af8ee8c0c4cc5c21dd56dafe310e40c9e63f79a8c0c36baa7965bfc340d42bc62db3a2c58819c1ff56632d67585acac55100f25877b0d1306b6822750c920690a825543c139834f24cf4347c2a7468331ff6dd0acc7de5b619df138dba3f66e191cee7d72cc0fa33d756acf686", @typed={0xc, 0x6e, @u64=0x7fff}, @generic="b3eefc6c7dfdb4896c76cd0791fd19a60a4708a0f7bcfa9574264d16fa8c6c590997e75ab6161bd0b7a0ed87c4ef88da5099dd4310bec8e653d0b7853e428f34f62d9445bb85b579afdbaa241119ed85f1f67a7389626c59a10839573fea6d6182bcd902154c1e9d2ede56790bf232c1a164889cbec07f5b17725690bb1ef0f6ad67c897685701333c2a427d9e5b9394e64b92ac0f25dc0c9d61786d7fbdedc448c971c9b19a28af9824902091efab3acb687c639bd0d7edbefeed870c963bc7ff8902b1cb", @typed={0x14, 0x94, @str='aegis128l-aesni\x00'}, @typed={0x4, 0xb}, @typed={0x8, 0x9, @fd=r1}, @generic="b807dc6849c2", @typed={0xc, 0x1f, @u64=0x476}, @generic="88e425b26548fa465975d127f1e339ebdba3d0abd019d52a99ebc5b3946a57daeffc9925fa01314506124b4251f2d6b68762911dd4debfb2ef52611033ccd650041606bc64b96efc3b782dce1d3f3c4e9fb06ec29180254aec4873de9ce3a23426a1dc438b4b528a873089de83f26312966b4362e632f9485532323d4d980e0a95866caa3a31c5790a0324a916cf626eaee8bfa11f98848f48eb8c5dab91ec91922667c743223b3b1d20f952"]}, @generic="005d50de90894554c2c1fede1754101d577fcd463242e0b5fd3c73ee6515a94bf853ef784f36e3", @typed={0x8, 0x5f, @fd=r1}, @nested={0xd4, 0x31, [@typed={0x8, 0x36, @uid=r5}, @generic="eb0b921bbdd78ce2c5b0eb5cb080ca7eb94f8dd5da548d4ce91df77c2df6d120cdf0c5e04c444a93cd0bbb909e36d4bfa515793987bb70abe7a41929291e97b1ba39e7caca64f8647875a76795faa24bc45b88ba6c8333af2974994c1af4c6bb157e76548f9acc54345013d558de37a94deef23e18b8ac941f17e3959a0d34c93758ca26d5bbd499ee10754e0b60f45d653df2e97dc1f970389769659c85dc1d8a92e4b239850a803f6500e70dfe45339a5fbf062e8f9cbddaf9fb68a3cfc42e3ba6579b7b"]}, @generic="26867ad51490796ef123d7ed61d1ababa33c85ce6cab7f347d31f5ee92775416fe1d01a177391870922eb6d7bf91601264d7581461a3aff8404aef45067532a670aad9114d6938ebc3d8939fb2f99e8c6cc761b75d4cd5099ce52184250458334e52ba", @generic="8a"]}, 0x430}, 0x1, 0x0, 0x0, 0x8000}, 0x2000c000) ioctl$RTC_EPOCH_READ(r1, 0x8008700d, &(0x7f0000002340)) 23:02:38 executing program 5: gettid() syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x1, 0x400000) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000440)="2f65786500e1ffffff0409004bddd9de91be10eebf000ee9a90f798058439eff54fa07424adee901d2da75af1f02acc7edbcd7a071fbbc7864c3cf7318e89c6e97ca49e2523f8d54c646dd47000000000000000000000082c8ed780fc8de13aac81a5393802cac9b30bd34f4b1aa91950e3321095ed1dc0609cf05b8b29c0700000000000000686d0e4d0e354ffbecf9b6cb56df37daad793393cdf96d60c334d7dee99d58bb98ec8fbae88509abe32fd44239abb4ccf659f55c76c288ae1d12b8aef689f19c39d9cdd8a249969185b3f229a48ef301365dc6762a1967eb3241f49796f3f6ceb28fd1833071221f0d81aee58fc8a61050486d5641c3dfc84c25baa2b3712cb8251267e70159894f6dd8f293e8cd44ea35ca1c52f1c165b6391d779405fabfaf835c2928c61282a10cfee523c694139d9b158c8ac9c2068deae9563a8661cef5dfb8714969cc727f52139996dd2f575b0af9cc013f275d36510000000000000000000000") lseek(r1, 0x0, 0x2) write$FUSE_OPEN(r1, &(0x7f0000000040)={0x20, 0x0, 0x2, {0x0, 0x2}}, 0x20) 23:02:38 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) io_setup(0x1, &(0x7f0000000200)=0x0) io_destroy(r1) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x3d) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2000, 0x0) lremovexattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@known='trusted.overlay.impure\x00') bind$alg(r2, &(0x7f0000000040)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58) 23:02:38 executing program 4 (fault-call:7 fault-nth:35): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:38 executing program 2: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2000000000000402) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) [ 368.122826] FAULT_INJECTION: forcing a failure. [ 368.122826] name failslab, interval 1, probability 0, space 0, times 0 [ 368.145964] CPU: 0 PID: 13632 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 368.153349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 368.162713] Call Trace: [ 368.165335] dump_stack+0x1c4/0x2b4 23:02:38 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) writev(r0, &(0x7f0000011ff0)=[{&(0x7f0000000000)="39000000130009006900000000000000ab0080480300000046000107000000141900280000000000000003f5000000000000ef38bf461e59d7", 0x39}], 0x1) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000040)) semget$private(0x0, 0x0, 0x0) [ 368.169006] ? dump_stack_print_info.cold.2+0x52/0x52 [ 368.174223] ? __kernel_text_address+0xd/0x40 [ 368.178781] ? unwind_get_return_address+0x61/0xa0 [ 368.183740] should_fail.cold.4+0xa/0x17 [ 368.183762] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 368.183779] ? save_stack+0xa9/0xd0 [ 368.183804] ? graph_lock+0x170/0x170 [ 368.192954] ? kasan_slab_alloc+0x12/0x20 [ 368.192972] ? kmem_cache_alloc+0x12e/0x730 [ 368.192989] ? mmu_topup_memory_caches+0xf7/0x390 [ 368.193002] ? kvm_mmu_load+0x21/0xfa0 [ 368.193019] ? vcpu_enter_guest+0x3dbe/0x6380 [ 368.193036] ? graph_lock+0x170/0x170 [ 368.193051] ? ksys_ioctl+0xa9/0xd0 [ 368.193066] ? __x64_sys_ioctl+0x73/0xb0 [ 368.193082] ? do_syscall_64+0x1b9/0x820 [ 368.193104] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.243094] ? find_held_lock+0x36/0x1c0 [ 368.247194] ? __lock_is_held+0xb5/0x140 [ 368.251311] ? ___might_sleep+0x1ed/0x300 [ 368.255483] ? arch_local_save_flags+0x40/0x40 [ 368.260089] __should_failslab+0x124/0x180 [ 368.264334] should_failslab+0x9/0x14 [ 368.268142] kmem_cache_alloc+0x2be/0x730 [ 368.272297] ? vmx_flush_tlb_gva+0x380/0x380 [ 368.276715] ? print_usage_bug+0xc0/0xc0 [ 368.280791] ? mmu_topup_memory_caches+0xf7/0x390 [ 368.285647] mmu_topup_memory_caches+0xf7/0x390 [ 368.290327] kvm_mmu_load+0x21/0xfa0 [ 368.294047] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 368.298986] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 368.304534] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 368.309132] vcpu_enter_guest+0x3dbe/0x6380 [ 368.313483] ? emulator_read_emulated+0x50/0x50 [ 368.318167] ? vmx_vcpu_load+0xb06/0x1030 [ 368.322336] ? vmx_write_tsc_offset+0x680/0x680 [ 368.327058] ? graph_lock+0x170/0x170 [ 368.330858] ? lock_downgrade+0x900/0x900 [ 368.335017] ? check_preemption_disabled+0x48/0x200 [ 368.340045] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 368.345599] ? check_preemption_disabled+0x48/0x200 [ 368.350633] ? check_preemption_disabled+0x48/0x200 [ 368.355729] ? __lock_is_held+0xb5/0x140 [ 368.359822] ? lock_acquire+0x1ed/0x520 [ 368.363801] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 368.368835] ? lock_release+0x970/0x970 [ 368.372814] ? kvm_gen_update_masterclock+0x350/0x350 [ 368.378014] ? kvm_arch_dev_ioctl+0x630/0x630 [ 368.382514] ? preempt_notifier_dec+0x20/0x20 [ 368.387032] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 368.391902] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 368.396945] kvm_vcpu_ioctl+0x72b/0x1150 [ 368.401024] ? kvm_vcpu_block+0x1030/0x1030 [ 368.405363] ? find_held_lock+0x36/0x1c0 [ 368.409447] ? __fget+0x4aa/0x740 [ 368.412918] ? check_preemption_disabled+0x48/0x200 [ 368.417948] ? kasan_check_read+0x11/0x20 [ 368.422120] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 368.427420] ? rcu_bh_qs+0xc0/0xc0 [ 368.430987] ? __fget+0x4d1/0x740 [ 368.434457] ? ksys_dup3+0x680/0x680 [ 368.438177] ? find_held_lock+0x36/0x1c0 [ 368.442287] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 368.447247] ? kvm_vcpu_block+0x1030/0x1030 [ 368.451579] do_vfs_ioctl+0x1de/0x1720 [ 368.455484] ? __lock_is_held+0xb5/0x140 [ 368.459582] ? ioctl_preallocate+0x300/0x300 [ 368.464008] ? __fget_light+0x2e9/0x430 [ 368.467995] ? fget_raw+0x20/0x20 [ 368.471461] ? __sb_end_write+0xd9/0x110 [ 368.475539] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 368.481077] ? fput+0x130/0x1a0 [ 368.484368] ? do_syscall_64+0x9a/0x820 [ 368.488357] ? do_syscall_64+0x9a/0x820 [ 368.492351] ? lockdep_hardirqs_on+0x421/0x5c0 [ 368.496947] ? security_file_ioctl+0x94/0xc0 [ 368.501372] ksys_ioctl+0xa9/0xd0 [ 368.504844] __x64_sys_ioctl+0x73/0xb0 [ 368.508745] do_syscall_64+0x1b9/0x820 [ 368.512640] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 368.518018] ? syscall_return_slowpath+0x5e0/0x5e0 [ 368.522953] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 368.527805] ? trace_hardirqs_on_caller+0x310/0x310 [ 368.532900] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 368.537941] ? prepare_exit_to_usermode+0x291/0x3b0 [ 368.542971] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 368.547836] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.553031] RIP: 0033:0x457569 [ 368.556243] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 368.575147] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 368.582887] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 368.590158] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 368.597431] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 368.604702] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 368.611975] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:39 executing program 2: ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000600)) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000340)='/dev/input/mouse#\x00', 0x8e8f, 0x82000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000180), 0x0) msgget(0x1, 0x0) msgsnd(0x0, &(0x7f00000003c0)={0x1, "53468d85c7be587ca85844445f1b278ae28b0da499aff1d96625d12579b105075b6e1594a651cda6351bd18c9dcba371f478125b6ddbbe196c39abc41b1eaf80380c9c892f103848cee34528ced6d5a6603abebf83022a5b252a4b1bbbbdbfe22b053976c7bb67a7112db12d28f3a9848d857a55b19af5b802505514a02c86dcdbf20382716d10c5ae0fe4b7670b6b17f1f8361ba8340b7ec015cf2146dd771e9cf74dd535ab409c5e0d0645ea55dadb9cceb40f097e761b0aa8444f8c991f2d74966db9497abf9380903351143950fa4793da3fe1afcf2a0973b4875656562e1f4a248b0edd581154b41e997fd6af625b3e2d2689965f6249cf2379832af4a9f4e8c36e49293759054f09b14f112baaaf11c7c343d8d1d6fcd77e5477490dedaed6d8696c522bc2adbd46c72a1c2d2545bc9f7a683ecea83fb5ad780ac3acddc8b8e03500d8651eee806fd22e7d095c2d89270a987e2d72567a391ede9585c7a5c535d4ebdb84d2c748158635103ffe9b6e2db0440045915b2392edfd6f044f50c3aecd423896c8e70935a724ed549580d176453cc7f903a296eee49bd900df0a0e9742ba1f150f61ae3c0f5b451bb2d4e11db890ee74313f175de7d19ed4ca18c1c83a333daa4f2b2dea3ca962ee3ae2da0be23f5de01eafe395df38c7ff0093b902ef8a2f567c67a0a04df2949b1b49e174f70be15c1ad8d7489aa6ff4b3699cd9d8e04d3d294d6dc90f40a77d6bda1ebb74498dc1fa2e1ed5f9892615a1dd007c718c1d1ab7307558acd83c8fc18a4347634df3f929094327bca8d9d57b64d1c937d6e4814f49fc07a6251b08eae24a86bf65f217fc784a55ef8bc32c65ca2ba0eeec8f1fad5ca9bbe993905206753b26acf83dcb5eaf8986d8f373a179a6db103d30112a77aac2db02fb9a0e1f9c8631f1ba90051020293cd50c6d46d8da11c5aa5557510c8e6e8bfbcba707f6119c8ce1b44e47b3a39adcaf8cd1b2846b70d58e573f796865ef14485da7b226150931679d529f5aca081418a682f3eca2de65c7c504f238f2d949bfceba3def1f9cad5ab2495ad169137c1e62b69b3371396b6aaa34b7ebb28df1c33f081dbe7054edca70c7befdd3c1b2b1d8d29a54b530ea500be576f9f32143f74d2e25ba1b0aa46a8c891fcb4e7bcdce124d9f61c63c8c084113751e744b3cbfba03cffb2f57a431d14cdab5ec4c339fe8c45598397e817b420967b85168d57ad09e7dd756d6a7e52c699c8f6ad48ef35e347f3ce3e2c1cd721ae9f62a83e6098ab65605d560c2b6c12d0bae6305aa5baf3667eaab2a89820f30f1f3f837165fccecf309a16c827f32383e767431f069d52403825264f9cb9f7c9b742824f33ff080c19c4b5e5bd9ce5b989f1a9f1de42f5dfcb7325fe6059b16bf1ddb5d5296578bdc4bf9ba32b99434a52c5251b7836d5ec83e800900d8fcb39a50fc5cd461d2c461c8718314f4798177dbdd286c6eed1c44bf3a8cd8810e4b6cb1b0b2758d47f7c6487255ef1e45e9f751f83c7f4773bd2e3ef5ab39ad1d81e0d6455870ace75bff540fdd7c0cc666d522abe8d4e71fbec73997f920948f0e762813b55b744766303fa6e4e2caf913f395d737626e90e6305ad7c34823f23720dd04b381673fedf609703b460fb17b43f34942409ed35021bad7aea8a99b427c55aa7abbcf66b8214a3521d9ef74173d6a3e5e16a222f942bd25425b7efe41d59b20202b940a272a88bd8911e2096acb4afdbf0de6b3920a78675b8b8bfae8d34361e592097e2d6d993d744190959036ef4708326ef39e54a66dcf648810e541238aee4d833a7554d9db1ceac52734774debc8fc61438548cd4957116c33e2e9edbae170ba16af4269b86bf475d39d9636b9c4cb2c004be46916d82db4133822fa3b31fc4e01b19c3dcba305fbf6786359e9b176e363828f609d6b4816318e4297b0adbc03ef2d6d478e75c3916c3dfc59e9d6672446d1bae5609134feb0600de6b71b2eaf8cc6a05b558c3dd4bd12026f48c28193a4cf5fbc360c3397133689b84e7601fa92935b41128bd079f675f85891de0a9493cc505ab8b6ad2be8ebdf8ed313c8f730a0c09993dd3777e89ac1406faf2379c889641e6b7f4683fce350f5ded3b8989d09a7dfd93a124cb8f69746490c31414fd60808b3c70640d197842f265d680f4bf697f612f03e96c04f6bc5658b5822b73df7b74ec4e87a31b2a89f72ef08ece20511841b9530dfb7cc81f47cc8d59018135684c9ae718f9c82bb71940c5b22a7ec97de135981c1f8b864754be2c559acc9e02c46dc7bf2af90c96fa6ce2349a7c55b00f3a26fb1a7b95a2fb01d0ca92033ec97d45706c1ecc8efad0c6f53bf2c1d2a2d3b5faf8ae8a7b206232662925cbaf596069f394b669de847c7b97f78ff94235f99b21909fdf85935a1135d11a969ccf34a33105f786c9e1c0ded4251fac3fbf73fab71963fec71a6b6358269dd70fba85cec0129bf0967c603e1065367be82e449b18f07ff40e69a481f628be8bec47f7e81d3bd9f255c31b0f4cb97f961203d3a8db67a681ef1c28d3cff8af88eb3cd486e6f2cd895da8be5811f5259d1b6b53050b6e1e50d0da65e80c5bc8efc7d88efa7212bc89b1fe3ea0ed243cd85ac83f90b4f172fc371f279d67b5eb0fc92f59d87e1a2a739ebff639975ffdef193bb4921a1933716deb538a32f66def0929458050e93a48197151130d7234862ada503c8dcda5f830f9961d78b640b007641056903b2c30ba1ed381f746443f8e8c1390c8b2fb3c9e7d2093eace30b8f04b0cae1d85a88309019d36d274c4f06a15b791dd47c9d74c687e275119923b5a95c9874aa32064dc328c1e4d51f207ddc51248ab0be4bb178a0988584bb22b76ab8e08d48923e88f925104a1a052f440fd6fb5f0bda33978dee0fcb995f5449bbd8f3d7b99f6647adc4d65624302bc92847aa7fe657b7a9e63a2b190ad7dbbdf0223476e4b3d545f2dc7a071962c626cc56b301e3ea225fd158e01b401229c58e505aff5c10aeb3f2985fe1d5c74558f2a5e5cc1ea1e212ff417abbbc2d3dd6b8d28031abd355efb651943180116bf084be3988e4c650368613ede6c0ef369ef767437558696d1af493a5ccfa234092de999a972afc7b2780fdd00d79112e34252fadb50f3ab07d398ea02c8844a8568008532a937003d2604026e00647803bae75a27fdfb1457d11c2f746343da64dd2e4bc37ff82e9b843f65f247731ca2613d2e05dd6174c2409306a180e845f4617047b0987369a97beaa486d6bb37efc375a0a1bae8446d1a38bdb521d94235040fb84757de98be7ee640a68b001b117718523aba995512f6fea2b316c62966e9249e3b38ee3f4bbd04afbec9302218aa63ad896bf730f7e91825dabb349734a02c8ee0179c43fa0767fd55f6cde55f9263b0454f8f747bc9ee4c29a1e060ef48be933371380e0538604d269fe1f0de97964556ab4bd51701a6022b03a8e64d322e062829c782cdf0d7e6a211bbb1fd3887c117c39d2365716e48755fd4812c1ff7e514f4836419f326221df9357454afad80d61ce47f1aae771810e035eba2dd0b24e7f5a3f34550683aa72aa3f3e1c8ee84dcffab29e8ba58c05c398cb3ab2f74cdf7b8d89e12406026f06fb0a0353f6d1e643541f772aa182076fb9baca1047a067de983bf90d599600eceb3149ccbcd9602ea774375f10b048df77e07f8d68961fe469e556c9c0087fbfec8f29f12782c72c55bd6cfde0e09505f1c24631519199e460e31a8d6ca14df70b17833f2306a097a0e00bed655cc6098f98a77e30c0bafaacb0912df6c9fdcd61f9c3ff26b06017faf8c6e33ff01bfbccb445da303c764944d71d22d8fa8b72d25453f3337defcea33b3c1f775d504fe8511412897e38302e1be5359891a043733b1ecba47faffd22ae1607e0c6a3b1f10f57c9f92460f2281e7e77cec55841ed49fda1852427a6d8b75a28e8bc409495eac21cb6297f78cc75ea1f7985997ee4c6ff6fd294f1eea63e072ab2a63ef75ba350835c5a0c89b367e1d77ad8621da739e67895fa20479fedb90ad050dc352a818f2cb169116fb1813c8b457fe4c0113206836058f3e60ba619500a3a107e343bd530f5929c5e62e0552ba8295df0c970be7d8b5bbd3868b7b4be1937f35b9b3e77d42ab77c2e812cc7fa416fb5760b40b018f3647c64800dd0010821fb6a20085866390a73eefbefa4a72e3becaefdfe3eec1518c325cc4455aeb526a64ebc55ae66cc118f6982e2dba28f4cbccd1e3e5a3a4d9dd3312765d8741a6b2bbe59822faab4d7b6b38e03019c0cc33091d0fee8c13e5e9f25bf899e98e7e18592d0521d2091f7a6c41f059657a752dd6c5fb5ce5a98c7a5b94af2ccf10400db86b6f788eede33e44a14f7dd399ce485c24e90ee4b6b69bbcac1b512d958fbd6757c6157b72ae4797a86d432cf9e7ac3766458ae1e150f291c22401ce2174b437d8b5be4fdd04fd4817ffcda1f6279411b78379fcc12ebd5e06dea0b06bdbf8907bb9381062de33a457451b51e541a24ee9ce50b24ad9ad62392b87bd8aa9a4f3d668ace18bf0358e659d6c7a01987d1e7f959f98ff90036c9ac68ed9597b341ee71342f808daefd3418d6d1b25ff32db1664f84d17d6ca920499ec0410f45463c55c5ac9b0b08887fe1c883cf3e18289da82d71466b14ffb1ac54e6419c28bf0d4616d9290da497d3fcccbc6783635457e7345540ae81b659ff5b151db4f7a2b5cd63c847c8c107c3c520386582a4545ec1d5c33d6e7e3116f82affbe0030a676d1966ad77fdc5be3e9403cd19ea14dc3bf6a02ecdb528b5231d10d1b7bef1f6961267564478477f5820c6f8667a0ca28347abbc792d22e7abf77179cc59160acbec8caec161f6599485fc185df1fcd3041920c27004e3ada232d6c956f204f4f702c11bc8dcf0a87b4df43b1488f5a606f6d1e2e71a2f9649c6336d1da39f60623ce8aff12856ea9a9f18485bef5b41b5f3fb1aaec3ae755ebdd94fafa435ec8efde13bf88e98b2a4d118901b0c4cb518d05deafff876d088db1d99be1398258960083ba50df03fb91510c047d88c7acfb8502ee31d0da5428527b619e39a200bd95ab11622deb494cdafd945a61b4c0f417ae15d5ac022f29ada442c0be52add0e17078052521bf19f9c70c8130c27775ba6799360ef20b6d77d914b324442e15dc8aa4d48216aa57d838a47e594b6f2f3f810e2bed4db2f84f0d63974337711fcd6989fb872c33728cb0a4814b63bf4d9d143655d1ea274e5b291a71a59549a1a959271b79c8b1ae55ecfb0032a6b3a81e4a26bbb6db2cd7c1b15afc8bfcd5bc446aee6e462469516682a94b2b456e4dc39a9ddaf865dc83b508323547fd6faee035df9e26805bb7a0fbe9051f21fbadeaf2c15a5f0d2de2b8fa33abfff221dc4b2e8db3586db6ef5551f313c3217bb29f807cca8798b0548ee693c7cf6748e11b05808d2f04e33afa14cb64bbeb08503267187e0b4e34d80d1c0ce9a0ae0a86a0a2b92e5e2be3f7bd6ce26af94c0adb5237db8cf4d6de14003b5325303e189e4ed3653dcdd2fed829df6c78178c2b627b2d29269aec05f56ce5ed9c110f08c2e78759df33a112e320b48007eba1f956e30ad7f82c9e146e624ab0e527b23555a8748402b1b5d3777b2cc7cbcf6944a3a486347996cc0a82ab7168ea2f9c17ea1d7281bb33ac5d39374828fbb6b43150781c0dc08cc0e3e07903484abbc7f43718afb0bd4081be2c453ad75202884f01bb17462dc8f"}, 0x1008, 0x800) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000280), &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000)) mkdir(&(0x7f00000001c0)='./file0/file1\x00', 0x0) sendto(r1, &(0x7f0000001600)="6dcfbe3aae8dc16bff68f50ec2955a241b03a7347385a721e9290431dfa34e11bc1c490daeb07da97d77d0bd88b38d7ba1cb69c64a19fbb338db7ffca8ef5df83c86f0760a0ee20876d9c98a1e759c7bc0d89ab2b57c283de7e47a12ce2ac1396beafd1b3d65bed3fe01c506a0117c3e11", 0x71, 0x8000, 0x0, 0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x100, 0x0) ioctl$SG_GET_SCSI_ID(r2, 0x2276, &(0x7f0000000100)) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f0000001500)={{0x100000001, 0x6}, 0x0, 0x1, 0x0, {0x7f, 0x100000001}, 0xfb, 0x8}) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000001480)=ANY=[@ANYBLOB="5900000097bdac67892c5f1cb6484f0c0cfe50f1ec384dad663f1e00209358b56611eccd1b4f22b105540a2309b66a995d1495e2bfd51d20b5f1c88aa90e0783f1014b8ebfced39ad9f37184440912d053608220b51438b6d962a2839c10f8c8f4"], &(0x7f0000000140)=0x1) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="4e0000000f301405f40e20320710d54fffd29eba81e257edbf1b79f27ffbd31ba9304cd135b408fefec0fed8f113e595ab6904123d2bb4fffb2259ebb476b2bae7ef8f000000000000000000000000000000"], &(0x7f0000000200)=0x56) mkdir(&(0x7f0000000180)='./file0/file1/file0\x00', 0x0) chroot(&(0x7f0000000040)='./file0/file1/file0\x00') socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000000080)) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000001440)={[{0x0, 'io'}]}, 0x4) umount2(&(0x7f0000000380)='./file0\x00', 0x0) ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f0000000280)) write$binfmt_elf32(r0, &(0x7f0000006040)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x4, 0x9, 0xffffffffffffffff, 0x870, 0x2, 0x3e, 0x3, 0x249, 0x38, 0x2f6, 0x1206, 0x80000000, 0x20, 0x0, 0x6, 0x0, 0x5}, [{0x0, 0x20, 0x2, 0x99, 0x0, 0x6, 0x0, 0x3f}], "deb652c3134f4baa49e3c67a457c2ecebcc9e955da1002b5b4922bb71ccdda2cd6dc6b0e9763055140b8f4c5e76c941fcc07a76fd8de621a5a689ff5c387038d99ffcc318be54c5c85484db81064ae1694764c282963e0954181be2be19e48817efa9e43b477bee528c7e471875a87a1b09828da5ed82ddb4bf92bfbe9a1775a74f23bc82c008bb7393a72dc7d8ef9c5b6d36b0e099610c02df44132a1ab23c765c3b48c511f08f166cc4172fa6d279df8f36a6edc2d0f239c9186d47c65a40a338065523739c685c8b6304fd713490a2cb39c8ec8cadac57e008cf3ad297586ebb005f453c0c6b2f6a846a36c68a302e3fb25503201c68880cc2b5ada698686351c84687cfed49824aa63ed259e06fbf76cd77574b40f4cc3d5dc0b2993956b5abf13bc1bcdfbdfcd1596c1f888a0828f70c59a8a39e07177d3b8c605446a6645ae89cce847e8afaf32eb320bb0fb7b16209503a81df5ba10cc2bc40eef07de0a64b3f65a0213e3cea88e70be09e8d60ce2caa582b623f4ba6ea96d2b419edcc0da997b0dc5c7bf899c2623fee594a2cbdc3d74b345ae19bae6d3fd3ea9d4a6345b3f27e08cf050a3aad8a24168ea68532ccb3334fe349677998a86482d87d2aee70334059c0a337880c5f542d4b5a340e2349033c9e7b388b95f5cfc952482495deaf9424e4ad3ada77be64b8ce77b2761dbf1b3fd5defb499aaa4f8d956ad844008175a544bd36e79dfc757709b37c8a707db9a9beb4f8497e49923ff56d23cca9539ee706cb3db08d3258e6a49017f2c52de4ce5f9836b9d848b77a9df38c57908508ee933306acf2d9fa9a66e63840fa2bd85d5a06de3a4793cb8e951d93169e3a852f3c73e9ed74771413cbdc4a8f4b98d065db8c875f95faa3e9936bfb277f06208880763adaf3390dabf616be3684a71596fe021272891e9ab02722ea2980ec959ffa23361079fe362ecc0691c8083688bc02131d161d5ba408aea6963f2707faaf2e35d5d5b0a12e1d0ce376ad7c2610c3378562da37caf96ba2e29957bab6090be8021edfb96dcebf55adb55b46bf390530e78c7eeda1d926f544c3fdbee2d11bceec3bbf60ca5111f774ea1efafe4456977e764f44e5c2cfc7acfb82df93e156020b405b4e6bbac6c0a8385d8585e04c836ebb467fb804f03f135b18521a59e1398f02cb241f0f31aabc333eaca3a515472b4fc96290709302ca47f08781fbc596dc51846919fdabee5484508de585d623f8a147ae27104d7a71783bbb1d55b023c86dd0cba5832de1cc62f78127b9be8f97e36667638d54426a61a6d3533b9421f8f53135a9d9aa67e894e379bb6e64ebab2008dccadd369cbcbcdd077de6b9ea3f0da60d294c32960f64b2d97f336cde79ecb06c9365480ac8f120452cf27d4f201f253c77b942b5cfa05d3f05ea63ed73a08c0f9d486bf9b8e3694dc4b7f81a4b122a0911b857cd8a7790a0e222b4652665c467c54d299f12536a423b481509df0682aea9030e29fbbb2ecbe2c08fd14a96e6511e351d1ee53e070d19bac4e9ce393304d470d367f18968d76d5a2fc034c89d65639ca49c830043c02248f9c28e02ddb5d8077a468f54c87e412baa7a8f25cfce0b49e30902112db42ccc8ca151a93e7a071dc4ed82744d599febb5585a824629832011217e13f38c8a164ce18644d630620de43a8aab5bc2bba0859af0233cd4f1386eb7faff331dfeea9ae8d588948ff0ee9902d73c0865d7e3b246719e9390a102dfae8126e3c8f9f7b3d30954dfe97a3f5b5eb90f75c76ac3f07f61a2a833d727d0759ff92139c495e48723942a7a45bc14728b80fbafd670ca1b37612f85ad2a570e63b99e98ab9150ea3afc167585e25a1d05cfcf80630e8faa6ca94e4d9804b5f0b35365d4d4fea881e01a50441fcd9abad43084c6362eebac663d26d4ddfb76183bef484ba889190bfbe43957b685941986a1fb321478d07838dd57b378a7df274202345c6f973db5baea643b88c20a8b416fa6b394695feb5ca828f68f074ce848aac657b38125345b15a65538b4cadd64acc097219f5d68315fb776b0f500be828b22edbe714761ec849c56c29d16b33c4b8d1893d51e938a1d36cb904e591a7b02e715bb98077aa4525a4913cee4ac0178a80b72b8875bc67fbc3376ce81b5c05fe2d8f2fee5f97492d8520d719fb91a7362ec9839818fa72c70f5477c48c12f58887986806af918dd6e48c1efb0666316930ddc087fdac6eb68b9dadded230e2614fc82e04dafc981e5b5f6eaca85a110926bbf38ec2c326c29ed8c8bb753ae3d8e598e2e3936ce9046489d35c8f08fcc903a7e6cee3f61c05bfea4e014b67ce0e4368a2972af7ecb7bf0c686c1cad260de172cef78785ca13b826095d0efc9586cc07e59431e249fad0d77527f4e61a17233a1d3415a0cf88b19f1dd515ddda87ce2e02b51db7b0f059f8e2b3b90034af9740968fbd687ac4297a0b5a628d469ffb9d52076703cc8974dd9552beb8eb86c86f160e0520cea7bdd6934f052b004f52211cfaa1d90acb01e316b090c512c129e897889e61cb177d99a7c398ab84d9161d7331267184bac61d3e08f200d27ce605d48c6dc87ac6e0f5ba19e418d56ef8d058feb892fa6d4e2f9362c962283fd7fc0836faf5271c5ccedd7605a7ec24a570193c00fc05ce67fa990fe42d4a9ed64ca48496097fe15f362e4342caa2e654bdbcf57193b8845e1e0fefd2a764c61573509d3ef58cd0914058c87852e4835b315d5615892ace55b4ffb50a5205e2e92ef6a05b95b4b648b08ed6aab2db9fd2abcbaef4d4e3640319f95f6d7ffc8da816bc0939aa8c2c27e375d527d9237a7591b471ea6b0fbd7cb59ab30e7887b2d8413251bd31865bf1655264d64865510100816a54b77a34fb4923402550f70ac26b17f27db6d5813611342199b878409d10fc0ea666aa9183a66b13f75d645663536e5c6ac745f174ca03cfafa22e44d89f864b36b3ee1f581ce404dafca355262458cdba1f8ebea4bb17aebece6155cf06ea67cd4422ac3c34e7d907addd1bee2909323673c31422dfbf2622dab5d2363e53541523df646d7e3235aa7434d2c31544b9a2e04a44220bfce120b508b38f43782a99d614e72fffec0022895b0b3f4fbf1f193c4cc9a61d7074f0ee2bea7acc11890c4499193f1b0c1ddfa77cdf47b87aafa511d9a34f511b44c63b8d40f54aaee70125624c39905091834ee705ec43883bf7b47fc7e38613a9b0a4ff53babed66333062c5632668d464bf15f888b1e35970a233f2cd3191f381effd7c639c42135aa2ea62e7919c4ed22ce681081349fba76212bd40b8e01cda03efc5ff3b65bd5603750bace0a1cc1879b28f7b4efae8c6c055bacf5eb6cea2fda4cf577421ff9a7c4ea90a2bb6ca874d1908b3d668f89c8995c9f46e4f77f848c87f438615b2fa4bb2d8a3260e7b126f5569bd80bcac11c90e9bf592898174e7fe32ca31c13fc4c9c4d9873b56dc54448f4e0af97797320c0f270b50c75f2a80fae017b598bc01c1f0ab3c4402d55a13a8d01371f50a8928b26f9506e5f4fe8818dd09c03aeeb435e9537c15f41edec2a02a3b346e7ecdd8df6f38d9258c8e367d243364a9a9ec52283d47ce33b1efcb686e881b05e32f8e8bc7406c03d38f92691323457cd296bed884346cd788cb71a8d7fdcf5ce5be0375bce12eeeeecc74648dda135a68a2685dea88aa5420f4628f1d5a126071807e6924220206ef309eced29f735590243e73956f6192c913a27e50e618f359cb07c4621a1d7dd0561ed112e9c3a7536f0732adf46b1f7efdde9e2eb47a6bec5f6e9aca154352f975355392e3a5e5701740baf42dc3d2c7213f1d50951fbeace1cdb5bf2548b642c94a69ec3e69afe47b8436d2fa49de67da0862a9c2a848cc233e0332d928367502f570cc43f8a7365cb71ef937883a309c41c5450e5e0bd50cc8da2b742bd4061a3f5de92e62c7181c2f17425f27a937a523f721192f66ab4da11eb29f2ed582b0d27a101b593396b769201fc8f13de1ddf7505d8ebaf06733a4490d79461113fc8455b82ca8adccf814283955e6280713aaf4b35212a719d3fa54dc22e9d4ff3b4457cab94778a3b1f333dc5a8ad67b9e4697578482ccc632583130d6f15514a9112ed1ed383c4dfcb56abbf3a66c5ffd3c9fe92623cf4eb571b48356e477f982dd949d6a1a27c1efd47a47bab71f6b7327c4ced1de9eac306cfb8a52d48275c4d5fe64d4b70f59193076bfdadc034d9fe2431db2a7624c7e014e3b3139c1d6a0a287a62fe85b3307e606a658e79348d4685f2e5cf0a4b90f5b53149bb109af188a749f76cf9dd0aed1926166db08285a997d58d295f9f9141b5612a32686c3b8900"}, 0xc77) pwrite64(r2, &(0x7f0000001580)="0282bc74385d10cdf9e5ef78350defad8e5683bfc0b91f36d95a9cb0bf7e859eba80579758771b5f29595d7c792ae843b05660ec7a471b49481291c2c1f3f4592813550dbdacb40b7e85c888444f", 0x4e, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x0, 0x0) 23:02:39 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000000000000397ae81263ff699a18ca8c2320827ffec9d3c5cd8c49f290bd8ba8bb85abe5b329ed362d1c0aa05389c99dc57ffff434eb158edb86b15dc200e7833605f504624ded2191decef39c88d74e219040694266fe278adee00d1f18df699a4fe524f9bf29e4f8f91f87fec4503ce3d93cfcced6afdfcf706606aae4e4d75136b01497d7b31bcc1cda8eaa89da4051498c82a307986a41778c28db7f126878502bface9afbde9550c1b8c55409a4d93c5f4aa7837cc17329a35a"], 0x8, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x0, 0x0) connect$pppoe(r2, &(0x7f0000000240)={0x18, 0x0, {0x3, @random="327904dea3cd", 'veth0_to_team\x00'}}, 0x1e) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = syz_open_procfs(r0, &(0x7f0000000000)='net/fib_trie\x00') ioctl$sock_SIOCGIFCONF(r3, 0x8910, &(0x7f0000000080)=@req={0x28, &(0x7f0000000040)={'veth1_to_team\x00', @ifru_names='rose0\x00'}}) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:39 executing program 4 (fault-call:7 fault-nth:36): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:39 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) socketpair$inet(0x2, 0x1, 0x7, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000040)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000080)=0x14) tkill(r0, 0x1000000000016) 23:02:39 executing program 1: prctl$getname(0x10, &(0x7f0000000000)) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x200302, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0xffffffffffff02d6}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000100)={r2, 0x7fffffff, 0x1}, &(0x7f0000000140)=0x8) write$FUSE_DIRENT(r1, &(0x7f0000000180)={0xb0, 0x0, 0x4, [{0x2, 0x9, 0xc, 0x0, '/dev/autofs\x00'}, {0x5, 0x1000, 0x15, 0x4, '#mime_typecgroupnodev'}, {0x0, 0x6, 0x1, 0x7, '%'}, {0x4, 0x2, 0xc, 0x8, '/dev/autofs\x00'}]}, 0xb0) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r1, 0x800442d2, &(0x7f00000002c0)={0x4, &(0x7f0000000240)=[{0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @remote}, {}, {0x0, 0x0, 0x0, @dev}]}) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000300)={'bond0\x00'}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000340)={[{0x5a, 0x2c6a2c0f, 0x2, 0x0, 0x7, 0x0, 0x80000001, 0x9, 0x3f, 0x3, 0x83, 0x2, 0x80}, {0x1, 0x38, 0x9, 0x2, 0x4, 0x1, 0x1, 0x5, 0x5504, 0x4, 0x1, 0x1, 0x7f}, {0x8000, 0x27, 0xff, 0x40, 0x3, 0x49, 0x10000, 0x3f, 0x7fff, 0x7fffffff, 0x2, 0x8, 0x6}], 0xffffffffffffff09}) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f00000004c0)=0xe8) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000500), &(0x7f0000000540)=0x4) ioctl$BLKTRACESTOP(r1, 0x1275, 0x0) ioctl$KVM_GET_DEBUGREGS(r1, 0x8080aea1, &(0x7f0000000580)) ioctl$EVIOCGID(r1, 0x80084502, &(0x7f0000000600)=""/174) r5 = geteuid() socketpair$packet(0x11, 0x3, 0x300, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) bind$alg(r1, &(0x7f0000000700)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-aesni\x00'}, 0x58) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000780)={r2, 0xfffffffffffffff8}, &(0x7f00000007c0)=0x8) read$FUSE(r1, &(0x7f0000000800), 0x1000) timer_create(0x7, &(0x7f00000019c0)={0x0, 0x5, 0x1, @thr={&(0x7f0000001800)="8e56ed7960ee2c4ea3b540b7849e3c48d5b0255030ecbf8a79d0f37f042f11109216619e12908585d1b7a5adcf7bf5ea3ed017f03402fc2127a1c6251350fe5faf7c34d7fa199650e5f5866826e386635a027f66d8104d283fbaa1df391ddf6ede00aeb36066efbd2a53daf239ac55114be64bbc8a8de33fb512c36f0bf6e9e2f71924f63d41de7a6b11c0a86bca9816c3b3e22247a952836aea8291a70f767d2172d72c50448b33400de854c6e4ba64968c1501e9d68d987099aa312002295cbd199b8d002a08926cb727b9f1ba7af42b23c3a8", &(0x7f0000001900)="8931cb05e831673980612903962c9ec15e41a64ddada864e5b1572c389017340614452c66d6d97829182be2fdb328f6dd3a5003d0335d678e2348c9e500ee85b309ad1fa5f7425939a41c877013e040446b5b271b3127d97a22eca1b7021779a599579e3f76727fefe2c3e481cd798b5e772bdaae50fac3bb1d4909c920fcca31ac49f0b8aa6a5bc886256b38460f47504c566a2fc1ed767e0dc182357a88c94ed96"}}, &(0x7f0000001a00)=0x0) timer_getoverrun(r8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000001a40)={0x4d2c906f}, 0x1) ioctl$KVM_GET_FPU(r1, 0x81a0ae8c, &(0x7f0000001a80)) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000001c40)={{{@in6=@loopback, @in6=@local, 0x4e22, 0x101, 0x4e21, 0x7, 0xa, 0x20, 0x20, 0x88, r3, r4}, {0x7, 0x100, 0x9, 0x7fff, 0x2cf, 0x6, 0xfffffffffffffe01}, {0x2f24, 0x3f, 0x6, 0xffffffffffffffff}, 0xbe91, 0x0, 0x2, 0x1, 0x2, 0x2}, {{@in=@local, 0x4d3, 0xff}, 0xa, @in=@multicast2, 0x3500, 0x2, 0x1, 0x1, 0xffffffffffffffde, 0x0, 0x4}}, 0xe8) r9 = dup3(r7, r0, 0x80000) getsockopt$bt_BT_POWER(r6, 0x112, 0x9, &(0x7f0000001d40)=0x4, &(0x7f0000001d80)=0x1) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r9, 0x84, 0x16, &(0x7f0000001dc0)={0x5, [0x20, 0x0, 0x236, 0x100000000, 0x7fff]}, &(0x7f0000001e00)=0xe) sendmsg$nl_netfilter(r0, &(0x7f0000002300)={&(0x7f0000001e40), 0xc, &(0x7f00000022c0)={&(0x7f0000001e80)={0x430, 0x10, 0xf, 0x20, 0x70bd25, 0x25dfdbfe, {0x2, 0x0, 0x6}, [@nested={0x2b4, 0x63, [@typed={0x8, 0x17, @uid=r5}, @generic="81c9e937bfe7e65c1430fec281e8227019d2b9473a3a51f413a01ace0722aaf04dc578cd148390b9ee55227191d8c5fc4f4a162a5538e4a0095a1a0c76424e38fa17adb48377dd1ae533b557a61219e5dc6cb519ca65cbb4bc7e305bb189e5e7766635a1466cf824c3d215c412aed7ad8287a7df88345558a86600aceedc13f880f6b69a39310a12c9df8987af8ee8c0c4cc5c21dd56dafe310e40c9e63f79a8c0c36baa7965bfc340d42bc62db3a2c58819c1ff56632d67585acac55100f25877b0d1306b6822750c920690a825543c139834f24cf4347c2a7468331ff6dd0acc7de5b619df138dba3f66e191cee7d72cc0fa33d756acf686", @typed={0xc, 0x6e, @u64=0x7fff}, @generic="b3eefc6c7dfdb4896c76cd0791fd19a60a4708a0f7bcfa9574264d16fa8c6c590997e75ab6161bd0b7a0ed87c4ef88da5099dd4310bec8e653d0b7853e428f34f62d9445bb85b579afdbaa241119ed85f1f67a7389626c59a10839573fea6d6182bcd902154c1e9d2ede56790bf232c1a164889cbec07f5b17725690bb1ef0f6ad67c897685701333c2a427d9e5b9394e64b92ac0f25dc0c9d61786d7fbdedc448c971c9b19a28af9824902091efab3acb687c639bd0d7edbefeed870c963bc7ff8902b1cb", @typed={0x14, 0x94, @str='aegis128l-aesni\x00'}, @typed={0x4, 0xb}, @typed={0x8, 0x9, @fd=r1}, @generic="b807dc6849c2", @typed={0xc, 0x1f, @u64=0x476}, @generic="88e425b26548fa465975d127f1e339ebdba3d0abd019d52a99ebc5b3946a57daeffc9925fa01314506124b4251f2d6b68762911dd4debfb2ef52611033ccd650041606bc64b96efc3b782dce1d3f3c4e9fb06ec29180254aec4873de9ce3a23426a1dc438b4b528a873089de83f26312966b4362e632f9485532323d4d980e0a95866caa3a31c5790a0324a916cf626eaee8bfa11f98848f48eb8c5dab91ec91922667c743223b3b1d20f952"]}, @generic="005d50de90894554c2c1fede1754101d577fcd463242e0b5fd3c73ee6515a94bf853ef784f36e3", @typed={0x8, 0x5f, @fd=r1}, @nested={0xd4, 0x31, [@typed={0x8, 0x36, @uid=r5}, @generic="eb0b921bbdd78ce2c5b0eb5cb080ca7eb94f8dd5da548d4ce91df77c2df6d120cdf0c5e04c444a93cd0bbb909e36d4bfa515793987bb70abe7a41929291e97b1ba39e7caca64f8647875a76795faa24bc45b88ba6c8333af2974994c1af4c6bb157e76548f9acc54345013d558de37a94deef23e18b8ac941f17e3959a0d34c93758ca26d5bbd499ee10754e0b60f45d653df2e97dc1f970389769659c85dc1d8a92e4b239850a803f6500e70dfe45339a5fbf062e8f9cbddaf9fb68a3cfc42e3ba6579b7b"]}, @generic="26867ad51490796ef123d7ed61d1ababa33c85ce6cab7f347d31f5ee92775416fe1d01a177391870922eb6d7bf91601264d7581461a3aff8404aef45067532a670aad9114d6938ebc3d8939fb2f99e8c6cc761b75d4cd5099ce52184250458334e52ba", @generic="8a"]}, 0x430}, 0x1, 0x0, 0x0, 0x8000}, 0x2000c000) ioctl$RTC_EPOCH_READ(r1, 0x8008700d, &(0x7f0000002340)) 23:02:39 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f00000014c0)) msgsnd(r2, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(r1, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000000040)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) [ 368.821018] FAULT_INJECTION: forcing a failure. [ 368.821018] name failslab, interval 1, probability 0, space 0, times 0 23:02:39 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x800000000002) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") unshare(0x2000400) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x800, 0x0) ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0xf4) r2 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x1, &(0x7f0000000040), 0x4) [ 368.879981] CPU: 0 PID: 13659 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 368.887362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 368.896722] Call Trace: [ 368.899342] dump_stack+0x1c4/0x2b4 [ 368.903037] ? dump_stack_print_info.cold.2+0x52/0x52 [ 368.908263] ? __kernel_text_address+0xd/0x40 [ 368.912777] ? unwind_get_return_address+0x61/0xa0 [ 368.917737] should_fail.cold.4+0xa/0x17 [ 368.921822] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 368.926927] ? save_stack+0xa9/0xd0 [ 368.930545] ? graph_lock+0x170/0x170 [ 368.934340] ? kasan_slab_alloc+0x12/0x20 [ 368.938491] ? kmem_cache_alloc+0x12e/0x730 [ 368.942815] ? mmu_topup_memory_caches+0xf7/0x390 [ 368.947680] ? kvm_mmu_load+0x21/0xfa0 [ 368.951569] ? vcpu_enter_guest+0x3dbe/0x6380 [ 368.956095] ? graph_lock+0x170/0x170 [ 368.959892] ? ksys_ioctl+0xa9/0xd0 [ 368.963504] ? __x64_sys_ioctl+0x73/0xb0 [ 368.967586] ? do_syscall_64+0x1b9/0x820 [ 368.971645] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.977009] ? find_held_lock+0x36/0x1c0 [ 368.981086] ? __lock_is_held+0xb5/0x140 [ 368.985156] ? ___might_sleep+0x1ed/0x300 [ 368.989303] ? arch_local_save_flags+0x40/0x40 [ 368.993885] __should_failslab+0x124/0x180 [ 368.998124] should_failslab+0x9/0x14 [ 369.001925] kmem_cache_alloc+0x2be/0x730 [ 369.006058] ? vmx_flush_tlb_gva+0x380/0x380 [ 369.010465] ? print_usage_bug+0xc0/0xc0 [ 369.014523] ? ima_get_action+0x7e/0xa0 [ 369.018494] ? mmu_topup_memory_caches+0xf7/0x390 [ 369.023342] mmu_topup_memory_caches+0xf7/0x390 [ 369.028002] kvm_mmu_load+0x21/0xfa0 [ 369.031719] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 369.036640] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 369.042177] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 369.046776] vcpu_enter_guest+0x3dbe/0x6380 [ 369.051214] ? emulator_read_emulated+0x50/0x50 [ 369.055874] ? vmx_vcpu_load+0xb06/0x1030 [ 369.060026] ? vmx_write_tsc_offset+0x680/0x680 [ 369.064684] ? graph_lock+0x170/0x170 [ 369.068487] ? lock_downgrade+0x900/0x900 [ 369.072636] ? check_preemption_disabled+0x48/0x200 [ 369.077673] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 369.083218] ? check_preemption_disabled+0x48/0x200 [ 369.088236] ? check_preemption_disabled+0x48/0x200 [ 369.093258] ? __lock_is_held+0xb5/0x140 [ 369.097354] ? lock_acquire+0x1ed/0x520 [ 369.101332] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 369.106350] ? lock_release+0x970/0x970 [ 369.110310] ? kvm_gen_update_masterclock+0x350/0x350 [ 369.115515] ? kvm_arch_dev_ioctl+0x630/0x630 [ 369.120018] ? preempt_notifier_dec+0x20/0x20 [ 369.124512] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 369.129342] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 369.134373] kvm_vcpu_ioctl+0x72b/0x1150 [ 369.138451] ? kvm_vcpu_block+0x1030/0x1030 [ 369.142761] ? find_held_lock+0x36/0x1c0 [ 369.146831] ? __fget+0x4aa/0x740 [ 369.150299] ? check_preemption_disabled+0x48/0x200 [ 369.155316] ? kasan_check_read+0x11/0x20 [ 369.159464] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 369.164747] ? rcu_bh_qs+0xc0/0xc0 [ 369.168296] ? __fget+0x4d1/0x740 [ 369.171739] ? ksys_dup3+0x680/0x680 [ 369.175445] ? find_held_lock+0x36/0x1c0 [ 369.179515] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 369.184449] ? kvm_vcpu_block+0x1030/0x1030 [ 369.188783] do_vfs_ioctl+0x1de/0x1720 [ 369.192672] ? __lock_is_held+0xb5/0x140 [ 369.196759] ? ioctl_preallocate+0x300/0x300 [ 369.201163] ? __fget_light+0x2e9/0x430 [ 369.205125] ? fget_raw+0x20/0x20 [ 369.208570] ? __sb_end_write+0xd9/0x110 [ 369.212642] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 369.218164] ? fput+0x130/0x1a0 [ 369.221444] ? do_syscall_64+0x9a/0x820 [ 369.225430] ? do_syscall_64+0x9a/0x820 [ 369.229395] ? lockdep_hardirqs_on+0x421/0x5c0 [ 369.233969] ? security_file_ioctl+0x94/0xc0 [ 369.238367] ksys_ioctl+0xa9/0xd0 [ 369.241821] __x64_sys_ioctl+0x73/0xb0 [ 369.245698] do_syscall_64+0x1b9/0x820 [ 369.249589] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 369.254958] ? syscall_return_slowpath+0x5e0/0x5e0 [ 369.259896] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.264742] ? trace_hardirqs_on_caller+0x310/0x310 [ 369.269748] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 369.274753] ? prepare_exit_to_usermode+0x291/0x3b0 [ 369.279773] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.284630] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.289810] RIP: 0033:0x457569 [ 369.292994] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 369.311887] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 369.319732] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 23:02:40 executing program 4 (fault-call:7 fault-nth:37): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 369.327000] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 369.334257] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 369.341524] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 369.348783] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:40 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000240)=@srh, 0x8) connect$inet6(r1, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev, 0x4}, 0x79) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xd3, 0x4fd) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000080)={r1}) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000002c0)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000300)={{{@in=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @loopback}}, 0x0, @in=@remote}}, &(0x7f0000000400)=0xe8) fstat(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000004c0)=0x0) getresuid(&(0x7f0000000500), &(0x7f0000000540)=0x0, &(0x7f0000000580)) getresgid(&(0x7f00000005c0), &(0x7f0000000600)=0x0, &(0x7f0000000640)) getresuid(&(0x7f0000000040), &(0x7f0000000a00), &(0x7f0000000a40)) gettid() stat(&(0x7f0000000b00)='./file0\x00', &(0x7f0000000b40)) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000bc0), &(0x7f0000000c00)=0xc) stat(&(0x7f00000010c0)='./file0\x00', &(0x7f0000001100)) sendmmsg$unix(r2, &(0x7f00000012c0)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000180)}], 0x1, &(0x7f0000000680)=[@rights={0x30, 0x1, 0x1, [0xffffffffffffffff, r0, r1, 0xffffffffffffffff, r2, r2, r0]}, @cred={0x20, 0x1, 0x2, r3, r4, r5}, @rights={0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r2, 0xffffffffffffffff, r2, r1]}, @rights={0x20, 0x1, 0x1, [0xffffffffffffffff, r1, r1, 0xffffffffffffffff]}, @cred={0x20, 0x1, 0x2, r6, r7, r8}], 0xb8, 0x4044884}, {&(0x7f0000000c80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001040)=[{&(0x7f0000000fc0)="fa9996d49f155c67b91791c3e26c35c504fd781495c894f846f11109e7013c7b2c6d16cc24f76a4694779d163f5390d77f82bebce9f1ca8d9b7ef4763fc27c81474b1c483f8d81e1aba615", 0x4b}], 0x1, &(0x7f0000001240)=[@rights={0x28, 0x1, 0x1, [0xffffffffffffffff, r2, r2, 0xffffffffffffffff, r2]}], 0x28}], 0x2, 0x40000) sendmmsg(r1, &(0x7f0000007e00), 0x4000000000000f4, 0x0) ioctl$sock_SIOCGSKNS(r2, 0x894c, &(0x7f00000000c0)=0x7847571d) 23:02:40 executing program 2: r0 = socket$inet_sctp(0x2, 0x205, 0x84) openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x40) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) clone(0x802122101ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f00000002c0)={'syz', 0x1}, &(0x7f0000000300)="f8f18e3c308d8552bc958d3f953b1b5cd7512e3ca390f332daea5921b8a730a840aa264671ee95026709d267e94b52b633e2df16216db85ced6a4858a560f50dc99f97e46f72cf5e3437b34b0ce04baacdaa7d22fa185686c5407f4c9ed0f7b3edaf8abec4c49c0b86112df7882a3baafda50c60e3fc817a2ef65b56ed6916faed8a2bbbed8b21c407bdba4038815bc19168cafbb14a86052ec94264", 0x9c, 0xfffffffffffffff8) keyctl$assume_authority(0x10, r2) getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180), &(0x7f0000000200)=0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b700000005ed0050bfa30000000000000703000028feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000005504000001ed00001d040000000000002c46000000006b0a00fe000000008500000007000000b70000000000000095000000000000000000"], &(0x7f0000000100)='EPL\x00'}, 0x48) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000240)={0x7, 0x0, 0xffffffff7fffffff}) lremovexattr(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)=@random={'security.', 'ppp1&mime_type,'}) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000500)={0x0, 0xffff, 0x4, [0x1, 0x80d, 0x401, 0x90f]}, &(0x7f0000000540)=0x10) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000580)={r3, 0x0, 0x1ff, 0x400}, 0x10) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f00000000c0)={0x1, 0xdc81}, 0x8) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(0xffffffffffffffff, 0x40045731, &(0x7f00000004c0)=0x9) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000080), 0x8) exit(0x0) r4 = gettid() setpriority(0x1, r4, 0x140) [ 369.436526] FAULT_INJECTION: forcing a failure. [ 369.436526] name failslab, interval 1, probability 0, space 0, times 0 [ 369.475059] CPU: 0 PID: 13680 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 369.482439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 369.491799] Call Trace: [ 369.494405] dump_stack+0x1c4/0x2b4 [ 369.498071] ? dump_stack_print_info.cold.2+0x52/0x52 [ 369.503299] ? __kernel_text_address+0xd/0x40 [ 369.507800] ? unwind_get_return_address+0x61/0xa0 [ 369.512741] should_fail.cold.4+0xa/0x17 [ 369.516833] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 369.521987] ? save_stack+0xa9/0xd0 [ 369.525636] ? graph_lock+0x170/0x170 [ 369.529464] ? kasan_slab_alloc+0x12/0x20 [ 369.533630] ? kmem_cache_alloc+0x12e/0x730 [ 369.537969] ? mmu_topup_memory_caches+0xf7/0x390 [ 369.542819] ? kvm_mmu_load+0x21/0xfa0 [ 369.546724] ? vcpu_enter_guest+0x3dbe/0x6380 [ 369.551232] ? graph_lock+0x170/0x170 [ 369.555047] ? ksys_ioctl+0xa9/0xd0 [ 369.558696] ? __x64_sys_ioctl+0x73/0xb0 [ 369.562775] ? do_syscall_64+0x1b9/0x820 [ 369.566853] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.572243] ? find_held_lock+0x36/0x1c0 [ 369.576354] ? __lock_is_held+0xb5/0x140 [ 369.580440] ? ___might_sleep+0x1ed/0x300 [ 369.584617] ? arch_local_save_flags+0x40/0x40 [ 369.589223] __should_failslab+0x124/0x180 [ 369.593486] should_failslab+0x9/0x14 [ 369.597331] kmem_cache_alloc+0x2be/0x730 [ 369.601497] ? mmu_topup_memory_caches+0xf7/0x390 [ 369.606356] mmu_topup_memory_caches+0xf7/0x390 [ 369.611092] kvm_mmu_load+0x21/0xfa0 [ 369.614825] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 369.619772] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 369.625328] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 369.629960] vcpu_enter_guest+0x3dbe/0x6380 [ 369.634314] ? emulator_read_emulated+0x50/0x50 [ 369.638999] ? vmx_vcpu_load+0xb06/0x1030 [ 369.643166] ? vmx_write_tsc_offset+0x680/0x680 [ 369.647847] ? graph_lock+0x170/0x170 [ 369.651680] ? lock_downgrade+0x900/0x900 [ 369.655843] ? check_preemption_disabled+0x48/0x200 [ 369.660889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 369.666449] ? check_preemption_disabled+0x48/0x200 [ 369.671493] ? check_preemption_disabled+0x48/0x200 [ 369.676530] ? __lock_is_held+0xb5/0x140 [ 369.680622] ? lock_acquire+0x1ed/0x520 [ 369.684619] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 369.689652] ? lock_release+0x970/0x970 [ 369.693644] ? kvm_gen_update_masterclock+0x350/0x350 [ 369.698848] ? kvm_arch_dev_ioctl+0x630/0x630 [ 369.703409] ? preempt_notifier_dec+0x20/0x20 [ 369.707934] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 369.712784] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 369.717871] kvm_vcpu_ioctl+0x72b/0x1150 [ 369.721955] ? kvm_vcpu_block+0x1030/0x1030 [ 369.726297] ? find_held_lock+0x36/0x1c0 [ 369.730375] ? __fget+0x4aa/0x740 [ 369.733845] ? check_preemption_disabled+0x48/0x200 [ 369.733866] ? kasan_check_read+0x11/0x20 [ 369.733908] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 369.733926] ? rcu_bh_qs+0xc0/0xc0 [ 369.733950] ? __fget+0x4d1/0x740 [ 369.743131] ? ksys_dup3+0x680/0x680 [ 369.759067] ? find_held_lock+0x36/0x1c0 [ 369.763146] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 369.768099] ? kvm_vcpu_block+0x1030/0x1030 [ 369.772454] do_vfs_ioctl+0x1de/0x1720 [ 369.776385] ? __lock_is_held+0xb5/0x140 [ 369.780461] ? ioctl_preallocate+0x300/0x300 [ 369.784892] ? __fget_light+0x2e9/0x430 [ 369.788890] ? fget_raw+0x20/0x20 [ 369.792361] ? __sb_end_write+0xd9/0x110 [ 369.796440] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 369.801989] ? fput+0x130/0x1a0 [ 369.805285] ? do_syscall_64+0x9a/0x820 [ 369.809275] ? do_syscall_64+0x9a/0x820 [ 369.813264] ? lockdep_hardirqs_on+0x421/0x5c0 [ 369.817868] ? security_file_ioctl+0x94/0xc0 [ 369.822309] ksys_ioctl+0xa9/0xd0 [ 369.825784] __x64_sys_ioctl+0x73/0xb0 [ 369.829684] do_syscall_64+0x1b9/0x820 [ 369.833583] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 369.839006] ? syscall_return_slowpath+0x5e0/0x5e0 [ 369.843963] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.848824] ? trace_hardirqs_on_caller+0x310/0x310 [ 369.853853] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 369.858897] ? prepare_exit_to_usermode+0x291/0x3b0 [ 369.863931] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.868791] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.873989] RIP: 0033:0x457569 [ 369.877210] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 369.896116] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 369.903841] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 369.911125] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 369.918400] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 369.925673] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 23:02:40 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r1, r0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x141000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0xffffffffffff8001) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020400000cf4bfc268fb00000000000000000000000200010000000000000000000000000005000600000000000a00000000000000ff0200000000000000000000000000010000000000000000030005000000000002000000e00000010000000000000000"], 0x60}}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmmsg(r3, &(0x7f0000000180), 0x400000000000117, 0x0) 23:02:40 executing program 2: lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)) r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000100)={'syz', 0x1}, &(0x7f0000000140)="0416ff5179c0f740fa", 0x9, 0xfffffffffffffff9) keyctl$read(0xb, r0, &(0x7f0000000180)=""/199, 0xc7) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = accept4$inet6(r1, &(0x7f0000000280)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, &(0x7f00000002c0)=0x1c, 0x80800) add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000340)={'syz', 0x3}, &(0x7f0000000380)="d9adbee0db13d7ad8dfb95549746945398da9a6799d8ffdc1c366c4aeb0f6e434d69d18b33e76becb7de9462eda343d9b0af22e8765b9f722916546262051e8a523538b2a26a4170429e2da016164eab163826897c7b4531c0da1e92cc79a3d22d16", 0x62, 0xfffffffffffffffe) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000400), &(0x7f0000000440)=0xc) r3 = syz_open_dev$audion(&(0x7f0000000480)='/dev/audio#\x00', 0x5, 0x6000) setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000004c0)={@in={{0x2, 0x4e22, @loopback}}, 0x5, 0x5, 0x81b7, "d42a2de8665e9d74339167a430edf7fdbbf7f58c57bb372df1e5bb2f5edabf0baafabb69a40ebea977512822b6111f3f00d7d8425a0865ad6b4527bc87f9f0b4448b53dcc172f8f7265177721d1cd589"}, 0xd8) ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f00000005c0)) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000600)={0x0, 0x0, 0x7, 0x0, [], [{0x6, 0x5, 0x81, 0x1, 0x5, 0xd2}, {0x0, 0xffffffffffffff10, 0x6a, 0x1, 0x7, 0x7}], [[], [], [], [], [], [], []]}) ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000880)=""/4096) r4 = dup3(r1, r1, 0x80000) ioctl$int_out(r2, 0x5460, &(0x7f0000001880)) write$FUSE_NOTIFY_POLL(r3, &(0x7f00000018c0)={0x18}, 0x18) setxattr$security_evm(&(0x7f0000001900)='./file0\x00', &(0x7f0000001940)='security.evm\x00', &(0x7f0000001980)=@ng={0x4, 0x6, "2bff3b"}, 0x5, 0x1) r5 = msgget(0x2, 0x0) msgctl$IPC_RMID(r5, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f00000019c0)={0x2001}) readlink(&(0x7f0000001a00)='./file0\x00', &(0x7f0000001a40)=""/155, 0x9b) prctl$getname(0x10, &(0x7f0000001b00)=""/4096) setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000002b00)={@in6={{0xa, 0x4e24, 0xdbb, @loopback}}, 0xffff, 0x4, 0x3, "7399d6b177b89b5b75d9008ab0d82c53d2e6ea0adc9b35d120b95ce55796c08b6430a57fbe2115a5fe6ba4e4299b94dad0c6430c1e2f812d60feae74cb3f1ef4048440e08bbcf56d6ef34cdacbf7536e"}, 0xd8) r6 = dup2(r3, r2) ioctl(r3, 0x5a52, &(0x7f0000002c00)="e05d463ad86ce1e205958c8df50c17c9eed5ce9fdfda29ce0b22e88fd6564d8e41f94cc3982958a1f6de46a0b12858a051cf7881ccd132efac650ea849b4c23c4b76ea24b88c4086c036a1985361e10166909fdecec53e6861024e2a17d14353648d9061ebcdc033c6004e0e6ef1e33a692193027a14fb3330db71f5237b453c80dd6e3716057d21f714516e2ac23594d86153ee0fa29d97a7bd2eba09cb550ede699e578bd4b4c0955bd2e8bd76f4a9b354ec5ef4d7cb7c24586d98cebe390b2d2a663d62856495986d27e8b792393b044581f9a07e1a83fe8e00fc98003b1b8870f091cf18a38d8b7db7414756f2a9690526bf0c96c592b2e67cdfb2457d8927bee3f04917222ef6adc352a9df47500245e29665e4af750c282dda20b397a81cb170a003bcde2707752a90ee745908106498f0e0579c83310501137785a8490b6261d774dd6f6bfbd76b1c8147a810144201ed34105eeea76074cf1bba63148b2cc0cae5b35906b07eae8d2343b037819dd38480db213438f670d8396e2c9c6440d72b0ee044e5fca8644a99cdfa4183d268e48596ae1182bde5248b7021d0b83d0af06496dc02686e034524329dd11fa60d398ee36f76651b179acee8536e525be77becd562dc9c295fe4828e57534d30bb775eff36a5bdd9af83beaff767fd8aaff3a93f281cbac30a74956fb2b3d424cc656bd0a25465b8d189283260cf449fd64779697c1d287372e11058c53baa3d64e15beefc4bca8b889319ecec66808373439514597bb52a1c315e60942364121fde944f97aa1e5be41ababe22a475eeea1040bcf7ebc199c2b2dce3adbf800ac78c100155a77c06dd8e61c790896e5a7dda5916f2648433ee69dc328352ea59cba0a40f826428990e84e470d1f231cd606baed87c17127f962201910e7e6cddc1a3fd40cff04a0b50aefe5c0a45b76ef62171c61c6e48235539856d718761581cd8b5a3fe3d04b6981a166886025eb007f9074f173677b329868cb222bd90e65d6290e70893b80e1e825fc8cad731bb68d17cdb212eba0e48da45f344cfc85179be9646d6d0d9e97d133feb7e911c737b57391f9038af38a08e001ddb142431fdca1f45e5a175960c41a04a63f265117ac667bf8394b9f17340265228f1ab017c13c1af97580ab627b5329a7c1c9454a3eef738dc2328d69c2b70ad688caa9caef6a7064eaad13e7975f7596cd47d63fa10a4332f4c553f59876da91792ce51f1e3be088bff8db10d0e1c74daa0045afacf5d833689da5229fdf83e79e156c9be41c34b5bad1d13920ea7a9db19e0ceb436806cabcbc7b628d2f5a76d1e88b85b2b31d0b5c4cfbcf371f3e981fdb32122018c0fa9afbbb244bb5dc7a0079f323587d42883502de78c62f4b94e87fe67116b43d5cc043b1c59b85059094ea99aa0ee682beda3eb9f32d34a66c4fc0dd241dd5572493f3fdc2fa246ddbc9d3729ac093ba996f553c6d36f77538b2e6f0cade9a0822182cbd47a8fcff79eb0232188d8c69e65406e687532ef1db9267c5bf42653eacc521b142abd25e54e514160ba0ebe998c42dbf95fc55dd17cac2b80e3275f2424771e441f89cdbd951711e14555ffa07ff9d7ddd372745a0f9716419487f71884402aaae36c6fb0983fb223398f1ef42d55e5bf6de4bb1be2eed040dafefdbb361d47dfc56ff154695b24a75ac537d51428d1a54489998630db790693b441233439f8bd26cfa4773b6c567fc2c6110e73d249c937282c2fb9d1d5009ee35f503f95cfc40a8ef40337bb64bf0a0fac12c517108bca58145a9fc1bc9fbb11b4849935c641d9b840bcee265429abf78154b04df5d7f7450accdf1b4d3f23b35952e00da97d4d5f219a111b14cd6e3dd0a815d990e957da579aced06c8bf305b4e7cc1f4fb643ba2634ed8177f5198a6d29baa53c982869a8a3776ac4bdb7f42e4fd23b7a7c8760e239e5a1de284b036c44c6990d2a85c0d431b0fb298ba8ac15833538eb4a1df9c49c4bba98935555368f708ef6515f1507eccd2c93561130c7fa17552b81eadd9123a78c8a7e3781054c65085bc154bdc85e29e7bf1eb8fef8662169672b2db233b119ff2c6be951bdcc23c1ea06cc43447f173fc6514e1f4947984e2473c63067a510109b9341612fbbfe5ca862d2b238cf1d188918f68a7b58de8dce385ec0ff8179277a18cbece2694969f1bab2cca2c2b9a247772b37062a046cff3a93550dabd47e4d82c6f7dcdca20ef536e0421970210f832639b1129dad50f6e9a1a73460e8786a0c7a5b30a18ab7bf82898d21ea30fa54b9d36ffdb668f9826b3b6f476440ae9471c7f39dc44425024debfeb36e6855ad8c11eb858ec7916e88b955b772e1d31cb2646f4b7ac3a3a1607c0d177ec3c7158db9a84003e18ba3210f85fb553d0f8c4e64d0ca533cf24e8b4748ae0ed0d20d6ea697a52ac4834c7b4a227a5e763ac90573b79f7860f9473a9ea20d42482f40c0f2e069410d4d6ccd733bf4dcbeca6200e06c13779c7e0e9157824b4993e15075923f1c65d8453c6dd1c306a22b41c0e4de2d609080b03213c2f746305cf32e0dcd0c1016a3412718895744dd2e0f21093d3c467afc4d363663bf84c67da97feb6626471b7172d200c4d545512b85cf8d35e5c4d8b5bddcc141b502d422a518261e2ee0cad651f8983bca4a0f10852300b154c3ad035ed17ab1463b267f8deeb72520457ed2eea34fad0c98c58a7c221bcae2949b67577ac56310f086424d5f10b81856179a1359e41aa24104003bbd2f1726d1faa81d24cb8bb72872c001cc4442921f9c8eb76fd6eb2a8294afaffb597112db6bc3d2aed23b1e532a599fc672b2883ad4b04b436534623f58fde1c39516296fdad0039ecce37b27c20952207430a7672accc800f96fe9a5f3d61e5f88f7988b826e3406912b9a223089eb5f78e2d79382fae7db60c6f5a85f2f885e175f8ad933d88d47f35bced65b1df56070298784dfc921c0fd66ca6495d6183cc04d95e146781ad5a4b2fda4636ab59ec518b13da26584f63a8141367cfc9dbee31200982934c80bab65dd8d03b158fc4e37b77ec71a039964cfbef10fa5cd10b5af01fce88cc8248391c77dbad50da35ccddc8041eb5e401c6d9771d9feac5ad96be9bae1ce5996e3723b8d72fe54f4909f14dc3af42b895f3bd21c692154739437df5764c290045ad59f98eae95d3b0c45f7a1a2fd325a6728f39135fe76522be1fd02fe7751abc0734be10220136e7c3d572c51667325ad51ded065d196a08545fafaa41d1b5347411ef876c6e48c051f9dc25006bab051b3a5f8986b52f0d330824ff47b42227902d337f18f704950f8c9cce680445bbb2f4fab95257ff541dd3cff215dd7b3187fb214f876278ecfff6afaba8cb488a668b99fd0a52a997cf37942bd539897b832c871936f2aaa8bef23173b6b5be09502a9bbbc13d2623a8b7e317b155039fc2454846eb924b976dbf61d6e5b5ec9e958d719a83fa59bd94192b535ffc81f81d16f6b947f16d278084bb39032c7f2d2aebc4b9ef82154a6e463c2e099c6a53aa676f89cf70f0c98b47d5e2a5365e0b2676e6523660c7905efd99309fa77f8be781879d3835d860a4337149d12d136c663b54fe13ddd4386a30f51d56f8a3fb0657a5091679edbe2176597885b8df23f71c3b2a725c13dfe18fb098622b48deb7007d0523831c4a25b6b56ff3fbfa757dc412b35d35206607967a39cea1f113e365711b4e846f426e84567cce95dd0220125a5eb16d6af85678bed69ee9345b3418ae929bb04a27c5387fc3ca52ef85dadda28a11ccd410915c956efc9b24f3c63d905d8b174438bc20f5efb9cd54da0c689ea5b87f6e4070bbd3d958830037be7fd3b835ede6ab48a7f351bb9f502a1c308eb67313df9e578a174e7593d7358af3bc0fcf7f5708c5d632bdce3322a75f897869e6907c4bb99b166eaf378e87179e4283a310a6846e26f1b7e673a936555eaf17780de37f1f4fd18e3f7a9b4a902f0274e36326de29a804a4600f8ea7a8281e372e5da3213c26fc9591960e7c7de09ad9c0460cd83f6b99e06b87d1bb5df013dcec98a5ca59f5e69ce51eb801ba3bd434c4841cf43b7a5b9090f10cd621d06bde34b89cb3921e2e985e73da41241f99b6bcfa2dcce232adbf3239ee5f9593a23547babd8d2fea27b777ec8a8fb30e4ccb712661e39d3e2b0d734246d7e8c0e6f2b58a7b520c8c130bbd24fedcd53db81608315c5e4710678c94a10d76c3586cde0adf75a5d2dcd3c88b451ad346a349c5b91dbc8e90990dddf4339d276016af8d3cf5930fb0b8fde402d1d2e4fc97d063fc2237da0b2b61fc149bc624149928d68dfcce3aad997a41b4787bc65d4c17e708d53563f3da78e4babe97b62654d8f20708ad852455c60e30ca53290f07b1eda81f273e690219a1dbef9124f35432d14a97d65bc5c89c2987db03b94cd58d5c12c4f95a0ddb3fb7c9f88b1e3d0f29f812a8bc77353097b28944fc032dc6e982481266ce39eb86b4512d97c16d6f3a1c12d0da1f5ca2cb0fda7b18a5501298c5b86404e333e54a2ba37261f843c5c1a9f0a18c797a1767e9bf74563a4d69dc357714ccd9d652f8d1919a272eff2f9c69837329b2d6f5e6f665c8fc418f71eb089e55074aee52909e2b6adae5b0f92d6b829d3e5ddb2607fa6929276364f0743aa4812e5f20a698a7b167abef5d8b3d98d35a72a895def4ca8f14c38493e8415ec464a816e290eb35e1049287f6ec029afad8639cfe0b28fe7891e422a9e264a8615e11736b571394316371a2a28771987e245ad0c97f70b8d95a76b8c345e7e5e1f11c4472b78072ad31116917ebfcf559f6341899ef697f3255431b4d4f841d5b3986e62f39e507b207fc942b4bfe07dffb3392e52681185a6faa15b208490a621fa9097ae6832697ac36669573ef855e6e3e6ed92a723f3a5b741c24280a962e1da5c7f3d5a808eabc4a880aa93810ee03c86ee804fb57557beb5b3e88e65963b1301bf574a52930541891d521a732b35bd23725060a188aa5fa8df3fdc4ae81f470cb9c06237b4cb00110244bf329b51fd32aeb43b245dcb044711d159145ca3fa8b9c8fd6b996b9c9b96dd00c64c3e4a1a8af3b669667afbe7e92b40a1bbb8b7670425fbe92d2215c94449596f919e045dc22c693b166604586e4a82eb6dcab60e560c3b7b85449f7e9b41ec2c65d2a02bc9ddfd0934eb19077ea52fc305da8f6a27f312d4242dda0b797026318b1608beab4bf54825c21520fbabdd29a6170729aca50ed86d07eb849d79f4d98392486b7ed207100b01ab65734c22cff24a57c84c4a18e24c27b579a12b5e201d3eea94daf88b88214dd6bf784ee43b802344c2025a6ec94c74fd3d48ba7894f92a4dc08cbeb0747f94490978a47df76fa6c83f161c7f21ad9aecae3e53c5a7c5400e6dfad303efe2ffa2fa4e79f0716a3e81e9b98de42543e003df33a0b97f24b8e3f27fafbfe3c15267de1b08c80954a13584f8dd945494d145e198e258bc3458e715422a2df6525659792e44bd840412bc638e78b510ec8e11f3b5e9781bbeb83d6e94350105faaa18241273934ae0ca8ac71e5ac922ea498d910e5ab7cabdee4e1c58331c114cb611fcb56bd4ce92d9277c29f25f89898943b7d3831d75a7da71e7f32c15b7a1b78ea457e351dabb84be8cee365279bd4c23047d5f492829f88e70623ba38814917ad0c6e0af7b7b56b5c0b414ed934a293a7aeac44cec0b7b66e7b728eb8713ac1f12ff40f372f718d34") ioctl$EVIOCSMASK(r4, 0x40104593, &(0x7f0000003d00)={0xb746f152ae5885c2, 0xea, &(0x7f0000003c00)="e6c090f08d2666e6bc5d2e5c651d08b0cda9f3a2b04f7b2116f7e06e0d1be793b8acfcb5f1dbc9702e2d5f90fe7e454d924257af9b34caffaccb0736ca9fed7acdf3acbc3d596b6f73e28c9b2a1485d99431267699d7a37d74923f5e74ed22b0aed9cc29300cb8acdd5fe60f72781909a618735bef12349ef792ad505bad4c43f9dd62176cc4f0c737375454242542c3943627f56360ecb765c9736f9a8833d75ff8dd1a1f2566e7b305dd8c7e43e97ab0c413619e6441fb7bd6bb0786adb3f8764d643a1b9ad224ef2b952b663850fc7b5ee9ce440ed223a818415610cb95d03655f5a3616b7edf3031"}) ioctl$sock_SIOCGIFBR(r3, 0x8940, &(0x7f0000003d80)=@add_del={0x2, &(0x7f0000003d40)='ip6_vti0\x00', 0x4000400000000000}) ioctl$sock_netdev_private(r6, 0x89fa, &(0x7f0000003dc0)="03420868b9aa067c0ceed68ac5aa14eb269f9233234a440093b3077c5a087fd14098651902d209685cea86") pwrite64(r3, &(0x7f0000003e00)="f897919208547bbe90a27ab3e7c474c86b495a5283098e60cb5d39dfba215cb1daf6523077eeae17bf633ba4aaf76c9e0d0a6d77561fcc96540b7b92cae80aebfddd34f295900d3b7ca6914fb40c", 0x4e, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$FIBMAP(r3, 0x1, &(0x7f0000003e80)) [ 369.932950] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:40 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x3f, 0x8000) ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f0000000180)={0x4, {0x2, 0x4e20, @loopback}, {0x2, 0x4e20, @loopback}, {0x2, 0x4e20}, 0x282, 0x1, 0xfff, 0x800, 0x7, &(0x7f0000000040)='vlan0\x00', 0x6eb, 0x101, 0x8}) tkill(r0, 0x1000000000016) 23:02:40 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x15}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:40 executing program 5: r0 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f00000002c0)={'syz'}, &(0x7f0000000480)="2206297b6895b66147b3c7218a9169a85ea0bdc9e1587a57d422b5ae5c135342e33089754c8107c3cd3923dd4a71c2ff0f6e7b6b4816122d2550689eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000000000000000b4ec24c53d3d661ff5ff70e4880617bac218cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe273f4772539844a12876dc0217de9b895c949bc32336eb852064e0791b63d541f79", 0xc0, 0xfffffffffffffffe) r1 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0x2, 0x101000) ioctl$SIOCGIFHWADDR(r1, 0x8927, &(0x7f0000000140)) r2 = add_key$user(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz'}, &(0x7f00000003c0)="a5", 0x1, 0xffffffffffffffff) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000001c0)=@int=0x6f, 0x4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r2, r0, r2}, &(0x7f0000000080)=""/114, 0x72, &(0x7f0000000240)={&(0x7f0000000040)={'sha224-generic\x00'}, 0x0, 0x17}) 23:02:40 executing program 4 (fault-call:7 fault-nth:38): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:40 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0xa0040) r1 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffffff) perf_event_open$cgroup(&(0x7f0000000100)={0x4, 0x70, 0x100000001, 0x3, 0x0, 0x0, 0x0, 0x5, 0x10, 0x4, 0x81, 0x5, 0x3f, 0x0, 0x3, 0x31370ad2, 0x6, 0x8, 0xa1, 0x4, 0xa76, 0x6, 0x1, 0x0, 0x7fffffff, 0x7f, 0x2, 0x8, 0x4, 0x29, 0x9, 0x1, 0x7, 0x263, 0x800, 0x2, 0x0, 0x7, 0x0, 0x83, 0x0, @perf_config_ext={0x5, 0xf2c}, 0x4000, 0x7, 0xbbbb, 0x2, 0x4, 0x3ff, 0x4}, r0, 0x10, r1, 0x3) r2 = semget$private(0x0, 0x207, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semtimedop(r2, &(0x7f0000000180)=[{0x2, 0x7, 0x1800}, {0x1, 0x4, 0x1800}, {0x3, 0x180000000000000, 0x1800}, {0x3, 0x0, 0x800}, {0x3, 0x5, 0x800}, {0x0, 0x10000, 0x1800}], 0x6, &(0x7f00000001c0)={0x77359400}) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000080)=[0x7]) semtimedop(r2, &(0x7f0000000040)=[{}, {}], 0x2, &(0x7f00000000c0)={0x77359400}) semctl$IPC_RMID(r2, 0x0, 0x10) 23:02:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000001c0)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10010174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c888c9ff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x77359400}, {0x0, 0x1c9c380}}, &(0x7f00000010c0)) tkill(r3, 0x1000000000016) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = socket$bt_rfcomm(0x1f, 0x4a326d07ef78d389, 0x3) ioctl$sock_SIOCGSKNS(r4, 0x894c, &(0x7f00000000c0)=0x6) r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$VHOST_RESET_OWNER(r5, 0xaf02, 0x0) [ 370.186332] FAULT_INJECTION: forcing a failure. [ 370.186332] name failslab, interval 1, probability 0, space 0, times 0 [ 370.215301] CPU: 1 PID: 13727 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 370.222719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.232081] Call Trace: [ 370.234718] dump_stack+0x1c4/0x2b4 [ 370.238382] ? dump_stack_print_info.cold.2+0x52/0x52 [ 370.243638] ? __kernel_text_address+0xd/0x40 [ 370.248170] ? unwind_get_return_address+0x61/0xa0 [ 370.253118] should_fail.cold.4+0xa/0x17 [ 370.253141] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 370.253181] ? save_stack+0xa9/0xd0 [ 370.262333] ? graph_lock+0x170/0x170 [ 370.262348] ? kasan_slab_alloc+0x12/0x20 [ 370.262365] ? kmem_cache_alloc+0x12e/0x730 [ 370.262391] ? mmu_topup_memory_caches+0xf7/0x390 [ 370.262404] ? kvm_mmu_load+0x21/0xfa0 [ 370.262420] ? vcpu_enter_guest+0x3dbe/0x6380 [ 370.262438] ? graph_lock+0x170/0x170 [ 370.295279] ? ksys_ioctl+0xa9/0xd0 [ 370.298904] ? __x64_sys_ioctl+0x73/0xb0 [ 370.302981] ? do_syscall_64+0x1b9/0x820 [ 370.307048] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.312447] ? find_held_lock+0x36/0x1c0 [ 370.316516] ? __lock_is_held+0xb5/0x140 [ 370.320600] ? ___might_sleep+0x1ed/0x300 [ 370.324754] ? arch_local_save_flags+0x40/0x40 [ 370.329793] __should_failslab+0x124/0x180 [ 370.334034] should_failslab+0x9/0x14 [ 370.337840] kmem_cache_alloc+0x2be/0x730 [ 370.341989] ? vmx_flush_tlb_gva+0x380/0x380 [ 370.346435] ? print_usage_bug+0xc0/0xc0 [ 370.350512] ? ima_get_action+0x7e/0xa0 [ 370.354493] ? mmu_topup_memory_caches+0xf7/0x390 [ 370.359342] mmu_topup_memory_caches+0xf7/0x390 [ 370.364019] kvm_mmu_load+0x21/0xfa0 [ 370.367741] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 370.372677] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 370.378217] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 370.382807] vcpu_enter_guest+0x3dbe/0x6380 [ 370.387144] ? emulator_read_emulated+0x50/0x50 [ 370.391820] ? vmx_vcpu_load+0xb06/0x1030 [ 370.395979] ? vmx_write_tsc_offset+0x680/0x680 [ 370.400662] ? graph_lock+0x170/0x170 [ 370.404463] ? lock_downgrade+0x900/0x900 [ 370.408635] ? check_preemption_disabled+0x48/0x200 [ 370.413660] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 370.419198] ? check_preemption_disabled+0x48/0x200 [ 370.424215] ? check_preemption_disabled+0x48/0x200 [ 370.429242] ? __lock_is_held+0xb5/0x140 [ 370.433306] ? lock_acquire+0x1ed/0x520 [ 370.437283] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 370.442305] ? lock_release+0x970/0x970 [ 370.446324] ? kvm_gen_update_masterclock+0x350/0x350 [ 370.451514] ? kvm_arch_dev_ioctl+0x630/0x630 [ 370.456019] ? preempt_notifier_dec+0x20/0x20 [ 370.460532] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 370.465382] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 370.470427] kvm_vcpu_ioctl+0x72b/0x1150 [ 370.474495] ? kvm_vcpu_block+0x1030/0x1030 [ 370.478821] ? find_held_lock+0x36/0x1c0 [ 370.482922] ? __fget+0x4aa/0x740 [ 370.486389] ? check_preemption_disabled+0x48/0x200 [ 370.491439] ? kasan_check_read+0x11/0x20 [ 370.495590] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 370.500880] ? rcu_bh_qs+0xc0/0xc0 [ 370.504437] ? __fget+0x4d1/0x740 [ 370.507901] ? ksys_dup3+0x680/0x680 [ 370.511622] ? find_held_lock+0x36/0x1c0 [ 370.515695] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 370.520641] ? kvm_vcpu_block+0x1030/0x1030 [ 370.524965] do_vfs_ioctl+0x1de/0x1720 [ 370.528856] ? __lock_is_held+0xb5/0x140 [ 370.532924] ? ioctl_preallocate+0x300/0x300 [ 370.537339] ? __fget_light+0x2e9/0x430 [ 370.541322] ? fget_raw+0x20/0x20 [ 370.544794] ? __sb_end_write+0xd9/0x110 [ 370.548879] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 370.554419] ? fput+0x130/0x1a0 [ 370.557703] ? do_syscall_64+0x9a/0x820 [ 370.561679] ? do_syscall_64+0x9a/0x820 [ 370.565657] ? lockdep_hardirqs_on+0x421/0x5c0 [ 370.570250] ? security_file_ioctl+0x94/0xc0 [ 370.574667] ksys_ioctl+0xa9/0xd0 [ 370.578125] __x64_sys_ioctl+0x73/0xb0 [ 370.582039] do_syscall_64+0x1b9/0x820 [ 370.585953] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 370.591321] ? syscall_return_slowpath+0x5e0/0x5e0 [ 370.596249] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.601100] ? trace_hardirqs_on_caller+0x310/0x310 [ 370.606124] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 370.611147] ? prepare_exit_to_usermode+0x291/0x3b0 [ 370.616199] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.621047] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.626233] RIP: 0033:0x457569 [ 370.629430] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 370.648329] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 370.656037] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 370.663303] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 370.670567] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 370.677861] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 23:02:41 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000240)=@srh, 0x8) connect$inet6(r1, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev, 0x4}, 0x79) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xd3, 0x4fd) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000080)={r1}) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000002c0)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000300)={{{@in=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @loopback}}, 0x0, @in=@remote}}, &(0x7f0000000400)=0xe8) fstat(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000004c0)=0x0) getresuid(&(0x7f0000000500), &(0x7f0000000540)=0x0, &(0x7f0000000580)) getresgid(&(0x7f00000005c0), &(0x7f0000000600)=0x0, &(0x7f0000000640)) getresuid(&(0x7f0000000040), &(0x7f0000000a00), &(0x7f0000000a40)) gettid() stat(&(0x7f0000000b00)='./file0\x00', &(0x7f0000000b40)) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000bc0), &(0x7f0000000c00)=0xc) stat(&(0x7f00000010c0)='./file0\x00', &(0x7f0000001100)) sendmmsg$unix(r2, &(0x7f00000012c0)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000180)}], 0x1, &(0x7f0000000680)=[@rights={0x30, 0x1, 0x1, [0xffffffffffffffff, r0, r1, 0xffffffffffffffff, r2, r2, r0]}, @cred={0x20, 0x1, 0x2, r3, r4, r5}, @rights={0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r2, 0xffffffffffffffff, r2, r1]}, @rights={0x20, 0x1, 0x1, [0xffffffffffffffff, r1, r1, 0xffffffffffffffff]}, @cred={0x20, 0x1, 0x2, r6, r7, r8}], 0xb8, 0x4044884}, {&(0x7f0000000c80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001040)=[{&(0x7f0000000fc0)="fa9996d49f155c67b91791c3e26c35c504fd781495c894f846f11109e7013c7b2c6d16cc24f76a4694779d163f5390d77f82bebce9f1ca8d9b7ef4763fc27c81474b1c483f8d81e1aba615", 0x4b}], 0x1, &(0x7f0000001240)=[@rights={0x28, 0x1, 0x1, [0xffffffffffffffff, r2, r2, 0xffffffffffffffff, r2]}], 0x28}], 0x2, 0x40000) sendmmsg(r1, &(0x7f0000007e00), 0x4000000000000f4, 0x0) ioctl$sock_SIOCGSKNS(r2, 0x894c, &(0x7f00000000c0)=0x7847571d) [ 370.685129] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:41 executing program 4 (fault-call:7 fault-nth:39): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 370.802901] FAULT_INJECTION: forcing a failure. [ 370.802901] name failslab, interval 1, probability 0, space 0, times 0 [ 370.839951] CPU: 1 PID: 13743 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 370.847328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.856688] Call Trace: [ 370.859293] dump_stack+0x1c4/0x2b4 [ 370.862967] ? dump_stack_print_info.cold.2+0x52/0x52 [ 370.868179] ? __kernel_text_address+0xd/0x40 [ 370.872691] ? unwind_get_return_address+0x61/0xa0 [ 370.877642] should_fail.cold.4+0xa/0x17 [ 370.881726] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 370.886844] ? save_stack+0xa9/0xd0 [ 370.890484] ? graph_lock+0x170/0x170 [ 370.894293] ? kasan_slab_alloc+0x12/0x20 [ 370.898451] ? kmem_cache_alloc+0x12e/0x730 [ 370.902781] ? mmu_topup_memory_caches+0xf7/0x390 [ 370.907649] ? kvm_mmu_load+0x21/0xfa0 [ 370.911546] ? vcpu_enter_guest+0x3dbe/0x6380 [ 370.916091] ? graph_lock+0x170/0x170 [ 370.919900] ? ksys_ioctl+0xa9/0xd0 [ 370.923536] ? __x64_sys_ioctl+0x73/0xb0 [ 370.927615] ? do_syscall_64+0x1b9/0x820 [ 370.931703] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.937082] ? find_held_lock+0x36/0x1c0 [ 370.941177] ? __lock_is_held+0xb5/0x140 [ 370.945291] ? ___might_sleep+0x1ed/0x300 [ 370.949453] ? arch_local_save_flags+0x40/0x40 [ 370.954070] __should_failslab+0x124/0x180 [ 370.958323] should_failslab+0x9/0x14 [ 370.962138] kmem_cache_alloc+0x2be/0x730 [ 370.966320] ? mmu_topup_memory_caches+0xf7/0x390 [ 370.971235] mmu_topup_memory_caches+0xf7/0x390 [ 370.975919] kvm_mmu_load+0x21/0xfa0 [ 370.979650] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 370.984605] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 370.990159] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 370.994787] vcpu_enter_guest+0x3dbe/0x6380 [ 370.999137] ? emulator_read_emulated+0x50/0x50 [ 371.003827] ? vmx_vcpu_load+0xb06/0x1030 [ 371.007998] ? vmx_write_tsc_offset+0x680/0x680 [ 371.012679] ? graph_lock+0x170/0x170 [ 371.016541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.022094] ? check_preemption_disabled+0x48/0x200 [ 371.027122] ? check_preemption_disabled+0x48/0x200 [ 371.032162] ? __lock_is_held+0xb5/0x140 [ 371.036241] ? lock_acquire+0x1ed/0x520 [ 371.040231] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 371.045261] ? lock_release+0x970/0x970 [ 371.049243] ? kvm_gen_update_masterclock+0x350/0x350 [ 371.049261] ? kvm_arch_dev_ioctl+0x630/0x630 [ 371.049277] ? preempt_notifier_dec+0x20/0x20 [ 371.049306] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 371.049327] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 371.073347] kvm_vcpu_ioctl+0x72b/0x1150 [ 371.077435] ? kvm_vcpu_block+0x1030/0x1030 [ 371.081776] ? find_held_lock+0x36/0x1c0 [ 371.085863] ? __fget+0x4aa/0x740 [ 371.089336] ? check_preemption_disabled+0x48/0x200 [ 371.094372] ? kasan_check_read+0x11/0x20 [ 371.098544] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 371.103836] ? rcu_bh_qs+0xc0/0xc0 [ 371.107408] ? __fget+0x4d1/0x740 [ 371.110883] ? ksys_dup3+0x680/0x680 [ 371.114622] ? find_held_lock+0x36/0x1c0 [ 371.118705] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 371.123654] ? kvm_vcpu_block+0x1030/0x1030 [ 371.128017] do_vfs_ioctl+0x1de/0x1720 [ 371.131917] ? __lock_is_held+0xb5/0x140 [ 371.135996] ? ioctl_preallocate+0x300/0x300 [ 371.140420] ? __fget_light+0x2e9/0x430 [ 371.144411] ? fget_raw+0x20/0x20 [ 371.147885] ? __sb_end_write+0xd9/0x110 [ 371.151965] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 371.157508] ? fput+0x130/0x1a0 [ 371.160805] ? do_syscall_64+0x9a/0x820 [ 371.164789] ? do_syscall_64+0x9a/0x820 [ 371.168778] ? lockdep_hardirqs_on+0x421/0x5c0 [ 371.173384] ? security_file_ioctl+0x94/0xc0 [ 371.177807] ksys_ioctl+0xa9/0xd0 [ 371.181278] __x64_sys_ioctl+0x73/0xb0 [ 371.185179] do_syscall_64+0x1b9/0x820 [ 371.189078] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 371.194454] ? syscall_return_slowpath+0x5e0/0x5e0 [ 371.199492] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.204323] ? trace_hardirqs_on_caller+0x310/0x310 [ 371.209338] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 371.214366] ? prepare_exit_to_usermode+0x291/0x3b0 [ 371.219404] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.224261] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.229449] RIP: 0033:0x457569 [ 371.232648] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 23:02:41 executing program 3: r0 = gettid() r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x2000, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f0000000180)={0x8000, 0xec, [0x5, 0x7e30, 0x9605]}) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$EVIOCSCLOCKID(r2, 0x400445a0, &(0x7f0000000040)=0x80) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:02:41 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0xa0040) r1 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffffff) perf_event_open$cgroup(&(0x7f0000000100)={0x4, 0x70, 0x100000001, 0x3, 0x0, 0x0, 0x0, 0x5, 0x10, 0x4, 0x81, 0x5, 0x3f, 0x0, 0x3, 0x31370ad2, 0x6, 0x8, 0xa1, 0x4, 0xa76, 0x6, 0x1, 0x0, 0x7fffffff, 0x7f, 0x2, 0x8, 0x4, 0x29, 0x9, 0x1, 0x7, 0x263, 0x800, 0x2, 0x0, 0x7, 0x0, 0x83, 0x0, @perf_config_ext={0x5, 0xf2c}, 0x4000, 0x7, 0xbbbb, 0x2, 0x4, 0x3ff, 0x4}, r0, 0x10, r1, 0x3) r2 = semget$private(0x0, 0x207, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semtimedop(r2, &(0x7f0000000180)=[{0x2, 0x7, 0x1800}, {0x1, 0x4, 0x1800}, {0x3, 0x180000000000000, 0x1800}, {0x3, 0x0, 0x800}, {0x3, 0x5, 0x800}, {0x0, 0x10000, 0x1800}], 0x6, &(0x7f00000001c0)={0x77359400}) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000080)=[0x7]) semtimedop(r2, &(0x7f0000000040)=[{}, {}], 0x2, &(0x7f00000000c0)={0x77359400}) semctl$IPC_RMID(r2, 0x0, 0x10) 23:02:41 executing program 1: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0xa0040) r1 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffffff) perf_event_open$cgroup(&(0x7f0000000100)={0x4, 0x70, 0x100000001, 0x3, 0x0, 0x0, 0x0, 0x5, 0x10, 0x4, 0x81, 0x5, 0x3f, 0x0, 0x3, 0x31370ad2, 0x6, 0x8, 0xa1, 0x4, 0xa76, 0x6, 0x1, 0x0, 0x7fffffff, 0x7f, 0x2, 0x8, 0x4, 0x29, 0x9, 0x1, 0x7, 0x263, 0x800, 0x2, 0x0, 0x7, 0x0, 0x83, 0x0, @perf_config_ext={0x5, 0xf2c}, 0x4000, 0x7, 0xbbbb, 0x2, 0x4, 0x3ff, 0x4}, r0, 0x10, r1, 0x3) r2 = semget$private(0x0, 0x207, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semtimedop(r2, &(0x7f0000000180)=[{0x2, 0x7, 0x1800}, {0x1, 0x4, 0x1800}, {0x3, 0x180000000000000, 0x1800}, {0x3, 0x0, 0x800}, {0x3, 0x5, 0x800}, {0x0, 0x10000, 0x1800}], 0x6, &(0x7f00000001c0)={0x77359400}) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000080)=[0x7]) semtimedop(r2, &(0x7f0000000040)=[{}, {}], 0x2, &(0x7f00000000c0)={0x77359400}) semctl$IPC_RMID(r2, 0x0, 0x10) [ 371.251549] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 371.259265] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 371.266529] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 371.273799] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 371.281068] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 371.288336] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:42 executing program 4 (fault-call:7 fault-nth:40): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 371.387397] QAT: Invalid ioctl 23:02:42 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r1, &(0x7f0000000000)={'exec ', '&:\x00'}, 0x8) clone(0x0, &(0x7f0000000040), &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="b545ab351811e2e281463c94ba24d10b9198233bb639d3feb610a32f61af6091747215238fd22ac31c8185f1b89febb8774d8e6a2e807946d22dea1222b4be05aa0848a810fb470ae75106ac8787cacb79ab38bfa61e0f36a58de07c5426b5fdb9ee9ca6d108fdf9aa8a8885546d113237ee19803ab00324942222b1f91365e5d4556edabe1fd69edce543461c4b3a9b25baa21aee00ecfe3f26f7d6ddbe8e42e62beffde6df79172b0874900b9c8182bbf4bdc095a22bc932d877e2b894ba1d898d6a52eea08e5645a10e889217b572bdba1f0a65c121d8de2a04ea39163302451f4792e2d44240e6729a2b486187789d08896b92049eaac3d634d3a194d610111dff585831dc0fe8be47e3c91080997786f45579c8a12933f062a30bcde285ae6fabc2f248cfe61c49e12d0fccb126a5ce09433170b0847ed6aa61fc7089e063261f40de65fc7f677ef541e686bb9fb429ab1676054fc1096ce6adafb51480aa436edae95e1873413142c1aadd94dbcb8635b45a3f4c15120b82e36c58fdc45204b2e33486003d5ffe46ab0cf1fe82e8c0b47f8aa7229cffd431f92f4c30aa42f5369d7832923d107f9de2dc4f55076922f4d1428f1186974930e2059638e3664d789ff6a51d0f0f26973a4bb33cfa2d115a6b4408ece48fa1809c5aaeeec283311bf1990dcfeed9296f3bd567febf7e80a52987c90d31380c574fb5922144b62b306de7fc73b261e069b57338085e4c51f78ad2ddbaa86a6b96bb0d969838690b20f8a060879f3a1106599ee1edd7c4f8a923fadf96d7ab41242fda44d2554c1b2ba269229df3e5544326e07f51978aa779747283af7e76af1d94ea928071e5605ec42859e8d1074600a1d180c0a619ce7f2514bc5ccf84e561a3700a6e084ee1a9c5868402699697fd3b8358107511e06ee163adcdd26b4a106960cbf7a88a3168c57ad1b209ee0681b880fa18a9567ab4dcbc886838caf1fbf109924d0ef505c8c5da3f89bb111fce855017c96fd17fceb350f9cab13132d7904db19910509bec188a1aa6c9c9d2e89ce7954a147d254c0af1860c0f15d1004cf963a9e5ea6e7d8c0801e1393aad9c62eb3715dd3873ecc61012c5a58ad8c322492d5691ecb6a3e62b6034004979f328d3c30855f2891686bac23865ca3efc3f6fd1e332f70b8b8cf83d1f7d49456c6c9062bc6f5dd686bea708cd60c91a28e5bab68f63b48a00d1a54e93973cbe92e6a46a2bf7f7dab6d78cca821bc16ae90c6eb4056f15c590726ee4a2781866127070223014d65825db353709813f40f9faab0d39749c30214d46602c3551608cf6f01b6bacd13648dfcbca93bb76d5b3306d947ac3edc5559d3ad4fca96a0cb2a6ce9d6e19952bb9220426549bc794033bdd4ddb1b748462023a503729af78dde4824c3482d0051a76c0acb6a69dfacb18e9173f8c09b3c3c43c84c31c8eb2b4dd9c4f6a1207de3fbf1c1a8878826a8fa2f9241a7b2bb113e26c2d21d5cb22130fd5862883a34621e7ee1745c4a1ca154dd7c2858b870e7baf938ab0128e3a7ad1a66e9162b39c351355066e5789a19421ffb2a7739b8e436eba1aba2e4133cf9b1dc315dbb4ac14d2af60f7fe03d279a07c3ca3950318d257371369bd2dc8c387ed5b8bca68bfe88b5104bb4eb93c95edb543777d2f01fa8efed32aeed58366d979fda4c31c15a593d1f5dfa3e46ef47688708c500c30fb7038b39b9b01767684b12e3a94916cea695997a3808fcbb023b03da6bcfb3ef140a6078fea32c4cf8693eec3ecfce365c6b00723a374c0e23eb079f5bfb339ca954873b6a5ac1eb34c1202c19606be90804da5bc8e0d8aa3be6fea5e6018d0a419ffa5d5999851f0dfb9c293ebfbf96463db36df5307a3b261c16f96781f8f5fac0295e10f968a67fde321d602b1d3186c35a099c5e38f87743550537bd130283e15363fa80426038059148fe0e68754538080bf4406045519c87354029258923f33e4604177f6fb4c648592951f199e8d19707934fc2a073359d18e82d5f34be1c87082059426a9255072b2d453b6c0a196cb33f309fe6821900960594e1ce64be2648d1c61775499e1b467842ac307873abbcf5d05ea83e439b79e505922de594dfc10bce6a13c2145e1517c14201a2677af88cf2b2cbf7b93cd625f1d1d30ab27dd3c740300b6d2591b25c7f6fc189560db2e2c7a604f21e08dc5ae5b5c5bca54494f269bbf30715bdd04f38cd2f2a94054419d2e9b8ccd2d94de076f5dfc9eb413608fcbe48835adf5f1677d3a062059b93c7f0a62a2501522ade0b6759755f1f9bc2877986d24c3a0635b5a10f045589dafc21394c8fca47390ba91fa69c081a2558b671a142ba0f1f7f849b440805779a8020b8d44d20ee91119a49ac83217ca82076e76fcaea1ea34411f0b07a1e737c80ba62847a9d8f7e54d6296247abc51f97527d99986e4a6e5150562ef96abda6390efda17d1d684496b9cfd1a3f9ba478fc25c972713fc481061041ae2f5e094acaf87b8ff164bc5e807e0eaf18faa19e5e529205387938917e75c2b101a1068021e2f8763f42e66b32f7f16c5149fb762fa3f0e400501b21561b46c5b562f8cadef24be3e1af019aff327d1299b0d03f7462fd2220bbf181daead524aca6d7b6d44fae2338afa2b4a5a048d04e930f5ee99ebeafb552d6b9b49e46f5e5faad87c9b21b56dd0f21017b2bfe2af0eb2e374713037481bf385f8bb4f55d45f761f65c2e1a7bd59b36691787a860421538893f8d728a27f4e5ecc2ecbc07fed2b18f6697f5eb31fef565057248491cd827e0cd31aaa9a0bd67d7cbd5b7eaa4fa7b9600797df362fa39a8776e97a2227a0c1cda87ea267c56681a69843b8b33b014d875272dfccb42ce4757f95b2376a0e00fdef0a2a1df631691b1363eb046e32e95a85cbbb39642d992df9b5c0d94662e22e198379158f3aa6a96f5ff78a70c18597c1a26d41eb7ee6c7a79f9a013b172b5b0802e6c28c2007eae204ca48949399f6aa02179b6ed1e509ef81b804b8ae24bbad405807d53d46aaba1b8dd302ac13cd949eddf8f4218851510f9114a2f49d42289e38db2ba13158d4d1ea86a442ccb65e3a0d1a1169d3fcfe9b094125957f0c241b64f28ca8c9de7518ec9bafc52b894a22fc3a04aa1c5a2388412f8f78ed907fe041aaed16150c016628da1b987e9f461f9a64e144e2268c63f786c475006fd1a8da89353f231f12cae18f99c220f2867cbbd35656781be034d6da2fd321c47eb23dc9eb67710666201fc0aae68ebb607384b79d74864f4485ab96c97dca3bc81f541983c27ef97418af2b96fcabf11bbb00867dc3d150794103e144b85157f458d9714e239f47cbc2729fe1dfc3cae2c0f1fd0e52180fdbdcf659e2ae897f2fda55af2ee7e9cc661aa1d22520a042eb34b44c263be07619c0d09262ca1f1dfc92dee2fab646fa05cd6ae7343f927c66e6cc43cb45513470a5fb8583a84a02d6306c08c9398772aa40e5d3ae90f2b3f7064eefecb7f313d2f22dc5cc95a3b565251e41677035663e92d690ca67e588c2255e129d0d2dd7cbf405378cff1cffdf7d67b658673d9d65e24846fcd3dac3517956244c9bd09b99a8cf12e3225619c9bf2f3b11a522a6e7b0a4c40538d99b33cd754db931c7c82aeab1dd5328e351c60b1d909e1ae143aab33ffb3e82ddd1c3974583cd1e59f5d2fe3ad6cc58ba446fce22c5ed0f7a69a421f44ee2824fa3cad4259dae32a90eed7e09ec9de2ddb2d50ceef83e776d2b63c6e1548ccbf90f4adb13b9ccc805d38226f3e845075ec9c6544a3386cce55fd6015b5163f851d0c059e4ca51d17dfe89afcea60e6f8aaa8f4da94873c32043394aee90192daef404edcbcadaae4367046255ae71d35ca0044f0e141d3352ad3f60d52071e0533844331e1272ffc19665dfa7899567aa1e26fb0079c3ce5602b9b67ab98a49b57b39dc8789102c643c386f336ddc6bd00eeec66be2dd067a45b476346ed80eab903cc5e923d53dff562f28d0243cf2d9598b85786263de4dc92e53c4dd65c1c82971607ffed570317da79239f4704ef2af7aae208ab2e03d7cb0c47dd4a8fd5b30c11ba1792c652b5aae8b0c14121446be65f89e10f51f390f2efd4eb4c32cae3e2659c48c7cc4c6a1b11f6dbac256f7c11eaef4978c3bb189fc31428ae4e0f87a84d6dac807682d6e90d9f29019b540563999db32fdf12939b10c4fa075d22a6d7b714ab79a8bc30c202f94d13e929ccece6a8cfab2c47aa981a6347acf221637d4c89b34500db97c6e100337ea80fe5fdb231608c8b9e9d753d0c6dbb927e410f4e34ecbbf24f2d6a8a53c0e61c45c8bab95e550b2a7af0e7d1e42d1fedf2fd7052db6589ad02a5d37d24c01048bb400b54b1750a41a943de905c9aa8c227b9b8ed9a8056f91a619bd338b41cc82c1a7a6d916d856131da76fefd926d85b025418c0d26d16837bc7158fe76106ff0714eff056c31e5f1c031b434f015cfbbf8a8bdb465752bce753f9d0ca91ddb68e743943ea52975e086154e11aac3d9028cb686422b1b5d631948827180ee39f356848b79cc7c771d1c1808518e51259690b2a6f27896596f006b7bae8dd934384ff7a5a79793f07b736d30174119d37a1e7a9d22459b2c8980cc0759e79722debec9c1f0c2201456d8f8dc96167304c51cea9cfed77ea46a863771276d53b43d2636eae3bc28eef683c119735452c00b851797750b00ef60ea360c2bcb4b54b7f34261341d38bfd7d59be0cf2bde167c3f843c35d8a4065a10a0d908f6f023630a2968f436bd3c5945fc027ed059b81fdfb743e523704ba4f5616935db592b859e11a84b3af7390c9304d59fecf6fb29f43ead9242bf11da54b3beb678bf426553b0ff43dba25907615b7beae306395d00fd4a932bfd2d8dbbff39ee58aeb304fa36988eed5a1e342e268f60bb0fc3ec00673ea20c93cf2dc704c9ca93b096907cf03c8702ca8aea61f04066fbc0a3181ab593ed6e64df5a9685630cc467894f8b0869e79a0957442843e0300736a7a9870b376e7138a2ea3fe5970597b2c70929b688502db690380697fb6b2fca765a14de4a955d64e51fb885ba67873e7c8df76cc06621384799f9059a53d8bd6cb8343fcb147a1d14579eb79c144ed3eefb7af1b69dc26442a4cf4dad46c4886f6473585e54b0280d6ac4d04fc364ed9f80d9981598f04dea3c8bc6459754c84b28f5f1ec0dd4e7f9dee0102895af35b13c3449ef239c846954b9e410585f3ae7fc1d404b7f9ad4bcbba334933007ab3253d76d8fb8188c2f0704bafdcc5bdd5ed8458744be605691dba6862506702a00353aff6caad4f1848f5e7b39b9e0636b8e393aa4a1fd2d98ff29fffdea84d6288a5caef33917e4456570e4960dd09e6a1505124a9503f76c708cabb5611e4029fd2d128503ebe955be0348372656bd4857bccfa900e6862691a3824689456302c652b985e2284ee0598ce99dfc805bb89a07958e05024dc1c765015e82ebfa9c2b81f62f8d348f74ec4f7a4db28852990ae616f08e1c66cec9dc40751a9a78c6959a5d3c1a7d9e1f902bde44a41525f82598710e2198e0aed57398f211e2a97f3f6a5726094694bfcf79c1e05373c6b1f1c0717fc8c7a3de79f592ed0649829ef1258635823dd72e02b7a6b3648abfcb120b1b53b228643124696defd8258762fde9eed27fb6996325df7b2611fc6c53f573e891af69e6ccd8431d32b17923c8be3f387e7f435735fa5ba5eae0f0be342888a7421e3744720164aa", 0x1000}, {&(0x7f0000001180)="83a2644c9ea038ef212c9a971c0c7071e22d29656cb49197ba161cc3cd13cad6ec4ec547f857abcb71708781e4e9414ae87c1d7be5a7f44608a876def0f562640aaa44a3717d290e5992ea0b463166b893a42337b864a1c6d679b3d2e67fe5644f5cc2c06f661d45ac9fd561d8aca4e410d3da73e5f39a7f62bdd716e645cbe292b2f09158d82f59e079a7db0deccbcf4f61b37e366ba0275aeb5e8615d62e2761c22ce3770f422c0a47aec7a2d9b18fb8e6114a84dbe5aa4a41f3", 0xbb}, {&(0x7f0000000040)}], 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'bond_slave_0\x00', {0x2, 0x4e20}}) [ 371.450795] FAULT_INJECTION: forcing a failure. [ 371.450795] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 371.469499] CPU: 0 PID: 13763 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 371.476903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.486269] Call Trace: [ 371.488889] dump_stack+0x1c4/0x2b4 [ 371.492550] ? dump_stack_print_info.cold.2+0x52/0x52 [ 371.497796] should_fail.cold.4+0xa/0x17 [ 371.501889] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 371.507011] ? graph_lock+0x170/0x170 [ 371.510825] ? rcu_bh_qs+0xc0/0xc0 [ 371.514372] ? unwind_dump+0x190/0x190 [ 371.518267] ? graph_lock+0x170/0x170 [ 371.522091] ? is_bpf_text_address+0xd3/0x170 [ 371.526627] ? __lock_is_held+0xb5/0x140 [ 371.530791] ? trace_raw_output_rdev_cancel_remain_on_channel+0x80/0x110 [ 371.537662] ? ___might_sleep+0x1ed/0x300 [ 371.541818] ? lock_release+0x970/0x970 [ 371.545802] ? arch_local_save_flags+0x40/0x40 [ 371.550426] ? save_stack+0x43/0xd0 [ 371.554064] ? kasan_kmalloc+0xc7/0xe0 [ 371.557972] ? kasan_slab_alloc+0x12/0x20 [ 371.562149] ? __might_sleep+0x95/0x190 [ 371.566140] __alloc_pages_nodemask+0x34b/0xde0 [ 371.570824] ? lock_downgrade+0x900/0x900 [ 371.574988] ? check_preemption_disabled+0x48/0x200 [ 371.580019] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 371.580033] ? kasan_check_read+0x11/0x20 [ 371.580049] ? graph_lock+0x170/0x170 [ 371.580067] ? rcu_bh_qs+0xc0/0xc0 [ 371.580085] ? check_preemption_disabled+0x48/0x200 [ 371.580101] ? check_preemption_disabled+0x48/0x200 [ 371.580128] ? __lock_is_held+0xb5/0x140 [ 371.580157] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 371.580177] alloc_pages_current+0x10c/0x210 [ 371.620612] __get_free_pages+0xc/0x40 [ 371.624504] mmu_topup_memory_caches+0x1ee/0x390 [ 371.629265] kvm_mmu_load+0x21/0xfa0 [ 371.632968] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 371.637901] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 371.643440] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 371.648027] vcpu_enter_guest+0x3dbe/0x6380 [ 371.652358] ? emulator_read_emulated+0x50/0x50 [ 371.657030] ? vmx_vcpu_load+0xb06/0x1030 [ 371.661172] ? vmx_write_tsc_offset+0x680/0x680 [ 371.665831] ? graph_lock+0x170/0x170 [ 371.669637] ? lock_downgrade+0x900/0x900 [ 371.673785] ? check_preemption_disabled+0x48/0x200 [ 371.678807] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.684347] ? check_preemption_disabled+0x48/0x200 [ 371.689383] ? check_preemption_disabled+0x48/0x200 [ 371.694395] ? __lock_is_held+0xb5/0x140 [ 371.698449] ? lock_acquire+0x1ed/0x520 [ 371.702425] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 371.707448] ? lock_release+0x970/0x970 [ 371.711413] ? kvm_gen_update_masterclock+0x350/0x350 [ 371.716602] ? kvm_arch_dev_ioctl+0x630/0x630 [ 371.721088] ? preempt_notifier_dec+0x20/0x20 [ 371.725577] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 371.730418] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 371.735473] kvm_vcpu_ioctl+0x72b/0x1150 [ 371.739541] ? kvm_vcpu_block+0x1030/0x1030 [ 371.743855] ? find_held_lock+0x36/0x1c0 [ 371.747928] ? __fget+0x4aa/0x740 [ 371.751398] ? check_preemption_disabled+0x48/0x200 [ 371.756420] ? kasan_check_read+0x11/0x20 [ 371.760572] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 371.765873] ? rcu_bh_qs+0xc0/0xc0 [ 371.769438] ? __fget+0x4d1/0x740 [ 371.772886] ? ksys_dup3+0x680/0x680 [ 371.776589] ? find_held_lock+0x36/0x1c0 [ 371.780654] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 371.785601] ? kvm_vcpu_block+0x1030/0x1030 [ 371.789914] do_vfs_ioctl+0x1de/0x1720 [ 371.793797] ? __lock_is_held+0xb5/0x140 [ 371.797863] ? ioctl_preallocate+0x300/0x300 [ 371.802290] ? __fget_light+0x2e9/0x430 [ 371.806266] ? fget_raw+0x20/0x20 [ 371.809721] ? __sb_end_write+0xd9/0x110 [ 371.813799] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 371.819336] ? fput+0x130/0x1a0 [ 371.822629] ? do_syscall_64+0x9a/0x820 [ 371.826615] ? do_syscall_64+0x9a/0x820 [ 371.830590] ? lockdep_hardirqs_on+0x421/0x5c0 [ 371.835187] ? security_file_ioctl+0x94/0xc0 [ 371.839584] ksys_ioctl+0xa9/0xd0 [ 371.843039] __x64_sys_ioctl+0x73/0xb0 [ 371.846918] do_syscall_64+0x1b9/0x820 [ 371.850803] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 371.856158] ? syscall_return_slowpath+0x5e0/0x5e0 [ 371.861076] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.865922] ? trace_hardirqs_on_caller+0x310/0x310 [ 371.870971] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 371.876005] ? prepare_exit_to_usermode+0x291/0x3b0 [ 371.881029] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.885865] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.891043] RIP: 0033:0x457569 [ 371.894222] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 371.913121] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 371.920843] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 371.928101] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 371.935379] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 371.942641] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 371.949899] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 372.184810] QAT: Invalid ioctl 23:02:43 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) tkill(r0, 0x13) msgsnd(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="020000190000d1ffedd585c9aa06ce5450082bf62aefb849bb50c20306cef678afb37d40fa4414782581c84fa57478e75777e965b12fd9a61584101f59a16b63e4e3913246b24a051bd65a2b8ecf057a1cbd4aaa72e3b387ed0fa74bde94d93af4102a092dcde398aba51f74e04b57f29db4cc81dcf6c22c647e11f3752c287a36834dc7b76a816a87aed1562e72929a05ef970c8c807b8719db00f076915074077b59ba18dbb4f3cd72c4f99ef577e7641f43bf8417f72d4e1fadc4ac4a8c354877b66727ca1e113006e68c6e4f7e8164d0fbca8a22abfdf414ed58254b722e6d2c6c89e29869"], 0x8, 0x0) msgctl$IPC_RMID(r1, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) prctl$getname(0x10, &(0x7f0000000200)=""/166) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) getrusage(0xffffffffffffffff, &(0x7f00000002c0)) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000040)={0xfffffffffffffffd, 0x1}) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:43 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x20000, 0x0) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f00000002c0)={0x9, &(0x7f0000000200)=[{0x5, 0x9, 0x3f, 0x7b}, {0x758, 0x679, 0x1765000, 0x2}, {0x8, 0x54d, 0x3955, 0x2}, {0x7fffffff, 0x2, 0x8f5, 0x80b}, {0x2, 0x10000, 0xfc44, 0x1}, {0xa8b, 0x0, 0x8000, 0x5}, {0x20, 0x2, 0x9, 0x7851}, {0x8, 0x7, 0xfff, 0x9}, {0x4, 0x285, 0x401, 0x800}]}, 0x10) bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280-sse2\x00'}, 0x58) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="153f6200488dd260766070") setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r3 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="de"], 0x1) recvmsg(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000023c0)=""/4096, 0x1000}], 0x1, &(0x7f00000007c0)=""/16, 0x10}, 0x0) 23:02:43 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) close(0xffffffffffffffff) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000140)) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/mixer\x00', 0x8000, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000000b80)={0x0, 0x1000, "21bc227d9b71176828d21689821b4a7597fd86f32e417b87ffec9955d963709a877ece6d187373d8cc6e1fbed88b6d195b75fec500ce20b056ee0780207aca1f96c0a750a7e191d235bcbc508a1b957dfc090cd6a2ada618926a704da46b3e4357a761f208e6d72594f9c71ce85fbb4ac1b3e3c6269b2cba85205eda7c1ba8dfa93a90d8c56b7be2aaaec4a02f9b463bd8d4c85e81c16ca943d3052ba9fbd423ef3cbd732a554d816e879e5883cada6dd117ab7f3c4a4fd816b9424d24aee81455dec0e7ed1fb11ab015e0423b267ff105165c849cf89f68fabe2ad3d1124c3018aa59bf138b52456c340cf5f08203c97fe25361b157351e27eac987bfdd8bb6e4ab3a9cb62f1845d6be101399f2a6dd4d47cd1fe9ef678b50ba82806f4ef38d92c9af0016f6ffbac07e6bddac0f5ecc40715fbf2c4c9bfb7f0e8d56034b8cd2c32e64ba48a2336d4ff626f6a14d15613ba2311832d40af73eea4e530aa038594a0fd4e2c2f072ee10ea163bbe15f2bf2741e9acdb8403520b3ced0e2491d69a3ab61547d0d1dfd02c02496d330f06b325daa0486c698fb29b0e4f8b76a94f182158b92daddd832d18a9f14ad748d036fb9be1a184fd30c16662221ebb41a2f05316e38e11ef3ae031eee99c2d9e56c32242a98f374fd32f511bb6079c27840607dc4584e65f2483e0090057de18c014d3f15ce977fa9c9dc94719b73f3175d6d0e9faa58bf2fce03fdb2eca9a609a7764e8f0da0e6688071cd26577c31136dce55e1d14cd9178a6ee5be8b653aad4b0e0085b9b6136dcfe457897bfddbee88dbb1763ece23e583213de6939bc50c14834395d30d4a48b1ffeacf7b5789f1f371d5e1fcc8a4a3c33ca5573d06e5415d056d10202243d7872daaa3fef9f2faf7a3ef6ae021f4e5ccfc12afbc69a91ab310f387c1616f18236be33826ae8fd2e9c74cc2a4729fd3cc56e585ed9a60c274b222e2e5cdb54f6169788f795b5168b28dd5d8ee9885c23c4bb2e7e0b7e768b63a436dc0a293ea9bf0190c965b8d67dfffdb21b6ffbb2327dde16bbe6a3e3625ddbcf3bc64553086856e534aa52b23baf519065863ec57c0b24689f9d811a9f46ed7c6836efdaca1399822852798275f05625d0ddfabf81381cfc14a19d43023cf242e3ba0d6dfa7265192fbac8a0daec5a3ac76f26b47b4833516e8742e088686f0e791444175c801cdd6529164806a5f46ed61460ecea61dd0fc091a81e7c6d7feb7e09bcf2d58dee4cd5e31f62e2a89a05d219f824f838f14687ecfefdfbf0eb9eb5da4ebb4adbde4e81fe1127646e6073f2c5b9495ed12de52a24b7fe5f6a3fa6e55d1c34f57aafbcab697adf66725af611f14d4d430701adc4b6aaa8d6b369c709696d8cae2f00a93da29c5411c61aba7daddb090ed5c24bfdfd75be89a2da9efa87d98a64cd8c2ea13290f2fc84b595fde9a4c8802011472f0cf223e8374b3232ea846e86e26d46875adf240bf25dd00a7a2629bbfc02821e56f1d0469732ffb4072cceefd354d303b0c9224a0a1937c6ca1932f0da7b66700dd289b5addeb7233e69c35145904c09aeb9b7b7595169b4040741f79b5b4aa7ff89b0bf6b8ee448e47ae8f40633428683a3defb62cb9dff4c9a3498c4e9d702298df412c2b0f5a1334fd5233db1880665aae78ab7084e8b9819a7ed5db947873d4fd37098a8bda4c76a44685d7e249ba2c4d6357cc95f736fa75968bfcf238d1abe90afbc435cf9362fc6c01eb2409d63e65a2214a918c928b7ca5c705afb6fd834488620ff97d0949e5e3fcd0945b5e5fba35bfe6f05e62485154fd225eb07483fb73d1eb3e4f2d83e9bdf18a909dde5227d4bc694d91cbb46a8334211eb5105d16a87af293ada34b8cfe9bc8ccce8d62c6ed0444a4e6fafba5e4ccde90fbaa7942c7f25da54fe0b1d229a47bfb010c2bf0e39073e433e6203e5ce75ad30ea8bc858fea4d5baa0a3dfd154911d849d2082ffa116905ec243a4fb21110248e324c7a51beda4af580db994a6fddd1891cbca68e16dfd7764c8e7cb1e568f1f104846334ffac68163cfaf75270a3a1f719e86567865067fd104b454a6466c3eb643c14043b56847682f617de6560ba507ad7ca03849c21676f15a27feb2653a2c9c60e14b0eb35ef218e402a53bbedbfa81ff98b6e694f25c89ddfc306cb2336a6de35a0d9aa4546202597a8fff8fd1558227a52a9815c5d63f2681a2e0c66dbf878ef830b48e9e428a48f5d833eb4f8dee5ae331a26aa7e7b63dc7a5ab088ac95d95b611aae245d548391e2cd8fb8a424a9990b035bbd73da2d49e43ac8fefbc02e5a845853a712ec2d18ac83cbc358bc9afd44b5c75e034c7cd9ace57133cda8ff0c897d4154466ef1193cf75e406f8ac4611b034256b7a713faa6f21634d2564548016bf2421b6ce8b3910aea398cdca00fd8da1647a856a10a7118355e21efb4e46c106494f644ceda85bda89f2c25922bca30f5267930363fa41d02e0ecf94a18f63e93f6449c5c77d65af3a6b9fd784ea99535d3ef60cc0d2605f824619495470305fa438b9c7cd4659ae914dd62e4419d7d6fa17c4095bc13a5f231dec1412d6626ef50efb0506e7a0542163d1a5e2b10ddacd58c6fa54a465322f5b27c136e00330393a3b85157d94aff1bd6fc400f0b480afc9695a5d89f152c403d28202d7af641aadb07b3db3b6ecb56cd5df80316fda5e562c746b04ccda270e3a5c34378474965014ed96b6575b23fc1306fdc00ce12285f4204d5d61b8859ead8dd9c6378a8923769794daf12ed17410e5728e8755036283bab45aaebede8d249622ffa2635b041e653c65382f07f302a0faf05c52650b9208480eb95e226d1789ff3daa47bfaa754c970af81ee8bfd99afd82fc6161a32c3191e5d4f4cf4bb4e60bd3e55fd4c00da681e8dc9a7ff3e49fa0cdd537de763d6e1c748dc5ec4791976e88ce3f1d62472687421845042aca68b44b2024846b00552d0499058e4e0031872dbfc039c070aafdfadf230e29dd275aedc7982296c3198245e946e35b2b531f0d8b59d411cbc3d5ed8880241985fa272c6fc529f0edd6fde0947c5a75f363d7b1e6fe78a1e074694338b729b5fc944065d9ee1b7d0751b43c6260e5ec59a8bc0e6bef26f7cd2e3f7a365d43c8e9471e89fcf262c6c64a36d786801e8e76f58eb813c1c6312554447c966bf36a57d46a6e5b17438fccec000bbd4b6be182f36991c47297ccfaa49c17849e651b1a5e9aaf72d0b23a1cb5f7062c5c6c0e232e1a134220821771b76aa294778d9c15b4e3987449d95a2b1e4d926b327d9dee33e561d41f8742c32b16774e16b8aea0b354119820a7b066ab20c8134653d4bf6bf718345f89ce31c8d392b4d4702e25841c20801cff30cc317d5d5a626a277331978b4c6cd1dc5d915fdcf37b94b9896f6cf6e48571981b27840f4cab9d102d98d1899a64d424f5f3be9d34b5e02b1bd515e58bb3563f9c3519ce766713507733754395122856031ccf48ec531d55b15a98718e1ab990522bb730cdfa60154aeb1eceee169f124204feecc43cecf36df727fe927218f3a690591157be792ec68b0beee2f168577c63a25866e0487fe77fb47672e6f78bed4801fdcf093d13a8f324d239fbf329d2b08fe835fed07cf396bca168458306d1251119617305b23338b485fbd04ef7bf678486c272257f3ee92342b43a2a1a4a0b3ad0d67083cf389ff1fe5958cb1cfdfdb518e7fb062d6ebceef47a9503b5ffc2ada787831f24143058017f55dd0dd74d1959f8d9564ec713ff6dc22ae20e4a7906eda1e0c22551f8f83b3601e8b9bfa26a9d5551d66879e2e3f1ae1ecfd57a23f757a3c303e15da302d5a6c573c7ea992ff9f28491f078d2203cdcb8a9ec708561b88fcfae49a8d16824cb632c8453281840b1f114e60f71178e9318078de940e593691eb1e05745a80dfc0a13f8680fd491c9807476c306f1e5ddfe6f6fa9319f05b84bcda127a48e1f6699dec5b92cc3375b13d1265ac67d21c59cc2ba7408871568548c4672824ecf632f77a85a16a2a88455dd5c869da60f9d3f601ae3bf7341d22d54a873a87ae8b44c0725bee723be6f3b8b9d2dd34f64ce0c92e7d1f404e274540a2a5b88d03014fcad746c6a64421f152034d9f7c9cd4a59af082b24e0858b75774582ad75d38c4a6da63a61f154035a8f63d9a509905cddb24e64df6b7de4a92595d471fb175137ec009d4eb5ac2b14f1296579c483f1a5f53ff867f68a5c5cac05220f5d6da8ad94067ecf615434248838b815c84caa3cfc48acd83765eb4f01427ee0fbb1f2683dfd80a7de1a49494acdb66d2a34c05249b02e81de4bf9dcd1ecaa384a86f70555728b78798c59d6a07ffcc0161d3a1f2931f0715c9032bb281b1178956b3864ae04bf73f44b515548fa3e9980e0417b221d39b427f966fe83a4e8918c89010597dc7d8618d9221aad3c28271eedcfacd8f46ec0e5f3c7ac4e349052a5885fc236649860dd39e044d0fec0172a397697027e9a7e84c5b524c7536d8d7dc49d99516f70b0aba2f8b1f4b62ea6ef2a0eb765b8b17431c7c5862ac703caa363e827f9b04c19f85379ead69451c26575ad54edecc24bf53d304b39065abe7b44d8cfb2cc8d12c0ee63b2ab7319217d20988bbcde7f84bc0335f649d930b051fe4e92f5bbeb17758cb7c1b77a2561d2aad0c23db72078ff81dd4c2aa770b942d0f9331a33495e7bd0cf8bcc49beca74273fa1f2c5f8ec31095b081f495164e5e18066a37c5909b10d8146a1388d290728833ff29845a4065e6a0335a03fe6a67ceb55748b2c0e46f07ada7446abd97669877074410e1d8cd025f0bcd4e0b6468486ad71922031f7400699d2a8fb0d746a25217daa6c2076468d6d8b43800ee68e68ed405d943d26091a92804ef1149d1a04fdb3352fe3f27dd04c59675ea88ea47615dc239fd432a0025024579a522f72707a0fcba550fc6ca78314311d22f379725ac95957278d1452508012fe238bc69d88d7def16e974c63dbf72d208ef5096a0531f63f70d8c05ec45a237e3941addb00e15a9a57945936dd578beb207923e2bdc2da05d6242a96cf769021353c3476ef73139a40e8d72d7c90ee591b381dd4d3a770955941652de340d75f19b08f1e7caf5054916f9d5c8388201988dbf990c03c724023be4fa7b5d0eb0d6a1b66cf3405a20c0a593fcc4bc61f7ef6606e6fdde3ffb987a9e5a6c56fb895f6d380a3afdf61037dc129fb2eb4e4219079accfd3263c1d616cc79bd668c9dc01ef28098b0a7911bb378c079e3769e07e9d9e1f9bda30bc47bd15977d89818f7c955d504e094ae384c8fa4d5185b4aa40db8e35a6dfa72c828adcb17882d448475b691175d863d8dbed42391aa4eda07be8295feff8488f9c1190fe589126d30fb904c0cfbde36a71389d47888b5ded229d29d4d5b12d7493aa0e440c71a94d50962777cfa98526fb135475cfd5d04e9d79150329bc00255b2f4c89d8efa910d63bd0a991b227f5525d765c77bd7088b017fe2114389a67ca1e265f14fdad82eb32abbbce785cea3fa59c9cd25c41a54f3b159aea684f0188db29cb989485eaf31d9f0f61a2dbeceb9104eec50fc01c7ad853e7472c386bb58b43709d67410d28b9fcecc16c6ce124bfd6cad176a8b0837eda7d7e16378857abb1677ce4e24257e8250f94dce84e4818e20554526937d5011c0bc1e02a7cdbc5ce931ff980c21eaa00b0b2514bc8a2c8184a3dbb02e32fd6c45652d36da1fee407d5ba6996013e96ec2712"}, &(0x7f00000004c0)=0x1008) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000500)={r3, 0x3c48, 0x62, "b32f199df35db89d123bee6be026af1d940da4e4a1567e70ff5291583d8fcb41ca0981402900adb31066a5f5e2d3f4da63179edb07ad6fbda8932781060f3805e0a6d6db88f298ce12bb3ab79a3caac95df3ff036ed3f2fc235404b69fe9cefb0f14"}, 0x6a) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xc6d, 0x0, 0x400, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x100000001}}, &(0x7f0000000400)=0xb0) ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, &(0x7f00000002c0)={{0x0, 0x0, 0x8e, 0x0, 0x5}, 0x10001, 0x0, 'id0\x00', 'timer1\x00', 0x0, 0x0, 0x0, 0x0, 0x28000}) 23:02:43 executing program 4 (fault-call:7 fault-nth:41): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:43 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff}) ioctl$HDIO_GETGEO(r0, 0x301, &(0x7f00000000c0)) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x10000000, &(0x7f0000000340), &(0x7f0000000380), &(0x7f0000000040), &(0x7f00000000c0)) 23:02:43 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000000080)={0x0, 0xf, 0xfffffffffffffffd}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x10002, 0x0) mq_timedsend(r1, &(0x7f0000000180)="1e52d2f44c3e43fc031dc2602ddbaf970da2fe5168a7bc30f40f29d89ca8766cad866c22727c5a0929ae4532f2462124757adb417228fee4906272a2f3e5c52a920fa57005f0907c9e909e228e7f639b3cd456b1f6deb9e952841496d6b7355aef7b96cb522cc732c9dbdf5741b7c9adb5d8167c346111399f61d4c3142d392ef1c0d814b12cbc825c328e07051db1a369ad", 0x92, 0x3, &(0x7f0000000040)={0x0, 0x989680}) 23:02:43 executing program 2: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhci\x00', 0x4000, 0x0) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000140)={0x3, 0x6, 0x52}) r1 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) ioctl$TIOCLINUX7(r1, 0x541c, &(0x7f0000000000)={0x7, 0x8}) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x40100, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000040)=ANY=[], 0x7c774ac9) mmap(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x800003, 0x8012, r4, 0x0) ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f00000000c0)={0x3, 0x0, [{}, {}, {}]}) [ 373.091706] FAULT_INJECTION: forcing a failure. [ 373.091706] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 373.115617] CPU: 0 PID: 13784 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 373.123007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.132372] Call Trace: [ 373.132404] dump_stack+0x1c4/0x2b4 23:02:43 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) close(0xffffffffffffffff) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000140)) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/mixer\x00', 0x8000, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000000b80)={0x0, 0x1000, "21bc227d9b71176828d21689821b4a7597fd86f32e417b87ffec9955d963709a877ece6d187373d8cc6e1fbed88b6d195b75fec500ce20b056ee0780207aca1f96c0a750a7e191d235bcbc508a1b957dfc090cd6a2ada618926a704da46b3e4357a761f208e6d72594f9c71ce85fbb4ac1b3e3c6269b2cba85205eda7c1ba8dfa93a90d8c56b7be2aaaec4a02f9b463bd8d4c85e81c16ca943d3052ba9fbd423ef3cbd732a554d816e879e5883cada6dd117ab7f3c4a4fd816b9424d24aee81455dec0e7ed1fb11ab015e0423b267ff105165c849cf89f68fabe2ad3d1124c3018aa59bf138b52456c340cf5f08203c97fe25361b157351e27eac987bfdd8bb6e4ab3a9cb62f1845d6be101399f2a6dd4d47cd1fe9ef678b50ba82806f4ef38d92c9af0016f6ffbac07e6bddac0f5ecc40715fbf2c4c9bfb7f0e8d56034b8cd2c32e64ba48a2336d4ff626f6a14d15613ba2311832d40af73eea4e530aa038594a0fd4e2c2f072ee10ea163bbe15f2bf2741e9acdb8403520b3ced0e2491d69a3ab61547d0d1dfd02c02496d330f06b325daa0486c698fb29b0e4f8b76a94f182158b92daddd832d18a9f14ad748d036fb9be1a184fd30c16662221ebb41a2f05316e38e11ef3ae031eee99c2d9e56c32242a98f374fd32f511bb6079c27840607dc4584e65f2483e0090057de18c014d3f15ce977fa9c9dc94719b73f3175d6d0e9faa58bf2fce03fdb2eca9a609a7764e8f0da0e6688071cd26577c31136dce55e1d14cd9178a6ee5be8b653aad4b0e0085b9b6136dcfe457897bfddbee88dbb1763ece23e583213de6939bc50c14834395d30d4a48b1ffeacf7b5789f1f371d5e1fcc8a4a3c33ca5573d06e5415d056d10202243d7872daaa3fef9f2faf7a3ef6ae021f4e5ccfc12afbc69a91ab310f387c1616f18236be33826ae8fd2e9c74cc2a4729fd3cc56e585ed9a60c274b222e2e5cdb54f6169788f795b5168b28dd5d8ee9885c23c4bb2e7e0b7e768b63a436dc0a293ea9bf0190c965b8d67dfffdb21b6ffbb2327dde16bbe6a3e3625ddbcf3bc64553086856e534aa52b23baf519065863ec57c0b24689f9d811a9f46ed7c6836efdaca1399822852798275f05625d0ddfabf81381cfc14a19d43023cf242e3ba0d6dfa7265192fbac8a0daec5a3ac76f26b47b4833516e8742e088686f0e791444175c801cdd6529164806a5f46ed61460ecea61dd0fc091a81e7c6d7feb7e09bcf2d58dee4cd5e31f62e2a89a05d219f824f838f14687ecfefdfbf0eb9eb5da4ebb4adbde4e81fe1127646e6073f2c5b9495ed12de52a24b7fe5f6a3fa6e55d1c34f57aafbcab697adf66725af611f14d4d430701adc4b6aaa8d6b369c709696d8cae2f00a93da29c5411c61aba7daddb090ed5c24bfdfd75be89a2da9efa87d98a64cd8c2ea13290f2fc84b595fde9a4c8802011472f0cf223e8374b3232ea846e86e26d46875adf240bf25dd00a7a2629bbfc02821e56f1d0469732ffb4072cceefd354d303b0c9224a0a1937c6ca1932f0da7b66700dd289b5addeb7233e69c35145904c09aeb9b7b7595169b4040741f79b5b4aa7ff89b0bf6b8ee448e47ae8f40633428683a3defb62cb9dff4c9a3498c4e9d702298df412c2b0f5a1334fd5233db1880665aae78ab7084e8b9819a7ed5db947873d4fd37098a8bda4c76a44685d7e249ba2c4d6357cc95f736fa75968bfcf238d1abe90afbc435cf9362fc6c01eb2409d63e65a2214a918c928b7ca5c705afb6fd834488620ff97d0949e5e3fcd0945b5e5fba35bfe6f05e62485154fd225eb07483fb73d1eb3e4f2d83e9bdf18a909dde5227d4bc694d91cbb46a8334211eb5105d16a87af293ada34b8cfe9bc8ccce8d62c6ed0444a4e6fafba5e4ccde90fbaa7942c7f25da54fe0b1d229a47bfb010c2bf0e39073e433e6203e5ce75ad30ea8bc858fea4d5baa0a3dfd154911d849d2082ffa116905ec243a4fb21110248e324c7a51beda4af580db994a6fddd1891cbca68e16dfd7764c8e7cb1e568f1f104846334ffac68163cfaf75270a3a1f719e86567865067fd104b454a6466c3eb643c14043b56847682f617de6560ba507ad7ca03849c21676f15a27feb2653a2c9c60e14b0eb35ef218e402a53bbedbfa81ff98b6e694f25c89ddfc306cb2336a6de35a0d9aa4546202597a8fff8fd1558227a52a9815c5d63f2681a2e0c66dbf878ef830b48e9e428a48f5d833eb4f8dee5ae331a26aa7e7b63dc7a5ab088ac95d95b611aae245d548391e2cd8fb8a424a9990b035bbd73da2d49e43ac8fefbc02e5a845853a712ec2d18ac83cbc358bc9afd44b5c75e034c7cd9ace57133cda8ff0c897d4154466ef1193cf75e406f8ac4611b034256b7a713faa6f21634d2564548016bf2421b6ce8b3910aea398cdca00fd8da1647a856a10a7118355e21efb4e46c106494f644ceda85bda89f2c25922bca30f5267930363fa41d02e0ecf94a18f63e93f6449c5c77d65af3a6b9fd784ea99535d3ef60cc0d2605f824619495470305fa438b9c7cd4659ae914dd62e4419d7d6fa17c4095bc13a5f231dec1412d6626ef50efb0506e7a0542163d1a5e2b10ddacd58c6fa54a465322f5b27c136e00330393a3b85157d94aff1bd6fc400f0b480afc9695a5d89f152c403d28202d7af641aadb07b3db3b6ecb56cd5df80316fda5e562c746b04ccda270e3a5c34378474965014ed96b6575b23fc1306fdc00ce12285f4204d5d61b8859ead8dd9c6378a8923769794daf12ed17410e5728e8755036283bab45aaebede8d249622ffa2635b041e653c65382f07f302a0faf05c52650b9208480eb95e226d1789ff3daa47bfaa754c970af81ee8bfd99afd82fc6161a32c3191e5d4f4cf4bb4e60bd3e55fd4c00da681e8dc9a7ff3e49fa0cdd537de763d6e1c748dc5ec4791976e88ce3f1d62472687421845042aca68b44b2024846b00552d0499058e4e0031872dbfc039c070aafdfadf230e29dd275aedc7982296c3198245e946e35b2b531f0d8b59d411cbc3d5ed8880241985fa272c6fc529f0edd6fde0947c5a75f363d7b1e6fe78a1e074694338b729b5fc944065d9ee1b7d0751b43c6260e5ec59a8bc0e6bef26f7cd2e3f7a365d43c8e9471e89fcf262c6c64a36d786801e8e76f58eb813c1c6312554447c966bf36a57d46a6e5b17438fccec000bbd4b6be182f36991c47297ccfaa49c17849e651b1a5e9aaf72d0b23a1cb5f7062c5c6c0e232e1a134220821771b76aa294778d9c15b4e3987449d95a2b1e4d926b327d9dee33e561d41f8742c32b16774e16b8aea0b354119820a7b066ab20c8134653d4bf6bf718345f89ce31c8d392b4d4702e25841c20801cff30cc317d5d5a626a277331978b4c6cd1dc5d915fdcf37b94b9896f6cf6e48571981b27840f4cab9d102d98d1899a64d424f5f3be9d34b5e02b1bd515e58bb3563f9c3519ce766713507733754395122856031ccf48ec531d55b15a98718e1ab990522bb730cdfa60154aeb1eceee169f124204feecc43cecf36df727fe927218f3a690591157be792ec68b0beee2f168577c63a25866e0487fe77fb47672e6f78bed4801fdcf093d13a8f324d239fbf329d2b08fe835fed07cf396bca168458306d1251119617305b23338b485fbd04ef7bf678486c272257f3ee92342b43a2a1a4a0b3ad0d67083cf389ff1fe5958cb1cfdfdb518e7fb062d6ebceef47a9503b5ffc2ada787831f24143058017f55dd0dd74d1959f8d9564ec713ff6dc22ae20e4a7906eda1e0c22551f8f83b3601e8b9bfa26a9d5551d66879e2e3f1ae1ecfd57a23f757a3c303e15da302d5a6c573c7ea992ff9f28491f078d2203cdcb8a9ec708561b88fcfae49a8d16824cb632c8453281840b1f114e60f71178e9318078de940e593691eb1e05745a80dfc0a13f8680fd491c9807476c306f1e5ddfe6f6fa9319f05b84bcda127a48e1f6699dec5b92cc3375b13d1265ac67d21c59cc2ba7408871568548c4672824ecf632f77a85a16a2a88455dd5c869da60f9d3f601ae3bf7341d22d54a873a87ae8b44c0725bee723be6f3b8b9d2dd34f64ce0c92e7d1f404e274540a2a5b88d03014fcad746c6a64421f152034d9f7c9cd4a59af082b24e0858b75774582ad75d38c4a6da63a61f154035a8f63d9a509905cddb24e64df6b7de4a92595d471fb175137ec009d4eb5ac2b14f1296579c483f1a5f53ff867f68a5c5cac05220f5d6da8ad94067ecf615434248838b815c84caa3cfc48acd83765eb4f01427ee0fbb1f2683dfd80a7de1a49494acdb66d2a34c05249b02e81de4bf9dcd1ecaa384a86f70555728b78798c59d6a07ffcc0161d3a1f2931f0715c9032bb281b1178956b3864ae04bf73f44b515548fa3e9980e0417b221d39b427f966fe83a4e8918c89010597dc7d8618d9221aad3c28271eedcfacd8f46ec0e5f3c7ac4e349052a5885fc236649860dd39e044d0fec0172a397697027e9a7e84c5b524c7536d8d7dc49d99516f70b0aba2f8b1f4b62ea6ef2a0eb765b8b17431c7c5862ac703caa363e827f9b04c19f85379ead69451c26575ad54edecc24bf53d304b39065abe7b44d8cfb2cc8d12c0ee63b2ab7319217d20988bbcde7f84bc0335f649d930b051fe4e92f5bbeb17758cb7c1b77a2561d2aad0c23db72078ff81dd4c2aa770b942d0f9331a33495e7bd0cf8bcc49beca74273fa1f2c5f8ec31095b081f495164e5e18066a37c5909b10d8146a1388d290728833ff29845a4065e6a0335a03fe6a67ceb55748b2c0e46f07ada7446abd97669877074410e1d8cd025f0bcd4e0b6468486ad71922031f7400699d2a8fb0d746a25217daa6c2076468d6d8b43800ee68e68ed405d943d26091a92804ef1149d1a04fdb3352fe3f27dd04c59675ea88ea47615dc239fd432a0025024579a522f72707a0fcba550fc6ca78314311d22f379725ac95957278d1452508012fe238bc69d88d7def16e974c63dbf72d208ef5096a0531f63f70d8c05ec45a237e3941addb00e15a9a57945936dd578beb207923e2bdc2da05d6242a96cf769021353c3476ef73139a40e8d72d7c90ee591b381dd4d3a770955941652de340d75f19b08f1e7caf5054916f9d5c8388201988dbf990c03c724023be4fa7b5d0eb0d6a1b66cf3405a20c0a593fcc4bc61f7ef6606e6fdde3ffb987a9e5a6c56fb895f6d380a3afdf61037dc129fb2eb4e4219079accfd3263c1d616cc79bd668c9dc01ef28098b0a7911bb378c079e3769e07e9d9e1f9bda30bc47bd15977d89818f7c955d504e094ae384c8fa4d5185b4aa40db8e35a6dfa72c828adcb17882d448475b691175d863d8dbed42391aa4eda07be8295feff8488f9c1190fe589126d30fb904c0cfbde36a71389d47888b5ded229d29d4d5b12d7493aa0e440c71a94d50962777cfa98526fb135475cfd5d04e9d79150329bc00255b2f4c89d8efa910d63bd0a991b227f5525d765c77bd7088b017fe2114389a67ca1e265f14fdad82eb32abbbce785cea3fa59c9cd25c41a54f3b159aea684f0188db29cb989485eaf31d9f0f61a2dbeceb9104eec50fc01c7ad853e7472c386bb58b43709d67410d28b9fcecc16c6ce124bfd6cad176a8b0837eda7d7e16378857abb1677ce4e24257e8250f94dce84e4818e20554526937d5011c0bc1e02a7cdbc5ce931ff980c21eaa00b0b2514bc8a2c8184a3dbb02e32fd6c45652d36da1fee407d5ba6996013e96ec2712"}, &(0x7f00000004c0)=0x1008) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000500)={r3, 0x3c48, 0x62, "b32f199df35db89d123bee6be026af1d940da4e4a1567e70ff5291583d8fcb41ca0981402900adb31066a5f5e2d3f4da63179edb07ad6fbda8932781060f3805e0a6d6db88f298ce12bb3ab79a3caac95df3ff036ed3f2fc235404b69fe9cefb0f14"}, 0x6a) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xc6d, 0x0, 0x400, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x100000001}}, &(0x7f0000000400)=0xb0) ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, &(0x7f00000002c0)={{0x0, 0x0, 0x8e, 0x0, 0x5}, 0x10001, 0x0, 'id0\x00', 'timer1\x00', 0x0, 0x0, 0x0, 0x0, 0x28000}) [ 373.132435] ? dump_stack_print_info.cold.2+0x52/0x52 [ 373.132462] ? graph_lock+0x170/0x170 [ 373.138672] should_fail.cold.4+0xa/0x17 [ 373.138694] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 373.138713] ? graph_lock+0x170/0x170 [ 373.160640] ? graph_lock+0x170/0x170 [ 373.160722] ? percpu_ref_put_many+0x11c/0x260 [ 373.160742] ? lock_downgrade+0x900/0x900 [ 373.169116] ? check_preemption_disabled+0x48/0x200 [ 373.169145] ? __lock_is_held+0xb5/0x140 [ 373.169194] ? ubifs_tnc_start_commit+0x2600/0x2cd0 [ 373.169224] ? ___might_sleep+0x1ed/0x300 [ 373.191557] ? lock_release+0x970/0x970 [ 373.195658] ? arch_local_save_flags+0x40/0x40 [ 373.200254] ? __lock_is_held+0xb5/0x140 [ 373.204337] ? __might_sleep+0x95/0x190 [ 373.208330] __alloc_pages_nodemask+0x34b/0xde0 [ 373.213011] ? lock_downgrade+0x900/0x900 [ 373.217169] ? check_preemption_disabled+0x48/0x200 [ 373.222196] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 373.227218] ? kasan_check_read+0x11/0x20 [ 373.231374] ? graph_lock+0x170/0x170 [ 373.235185] ? rcu_bh_qs+0xc0/0xc0 23:02:43 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0xffffffffffffff7f, 0x1) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0x7, 0xf2c7, 0x6029, 0x65ede72f, 0x7ff, 0x4}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000017c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_emit_ethernet(0x7ffff, &(0x7f0000000100)={@local, @link_local={0xffffff1f}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x70014, 0x0, 0x8847, 0x0, 0x0, 0x0, @rand_addr, @multicast1}, @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "c8d1f6", 0x0, "071ccd"}}}}}}, &(0x7f0000000000)) 23:02:43 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'kw(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="b7f2288a911993f0265df5cf1cdd8b55", 0x10) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000a00)=[{{&(0x7f0000000200)=@pptp={0x18, 0x2, {0x0, @local}}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000500)=""/113, 0x71}], 0x1, &(0x7f00000002c0)=""/73, 0x49}}], 0x1, 0x0, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) select(0x40, &(0x7f0000000040)={0x8, 0x5, 0x5, 0xad, 0x524, 0x7, 0x5, 0x1}, &(0x7f0000000080)={0x4, 0x1, 0x5, 0xce34, 0x2c135f5e, 0x6, 0x50a, 0x7}, &(0x7f00000000c0)={0x9, 0x0, 0x9, 0x40, 0xfff, 0x20, 0x0, 0x7}, &(0x7f0000000280)={r2, r3/1000+10000}) [ 373.238745] ? check_preemption_disabled+0x48/0x200 [ 373.243768] ? check_preemption_disabled+0x48/0x200 [ 373.248805] ? __lock_is_held+0xb5/0x140 [ 373.252915] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 373.258477] alloc_pages_current+0x10c/0x210 [ 373.262910] __get_free_pages+0xc/0x40 [ 373.266813] mmu_topup_memory_caches+0x1ee/0x390 [ 373.271586] kvm_mmu_load+0x21/0xfa0 [ 373.275321] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 373.280265] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 373.285816] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 373.290419] vcpu_enter_guest+0x3dbe/0x6380 [ 373.294767] ? emulator_read_emulated+0x50/0x50 [ 373.299458] ? vmx_vcpu_load+0xb06/0x1030 [ 373.303661] ? vmx_write_tsc_offset+0x680/0x680 [ 373.308341] ? graph_lock+0x170/0x170 [ 373.312154] ? lock_downgrade+0x900/0x900 [ 373.316317] ? check_preemption_disabled+0x48/0x200 [ 373.321347] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 373.326928] ? check_preemption_disabled+0x48/0x200 [ 373.331949] ? check_preemption_disabled+0x48/0x200 [ 373.336988] ? __lock_is_held+0xb5/0x140 23:02:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000080)=0x1c, 0x80000) pipe(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000004c0)=@assoc_value, &(0x7f0000000500)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000180)={0x10b, 0x8, 0x203, 0x101, 0x8, 0x2, 0x6, 0x8bd3, 0x0}, &(0x7f00000001c0)=0x20) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000200)={r3, 0x80000001}, &(0x7f0000000240)=0x8) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0xc) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000440)=0x8) r4 = socket$inet6(0xa, 0x80003, 0x2) ioctl(r4, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) add_key(&(0x7f0000000300)='encrypted\x00', &(0x7f0000000340)={'syz'}, &(0x7f0000000380)="e204b18bba3c99361172e023b0b82b3a02c81688f8bd875b775e44ca55d74c579866a1674598f3f8028085cdb5f269f2fddb5b8141c19922ba651dadce23313b530e31caf1a721a3e7a97b2b9cd6b5937fb08e63da40f47cbafacf5de12532306417f09b7fe73f6b24632e0ac20548520373bab9fb7b3bb41b0b2fa698c1084cafdbfd33845c34c873d6f1c51ab618ec518ca2956009", 0x96, 0xfffffffffffffffe) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) [ 373.341073] ? lock_acquire+0x1ed/0x520 [ 373.345062] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 373.350095] ? lock_release+0x970/0x970 [ 373.354085] ? kvm_gen_update_masterclock+0x350/0x350 [ 373.359287] ? kvm_arch_dev_ioctl+0x630/0x630 [ 373.363796] ? preempt_notifier_dec+0x20/0x20 [ 373.368319] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 373.373173] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 373.378221] kvm_vcpu_ioctl+0x72b/0x1150 [ 373.382302] ? kvm_vcpu_block+0x1030/0x1030 [ 373.386647] ? find_held_lock+0x36/0x1c0 [ 373.390731] ? __fget+0x4aa/0x740 [ 373.394204] ? check_preemption_disabled+0x48/0x200 [ 373.399240] ? kasan_check_read+0x11/0x20 [ 373.403420] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 373.408709] ? rcu_bh_qs+0xc0/0xc0 [ 373.412276] ? __fget+0x4d1/0x740 [ 373.415753] ? ksys_dup3+0x680/0x680 [ 373.419485] ? find_held_lock+0x36/0x1c0 [ 373.423570] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 373.428535] ? kvm_vcpu_block+0x1030/0x1030 [ 373.432883] do_vfs_ioctl+0x1de/0x1720 [ 373.436787] ? __lock_is_held+0xb5/0x140 [ 373.440873] ? ioctl_preallocate+0x300/0x300 [ 373.445307] ? __fget_light+0x2e9/0x430 [ 373.449294] ? fget_raw+0x20/0x20 [ 373.452767] ? __sb_end_write+0xd9/0x110 [ 373.456847] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 373.462400] ? fput+0x130/0x1a0 [ 373.465700] ? do_syscall_64+0x9a/0x820 [ 373.469687] ? do_syscall_64+0x9a/0x820 [ 373.473678] ? lockdep_hardirqs_on+0x421/0x5c0 [ 373.478278] ? security_file_ioctl+0x94/0xc0 [ 373.482707] ksys_ioctl+0xa9/0xd0 [ 373.486186] __x64_sys_ioctl+0x73/0xb0 [ 373.490091] do_syscall_64+0x1b9/0x820 [ 373.493996] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 373.499375] ? syscall_return_slowpath+0x5e0/0x5e0 [ 373.504316] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.509177] ? trace_hardirqs_on_caller+0x310/0x310 [ 373.514214] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 373.519250] ? prepare_exit_to_usermode+0x291/0x3b0 [ 373.524290] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.529154] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.531209] encrypted_key: master key parameter '' is invalid [ 373.534350] RIP: 0033:0x457569 23:02:44 executing program 1: r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f0000008ff8)=0x3f) fcntl$setown(r1, 0x8, r0) recvmmsg(r2, &(0x7f0000002f40)=[{{&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, 0x80, &(0x7f0000000540), 0x0, &(0x7f0000000580)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000003000)) fcntl$setsig(r1, 0xa, 0x12) dup2(r1, r2) tkill(r0, 0x11) [ 373.534368] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 373.534377] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 373.534394] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 373.534402] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 373.534421] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 373.570247] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 373.570258] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:46 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x206080, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000040)={0x81, 0x8200, 0x3f, 0x1a, 0x0}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000200)=@assoc_value={r3}, &(0x7f0000000240)=0x8) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:46 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) poll(&(0x7f0000000000), 0x0, 0x8b) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x14) tkill(r0, 0x1000000000016) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x20000, 0x0) ioctl$LOOP_CLR_FD(r1, 0x4c01) 23:02:46 executing program 4 (fault-call:7 fault-nth:42): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:46 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000000)={0x0, 0x4}, &(0x7f00000000c0)=0x8) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$IPT_SO_GET_REVISION_MATCH(r3, 0x0, 0x42, &(0x7f0000000180)={'icmp6\x00'}, &(0x7f00000001c0)=0x1e) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={r2, 0x7f}, 0x8) unshare(0x400) getsockopt$packet_int(r1, 0x107, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0x4) 23:02:46 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) setsockopt$RDS_RECVERR(0xffffffffffffffff, 0x114, 0x5, &(0x7f0000000100), 0x4) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local, @rand_addr}, 0xc) getsockopt$EBT_SO_GET_INIT_INFO(r2, 0x0, 0x82, &(0x7f0000000300)={'broute\x00'}, &(0x7f0000000380)=0x78) close(r2) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x4, 0x121040) setsockopt$bt_rfcomm_RFCOMM_LM(r4, 0x12, 0x3, &(0x7f0000000040)=0x42, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r0, r1, 0x0) 23:02:46 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) getrandom(&(0x7f00000000c0)=""/148, 0x2c, 0xffffffffffffffff) timer_settime(r1, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) chroot(&(0x7f0000000000)='./file0\x00') tkill(r0, 0x1000000000016) [ 376.115221] FAULT_INJECTION: forcing a failure. [ 376.115221] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 376.127339] CPU: 1 PID: 13841 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 376.134723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.144087] Call Trace: [ 376.146684] dump_stack+0x1c4/0x2b4 [ 376.150307] ? dump_stack_print_info.cold.2+0x52/0x52 [ 376.155497] ? graph_lock+0x170/0x170 [ 376.159298] should_fail.cold.4+0xa/0x17 [ 376.163364] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 376.168479] ? graph_lock+0x170/0x170 [ 376.172267] ? graph_lock+0x170/0x170 [ 376.176055] ? percpu_ref_put_many+0x11c/0x260 [ 376.180629] ? lock_downgrade+0x900/0x900 [ 376.184780] ? check_preemption_disabled+0x48/0x200 [ 376.189802] ? __lock_is_held+0xb5/0x140 [ 376.193862] ? ___might_sleep+0x1ed/0x300 [ 376.198001] ? lock_release+0x970/0x970 [ 376.201964] ? arch_local_save_flags+0x40/0x40 [ 376.206555] ? __lock_is_held+0xb5/0x140 [ 376.210635] ? __might_sleep+0x95/0x190 [ 376.214642] __alloc_pages_nodemask+0x34b/0xde0 [ 376.219324] ? lock_downgrade+0x900/0x900 [ 376.223486] ? check_preemption_disabled+0x48/0x200 [ 376.228520] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 376.233548] ? kasan_check_read+0x11/0x20 [ 376.237703] ? graph_lock+0x170/0x170 [ 376.237722] ? rcu_bh_qs+0xc0/0xc0 [ 376.237743] ? check_preemption_disabled+0x48/0x200 [ 376.237764] ? check_preemption_disabled+0x48/0x200 [ 376.245097] ? __lock_is_held+0xb5/0x140 [ 376.245129] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 23:02:46 executing program 1: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/vhost-net\x00', 0x2, 0x0) rt_sigaction(0x31, &(0x7f0000000080)={&(0x7f0000000000)="0f0df50f38f09b0000000067d0e2f3477900c4e1c5eec5c4032502bb47775072000f6adde300660ff61b66410fe188d8000000", {0x4}, 0x1, &(0x7f0000000040)="66400f38108d79000000260f15a99b6b0000c42268f3cf41d9ee660f3833800d00000066650f0f9914000000aa26430f1ac764de3942f1c4c17a1026"}, &(0x7f0000000180)={&(0x7f00000000c0)="c401fd29fdf37283c16c9800f136f340acf3440faecf660f5c63cbc4a268f540c7f080830e0000000c660fef6208c4a2193cfb", {}, 0x0, &(0x7f0000000100)="8fea401243fc000001002666400ff911c443ad68d63ac4224d9fbe00088041c42119e9410bc4a1f96ea36f000000f3d848ad66460f51f6c401fc778f6840edf66b"}, 0x8, &(0x7f00000001c0)) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000e4e000)=0x200000000) r1 = syz_open_dev$vcsn(&(0x7f00000002c0)='/dev/vcs#\x00', 0x6f6d2a09, 0x503101) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f0000000300)) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vsock\x00', 0x22500, 0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000240), &(0x7f0000000280)=0x14) write$vnet(r0, &(0x7f0000a8d000)={0x1, {&(0x7f0000c91000)=""/24, 0x1e9, &(0x7f0000b4cf9b)=""/101, 0x0, 0x2}}, 0x68) write$vnet(r0, &(0x7f000046df98)={0x1, {&(0x7f0000c7f000)=""/28, 0x1, &(0x7f0000e9afb7)=""/73, 0x0, 0x3}}, 0x68) [ 376.245149] alloc_pages_current+0x10c/0x210 [ 376.269152] __get_free_pages+0xc/0x40 [ 376.273042] mmu_topup_memory_caches+0x1ee/0x390 [ 376.277804] kvm_mmu_load+0x21/0xfa0 [ 376.281530] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 376.286477] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 376.292036] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 376.296628] vcpu_enter_guest+0x3dbe/0x6380 [ 376.300945] ? emulator_read_emulated+0x50/0x50 [ 376.305618] ? vmx_vcpu_load+0xb06/0x1030 [ 376.309773] ? vmx_write_tsc_offset+0x680/0x680 [ 376.314441] ? graph_lock+0x170/0x170 [ 376.318235] ? lock_downgrade+0x900/0x900 [ 376.322395] ? check_preemption_disabled+0x48/0x200 [ 376.327409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 376.332940] ? check_preemption_disabled+0x48/0x200 [ 376.337957] ? check_preemption_disabled+0x48/0x200 [ 376.342984] ? __lock_is_held+0xb5/0x140 [ 376.347048] ? lock_acquire+0x1ed/0x520 [ 376.351026] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 376.356050] ? lock_release+0x970/0x970 [ 376.360044] ? kvm_gen_update_masterclock+0x350/0x350 [ 376.365234] ? kvm_arch_dev_ioctl+0x630/0x630 [ 376.369765] ? preempt_notifier_dec+0x20/0x20 [ 376.374279] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 376.379117] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 376.384197] kvm_vcpu_ioctl+0x72b/0x1150 [ 376.388251] ? kvm_vcpu_block+0x1030/0x1030 [ 376.392581] ? find_held_lock+0x36/0x1c0 [ 376.396659] ? __fget+0x4aa/0x740 [ 376.400105] ? check_preemption_disabled+0x48/0x200 [ 376.405127] ? kasan_check_read+0x11/0x20 [ 376.409273] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 376.414537] ? rcu_bh_qs+0xc0/0xc0 [ 376.418069] ? __fget+0x4d1/0x740 [ 376.421515] ? ksys_dup3+0x680/0x680 [ 376.425216] ? find_held_lock+0x36/0x1c0 [ 376.429270] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 376.434191] ? kvm_vcpu_block+0x1030/0x1030 [ 376.438512] do_vfs_ioctl+0x1de/0x1720 [ 376.442409] ? __lock_is_held+0xb5/0x140 [ 376.446459] ? ioctl_preallocate+0x300/0x300 [ 376.450861] ? __fget_light+0x2e9/0x430 [ 376.454831] ? fget_raw+0x20/0x20 [ 376.458275] ? __sb_end_write+0xd9/0x110 [ 376.462330] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 376.467850] ? fput+0x130/0x1a0 [ 376.471124] ? do_syscall_64+0x9a/0x820 [ 376.475102] ? do_syscall_64+0x9a/0x820 [ 376.479079] ? lockdep_hardirqs_on+0x421/0x5c0 [ 376.483666] ? security_file_ioctl+0x94/0xc0 [ 376.488067] ksys_ioctl+0xa9/0xd0 [ 376.491514] __x64_sys_ioctl+0x73/0xb0 [ 376.495396] do_syscall_64+0x1b9/0x820 [ 376.499291] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 376.504654] ? syscall_return_slowpath+0x5e0/0x5e0 [ 376.509578] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.514419] ? trace_hardirqs_on_caller+0x310/0x310 [ 376.519437] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 376.524455] ? prepare_exit_to_usermode+0x291/0x3b0 [ 376.529465] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.534318] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 376.539504] RIP: 0033:0x457569 [ 376.542699] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 23:02:47 executing program 3: timer_create(0x4000000000000, &(0x7f00000001c0)={0x0, 0x1}, &(0x7f0000000040)) getrandom(&(0x7f00000000c0)=""/148, 0x23, 0x3) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000080)={0x8, 0x1000}) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000180)={0x1, 0x8001}, 0x2) tkill(0x0, 0x1) sched_getattr(0x0, &(0x7f0000000000), 0x30, 0x0) [ 376.561588] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 376.569289] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 376.576544] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 376.583805] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 376.591060] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 376.598313] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:47 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x401, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DEST(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2041}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x108, r2, 0x3, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x60, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x8000}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'rose0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x1c}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6tnl0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xfffffffffffffffd}]}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x7}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x16, 0x1}}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x8001}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xec3}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'dh\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0xf}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x1}]}]}, 0x108}, 0x1, 0x0, 0x0, 0x80}, 0x840) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:02:47 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000400)='./file0\x00') write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:02:47 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x0, 0xfffffffffffffffc, 0x8000) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000004c0)=@broute={'brodte\x00\x00d\x00', 0x20, 0x1, 0x388, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20001200], 0x0, &(0x7f0000000040), &(0x7f0000001200)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000300000000000000000073797a5f74756e000000000000000000626a004700000000000000000000000076657468305f746f5f7465616d000000766574683000000000000000000000000180c20000000000000000000000000000000000000000000000a8020000a8020000f80200006270660000000000000000000000000000000000000000000000000000000001100200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000049444c4554494d4552000000000000000000000000000000000000000000000028000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff00000000"]}, 0x400) 23:02:47 executing program 4 (fault-call:7 fault-nth:43): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 376.814805] FAULT_INJECTION: forcing a failure. [ 376.814805] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 376.827374] CPU: 0 PID: 13878 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 376.834762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.844129] Call Trace: [ 376.846746] dump_stack+0x1c4/0x2b4 [ 376.850406] ? dump_stack_print_info.cold.2+0x52/0x52 [ 376.855624] ? graph_lock+0x170/0x170 [ 376.859462] should_fail.cold.4+0xa/0x17 [ 376.863546] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 376.868665] ? graph_lock+0x170/0x170 [ 376.872481] ? graph_lock+0x170/0x170 [ 376.876298] ? percpu_ref_put_many+0x11c/0x260 [ 376.880900] ? lock_downgrade+0x900/0x900 [ 376.885066] ? check_preemption_disabled+0x48/0x200 [ 376.890107] ? __lock_is_held+0xb5/0x140 [ 376.894199] ? ___might_sleep+0x1ed/0x300 [ 376.898356] ? lock_release+0x970/0x970 [ 376.902343] ? arch_local_save_flags+0x40/0x40 [ 376.906938] ? __lock_is_held+0xb5/0x140 [ 376.911020] ? __might_sleep+0x95/0x190 [ 376.915013] __alloc_pages_nodemask+0x34b/0xde0 [ 376.919695] ? lock_downgrade+0x900/0x900 [ 376.923858] ? check_preemption_disabled+0x48/0x200 [ 376.928905] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 376.933934] ? kasan_check_read+0x11/0x20 [ 376.938093] ? graph_lock+0x170/0x170 [ 376.941914] ? rcu_bh_qs+0xc0/0xc0 [ 376.945476] ? check_preemption_disabled+0x48/0x200 [ 376.950503] ? check_preemption_disabled+0x48/0x200 [ 376.955544] ? __lock_is_held+0xb5/0x140 [ 376.959648] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 376.965206] alloc_pages_current+0x10c/0x210 [ 376.969641] __get_free_pages+0xc/0x40 [ 376.973539] mmu_topup_memory_caches+0x1ee/0x390 [ 376.978315] kvm_mmu_load+0x21/0xfa0 [ 376.982045] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 376.986988] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 376.992536] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 376.997142] vcpu_enter_guest+0x3dbe/0x6380 [ 377.001494] ? emulator_read_emulated+0x50/0x50 [ 377.006188] ? vmx_vcpu_load+0xb06/0x1030 [ 377.010362] ? vmx_write_tsc_offset+0x680/0x680 [ 377.015046] ? graph_lock+0x170/0x170 [ 377.018856] ? lock_downgrade+0x900/0x900 [ 377.023021] ? check_preemption_disabled+0x48/0x200 [ 377.028050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.033611] ? check_preemption_disabled+0x48/0x200 [ 377.038644] ? check_preemption_disabled+0x48/0x200 [ 377.043686] ? __lock_is_held+0xb5/0x140 [ 377.047769] ? lock_acquire+0x1ed/0x520 [ 377.051754] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 377.056788] ? lock_release+0x970/0x970 [ 377.060774] ? kvm_gen_update_masterclock+0x350/0x350 [ 377.065976] ? kvm_arch_dev_ioctl+0x630/0x630 [ 377.070513] ? preempt_notifier_dec+0x20/0x20 [ 377.075040] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 377.079900] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 377.084950] kvm_vcpu_ioctl+0x72b/0x1150 [ 377.089029] ? kvm_vcpu_block+0x1030/0x1030 [ 377.093375] ? find_held_lock+0x36/0x1c0 [ 377.097459] ? __fget+0x4aa/0x740 [ 377.100929] ? check_preemption_disabled+0x48/0x200 [ 377.105966] ? kasan_check_read+0x11/0x20 [ 377.110128] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 377.115433] ? rcu_bh_qs+0xc0/0xc0 [ 377.119004] ? __fget+0x4d1/0x740 [ 377.122484] ? ksys_dup3+0x680/0x680 [ 377.126208] ? find_held_lock+0x36/0x1c0 [ 377.130295] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 377.135248] ? kvm_vcpu_block+0x1030/0x1030 [ 377.139587] do_vfs_ioctl+0x1de/0x1720 [ 377.143500] ? __lock_is_held+0xb5/0x140 [ 377.147577] ? ioctl_preallocate+0x300/0x300 [ 377.152012] ? __fget_light+0x2e9/0x430 [ 377.155998] ? fget_raw+0x20/0x20 [ 377.159468] ? __sb_end_write+0xd9/0x110 [ 377.163578] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 377.169132] ? fput+0x130/0x1a0 [ 377.172426] ? do_syscall_64+0x9a/0x820 [ 377.176412] ? do_syscall_64+0x9a/0x820 [ 377.180397] ? lockdep_hardirqs_on+0x421/0x5c0 [ 377.184994] ? security_file_ioctl+0x94/0xc0 [ 377.189422] ksys_ioctl+0xa9/0xd0 [ 377.192897] __x64_sys_ioctl+0x73/0xb0 [ 377.196986] do_syscall_64+0x1b9/0x820 [ 377.200893] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 377.206271] ? syscall_return_slowpath+0x5e0/0x5e0 [ 377.211213] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.216069] ? trace_hardirqs_on_caller+0x310/0x310 [ 377.221102] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 377.226132] ? prepare_exit_to_usermode+0x291/0x3b0 [ 377.231171] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.236036] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.241232] RIP: 0033:0x457569 [ 377.244440] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 377.263348] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 377.271071] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 377.278352] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 377.285629] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 377.292908] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 377.300182] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:48 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x6, 0x8100) fcntl$setown(r2, 0x8, r0) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:48 executing program 5: unshare(0x80003ff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000600)='/dev/sequencer2\x00', 0x41, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f0000000640)={0x0, 0x1000, 0x9bfb, 0x50, 0x32d6, 0xfffffffffffffff8}, &(0x7f0000000680)=0x14) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000006c0)={0x8, 0x800a, 0xfffffffffffffff9, 0x3ea340, r1}, 0x10) ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000740)={'ip6_vti0\x00', {0x2, 0x4e23, @local}}) mount(&(0x7f00000001c0)=ANY=[], &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='mqueue\x00', 0x0, &(0x7f0000000140)) r2 = syz_open_dev$dspn(&(0x7f00000002c0)='/dev/dsp#\x00', 0x7fffffff, 0x2000) lsetxattr$trusted_overlay_upper(&(0x7f0000000480)='./file0/bus\x00', &(0x7f00000004c0)='trusted.overlay.upper\x00', &(0x7f0000000500)=ANY=[@ANYBLOB="00fbd90101a8773cd221233e6af17790750b5bc524a5f36b5467985182f789ea464302c25597166a07b05266ef9cc19e052b2e056ea4c80c13b1828bac09d5ed15d78c7f079563e36e7de006525d6ae7a43e9da383c9950c1776969c4ede65d0e149ee7be5cc2f78dc23fc6e3c04689bad743c07000000000000005571a8239d6752445700e692357a630b0b26b0bf987e54a868e8b58d8cdd05add4c1e44b202510f66c2f2fd58578ed68eb1b476e1de554fa6614f6e070ecd37015d397d0f4e86d8405d0bc587f8adc35d44d862104efc7086654c7e0defa"], 0xd9, 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000300)={0x0, 0xf2, "09a17694bef263d06c5943c614885e47f232c8b131e2669c0a6860755fed3a652287e31204cf7a4664df0b41e3b21beff787dbc00e235ebf35e9e1940598c3dcf3ba8425dec88a93a4ae36a59e251ef1cc2b0a0931ff4ae800b2fcc4a6406dfc94dd1836851feb353c1039e8dc62d34ee1843877d322ab1e0b631191b38557f541d5b9a5cf808202fb1d83b7362862395f3eecf7238e993381755e648a1144ca38b73c4043d0936b0b3536645ab71b82add55e6699533dd48af2698bee65a0fcc4ed4a64ea912987cc9b06b2d011256e81cbc55f4d64b3a74e2a7e85f5e2a9118b5c7c05ce5470a12297ee861611b6adeb01"}, &(0x7f0000000400)=0xfa) set_tid_address(&(0x7f0000000700)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r2, 0x84, 0x78, &(0x7f0000000440)=r3, 0x4) exit(0x0) r4 = creat(&(0x7f0000000040)='./file0/bus\x00', 0x0) setxattr$security_smack_entry(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.SMACK64IPIN\x00', &(0x7f0000000180)='mqueue\x00', 0x7, 0x2) accept$unix(r4, &(0x7f0000000780), &(0x7f0000000800)=0xfffffffffffffe9d) socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$inet6_buf(r4, 0x29, 0xdd, &(0x7f00000001c0)=""/134, &(0x7f0000000280)=0x86) 23:02:48 executing program 1: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="153f6234488dd25d5c6070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x2000000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000340)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000240)={0x0, 0x2000000001, 0x2, &(0x7f0000000080)}) r4 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x7fff, 0x101000) write$P9_RREADDIR(r4, &(0x7f00000000c0)={0x49, 0x29, 0x2, {0xfffffffffffffffa, [{{0x84}, 0x1, 0x6, 0x7, './file0'}, {{0x1, 0x4, 0x2}, 0x7, 0x0, 0x7, './file0'}]}}, 0x49) setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000380)={0x10000, {{0xa, 0x4e24, 0x10001, @local, 0x2}}, 0x1, 0x5, [{{0xa, 0x4e22, 0x4, @ipv4={[], [], @loopback}, 0x68d2}}, {{0xa, 0x4e21, 0xfff, @remote, 0x4324}}, {{0xa, 0x4e22, 0x20, @mcast2, 0x3}}, {{0xa, 0x4e20, 0x7fffffff, @mcast1, 0xfffffffffffffffc}}, {{0xa, 0x4e22, 0x5, @local, 0xee}}]}, 0x310) 23:02:48 executing program 4 (fault-call:7 fault-nth:44): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 377.453961] FAULT_INJECTION: forcing a failure. [ 377.453961] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 377.498324] CPU: 0 PID: 13890 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 377.505724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.505734] Call Trace: [ 377.505767] dump_stack+0x1c4/0x2b4 [ 377.505799] ? dump_stack_print_info.cold.2+0x52/0x52 [ 377.505833] ? debug_smp_processor_id+0x1c/0x20 [ 377.531359] ? perf_trace_lock_acquire+0x15b/0x800 [ 377.536314] should_fail.cold.4+0xa/0x17 [ 377.540401] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 377.545528] ? graph_lock+0x170/0x170 [ 377.549349] ? graph_lock+0x170/0x170 [ 377.553160] ? percpu_ref_put_many+0x11c/0x260 [ 377.557756] ? lock_downgrade+0x900/0x900 [ 377.561935] ? __lock_is_held+0xb5/0x140 [ 377.566022] ? ___might_sleep+0x1ed/0x300 [ 377.570175] ? lock_release+0x970/0x970 [ 377.574163] ? arch_local_save_flags+0x40/0x40 [ 377.578759] ? __lock_is_held+0xb5/0x140 [ 377.582838] ? __might_sleep+0x95/0x190 [ 377.586861] __alloc_pages_nodemask+0x34b/0xde0 [ 377.591548] ? lock_downgrade+0x900/0x900 [ 377.595710] ? check_preemption_disabled+0x48/0x200 [ 377.600741] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 377.605766] ? kasan_check_read+0x11/0x20 [ 377.609922] ? graph_lock+0x170/0x170 [ 377.613737] ? rcu_bh_qs+0xc0/0xc0 [ 377.617295] ? check_preemption_disabled+0x48/0x200 [ 377.622319] ? check_preemption_disabled+0x48/0x200 [ 377.627358] ? __lock_is_held+0xb5/0x140 [ 377.631447] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 377.637002] alloc_pages_current+0x10c/0x210 [ 377.641426] __get_free_pages+0xc/0x40 [ 377.645322] mmu_topup_memory_caches+0x1ee/0x390 [ 377.650093] kvm_mmu_load+0x21/0xfa0 [ 377.653817] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 377.658759] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 377.664307] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 377.668912] vcpu_enter_guest+0x3dbe/0x6380 [ 377.673260] ? emulator_read_emulated+0x50/0x50 [ 377.677948] ? perf_trace_lock+0x7a0/0x7a0 [ 377.682231] ? vmx_write_tsc_offset+0x680/0x680 [ 377.686912] ? graph_lock+0x170/0x170 [ 377.690725] ? check_preemption_disabled+0x48/0x200 [ 377.695749] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.701300] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.706846] ? check_preemption_disabled+0x48/0x200 [ 377.711873] ? check_preemption_disabled+0x48/0x200 [ 377.716923] ? __lock_is_held+0xb5/0x140 [ 377.720998] ? lock_acquire+0x1ed/0x520 [ 377.724983] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 377.730016] ? lock_release+0x970/0x970 [ 377.733998] ? kvm_gen_update_masterclock+0x350/0x350 [ 377.739195] ? kvm_arch_dev_ioctl+0x630/0x630 [ 377.743697] ? preempt_notifier_dec+0x20/0x20 [ 377.748220] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 377.753069] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 377.758118] kvm_vcpu_ioctl+0x72b/0x1150 [ 377.762196] ? kvm_vcpu_block+0x1030/0x1030 [ 377.766533] ? find_held_lock+0x36/0x1c0 [ 377.770626] ? __fget+0x4aa/0x740 [ 377.774094] ? check_preemption_disabled+0x48/0x200 [ 377.779128] ? kasan_check_read+0x11/0x20 [ 377.783293] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 377.788581] ? rcu_bh_qs+0xc0/0xc0 [ 377.792154] ? __fget+0x4d1/0x740 [ 377.795636] ? ksys_dup3+0x680/0x680 [ 377.799358] ? find_held_lock+0x36/0x1c0 [ 377.803442] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 377.808390] ? kvm_vcpu_block+0x1030/0x1030 [ 377.812728] do_vfs_ioctl+0x1de/0x1720 [ 377.816635] ? __lock_is_held+0xb5/0x140 [ 377.820712] ? ioctl_preallocate+0x300/0x300 [ 377.825132] ? __fget_light+0x2e9/0x430 [ 377.829116] ? fget_raw+0x20/0x20 [ 377.832584] ? __sb_end_write+0xd9/0x110 [ 377.836670] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 377.842209] ? fput+0x130/0x1a0 [ 377.845506] ? do_syscall_64+0x9a/0x820 [ 377.849490] ? do_syscall_64+0x9a/0x820 [ 377.853473] ? lockdep_hardirqs_on+0x421/0x5c0 [ 377.858070] ? security_file_ioctl+0x94/0xc0 [ 377.862494] ksys_ioctl+0xa9/0xd0 [ 377.865972] __x64_sys_ioctl+0x73/0xb0 [ 377.869873] do_syscall_64+0x1b9/0x820 [ 377.873777] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 377.879157] ? syscall_return_slowpath+0x5e0/0x5e0 [ 377.884093] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.888947] ? trace_hardirqs_on_caller+0x310/0x310 [ 377.893976] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 377.899002] ? prepare_exit_to_usermode+0x291/0x3b0 [ 377.904039] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.908907] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.914118] RIP: 0033:0x457569 [ 377.917323] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 377.936232] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 23:02:48 executing program 1: clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) accept4$inet6(0xffffffffffffff9c, &(0x7f0000000200)={0xa, 0x0, 0x0, @local}, &(0x7f0000000240)=0x1c, 0x80000) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000280)={0x0, 0x81, 0x30, 0x0, 0x1256bb0a}, &(0x7f00000002c0)=0x18) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000000300)=ANY=[@ANYBLOB="b700000005ed0050bfa394c11113a90000000000000703000028feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d030000000000005504000001ed00007c041000000000002c460000000000006b0a00fe000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000100)='EPL\x00'}, 0x48) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000080)) socket$inet6(0xa, 0x1000000000002, 0x0) exit(0x0) ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000180)={{0x2, 0x4e23, @loopback}, {0x0, @broadcast}, 0x18, {}, 'ip6gre0\x00'}) [ 377.943954] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 377.951225] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 377.958499] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 377.965782] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 377.973061] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:48 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) getrandom(&(0x7f00000000c0)=""/148, 0xfffffffffffffd36, 0x2) timer_settime(r1, 0x0, &(0x7f00000002c0)={{}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) userfaultfd(0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x1, 0x0) ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000340)=ANY=[@ANYBLOB="7b84000000000000f8ffffffffffffff0800000000000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="00000000040000000000000000000000000000000000000000000000", @ANYRES32=r2, @ANYBLOB="000000000200000000000000000000000000000000000000000000005474241592baddabdc691fccc30f90ff637a7e3ef200eecaf21a6c4adc3aa5f1a683777dd562577c7507ae8af05e6ab6c28ca9187f85113d931fdff7bf782fa3c05bb6a4347062023105c5687da17424a2456c4e56c95adf36026be561264fe107193ebad1f6ca115ca257a0d677b26b74cf7f1848ba88bedea0fac9603276136b6bc367d917310a95fd9e176e673a791569deb0b3cfefdeea77dfe379d9", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="00000000010000000000000000000000000000000000000000000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="00000000000001000000000000000000000000000000000000000000", @ANYRES32=r2, @ANYBLOB="00000000008000000000000000000000000000000000000000000000"]) setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r2, 0x111, 0x2, 0x1, 0x4) ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000040)) 23:02:48 executing program 4 (fault-call:7 fault-nth:45): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:48 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000400)='./file0\x00') write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) [ 378.117725] FAULT_INJECTION: forcing a failure. [ 378.117725] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 378.142729] CPU: 1 PID: 13905 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 378.150122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.159482] Call Trace: [ 378.162096] dump_stack+0x1c4/0x2b4 [ 378.165756] ? dump_stack_print_info.cold.2+0x52/0x52 [ 378.170964] ? graph_lock+0x170/0x170 [ 378.174804] should_fail.cold.4+0xa/0x17 [ 378.178891] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 378.184015] ? graph_lock+0x170/0x170 [ 378.187837] ? graph_lock+0x170/0x170 [ 378.191652] ? percpu_ref_put_many+0x11c/0x260 [ 378.196254] ? lock_downgrade+0x900/0x900 [ 378.200420] ? check_preemption_disabled+0x48/0x200 [ 378.205474] ? __lock_is_held+0xb5/0x140 [ 378.209568] ? ___might_sleep+0x1ed/0x300 [ 378.213741] ? lock_release+0x970/0x970 [ 378.217731] ? arch_local_save_flags+0x40/0x40 [ 378.222334] ? __lock_is_held+0xb5/0x140 [ 378.226430] ? __might_sleep+0x95/0x190 [ 378.230426] __alloc_pages_nodemask+0x34b/0xde0 [ 378.235111] ? lock_downgrade+0x900/0x900 [ 378.239275] ? check_preemption_disabled+0x48/0x200 [ 378.244314] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 378.249339] ? kasan_check_read+0x11/0x20 [ 378.253510] ? graph_lock+0x170/0x170 [ 378.257325] ? rcu_bh_qs+0xc0/0xc0 [ 378.260887] ? check_preemption_disabled+0x48/0x200 [ 378.265918] ? check_preemption_disabled+0x48/0x200 [ 378.270964] ? __lock_is_held+0xb5/0x140 [ 378.275056] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 378.280621] alloc_pages_current+0x10c/0x210 [ 378.285052] __get_free_pages+0xc/0x40 [ 378.288951] mmu_topup_memory_caches+0x1ee/0x390 [ 378.293733] kvm_mmu_load+0x21/0xfa0 [ 378.297460] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 378.302417] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 378.307969] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 378.312575] vcpu_enter_guest+0x3dbe/0x6380 [ 378.316939] ? emulator_read_emulated+0x50/0x50 [ 378.321635] ? vmx_vcpu_load+0xb06/0x1030 [ 378.325809] ? vmx_write_tsc_offset+0x680/0x680 [ 378.331019] ? graph_lock+0x170/0x170 [ 378.334834] ? lock_downgrade+0x900/0x900 [ 378.338994] ? check_preemption_disabled+0x48/0x200 [ 378.344025] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 378.349577] ? check_preemption_disabled+0x48/0x200 [ 378.354619] ? check_preemption_disabled+0x48/0x200 [ 378.359662] ? __lock_is_held+0xb5/0x140 [ 378.363744] ? lock_acquire+0x1ed/0x520 [ 378.367736] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 378.372782] ? lock_release+0x970/0x970 [ 378.376768] ? kvm_gen_update_masterclock+0x350/0x350 [ 378.381969] ? kvm_arch_dev_ioctl+0x630/0x630 [ 378.386481] ? preempt_notifier_dec+0x20/0x20 [ 378.391007] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 378.395859] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 378.400907] kvm_vcpu_ioctl+0x72b/0x1150 [ 378.404984] ? kvm_vcpu_block+0x1030/0x1030 [ 378.409358] ? find_held_lock+0x36/0x1c0 [ 378.413448] ? __fget+0x4aa/0x740 [ 378.416921] ? check_preemption_disabled+0x48/0x200 [ 378.421955] ? kasan_check_read+0x11/0x20 [ 378.426121] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 378.431418] ? rcu_bh_qs+0xc0/0xc0 [ 378.434986] ? __fget+0x4d1/0x740 [ 378.438461] ? ksys_dup3+0x680/0x680 [ 378.442188] ? find_held_lock+0x36/0x1c0 [ 378.446274] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 378.451233] ? kvm_vcpu_block+0x1030/0x1030 [ 378.455569] do_vfs_ioctl+0x1de/0x1720 [ 378.459478] ? __lock_is_held+0xb5/0x140 [ 378.463559] ? ioctl_preallocate+0x300/0x300 [ 378.467992] ? __fget_light+0x2e9/0x430 [ 378.471983] ? fget_raw+0x20/0x20 [ 378.475457] ? __sb_end_write+0xd9/0x110 [ 378.479540] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 378.485089] ? fput+0x130/0x1a0 [ 378.488391] ? do_syscall_64+0x9a/0x820 [ 378.492382] ? do_syscall_64+0x9a/0x820 [ 378.496374] ? lockdep_hardirqs_on+0x421/0x5c0 [ 378.500979] ? security_file_ioctl+0x94/0xc0 [ 378.505412] ksys_ioctl+0xa9/0xd0 [ 378.508887] __x64_sys_ioctl+0x73/0xb0 [ 378.512792] do_syscall_64+0x1b9/0x820 [ 378.516697] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 378.522075] ? syscall_return_slowpath+0x5e0/0x5e0 [ 378.527020] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.531881] ? trace_hardirqs_on_caller+0x310/0x310 [ 378.536914] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 378.541956] ? prepare_exit_to_usermode+0x291/0x3b0 [ 378.546993] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.551865] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 378.557066] RIP: 0033:0x457569 [ 378.560274] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 378.579186] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 378.586913] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 378.594192] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 378.601468] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 378.608747] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 378.616024] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:49 executing program 4 (fault-call:7 fault-nth:46): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:49 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000400)='./file0\x00') write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:02:49 executing program 0: r0 = gettid() r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) r2 = accept$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14) sendmsg$nl_netfilter(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000240)={&(0x7f0000001540)=ANY=[@ANYBLOB="84210000040b02002cbd7000fbdbdf2502000009263d11495aa075576c872ea3ee317ef396fab0ed5bc3a11fd513c6a343caf281bdce127f5c7c4facb600ca176557ae2cbab75ebeeabbaf69d59f956c6964cc4edbf02ba1c17f5f7877dbffe6e1eabd6acab68780d539bff509a33f509972960265e60e9bfe5db3919bea728aff68272c2d07233f20128f5072c76002f8b402a1d62634756a1ce629a7fcf4395131d63983774958d59241cc1978b709905e00eda887c503f4e6362ddb178f151f379e80b8dba3973a5dbdec2e2eb66aa5ebdded1d780f4ebda9f8c6bd4f9b1616b0c7554c58b743b746e806ae4fd5ed182aec01ec8a1ed0424f3db754f2bf90d2f11d6153a4ed553cb71f5e150eab272dbe6d0bc48281a75d88f0626edbb555d8cdb52230da0a93265163a2bbea9922181b5af9291a4777a4c5440ca684e51dd1b55c8c87ad661f0cddf7d6c69101bb8ef6a82333361119d7c66fa336195f198461911a6e89b4d8ec4db5a8ef2d4226b000fbed70b142f6cf54bb23b6056dc97344718a17533e33e6708c21bd077455236946b1558deeb2e04041128d7aacd3c6f153f718bd8b54c35d296856a2d6111048c1b1242feef58c91a9a651857e5620045ebffe3846ce64509f7fde40530d34116e7cb43fb2fbd7c8cc7e7e3aadbbb9c9800add7e6a06c61e5485383774c934afc0c715f2f231e9d2b828abeb5fc4ed7feb70443b07ffe8adfc46e653c113dbe8c0e72cac45113cac69a896e3eec3d912fe2b2a90e4e2619eecabae354df0a346c397ef0de021a186ea2e678aa922a3b7240186c816e46a56fe61720cc80635b8ed423032773b8be305f6dba2e12b4f5fc61a79d266cc25a089a5391711e177b3f3b8587fd30f7862a5222f1ed131582ff392e8219e9db9717391377ca8b09365c62f5929d39bb0361d4222881fd9add1950169b34bd96e8fa917b222e61637923f2fe7435f4dd423d5a1435589b8fcceb28c68acafc42e4c86b34990d517c8b607c3a60dd3452c18e13b6950ca53765c3d9c84d77fd30d67183e46df3ca570bb6a563012f4d422ac47fb822d70c6fa0ae8443f5e4ac7c42a9ed1a063f5f023ee6d93f80a3efce51edad75e7568e14a7a6978c3cf44806ef99898d74c4d94afb7001ba439dea18b5964aafa494c63a16b9c10f0a7509867898c997d3d78c24d8fb8118ca4985834a80e5354329c9bf8521940e61e87b3f2aa421b0486c90feabd6b8a9dfb7ac3541502f881ee6ce9af2dd623926212f961dc04610cc941ea4db2291dad2f994263fe7d1a161c997a65f0f24dddc048df78a70de4d42344aed055f4c9377bcc229fdd32e031113c6a77c9adadb89c1c4b9b89cbc5cf867b3ab8f8bc233daaa27f18ea6f3cb8b75a495c3a411f17e540bab6b8399f42dea5eebcbc0e932a72895f144f79a6b9f2b20397c3b38314bc66b8314c159e9e583f810ebcbc0c742e53d7596dd1f0561fba15f581ae6ccc3fd8a34c859eb817b2839df2b9f61db776ca1b483b7817d38407065d2fc1dd9a0f40a4c0e0df9de16e1280126132b103e2d83a6a20b23884dd02654238fffd4c94a3810531eef4a716457784b83a45ed2c2fc45f5c53d8fef24aa321e8e9951a81dddb6240c0b02dcedf103072c4c5317384b4804b0a6bebb6ebe4a171b4afe5c4140499625fef26de23ce325232238054fbd4c37e9de886b54e940e96706e9b9d47f2c329836cf742f2b31e6b81052d8bac95ad40acfae4a0b7d469ac8aa444db485cf08c7ba7b96167eeae23699b49ea80f0f0d3fa5c2762b753bf51bd7847764bf7eebe672cc89f09e996d7f39ac774093adb07ed58f327113b4fc14825b824f28223e0211b812c3782ccfc455479a08404bb2ec00809e205f9fa30567af4364ad8836179bef60f2a78c2c886f2f08ee3625108db61cb52350d8bfba672104ea99c6509f1529c7acd2553b0ccf8078a90899fe0084d6a0ff78ff1ed30fe1531ac9ebef8f42a244c86f95b22048dcff9236835c6ebbbfa7932807bcc82b46c820beb3e0ce588a963793973598240547e1c48aca8b5b421c37a1c214c9319410808ee7e0699a26f50c4395179200d6915619b07c521055b642ca1e0f48e14683f850d71b2a2b8c4258a048693c937d3de1eac5a6ea791c453dbcddea171475b92caf998feb8ce7f6b1087a8b41bf4f31499ebd5219e983d050a80b34385ab37e3c0a5c4a6ccbcde6f61ca330be485cf5ba30b6d931dd9d2db7594bc0d1c5c39ba5a3bbdf5cd02e6afd0c1b509c380ed7e965e28fd0732b1a813c23c754b9baf564615ae67a67aba0ad444c947071aa06425030a36f94871568fc3a6011c9937e02edc0e3e992000edade949e80ae874df4df4d9360fc8af2c53e4291c009e9d0f9ee3481464cc2a0cfa45e2ae7e869645bc760bf0456a65abc9bc717356ced4f7ff22799b9c5dca673bfed45c91814670cc684ad2de9895b9f4e6213a0f3b8f47f1c3dcc8754fd33a755d14a4bac087ecf305597b1e8d6fb0092b753b42affbe7e2b80fba5ece70e8220d2011c4f19b56668e7735e63e84ce001e1d1823b6913b065c14598e96db2fb928eb3449b237e4786ee670a1b05c9643cb76beb0296118b79498e93ad63a3aca24b726a86547b9aa4b0fb751f4659d02901373820af63976851c8f29d0d2ba92a9992f0f120fb991211c9bbf99a2cb462405116cc03e93e648e32b517b75a9d85cc0ec559539bce5e90ace47a30305e7a8199f63ff1fbfb7d15652f505d7daa415acaf0ff02c8071efeb24752f1f5f19854089208ed440e2227ffd42e1e433d01c6c3e6b5e5964819f0382e8066cc1f72dec055ba6b3f20e8a603ffc03e41cb34f0826c8de34b2af268ac7836fc905bbf0299759274293d831123e04c7f1e9e97d85f77b972e18308f60c46e8091ea044459b32b05f9a344e59410d8558f490751983e268dccf3d60d21365ee9fb07d1991d7a49b2f2bcf2e920882965d6e79bca5f40f6830880c511023f7aff2a1507a8c5286d04f711b24349c786d1607525ab452e67761e8f254ca6bb2766d6dc3b45ed1fda47f5cf5e55c7e9589e0904967930ea973c1ce29f54db00052457ea3d956adc488f4f93f7a2dfd8d12d52d4c79db2dc20507db51ddfce5e85a6aeeb9de08af74bbe4773952056919f303af3a3e3cd48a3c1f2f943ec587946b43774f6771e88d7a33e87418fde9da3e8f41aab4015f7eed08601e7e8c17007ac2f3800dc6c08c465eed296f83aee94ad7cc34b9e9fa81def6cff09e42157a96a72baa65bf0dbc6508f2e3baa2afd2239e7cde9d8a0eb357176c60c8fb772a96d0f832f298ca779b5d4bdb6b3d6978532237064e63ed73bd09fe6c24b653e159915e0121105a2f0f16beb39d4cc610eebe74c2327ba8a1a085a5ea02a7930050aa0609343c368e5f9b124eb3aa5355103968f05277a37d1122b6e3d44c6699ab5354dd00d37e014f955d376373d16d7405e210ff4bb13428f48fadf065930cd36cb5564db1034e7178af43a3a6ff72e58614194370f9a0a5a77d894b2bc162b41fc8017a9f43a08e255d9422618aaf5bb5d10d0b663741e106023714c5d2540a6eedbc3c4e079f60e8f3ed23e3ab676df87d34dad8c7bf9f1e660c2821db01eb30c96488b27c036f12f4e2188e164388d9d43d612995c391fb410ce3f2c13048ffbdefad5defc92e86485506cceb4768d89c2d2384f5586ae6883e4407a59074e37df618e7d98fe7d637718d48a6a060682fe5d980981391e0a9c7a9a993be1a0d6eb907cdbe59013ac9f43343b51859554a7b22b81e9f5b1ed88320d70041e4c0a682922a1c3e9c4cf1d585ecdf0ce709cd0182f4d2e631c791ae57977b715015665cad41d281739a1fb3d28cde0022eabf000a90a78aa06a6af40e1f6965e04349d868256eae2ff2ad62e5c9b14b5354592fa47938c7725c4f42d1d271dce4ca69aa53b93ac036da457c550242e53937ab67875a101c974c4ad1da09cc05d24ca24b3d8a4d73a40647c801914bce058a7b07916d3ca8129ea733b7a022719700294bbf59b710078a6f69facdcd0fcf9a9a61f10cccccc18e94b6d12ddd660a5c5899f3e4114bb7480fe7c1f2f0f068312827d00379a876a7d6c5c3a2c33d479c128594e73cfd1c84c4646a497bb74c96dbfc33168105606d9b82efaa7e4be951884d13fd3fb9fc96fa33b09a4f63642bd6f4e67fadd9489aa9169bd9ce389e450afe11ed13d1fcf07b3efb1da86a3fc4e798d845f373171984126b658d3eba28e3f34c412ef725c2b92e9e5174799f4933ac401b928fc0e6e671bf4c635c9ea82159f3227a785ccf83a2c6b34fe5e2d6db58f614ed53c4c67835e1f81f2651ee9df9189aa89185468ffe88c97ca18bf655f5bc373af32b218f92e3c2f3ffdddd9be596e50dcacd6032c9a5324f7e37781d34b1f69b981609b1742fdd21d76ead46d6b0089c3db5b56bb89a8c853b6e87913362cba3a05a2d4428099cf4ec2131a5a0ea4c06e8bb7b99ff53d9e65c172bc973bf3abadee86d81a8573b79c4a70a86894a22dfaf9bb8c2a25fdae1d724757eabc209459a9074d53e4b562ab446e211efecb00f85af801c266f428a3e90ce3ae47eb9f0a5c2a6b814d88ecbc2679e7dff66969ef4bde10db766107de683f4a416bb6ae07a15fe45e9f5aea3594a45cbd5c66c5a3eccb2bc6c5e8e494a565bb9a45ed608bc4ffe7deb4a4234900b4923789ac8a650fdd48a5ac2bff8320110fea899c01548fbe03a8e0de23f5cf4d5cece2b1ad55af5c884656c950e574436fd306ecfac70171cb314ac171f3438911270edecb6d2726b86168672c25b1f1a14de20d0153379f08745b25692578800c2debdb04f57a6a1e545b9455b0a76ac39470e26f4297762af519f865b8d6c406788dd764ab26957c77c76243b395f417c778616ffa13e206f93c03d30fc338d0f729fe3450cd2a05ca7214c5692f56f19f1f35668763d8655dfc9327fc1caa353dfcbbba70d2a971b226e54361859438ab105e7ac0f525973fd51d45c67380c31b803eb14dd110021f67445020775214ab255743592c965d958462cb6e79f6149db8162a805bccb2d68f8e2ac6464e2e20bce9e3bcd7a71f6e5c05ffeb25ae5143ae9b8b73b1ba51ed8ef825bdea638720ee9bdaaa631dc4a33b1cfe1ad0f7590f052e948094faacf79c7fc0cf20b13ea1885cb307b98faa1681e95991449ad133d68c9619a79f9ef001f3f081e5dee068f05e8a36a793634c918bd4538d80281c02c1be1c199ba3c4493eef492f57975297f690e60bc1adbf74997fba9e6a6182c701244a556a9e90a1055689f83c4b0724e3383af2a16d86634262877d49b1ff44dfa3f23e1d775a9b9bf8e96fd8427030a768a9f7aac3f625dd818dd12dfccd4d3e59737b814fbd3c843bb70dcb6b7f3c15975b551f64e7d5c9f0958e99701376254f9e522d59c489ac05b57a5ca45c88582186aac74dff5e7c4b513f2e2d248a25d82f9ae88295cf64e3682a70f0bcf95da32cd29518f147782dba624720e487b33fc6768fe3898c20b1a4808c919efc65ba597f7cd8609cbfc9c084b3e9c84d13c2c3e501345642816c79a253845acfd8e126d8ab487fce24e9c0cf41cbc31a9eb43a9330daba15e2714997fd532f09fd89c08de4ccee86ba3133d2417ea6306263b70cc3231526a0be30ab3fb84490c9555ce95edefab60a2acf0a046937e228d9b3a410f6c91ab9f30af240de22e1b3223b68691291530153cead7651d04795538f3e73228b5969911782e8f5742fbd386d56820f94feefddc2957e716565865ae9d6fb9a331fec80388f48dcacb376b78b5557b1a92160af99a11743c9f32f1c7974e4a2ded1e578d93e8304e6cd54322758b3152a57e8ed8b70fbabab753dd5b47f359798a50c76f2453bca0d6b5dd32467ec578e2a9b95294ab527e51525315268efc7850f0fb2d4a5b131cf996a0470905c416c9228f39733f65a4b93e02998d677f4e2d4235762b95ef448175757d415d614fc4140f00c585d9e7d1dba39dc686d468a52e511e20703e4691d46b7daa4ff08000800ff0100009000400008001c00", @ANYRES32=r2, @ANYBLOB="2645c8e8c7d87b5e51ec339724d8232f81e36bbd7654078ed7f5131c9117998c3a3be5e779b6ac5807f3e04c185e22b0699d807c6fecceebd0ee1126f14f9b18faa320ca4880ecc09ef3129f516630afffe146277ddd78614fa3ef63ddeecd3722546dc88693070094a1bc8a49252d273e7d8a686a8b695f99b797ae14f20d09873f0000d6ad90dc7331b1e43a18c53d3cd75ecb89606a81ed9a3ff53fa9960318b091919a871e28f81ae04fa5af441b443be96d9ebbbea63be1603687b97dcdd28f09bd17f7fd999299782836070f05ced9301bc5a74f1e7b0d1c256cf9d45650d74267b34dbaa844081e05d7675b5178ae87f849a7f3b020c2726ac638a37edd4a66de6d605d1fa3fbb41601761cc4a4ebf94a2b90882274015937e309cf6f3927fb86cbb0f1ecb6efc927bce6a491a372c810526a5168febdfb060b6814f047c0613091283755e27f6527441e488e4b73685f9b0f2b34c17f6c08e37db298f45675e4b54acfe4ca30b07372ecbd15e5e9eb39ecf88d5b7d77b8247c4519a8770cd345173ee016240def5fbd146db821e108f56bcaddac55e71553c30bfe3e177b5b63b157b49da9454d551f9792848e89ab3d3c0fc4f3dd784f78e84abcbb0d8977b47b0a1892cba2ceb8c5b25412f71d4430a22d1c2fecfb8940ae4616c2d9738b61ea5f12538f0c695d91fe22c8ee83ce9cb3462de3401b7f13e7ac8bb3b3320d7c4061ff4a85369987670778948b36a8045c8a1a97fc0c69faa0535b2da6aceedeb448d63ffc1801da6ae6d54ce2c9f82368c8ac7a3c96dd71b4cc948ffffd08366fd2b059c58612ea138cf22f4e28a40200ccfe44833e4fa771c7448e56343b40dbfa60176758a3442c12ff9503b2cccaec4422c4f8e7c1c80cff27f8facc63a2e54400813bca9016472daeb728f47cbf14030ece284afe3efad50f10d9eb2a88e22c69d1bef5397b84720adf843ff839dc13a6588d0c233b2256b9e7f1570f3e443ca466b067c175a51088394576f4031ddaa3d02a79b7c0c5ce399403a9c01bde330990609de0c3587384539a383f14c255e1ffeecf01a90728023a787f146824d16e26fe216b24c22cc7cfef9d9fab37ff073a2ce56c2140e5d54b2394f3bffc5924ad317534a002af582a07d7c7b4860367524d193e6dd43e3c25232430ab702370f1825a9cb5d8101d0d3d86f551dd6383d11c38f1d822b70bd07ab40612625eeca23f3754501e8e8be9794f7e66d1641dd419c190874efb8239bdff38977ade30d9b3c20f7dafb190cb6ac3dcb50d36adfe3e37d09c7f5b1ef6778a240de74b58f14e8d72435d43635b84414bc5970e602a502bfd1cf9360aff36fa24ae84abf771883d809528df6c9ed1dd91fc37d29721de688b3ebabeb8004618bc0c42fdf1c8dd19d874d533875b750c9f2be5bcdf5f7775f1a3cf57b29ccef59bf06c77f28a453b2420409aac90c424bd5178e9c54b9f4e99536e7ee8d55966511ab55092d2ddfa9e32d394f7cc6868c496ec198810a8bab5e2e71872329d9239b2149857f65eb777cf6cf6072aa8f1c1e3f19e06b10d026d836163c3d13f4a0236b3ddad0807b6c059df9b4b960622b9629c7df5e9aea932f5a379bc3296682d33aea8a31aed1a9bfa6d23476402b522a16027586c6f9133c34a43408fc872f94c87bd9073855022e329728a6c1e1c8c25dae690db309e35e30aa1d1ba8fbf8227c0f826c883f46f292ff8cc0eb202c511f3a66fef584a058d944fd8676b348077403754d3ec6e7fd36c6976e0f4c2d8d00f50cc1a13db58d34ae44360479f9482584e8d9e54b1f17615da3637dbc72f770312cf7f9768774777fa819ee8d463028d1c4f75b261c33e63f7b82d4c4d6a6ff55920bc4c94bb63000d28fb762883a2caf6a9e8ae887d0e566b6b0c6bdca7fb08f69745c55f607ef86e3180aabd5ae5b560c405d2782630b02933b26edff63a36ba17daee74d7003eb4e76f2bfae1b6bcc12a275ee34934a5fca3c30a5e1db43616faf0332b886f39a9486a89326193c4d018dac70b460bd367517d16bec4d7af0b8eadab7628459a34420521252eef83c789d01384ee5471968b4b0a0e25538bddcc4089147cbe24b1318a0eeb9a3fef247f23b168c7b43e251a422a48e98daeed36920bbc0bfe2e8a5fed6b19cfc01c67421ba8851eb517ae3fc8a292652c90b879dec952cdeaad20da6c320076b323fb8458bd17fda026e398527c79d09bd4253e2dde3ea07efd1cf8fe46095aac6de721fdd62509909688689e071654685ea955215ea02b4d6509073a0206cd1373fb81dd81ea7fa118a4fff5a4670ed2ce7aab64536bcb95af98fe8c19c0f9ab8ac88df4d48ca6aa95368150d7ef91cecf45d2d3e113c6304d172f41564310324c8d0d58a8aafbf46540d4f15c4a165331cb8126dc348fa86f963990c819f577b45d1496636cd008e0e6ca4927db88cb6c79b03779467992ce2ec921b43841d4fb2ef8ba5b250ee9e26c153340318cfa664791efb4e42b12f87eb5e3b52394714b3f61bbe22da03470baf67e0af73faaa7ac4372b9de682957e868cf8824b92524b780fdd3397bfce2792f8c6ff711695a92eadda2c3a592effe4a0486fcf011d228f92a9c5d110ce773fdecc01ed969fd3a0234d82ef85374dae8b03d9c98acb7ec47a9d24f1641279c40e302317ed026427b1845f831f79b9a43e7ca08699cee1df05ec516aa2f8d67c54bda8330ef05ab85da8990f0a7b8be31f7795a925bc4782d805b5f221d9cb9239a1efe3f1928e4d3d2b80928f36297c17fafb62fcbb3f6d0549e036440d1a249a870bf532b32cb37020a3b6c0ebdc855f6440991458c97a10f1bc37b1e8f72f1d37fd1ec78ebf51f2be5e39548932bd79f66a1c451cb7f2258fbfbf0ff7949fccba279fa447cdaec0d320b723b68b3bf18a439e6c371307c56f7a833dabfe23372ddad784503f1f70a114ff7a0ad14043d770936008ddab69c456a77e3b70a41744c708a9fff09bb04e7a75c40964761680690def6d04056abbaf7e40f01b4a38b42a3c8296531cb10fb9f3ac361010972e379e5a1cbaa9b3830439858da34ecbf619aa33ec12c4bcf9c6595a84c85650c54342f9dd726a85bff9220872f215c390dcec3f1051a998c2087ac8726a3f425a1ec11b214a9c154bd37aa4198618d65e6be88fe465e5a23c06a9913d8d02e62686a6adef4c0c00c8eb1e601453e182ce5d6d7608a5e6a8223e2f3c836beb4481790033806f84ec8d5e1d7fb89671c33e97cf5f51d4ca5ff8d8ba46096b3dac5e597f1afa1917050790214532233fde7f32c04533d2268f69d703a01088903e7aa1e827474fcab522f2039d90cc347446e04049d481eca6a81717c70626cedf698e0e1d5de60c49e3187dbcdfa8dc66c5f453a85a313b20f8923203bf86a832bb0fcc8ede0e62e9f49779b1d3d908e7869f4e34034b6883dfbd6d58856253973bb52ab7666ba57e72dae717c1c4972262a2e9d2dd8d95b818af8e6956117d19ad5a67a7bde4cc46bdc36c8d4236687f65720bc38f590c2074cee2f46dbdb48576e505a771c37bd203a6b9a277b9e1c09e599597089799a499c7f589ebf7636918778329cd9b8dfc6e245ff90825959d34656a92b1dd9cb06d1fed439924ae6ccea1948a8eceda14403f1cb7602df5b4b8439c3237bd9937b8be511d11b772941f0857191eade3283b9188fc973fa5d83b997966e6a94279136c468cc04e362ade63356cf1d6a77c6667270f6ba5e388f7093255eafcb6df6a9a3c34380baa66aa54608acb6206aaab8bdfde01d2cdd60d92842ccdfd8f13fee4018493141ce05829ff5711aea53cda873b98c92989a85e345f1aa7f21bf3e8e8aee08c47db179b609246e6d2e8416786e08e84905a3143d9ecfe0aca95cc00b16fa29d52cd86b703dc188e390c8f24ae546097bc89aa9f2118e1ca467065985cf13e6ace0aa703d1537309732d499dcbd0687c01caf435f4a6937b67344ff4d8ecc2534767ffbbf5708bed5df2d883e7c406c9a1fb0cd8a73178e07471161ae9c05a3473141c4b5ef18b7e33be6222c71e7561034a40f17c8e6fcf055605565ade1c58828427413bdcf9c66b85cfd720dbff23421174c2adb29731cc36904510ad206a995241d276142c6ef201be6f8bef6e5767ea19997aa9946cf1e16081af2be066a2114877f5b9cb6c98b2a205f271a250d79853d0a873d3d8fe555d53e24e41bf9808e3266c41acf0b43bff0c66957e9968be911bef08fc881203e0e3999a90052cd305311068cb0c7db48a537a73437ba64a5425f537df63f6bcec4c81f6d9d2fb43b55fb9d88f5d7fb4e3408f74c2f2f1f06d59fdb420f0af2b35f91c252689f91b685e9dac547837ade20361563ef8cbb6dd71b7c90fd4e97e67a776dc21c48e3761e1de4ea34c6c4674ccc48c38042633a275d0f5fa1317d8583a18510a7cd46c52c874a64bfb4d01b429a653d631fe2fb88cbbde8ed7632bf2dfb4747523c1bed016572831561bd076cf61d81d5e504e0a857ea84bea0829ba7cc0a8f125d9fbf921f093c842401a2d020aabc3200c7a4cd1e16c9074af01c61e5c8f41f0970276c7060565aa707abbb47af1a9e7a310fffc68b23ca9a783a699489acd8a43cf68f57c79d46e8eccaf6cb3779c72d2f2e097c53d36b88b81b37e64ff06678896927e255c498e09239763882ac0035c9391f9bed4807179639dcbef70010ade198bcdfc349b03e8f092ccd9aaa9c6d42a5f323b9bb72f1e03aea37303f391c6526dd14dd04738e178a305fbd773ee4e28d6830ac018e9bcd1eed1be02f7061ecd4773c9440f6d406166240a80cd0c37c892576f1811a32f8cf68d1678b71da9eddbae0d37bbecca3bbfda93cb4e271ede878747d018b5c721fb609fbc1c80627c995976fa267fa87a5c818b460a04602afd75a05052cd98457087d0270455a433cb88aeeb330bfa6ed8f6ea5ba284020bc514799d4721d110bfdc61ab5c4339e4f3760095212eab65f33278b6f235646d68d39f10d6d64fff4e5e98a3de3e841b7ad6518099cf6b3d97b5f0175fee0fec674ae1f92547d3567779b1c9ea680c4fca0e3b6bc544bd787ff4615e0969c96f257ad6f8bcad07c9d42c5769afc699d95b7fab06a824d3a8672916c68fa9dc1a7863191d443df5ddc5350cd5aa6f220388906b9a1d889ea0126e4670f5e8f68c273527fa44ae98865a8249310ac627a0273003c3904951119067e3557172d4775f93671d1ca55b21e326b6c58fcc5e80c065c5fb1c74fc4beebffcc7c032c404e27a4f711d3e57f0a474d285b2de60c2e3721bec5bafcf5c7f26dbb668f2755cc077573db29637fd3e9d6b5f8f7432e2221c4cbaf3530257e011a48ef9bc91347a721e4c7f295855d2c3db79dcdc316d8f5977575316e06cf158fa5bc3eaa8d0ed6c42f20538c1314bf4353207e6e076a36d5057a3a5b29f1af27b6bb18d890c3c22b078057cd86401b89f2ed85d29226491f4bb574b79a7369793f3dc82c97a7110acd1bf23b68716cc282d2e19307e989dbf529b4d618d314d5fdcd906f2c3fd4764fc1b96fc3c7bf1ee478bd3f2825a1379b2fe2d9f2b43242ce2f7dee076e252dbcaf2be5cffc5137bd6e737c532489d73be460e1dfe37eefe2aa3cdf53503db35eed4c946eb1dacb2e3ddeef00b88bbbe4ede5d9fce24bef5af91faa7032a528a3d9f8b2cc5e9959f82c402d050faddbf131a8cd1e7c7c258b9769e42ca6979ec5560ca84fdb88fddb10f5c292a9de16c34cc1793a4e76e09d58e3cf72ed32fa9da24fb6c60f4d17ffeb1681e74599c5775fdff97aa28365fe7b619e2a59b2d0a977984c6626b8c9dc7aefb727c723cb7d196b0d2cb968a6f81644cba8205f3b2db81973ab805cf3b6222609e3450c2a136912a614e3d06e3780b2df497b97a86e4aa7ea3e906f3173a34e546bcc238a32a30c1800130014005300ff020000000000000000000000000001"], 0x2184}, 0x1, 0x0, 0x0, 0x4}, 0x4011) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) r5 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r5, 0x1, &(0x7f00000014c0)) msgsnd(r5, &(0x7f0000000580)=ANY=[@ANYRES64, @ANYRESOCT=r3, @ANYRES16, @ANYRESDEC=r4], 0x4, 0x0) getrandom(&(0x7f0000000340)=""/148, 0x94, 0x3) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r5, 0x1, &(0x7f0000000180)={{}, 0x8, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x101, r0}) connect$l2tp(r1, &(0x7f00000002c0)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e21}, 0x2, 0x0, 0x3, 0x2}}, 0x2e) [ 378.767422] FAULT_INJECTION: forcing a failure. [ 378.767422] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 378.812118] CPU: 0 PID: 13919 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 378.819513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.828871] Call Trace: [ 378.831479] dump_stack+0x1c4/0x2b4 [ 378.835135] ? dump_stack_print_info.cold.2+0x52/0x52 [ 378.840353] ? debug_smp_processor_id+0x1c/0x20 [ 378.845031] ? perf_trace_lock_acquire+0x15b/0x800 [ 378.849997] should_fail.cold.4+0xa/0x17 [ 378.854080] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 378.859196] ? graph_lock+0x170/0x170 [ 378.863008] ? graph_lock+0x170/0x170 [ 378.866818] ? percpu_ref_put_many+0x11c/0x260 [ 378.871415] ? lock_downgrade+0x900/0x900 [ 378.875589] ? __lock_is_held+0xb5/0x140 [ 378.879730] ? nci_core_cmd+0x70/0x170 [ 378.883651] ? ___might_sleep+0x1ed/0x300 [ 378.887803] ? lock_release+0x970/0x970 [ 378.891786] ? arch_local_save_flags+0x40/0x40 [ 378.896381] ? __lock_is_held+0xb5/0x140 [ 378.900464] ? __might_sleep+0x95/0x190 [ 378.904456] __alloc_pages_nodemask+0x34b/0xde0 [ 378.909134] ? lock_downgrade+0x900/0x900 [ 378.913293] ? check_preemption_disabled+0x48/0x200 [ 378.918321] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 378.923345] ? kasan_check_read+0x11/0x20 [ 378.927529] ? graph_lock+0x170/0x170 [ 378.931340] ? rcu_bh_qs+0xc0/0xc0 [ 378.934902] ? check_preemption_disabled+0x48/0x200 [ 378.939925] ? check_preemption_disabled+0x48/0x200 [ 378.944962] ? __lock_is_held+0xb5/0x140 [ 378.949049] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 378.954608] alloc_pages_current+0x10c/0x210 [ 378.959038] __get_free_pages+0xc/0x40 [ 378.962934] mmu_topup_memory_caches+0x1ee/0x390 [ 378.967707] kvm_mmu_load+0x21/0xfa0 [ 378.971435] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 378.976379] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 378.981929] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 378.986526] vcpu_enter_guest+0x3dbe/0x6380 [ 378.990859] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 378.996420] ? check_preemption_disabled+0x48/0x200 [ 379.001475] ? emulator_read_emulated+0x50/0x50 [ 379.006173] ? perf_trace_lock+0x7a0/0x7a0 [ 379.010431] ? vmx_write_tsc_offset+0x680/0x680 [ 379.015109] ? graph_lock+0x170/0x170 [ 379.018923] ? mark_held_locks+0xc7/0x130 [ 379.023080] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.028632] ? check_preemption_disabled+0x48/0x200 [ 379.033655] ? check_preemption_disabled+0x48/0x200 [ 379.038697] ? __lock_is_held+0xb5/0x140 [ 379.042774] ? lock_acquire+0x1ed/0x520 [ 379.046756] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 379.051793] ? lock_release+0x970/0x970 [ 379.055777] ? kvm_gen_update_masterclock+0x350/0x350 [ 379.060977] ? kvm_arch_dev_ioctl+0x630/0x630 [ 379.065480] ? preempt_notifier_dec+0x20/0x20 [ 379.070000] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 379.074849] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 379.079926] kvm_vcpu_ioctl+0x72b/0x1150 [ 379.084021] ? kvm_vcpu_block+0x1030/0x1030 [ 379.088355] ? find_held_lock+0x36/0x1c0 [ 379.092464] ? __fget+0x4aa/0x740 [ 379.095931] ? check_preemption_disabled+0x48/0x200 [ 379.100959] ? kasan_check_read+0x11/0x20 [ 379.105119] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 379.110404] ? rcu_bh_qs+0xc0/0xc0 [ 379.113966] ? __fget+0x4d1/0x740 [ 379.117435] ? ksys_dup3+0x680/0x680 [ 379.121154] ? find_held_lock+0x36/0x1c0 [ 379.125235] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 379.130180] ? kvm_vcpu_block+0x1030/0x1030 [ 379.134515] do_vfs_ioctl+0x1de/0x1720 [ 379.138441] ? __lock_is_held+0xb5/0x140 [ 379.142517] ? ioctl_preallocate+0x300/0x300 [ 379.146949] ? __fget_light+0x2e9/0x430 [ 379.150948] ? fget_raw+0x20/0x20 [ 379.154411] ? __sb_end_write+0xd9/0x110 [ 379.158488] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 379.164027] ? fput+0x130/0x1a0 [ 379.167319] ? do_syscall_64+0x9a/0x820 [ 379.171304] ? do_syscall_64+0x9a/0x820 [ 379.175335] ? lockdep_hardirqs_on+0x421/0x5c0 [ 379.179941] ? security_file_ioctl+0x94/0xc0 [ 379.184361] ksys_ioctl+0xa9/0xd0 [ 379.187827] __x64_sys_ioctl+0x73/0xb0 [ 379.191727] do_syscall_64+0x1b9/0x820 [ 379.195838] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 379.201212] ? syscall_return_slowpath+0x5e0/0x5e0 [ 379.206145] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.211017] ? trace_hardirqs_on_caller+0x310/0x310 [ 379.216040] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 379.221066] ? prepare_exit_to_usermode+0x291/0x3b0 [ 379.226098] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.230958] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 379.236146] RIP: 0033:0x457569 [ 379.239358] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 23:02:50 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000400)='./file0\x00') write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) [ 379.258279] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 379.265995] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 379.273281] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 379.280582] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 379.287876] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 379.295154] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:50 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000400)='./file0\x00') write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:02:50 executing program 0: r0 = gettid() r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/rfkill\x00', 0x305100, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000580)=0x4) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) r3 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r3, 0x1, &(0x7f00000014c0)) msgsnd(r3, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) clock_gettime(0x40000000000000, &(0x7f0000000640)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{r4, r5+30000000}, {0x0, 0x1c9c380}}, &(0x7f0000000540)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x400, 0x0) ioctl$DRM_IOCTL_MAP_BUFS(r6, 0xc0186419, &(0x7f0000000480)={0x3, &(0x7f0000000040)=""/37, &(0x7f0000000400)=[{0x9, 0xf7, 0x6, &(0x7f0000000200)=""/247}, {0x72f2, 0x3a, 0x20, &(0x7f0000000080)=""/58}, {0x57d, 0xc9, 0x7, &(0x7f0000000300)=""/201}]}) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r3, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:50 executing program 4 (fault-call:7 fault-nth:47): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:50 executing program 5: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000040)='cpu\t\t.?\x00\x00') [ 379.714995] FAULT_INJECTION: forcing a failure. [ 379.714995] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 379.753512] CPU: 1 PID: 13945 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 379.760895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.760906] Call Trace: [ 379.760937] dump_stack+0x1c4/0x2b4 [ 379.760981] ? dump_stack_print_info.cold.2+0x52/0x52 [ 379.761027] ? debug_smp_processor_id+0x1c/0x20 [ 379.761050] ? perf_trace_lock_acquire+0x15b/0x800 [ 379.761083] should_fail.cold.4+0xa/0x17 [ 379.761111] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 379.761133] ? graph_lock+0x170/0x170 [ 379.761156] ? graph_lock+0x170/0x170 [ 379.761178] ? percpu_ref_put_many+0x11c/0x260 [ 379.761201] ? lock_downgrade+0x900/0x900 [ 379.761238] ? __lock_is_held+0xb5/0x140 [ 379.761276] ? ___might_sleep+0x1ed/0x300 [ 379.761293] ? lock_release+0x970/0x970 [ 379.761314] ? arch_local_save_flags+0x40/0x40 [ 379.761351] ? __lock_is_held+0xb5/0x140 [ 379.761389] ? __might_sleep+0x95/0x190 [ 379.761432] __alloc_pages_nodemask+0x34b/0xde0 [ 379.761451] ? lock_downgrade+0x900/0x900 [ 379.761471] ? check_preemption_disabled+0x48/0x200 [ 379.761511] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 379.761544] ? kasan_check_read+0x11/0x20 [ 379.761562] ? graph_lock+0x170/0x170 [ 379.761583] ? rcu_bh_qs+0xc0/0xc0 [ 379.761620] ? check_preemption_disabled+0x48/0x200 [ 379.761642] ? check_preemption_disabled+0x48/0x200 [ 379.761679] ? __lock_is_held+0xb5/0x140 [ 379.761718] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 379.761759] alloc_pages_current+0x10c/0x210 [ 379.761783] __get_free_pages+0xc/0x40 [ 379.761805] mmu_topup_memory_caches+0x1ee/0x390 [ 379.761827] kvm_mmu_load+0x21/0xfa0 [ 379.761850] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 379.761889] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 379.761910] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 379.761935] vcpu_enter_guest+0x3dbe/0x6380 [ 379.761954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.761980] ? check_preemption_disabled+0x48/0x200 [ 379.773924] ? emulator_read_emulated+0x50/0x50 [ 379.773952] ? perf_trace_lock+0x7a0/0x7a0 [ 379.773977] ? vmx_write_tsc_offset+0x680/0x680 [ 379.773993] ? graph_lock+0x170/0x170 [ 379.774014] ? mark_held_locks+0xc7/0x130 [ 379.782818] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.782834] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.782852] ? check_preemption_disabled+0x48/0x200 [ 379.782869] ? check_preemption_disabled+0x48/0x200 [ 379.782896] ? __lock_is_held+0xb5/0x140 [ 379.782918] ? lock_acquire+0x1ed/0x520 [ 379.782934] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 379.782957] ? lock_release+0x970/0x970 [ 379.782974] ? kvm_gen_update_masterclock+0x350/0x350 [ 379.782992] ? kvm_arch_dev_ioctl+0x630/0x630 [ 379.783008] ? preempt_notifier_dec+0x20/0x20 [ 379.783040] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 379.783056] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 379.783090] kvm_vcpu_ioctl+0x72b/0x1150 [ 379.783127] ? kvm_vcpu_block+0x1030/0x1030 [ 379.783151] ? find_held_lock+0x36/0x1c0 [ 379.783208] ? __fget+0x4aa/0x740 [ 379.783230] ? check_preemption_disabled+0x48/0x200 [ 379.783252] ? kasan_check_read+0x11/0x20 [ 379.783270] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 379.783289] ? rcu_bh_qs+0xc0/0xc0 [ 379.783321] ? __fget+0x4d1/0x740 [ 379.783347] ? ksys_dup3+0x680/0x680 [ 379.783364] ? find_held_lock+0x36/0x1c0 [ 379.783397] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 379.783424] ? kvm_vcpu_block+0x1030/0x1030 [ 379.783444] do_vfs_ioctl+0x1de/0x1720 [ 379.783461] ? __lock_is_held+0xb5/0x140 [ 379.783484] ? ioctl_preallocate+0x300/0x300 [ 379.783502] ? __fget_light+0x2e9/0x430 [ 379.783521] ? fget_raw+0x20/0x20 [ 379.783541] ? __sb_end_write+0xd9/0x110 [ 379.783564] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 379.783578] ? fput+0x130/0x1a0 [ 379.783605] ? do_syscall_64+0x9a/0x820 [ 379.783623] ? do_syscall_64+0x9a/0x820 [ 379.783641] ? lockdep_hardirqs_on+0x421/0x5c0 [ 379.783663] ? security_file_ioctl+0x94/0xc0 [ 379.783686] ksys_ioctl+0xa9/0xd0 [ 379.783709] __x64_sys_ioctl+0x73/0xb0 [ 379.783729] do_syscall_64+0x1b9/0x820 [ 379.783746] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 379.783766] ? syscall_return_slowpath+0x5e0/0x5e0 [ 379.783782] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.783803] ? trace_hardirqs_on_caller+0x310/0x310 [ 379.783823] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 379.783843] ? prepare_exit_to_usermode+0x291/0x3b0 [ 379.783868] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.783895] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 379.783908] RIP: 0033:0x457569 [ 379.783927] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 380.199776] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 380.207476] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 23:02:50 executing program 5: r0 = socket$kcm(0x10, 0x1000000100000002, 0x0) recvmsg$kcm(r0, &(0x7f000000a500)={&(0x7f0000008f40)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f000000a380)=[{&(0x7f0000008fc0)=""/200, 0xc8}, {&(0x7f00000090c0)=""/83, 0x53}, {&(0x7f0000009140)=""/118, 0x76}, {&(0x7f00000091c0)=""/190, 0xbe}, {&(0x7f0000009280)=""/151, 0x97}, {&(0x7f0000009340)=""/9, 0x9}, {&(0x7f0000009380)=""/4096, 0x1000}], 0x7, &(0x7f000000a400)=""/218, 0xda}, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="230000005e0081aee4050c00000f0000008bc609f6d8ffffff9e000000000000000000", 0x23}], 0x1, &(0x7f0000000180)}, 0x0) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000100)=0x100000000, 0x4) semctl$GETZCNT(0x0, 0x1, 0xf, &(0x7f0000000080)=""/43) [ 380.214732] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 380.221989] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 380.229242] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 380.236505] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:51 executing program 4 (fault-call:7 fault-nth:48): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:51 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) setxattr$security_ima(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.ima\x00', &(0x7f0000000180)=@v2={0x5, 0x0, 0x4, 0x6, 0x9c, "b34ebdfb6099aa611236f6631320f5b93649eedef4b3ba649f6339d558dd8f45a6252b6680e6edeb024768ae26b4842849128eeed30b190580bd1f4c6d6f0acb1d1781d428c6694fdeb2fe832dd67bc7c5630e91a2f433026c8ad6980cc1fb4c23b5bcdb2d0dfde2481c2d75ffd63e72feb1c6789a4c211102e2040e0ea2b991e4b16f3d76aa733fa73170cf824501bda398e3d0a1f00279c5b494b7"}, 0xa6, 0x3) tkill(r0, 0x1a) 23:02:51 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000400)='./file0\x00') write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:02:51 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000400)='./file0\x00') write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:02:51 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}) msgsnd(r1, &(0x7f0000e74f60)=ANY=[@ANYBLOB], 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:51 executing program 5: r0 = socket$inet6(0xa, 0x1000000000003, 0x3) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000240)='/dev/snd/pcmC#D#p\x00', 0x7fffffff, 0x600) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f00000002c0)={0x0, 0x4, 0x0, 0x0, 0x100000001}, &(0x7f0000000340)=0x18) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000580)={r2, 0x2, 0x30}, &(0x7f0000000680)=0xc) mount(&(0x7f00000004c0)=ANY=[], &(0x7f000000aff8)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, &(0x7f0000000000)) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000007c0)={0x0, 0x2, 0x8001, 0xbfa}) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x19) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000900)=ANY=[@ANYBLOB="30032cbd21a1ed6d4c7000fedbdf25020000003800e50008000600020000001400010000000000000000000000000000000000080006006784000008000b0000000000253e000000000000"], 0x1}, 0x1, 0x0, 0x0, 0x84}, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) chdir(&(0x7f0000000540)='./file0\x00') mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x8010, r0, 0x0) ioprio_get$pid(0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000d80)={{{@in6=@mcast2, @in6=@remote}}, {{@in=@dev}, 0x0, @in=@rand_addr}}, &(0x7f00000004c0)=0xe8) getegid() getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000c80)={{{@in=@multicast1, @in=@local}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f0000000500)=0xe8) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480)='fuse\x00', 0x40, &(0x7f0000000d80)=ANY=[@ANYBLOB]) r4 = dup2(r3, r0) ioctl$KVM_GET_DEBUGREGS(r4, 0x8080aea1, &(0x7f0000000740)) accept4$inet(r4, &(0x7f0000000800)={0x2, 0x0, @multicast2}, &(0x7f0000000840)=0x10, 0x800) r5 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) readlink(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)=""/16, 0x10) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f00000000c0)={0x2, @broadcast, 0x4e23, 0x4, 'nq\x00', 0x2, 0x89, 0x16}, 0x2c) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f00000009c0)={{0x0, @rand_addr=0x5, 0x4e23, 0x0, 'nq\x00', 0x30, 0x0, 0x13}, {@multicast2, 0x0, 0x10000, 0xde1}}, 0x44) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000040)=0x8) ioctl$EVIOCGPHYS(r5, 0x80404507, &(0x7f0000001040)=""/4096) execve(&(0x7f0000000280)='./file0\x00', &(0x7f0000000380), &(0x7f0000000ac0)=[&(0x7f0000000b40)='ramfs\x00']) [ 381.167529] FAULT_INJECTION: forcing a failure. [ 381.167529] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 381.179783] CPU: 1 PID: 13970 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 381.187162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.196749] Call Trace: [ 381.199361] dump_stack+0x1c4/0x2b4 [ 381.203039] ? dump_stack_print_info.cold.2+0x52/0x52 [ 381.208249] ? graph_lock+0x170/0x170 [ 381.212084] should_fail.cold.4+0xa/0x17 [ 381.216166] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 381.221297] ? graph_lock+0x170/0x170 [ 381.225111] ? graph_lock+0x170/0x170 [ 381.228927] ? percpu_ref_put_many+0x11c/0x260 [ 381.233522] ? lock_downgrade+0x900/0x900 [ 381.237686] ? check_preemption_disabled+0x48/0x200 [ 381.242727] ? __lock_is_held+0xb5/0x140 [ 381.246878] ? intel_bios_is_lvds_present+0x80/0x320 [ 381.252012] ? ___might_sleep+0x1ed/0x300 [ 381.256166] ? lock_release+0x970/0x970 [ 381.260174] ? arch_local_save_flags+0x40/0x40 [ 381.264786] ? __lock_is_held+0xb5/0x140 [ 381.268868] ? __might_sleep+0x95/0x190 [ 381.272859] __alloc_pages_nodemask+0x34b/0xde0 [ 381.277540] ? lock_downgrade+0x900/0x900 [ 381.281711] ? check_preemption_disabled+0x48/0x200 [ 381.286743] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 381.291770] ? kasan_check_read+0x11/0x20 [ 381.295943] ? graph_lock+0x170/0x170 [ 381.299773] ? rcu_bh_qs+0xc0/0xc0 [ 381.303363] ? check_preemption_disabled+0x48/0x200 [ 381.308415] ? check_preemption_disabled+0x48/0x200 [ 381.313470] ? __lock_is_held+0xb5/0x140 [ 381.317575] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 381.323138] alloc_pages_current+0x10c/0x210 [ 381.328055] __get_free_pages+0xc/0x40 [ 381.331956] mmu_topup_memory_caches+0x1ee/0x390 [ 381.336732] kvm_mmu_load+0x21/0xfa0 [ 381.340487] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 381.345427] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 381.350973] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 381.355578] vcpu_enter_guest+0x3dbe/0x6380 [ 381.359938] ? emulator_read_emulated+0x50/0x50 [ 381.364651] ? vmx_vcpu_load+0xb06/0x1030 [ 381.368820] ? vmx_write_tsc_offset+0x680/0x680 [ 381.373497] ? graph_lock+0x170/0x170 [ 381.377302] ? lock_downgrade+0x900/0x900 [ 381.381458] ? check_preemption_disabled+0x48/0x200 [ 381.386488] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 381.392039] ? check_preemption_disabled+0x48/0x200 [ 381.397063] ? check_preemption_disabled+0x48/0x200 [ 381.402107] ? __lock_is_held+0xb5/0x140 [ 381.406192] ? lock_acquire+0x1ed/0x520 [ 381.410177] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 381.415211] ? lock_release+0x970/0x970 [ 381.419199] ? kvm_gen_update_masterclock+0x350/0x350 [ 381.424405] ? kvm_arch_dev_ioctl+0x630/0x630 [ 381.428911] ? preempt_notifier_dec+0x20/0x20 [ 381.433454] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 381.438356] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 381.443416] kvm_vcpu_ioctl+0x72b/0x1150 [ 381.447498] ? kvm_vcpu_block+0x1030/0x1030 [ 381.451842] ? find_held_lock+0x36/0x1c0 [ 381.455938] ? __fget+0x4aa/0x740 [ 381.459428] ? check_preemption_disabled+0x48/0x200 [ 381.464477] ? kasan_check_read+0x11/0x20 [ 381.468650] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 381.473980] ? rcu_bh_qs+0xc0/0xc0 [ 381.477607] ? __fget+0x4d1/0x740 [ 381.481084] ? ksys_dup3+0x680/0x680 [ 381.484813] ? find_held_lock+0x36/0x1c0 [ 381.488896] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 381.493851] ? kvm_vcpu_block+0x1030/0x1030 [ 381.498189] do_vfs_ioctl+0x1de/0x1720 [ 381.502132] ? __lock_is_held+0xb5/0x140 [ 381.506222] ? ioctl_preallocate+0x300/0x300 [ 381.510642] ? __fget_light+0x2e9/0x430 [ 381.514634] ? fget_raw+0x20/0x20 [ 381.518100] ? __sb_end_write+0xd9/0x110 [ 381.522184] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 381.527727] ? fput+0x130/0x1a0 [ 381.531017] ? do_syscall_64+0x9a/0x820 [ 381.535006] ? do_syscall_64+0x9a/0x820 [ 381.538996] ? lockdep_hardirqs_on+0x421/0x5c0 [ 381.543606] ? security_file_ioctl+0x94/0xc0 [ 381.548032] ksys_ioctl+0xa9/0xd0 [ 381.551505] __x64_sys_ioctl+0x73/0xb0 [ 381.555416] do_syscall_64+0x1b9/0x820 [ 381.559321] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 381.564700] ? syscall_return_slowpath+0x5e0/0x5e0 [ 381.569643] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.574515] ? trace_hardirqs_on_caller+0x310/0x310 [ 381.579545] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 381.584575] ? prepare_exit_to_usermode+0x291/0x3b0 [ 381.589626] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.594492] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 381.599692] RIP: 0033:0x457569 [ 381.602898] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 381.621807] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 381.629528] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 381.636803] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 381.644079] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 381.651351] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 381.658631] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:52 executing program 5: r0 = socket$inet6(0xa, 0x1000000000003, 0x3) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000240)='/dev/snd/pcmC#D#p\x00', 0x7fffffff, 0x600) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f00000002c0)={0x0, 0x4, 0x0, 0x0, 0x100000001}, &(0x7f0000000340)=0x18) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000580)={r2, 0x2, 0x30}, &(0x7f0000000680)=0xc) mount(&(0x7f00000004c0)=ANY=[], &(0x7f000000aff8)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, &(0x7f0000000000)) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000007c0)={0x0, 0x2, 0x8001, 0xbfa}) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x19) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000900)=ANY=[@ANYBLOB="30032cbd21a1ed6d4c7000fedbdf25020000003800e50008000600020000001400010000000000000000000000000000000000080006006784000008000b0000000000253e000000000000"], 0x1}, 0x1, 0x0, 0x0, 0x84}, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) chdir(&(0x7f0000000540)='./file0\x00') mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x8010, r0, 0x0) ioprio_get$pid(0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000d80)={{{@in6=@mcast2, @in6=@remote}}, {{@in=@dev}, 0x0, @in=@rand_addr}}, &(0x7f00000004c0)=0xe8) getegid() getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000c80)={{{@in=@multicast1, @in=@local}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f0000000500)=0xe8) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480)='fuse\x00', 0x40, &(0x7f0000000d80)=ANY=[@ANYBLOB]) r4 = dup2(r3, r0) ioctl$KVM_GET_DEBUGREGS(r4, 0x8080aea1, &(0x7f0000000740)) accept4$inet(r4, &(0x7f0000000800)={0x2, 0x0, @multicast2}, &(0x7f0000000840)=0x10, 0x800) r5 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) readlink(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)=""/16, 0x10) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f00000000c0)={0x2, @broadcast, 0x4e23, 0x4, 'nq\x00', 0x2, 0x89, 0x16}, 0x2c) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f00000009c0)={{0x0, @rand_addr=0x5, 0x4e23, 0x0, 'nq\x00', 0x30, 0x0, 0x13}, {@multicast2, 0x0, 0x10000, 0xde1}}, 0x44) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000040)=0x8) ioctl$EVIOCGPHYS(r5, 0x80404507, &(0x7f0000001040)=""/4096) execve(&(0x7f0000000280)='./file0\x00', &(0x7f0000000380), &(0x7f0000000ac0)=[&(0x7f0000000b40)='ramfs\x00']) 23:02:52 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000000)) tkill(r0, 0x1000000000016) 23:02:52 executing program 4 (fault-call:7 fault-nth:49): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:52 executing program 1: perf_event_open(&(0x7f000001d000)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4000000080000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x40000000806, 0x0) ioctl$int_in(r0, 0x800000c0045002, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x4}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="0900ef005a3e6a63e35559e394adaf3eb1da20499ffd114edb2df6efeddb049996934836a37f53cf6a241801000000000000006ed6342a09679d8d6084da804c461397543c7fb09e0d9d90807dbb89d9ed3d8141c29925d3ef676342d1b24fa8b4d1d7bced10902a79bc42a6db4834620e4c2f2dd438a57a7596"], 0x1) write$FUSE_IOCTL(r0, &(0x7f0000000040)={0x20, 0x0, 0x7, {0xc85, 0x0, 0x4010000, 0xfffffffffffffffb}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300)}}, 0xfffffea9) ioctl$BLKROGET(r0, 0x125e, 0x0) 23:02:52 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000002ec0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f0000000a40)={0xa, 0x4e22, 0x0, @dev, 0x4}, 0x1c) bind$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000003c0)='ip6_vti0\x00', 0x10) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000200)={0x0}) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000002c0)={r1, &(0x7f0000000240)=""/66}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x0, 0x0) r3 = socket$l2tp(0x18, 0x1, 0x1) r4 = add_key(&(0x7f0000000040)='rxrpc\x00', &(0x7f0000000b00)={'syz', 0x1}, &(0x7f0000000b40), 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r4, 0x0, 0x0) execveat(r2, &(0x7f0000000380)='./file0\x00', &(0x7f0000000700)=[&(0x7f0000000480)='em1\x00', &(0x7f00000004c0)='#]\x00', &(0x7f0000000580)="265c9228236e6f64657600", &(0x7f00000005c0), &(0x7f0000000600)='system\x00', &(0x7f0000000640)="6c6fa800", &(0x7f0000000680)='ip6_vti0\x00', &(0x7f00000006c0)='#eth0!\x00'], &(0x7f00000008c0)=[&(0x7f0000000b40)='/proc/self/net/pfkey\x00', &(0x7f0000000780)='trusted.overlay.redirect\x00', &(0x7f00000007c0)='trusted.overlay.redirect\x00', &(0x7f0000000800)='/proc/self/net/pfkey\x00', &(0x7f0000000840)="6d696d655f74797065b92a3a00", &(0x7f0000000880)='/dev/null\x00'], 0x1400) connect$l2tp(r3, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, &(0x7f0000000b80)=ANY=[@ANYBLOB="0700000000000000000000001a00000000001f0000000000000000710a0000004f65ca4ebf695486625b4591cf3502380f115d8d8fd9f0c4db64936b4457fec939cf1c678bb4b471b1ad34762bafc30d776d2aedfb79d56320abc4166d950b270e57eb88093da262f8d3589b0181101d516380670b63d2c481714773a5094adf"]) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000080), 0x279) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000002dc0)={@mcast1, 0x5, 0x2, 0x0, 0x0, 0xc9d}, 0x20) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000400)={'filter\x00'}, &(0x7f0000000300)=0x78) fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000500)='trusted.overlay.redirect\x00', &(0x7f0000000540)='./file0\x00', 0x8, 0x1) getsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000000)={@rand_addr, @rand_addr}, &(0x7f00000000c0)=0x8) r5 = gettid() fcntl$lock(r2, 0x5, &(0x7f0000000340)={0x2, 0x3, 0xfff, 0x7, r5}) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000900)={{0x4, 0x7, 0x6, 0xa2a, 'syz0\x00', 0x6}, 0x3, 0x1, 0x7, r5, 0x5, 0x4415, 'syz0\x00', &(0x7f00000005c0)=['bdev)\x00', "6c6fa800", 'vmnet1\x00', 'filter\x00', 'bdevproc\x00'], 0x21, [], [0x0, 0x4, 0x8, 0x1]}) openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x3a800, 0x0) ioctl$SCSI_IOCTL_TEST_UNIT_READY(0xffffffffffffffff, 0x2) sendmmsg(r3, &(0x7f0000005fc0), 0x800000000000059, 0x0) 23:02:52 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='trusted.overlay.origin\x00', &(0x7f0000000280)='y\x00', 0x2, 0x1) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="020000200000000057fcf4a44417c2e876c8f44a1a24e8123cf38eef441e84062ce1c324a03aa9c92cd4728dc6c2f4dfbbfa069c33d8928ede30397c3a39cb8ad1e9072d771ab3b6ba3fdcd019d0d56639371aaec16c62fe69913f65775d47485cf64cb86e50144f5b60b41213db56a81d47bc8b1e573b99e1d1dca700000000000000000000000000"], 0x8, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vcs\x00', 0x200, 0x0) name_to_handle_at(r2, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0xcd, 0x1, "a35931c333078d2e18cb1f3a4f3a707a5cee3273a8e0fc4ee34c91fab30c4387966f6bdb80755fb71793f457c758ac174594a6ac98579f0032c5a3b5bf20225e892dd44277951b60811565317bd0d9bd79c07439966f0ce5de41728e438ce6f26803f6425afc0bef61f3937faf672afe00ed8b2c31845aa9c2c7967f090c439429ec6270ccd5f17ffdab04de5379cd3bbc27822226f0074f4546928eea820fbb566fb04a0bed364377667a125e29a62bd77461ad56006c99d8590feba59932a9f3cad084a3"}, &(0x7f0000000440), 0x1000) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) r3 = getuid() msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{0x8000000000000000, 0x0, 0x0, r3}, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x81, r0}) timer_create(0x7, &(0x7f0000000680)={0x0, 0x3c, 0x0, @thr={&(0x7f0000000540)="b6c7cc4af3eb818b042ef9a759a2a9688f22f485393e4031de350951f5f3a33612320e1b754e27d1c8449d63383c7216bf34ad8c12e72fb463e4", &(0x7f0000000580)="0e5d321c763694af8e74e164ec9fe8de94de380e890f6861c84b37cbae1fbbec633b3881a0668469796d9c4d73a5b6e0f65ccff56d6c42c3c5f6d77245e54f62c55378fde0f5da736db51e41368fac4a37f6b31c1299d94c3dcb92dd901295628ae4ee4dcc0dc5f7f98ebdfb66cbd38ec267947ba75c5cbd3270dce3cbc40deb7128aa65d47775c26bf2bd8b85c9b84fe786bbbb53f601934d86d2647e207840488265a5368a3b342f019184813eadd592dd15bbdb1f7c97017239362403c1d1d933a331b2cc475bfe422425b125ae82bced53aac2acab8c657ac518eb2061aa50e504659b115679cdbeef"}}, &(0x7f00000006c0)) getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)) [ 381.976454] FAULT_INJECTION: forcing a failure. [ 381.976454] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 381.996026] CPU: 0 PID: 13992 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 382.003414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.012775] Call Trace: [ 382.012808] dump_stack+0x1c4/0x2b4 [ 382.012836] ? dump_stack_print_info.cold.2+0x52/0x52 [ 382.012873] ? debug_smp_processor_id+0x1c/0x20 [ 382.019065] ? perf_trace_lock_acquire+0x15b/0x800 [ 382.019092] should_fail.cold.4+0xa/0x17 [ 382.019114] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 382.019132] ? graph_lock+0x170/0x170 [ 382.019154] ? graph_lock+0x170/0x170 [ 382.028997] ? percpu_ref_put_many+0x11c/0x260 [ 382.029016] ? lock_downgrade+0x900/0x900 [ 382.029042] ? __lock_is_held+0xb5/0x140 [ 382.038097] ? mousedev_write+0x140/0x840 [ 382.038128] ? ___might_sleep+0x1ed/0x300 [ 382.055358] ? lock_release+0x970/0x970 [ 382.055380] ? arch_local_save_flags+0x40/0x40 [ 382.055397] ? __lock_is_held+0xb5/0x140 [ 382.055421] ? __might_sleep+0x95/0x190 [ 382.055443] __alloc_pages_nodemask+0x34b/0xde0 [ 382.093130] ? lock_downgrade+0x900/0x900 [ 382.097301] ? check_preemption_disabled+0x48/0x200 [ 382.102309] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 382.107309] ? kasan_check_read+0x11/0x20 [ 382.111457] ? graph_lock+0x170/0x170 [ 382.115676] ? rcu_bh_qs+0xc0/0xc0 [ 382.115704] ? check_preemption_disabled+0x48/0x200 [ 382.124276] ? check_preemption_disabled+0x48/0x200 [ 382.129287] ? __lock_is_held+0xb5/0x140 [ 382.133365] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 382.138922] alloc_pages_current+0x10c/0x210 [ 382.143347] __get_free_pages+0xc/0x40 [ 382.147233] mmu_topup_memory_caches+0x1ee/0x390 [ 382.151994] kvm_mmu_load+0x21/0xfa0 [ 382.155710] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 382.160629] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 382.166183] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 382.170788] vcpu_enter_guest+0x3dbe/0x6380 [ 382.175111] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 382.180670] ? check_preemption_disabled+0x48/0x200 [ 382.185680] ? emulator_read_emulated+0x50/0x50 [ 382.190358] ? perf_trace_lock+0x7a0/0x7a0 [ 382.194612] ? vmx_write_tsc_offset+0x680/0x680 [ 382.199314] ? graph_lock+0x170/0x170 [ 382.203119] ? check_preemption_disabled+0x48/0x200 [ 382.208123] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 382.213648] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 382.219180] ? check_preemption_disabled+0x48/0x200 [ 382.224185] ? check_preemption_disabled+0x48/0x200 [ 382.229191] ? __lock_is_held+0xb5/0x140 [ 382.233251] ? lock_acquire+0x1ed/0x520 [ 382.237226] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 382.242244] ? lock_release+0x970/0x970 [ 382.246229] ? kvm_gen_update_masterclock+0x350/0x350 [ 382.251415] ? kvm_arch_dev_ioctl+0x630/0x630 [ 382.255920] ? preempt_notifier_dec+0x20/0x20 [ 382.260440] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 382.265285] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 382.270297] kvm_vcpu_ioctl+0x72b/0x1150 [ 382.274350] ? kvm_vcpu_block+0x1030/0x1030 [ 382.278675] ? find_held_lock+0x36/0x1c0 [ 382.282742] ? __fget+0x4aa/0x740 [ 382.286238] ? check_preemption_disabled+0x48/0x200 [ 382.291272] ? kasan_check_read+0x11/0x20 [ 382.295414] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 382.300688] ? rcu_bh_qs+0xc0/0xc0 [ 382.304240] ? __fget+0x4d1/0x740 [ 382.307686] ? ksys_dup3+0x680/0x680 [ 382.311400] ? find_held_lock+0x36/0x1c0 [ 382.315469] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 382.320404] ? kvm_vcpu_block+0x1030/0x1030 [ 382.324754] do_vfs_ioctl+0x1de/0x1720 [ 382.328848] ? __lock_is_held+0xb5/0x140 [ 382.332920] ? ioctl_preallocate+0x300/0x300 [ 382.337313] ? __fget_light+0x2e9/0x430 [ 382.341291] ? fget_raw+0x20/0x20 [ 382.344739] ? __sb_end_write+0xd9/0x110 [ 382.348803] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 382.354326] ? fput+0x130/0x1a0 [ 382.357592] ? do_syscall_64+0x9a/0x820 [ 382.361573] ? do_syscall_64+0x9a/0x820 [ 382.365587] ? lockdep_hardirqs_on+0x421/0x5c0 [ 382.370171] ? security_file_ioctl+0x94/0xc0 [ 382.374581] ksys_ioctl+0xa9/0xd0 [ 382.378034] __x64_sys_ioctl+0x73/0xb0 [ 382.381920] do_syscall_64+0x1b9/0x820 [ 382.385804] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 382.391158] ? syscall_return_slowpath+0x5e0/0x5e0 [ 382.396083] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.400927] ? trace_hardirqs_on_caller+0x310/0x310 [ 382.405933] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 382.410938] ? prepare_exit_to_usermode+0x291/0x3b0 [ 382.415949] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.420801] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 382.425983] RIP: 0033:0x457569 [ 382.429176] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 382.448101] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 382.455795] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 382.463049] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 382.470304] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 23:02:53 executing program 4 (fault-call:7 fault-nth:50): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 382.477556] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 382.484806] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:53 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000400)='./file0\x00') write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) [ 382.610235] FAULT_INJECTION: forcing a failure. [ 382.610235] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 382.622318] CPU: 1 PID: 14012 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 382.629699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.632604] Dead loop on virtual device ip6_vti0, fix it urgently! [ 382.639054] Call Trace: [ 382.639085] dump_stack+0x1c4/0x2b4 [ 382.639115] ? dump_stack_print_info.cold.2+0x52/0x52 [ 382.639141] ? graph_lock+0x170/0x170 [ 382.660780] should_fail.cold.4+0xa/0x17 [ 382.664866] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 382.669982] ? graph_lock+0x170/0x170 [ 382.673797] ? graph_lock+0x170/0x170 [ 382.677622] ? percpu_ref_put_many+0x11c/0x260 [ 382.682217] ? lock_downgrade+0x900/0x900 [ 382.686374] ? check_preemption_disabled+0x48/0x200 [ 382.691423] ? __lock_is_held+0xb5/0x140 [ 382.695553] ? xfrm_replay_notify+0x490/0x560 [ 382.700092] ? ___might_sleep+0x1ed/0x300 [ 382.704250] ? lock_release+0x970/0x970 [ 382.708237] ? arch_local_save_flags+0x40/0x40 [ 382.712836] ? __lock_is_held+0xb5/0x140 [ 382.716919] ? __might_sleep+0x95/0x190 [ 382.720914] __alloc_pages_nodemask+0x34b/0xde0 [ 382.725604] ? lock_downgrade+0x900/0x900 [ 382.729767] ? check_preemption_disabled+0x48/0x200 [ 382.734797] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 382.739834] ? kasan_check_read+0x11/0x20 [ 382.743992] ? graph_lock+0x170/0x170 [ 382.747806] ? rcu_bh_qs+0xc0/0xc0 [ 382.751361] ? check_preemption_disabled+0x48/0x200 [ 382.756410] ? check_preemption_disabled+0x48/0x200 [ 382.761458] ? __lock_is_held+0xb5/0x140 [ 382.765583] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 382.771151] alloc_pages_current+0x10c/0x210 [ 382.775618] __get_free_pages+0xc/0x40 [ 382.779528] mmu_topup_memory_caches+0x1ee/0x390 [ 382.784325] kvm_mmu_load+0x21/0xfa0 [ 382.788053] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 382.792996] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 382.798545] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 382.803150] vcpu_enter_guest+0x3dbe/0x6380 [ 382.807501] ? emulator_read_emulated+0x50/0x50 [ 382.812196] ? vmx_vcpu_load+0xb06/0x1030 [ 382.816414] ? vmx_write_tsc_offset+0x680/0x680 [ 382.821104] ? graph_lock+0x170/0x170 [ 382.824912] ? lock_downgrade+0x900/0x900 [ 382.829072] ? check_preemption_disabled+0x48/0x200 [ 382.834101] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 382.839669] ? check_preemption_disabled+0x48/0x200 [ 382.844695] ? check_preemption_disabled+0x48/0x200 [ 382.849737] ? __lock_is_held+0xb5/0x140 [ 382.853815] ? lock_acquire+0x1ed/0x520 [ 382.857799] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 382.862839] ? lock_release+0x970/0x970 [ 382.866823] ? kvm_gen_update_masterclock+0x350/0x350 [ 382.872029] ? kvm_arch_dev_ioctl+0x630/0x630 [ 382.876535] ? preempt_notifier_dec+0x20/0x20 [ 382.881059] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 382.885912] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 382.890959] kvm_vcpu_ioctl+0x72b/0x1150 [ 382.895042] ? kvm_vcpu_block+0x1030/0x1030 [ 382.899390] ? find_held_lock+0x36/0x1c0 [ 382.903479] ? __fget+0x4aa/0x740 [ 382.906965] ? check_preemption_disabled+0x48/0x200 [ 382.911997] ? kasan_check_read+0x11/0x20 [ 382.916159] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 382.921449] ? rcu_bh_qs+0xc0/0xc0 [ 382.925022] ? __fget+0x4d1/0x740 [ 382.928497] ? ksys_dup3+0x680/0x680 [ 382.932223] ? find_held_lock+0x36/0x1c0 [ 382.936320] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 382.941273] ? kvm_vcpu_block+0x1030/0x1030 [ 382.945617] do_vfs_ioctl+0x1de/0x1720 [ 382.949519] ? __lock_is_held+0xb5/0x140 [ 382.953608] ? ioctl_preallocate+0x300/0x300 [ 382.958033] ? __fget_light+0x2e9/0x430 [ 382.962020] ? fget_raw+0x20/0x20 [ 382.965493] ? __sb_end_write+0xd9/0x110 [ 382.969576] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 382.975124] ? fput+0x130/0x1a0 [ 382.978422] ? do_syscall_64+0x9a/0x820 [ 382.982412] ? do_syscall_64+0x9a/0x820 [ 382.986490] ? lockdep_hardirqs_on+0x421/0x5c0 [ 382.991092] ? security_file_ioctl+0x94/0xc0 [ 382.995517] ksys_ioctl+0xa9/0xd0 [ 382.998989] __x64_sys_ioctl+0x73/0xb0 [ 383.002890] do_syscall_64+0x1b9/0x820 [ 383.006788] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 383.012166] ? syscall_return_slowpath+0x5e0/0x5e0 [ 383.017103] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.021959] ? trace_hardirqs_on_caller+0x310/0x310 [ 383.026991] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 383.032022] ? prepare_exit_to_usermode+0x291/0x3b0 [ 383.037059] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.041928] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 383.047121] RIP: 0033:0x457569 [ 383.050325] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 383.069230] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 383.076952] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 383.084228] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 383.091501] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 383.098774] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 383.106048] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 383.129159] Dead loop on virtual device ip6_vti0, fix it urgently! 23:02:53 executing program 4 (fault-call:7 fault-nth:51): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 383.157679] Dead loop on virtual device ip6_vti0, fix it urgently! [ 383.184212] FAULT_INJECTION: forcing a failure. [ 383.184212] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 383.199829] Dead loop on virtual device ip6_vti0, fix it urgently! [ 383.208077] CPU: 0 PID: 14018 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 383.215456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.224833] Call Trace: [ 383.227474] dump_stack+0x1c4/0x2b4 [ 383.231131] ? dump_stack_print_info.cold.2+0x52/0x52 [ 383.236393] ? debug_smp_processor_id+0x1c/0x20 [ 383.241075] ? perf_trace_lock_acquire+0x15b/0x800 [ 383.246023] should_fail.cold.4+0xa/0x17 [ 383.250098] ? fault_create_debugfs_attr+0x1f0/0x1f0 23:02:53 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x0, 0x480) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000200)={r3, @in6={{0xa, 0x4e21, 0x5, @remote, 0x4}}, 0x9, 0x4, 0xf2e, 0xf2, 0x20}, &(0x7f00000002c0)=0x98) [ 383.250118] ? graph_lock+0x170/0x170 [ 383.250137] ? graph_lock+0x170/0x170 [ 383.250155] ? percpu_ref_put_many+0x11c/0x260 [ 383.250175] ? lock_downgrade+0x900/0x900 [ 383.271585] ? __lock_is_held+0xb5/0x140 [ 383.275760] ? alps_hw_init_v4+0xa0/0x540 [ 383.279964] ? ___might_sleep+0x1ed/0x300 [ 383.284121] ? lock_release+0x970/0x970 [ 383.288109] ? arch_local_save_flags+0x40/0x40 [ 383.291649] Dead loop on virtual device ip6_vti0, fix it urgently! [ 383.292700] ? __lock_is_held+0xb5/0x140 [ 383.292727] ? __might_sleep+0x95/0x190 [ 383.292752] __alloc_pages_nodemask+0x34b/0xde0 [ 383.292768] ? lock_downgrade+0x900/0x900 [ 383.292789] ? check_preemption_disabled+0x48/0x200 [ 383.310387] Dead loop on virtual device ip6_vti0, fix it urgently! [ 383.311789] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 383.311803] ? kasan_check_read+0x11/0x20 [ 383.311820] ? graph_lock+0x170/0x170 [ 383.311839] ? rcu_bh_qs+0xc0/0xc0 [ 383.311861] ? check_preemption_disabled+0x48/0x200 [ 383.311887] ? check_preemption_disabled+0x48/0x200 [ 383.353841] ? __lock_is_held+0xb5/0x140 [ 383.357956] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 383.363523] alloc_pages_current+0x10c/0x210 [ 383.367964] __get_free_pages+0xc/0x40 [ 383.371865] mmu_topup_memory_caches+0x1ee/0x390 [ 383.376647] kvm_mmu_load+0x21/0xfa0 [ 383.380376] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 383.385370] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 383.390921] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 383.395523] vcpu_enter_guest+0x3dbe/0x6380 [ 383.399856] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.405414] ? check_preemption_disabled+0x48/0x200 [ 383.410453] ? emulator_read_emulated+0x50/0x50 [ 383.415146] ? perf_trace_lock+0x7a0/0x7a0 [ 383.419397] ? vmx_write_tsc_offset+0x680/0x680 [ 383.424079] ? graph_lock+0x170/0x170 [ 383.427896] ? check_preemption_disabled+0x48/0x200 [ 383.432927] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.438495] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.444058] ? check_preemption_disabled+0x48/0x200 [ 383.449088] ? check_preemption_disabled+0x48/0x200 [ 383.454131] ? __lock_is_held+0xb5/0x140 [ 383.458212] ? lock_acquire+0x1ed/0x520 [ 383.462248] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 383.467304] ? lock_release+0x970/0x970 [ 383.471291] ? kvm_gen_update_masterclock+0x350/0x350 [ 383.476494] ? kvm_arch_dev_ioctl+0x630/0x630 [ 383.481004] ? preempt_notifier_dec+0x20/0x20 [ 383.485532] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 383.490395] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 383.495436] kvm_vcpu_ioctl+0x72b/0x1150 [ 383.499555] ? kvm_vcpu_block+0x1030/0x1030 [ 383.503903] ? find_held_lock+0x36/0x1c0 [ 383.507987] ? __fget+0x4aa/0x740 [ 383.511455] ? check_preemption_disabled+0x48/0x200 [ 383.516487] ? kasan_check_read+0x11/0x20 [ 383.520644] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 383.525932] ? rcu_bh_qs+0xc0/0xc0 [ 383.529497] ? __fget+0x4d1/0x740 [ 383.532972] ? ksys_dup3+0x680/0x680 [ 383.536696] ? find_held_lock+0x36/0x1c0 [ 383.540775] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 383.545721] ? kvm_vcpu_block+0x1030/0x1030 [ 383.550056] do_vfs_ioctl+0x1de/0x1720 [ 383.553952] ? __lock_is_held+0xb5/0x140 [ 383.558028] ? ioctl_preallocate+0x300/0x300 [ 383.562444] ? __fget_light+0x2e9/0x430 [ 383.566431] ? fget_raw+0x20/0x20 [ 383.569903] ? __sb_end_write+0xd9/0x110 [ 383.573984] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 383.579554] ? fput+0x130/0x1a0 [ 383.582848] ? do_syscall_64+0x9a/0x820 [ 383.586837] ? do_syscall_64+0x9a/0x820 [ 383.590821] ? lockdep_hardirqs_on+0x421/0x5c0 [ 383.595427] ? security_file_ioctl+0x94/0xc0 [ 383.599865] ksys_ioctl+0xa9/0xd0 [ 383.603336] __x64_sys_ioctl+0x73/0xb0 [ 383.607236] do_syscall_64+0x1b9/0x820 [ 383.611131] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 383.616507] ? syscall_return_slowpath+0x5e0/0x5e0 [ 383.621443] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.626294] ? trace_hardirqs_on_caller+0x310/0x310 [ 383.631320] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 383.636350] ? prepare_exit_to_usermode+0x291/0x3b0 [ 383.641390] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.646254] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 383.651451] RIP: 0033:0x457569 [ 383.654649] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 383.673551] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 383.681282] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 383.688551] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 383.695822] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 383.703091] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 23:02:54 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(r1, 0x0, &(0x7f0000000000)={{0x0, 0x1c9c380}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) [ 383.710361] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 [ 383.723211] Dead loop on virtual device ip6_vti0, fix it urgently! 23:02:54 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047", 0x3b}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000001e008c9f7fc2fb4420f80001"]) ioctl$KVM_ENABLE_CAP_CPU(r3, 0xaea2, &(0x7f00000001c0)) 23:02:54 executing program 4 (fault-call:7 fault-nth:52): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:54 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000400)='./file0\x00') 23:02:54 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000080)={@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x17}}}) r0 = syz_open_procfs(0x0, &(0x7f0000000000)="2f65786500000000000409004bddd9de91be10eeaf000ee9a90f798058439ed554fa07424ada75af1f02ac06edbcd7a071fb35331ce39c5a00000000") socket$inet_sctp(0x2, 0x5, 0x84) fsetxattr(r0, &(0x7f0000000280)=@known='user.syz\x00', &(0x7f00000002c0)='\x00', 0x398, 0x0) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000140)={0x400, 0xf13, 0x6}) add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r1 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000480)='/dev/vsock\x00', 0x5, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000140)=0x6) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000680)=ANY=[@ANYBLOB="010000000067b278ccf0b7caa23e3800000082000040000000000200000000000000cff597a56556d42688aa259cf6604ec2c5f112b145d42a57d14db302fae5cea607c12607b6b96343975e94eba6e1863a9f25ddb1d7c44dc4818fb9f439ebb4f0a1a17c30408542c1703229d6c9237a8ac784470000733738714d6b524507528cb835318bb5641eda598b00ef62f9b5f11baa5483344b259aeee37bd022a877dedc448532266dafe40030a2de03c9307b3579e3f4c4b7616b233b899080368198b0115ef74d9d1380824edd59b2789924fa0fa06bd0f8bc176dc36fd5bb91a264b2110dd293890154ad73fe4275d65d7c17d6d554949abe0d31ab8f17975a09af4b1e945cdeb8af18b1341bcc96ecf0514ba89d7a0c6e0f156a5b73f0adb39673d79447cac5ef4581f14d183ac975dca76e98f1ef"]) ioctl$BLKTRACESTART(r1, 0x1274, 0x0) capset(&(0x7f00000001c0), &(0x7f0000000200)) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@mcast1, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@local}}, &(0x7f0000000400)=0xe8) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000580)='trusted.overlay.origin\x00', &(0x7f00000005c0)='y\x00', 0x2, 0x3) bind$can_raw(0xffffffffffffffff, &(0x7f0000000440)={0x1d, r3}, 0x10) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f00000004c0)={0x2, 0xf13}, 0xfffffffffffffd72) ioctl$BLKTRACESTOP(r1, 0x1275, 0x0) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) r4 = syz_open_dev$mouse(&(0x7f0000000800)='/dev/input/mouse#\x00', 0x6, 0x20000000c0242) r5 = gettid() fcntl$setown(r2, 0x8, r5) r6 = socket(0x9, 0x3, 0x81) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r6, 0x84, 0x73, &(0x7f0000000040)={0x0, 0x7, 0x0, 0x1ff, 0x40}, &(0x7f0000000500)=0x18) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000540)={r7, 0x5, 0x1000}, &(0x7f00000007c0)=0x8) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000640)={&(0x7f0000000840)='./file0\x00', r4}, 0x10) [ 383.933625] FAULT_INJECTION: forcing a failure. [ 383.933625] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 383.961070] CPU: 0 PID: 14037 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 383.968477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.977827] Call Trace: [ 383.977859] dump_stack+0x1c4/0x2b4 [ 383.977895] ? dump_stack_print_info.cold.2+0x52/0x52 [ 383.977919] ? graph_lock+0x170/0x170 [ 383.977951] should_fail.cold.4+0xa/0x17 [ 383.977975] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 383.977994] ? graph_lock+0x170/0x170 [ 383.978012] ? graph_lock+0x170/0x170 [ 383.978034] ? percpu_ref_put_many+0x11c/0x260 [ 384.014533] ? lock_downgrade+0x900/0x900 [ 384.018697] ? check_preemption_disabled+0x48/0x200 [ 384.023736] ? __lock_is_held+0xb5/0x140 [ 384.027821] ? ___might_sleep+0x1ed/0x300 [ 384.031977] ? lock_release+0x970/0x970 [ 384.035966] ? arch_local_save_flags+0x40/0x40 [ 384.040581] ? __lock_is_held+0xb5/0x140 [ 384.044672] ? __might_sleep+0x95/0x190 [ 384.048670] __alloc_pages_nodemask+0x34b/0xde0 [ 384.053352] ? lock_downgrade+0x900/0x900 [ 384.057527] ? check_preemption_disabled+0x48/0x200 [ 384.062615] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 384.067641] ? kasan_check_read+0x11/0x20 [ 384.071806] ? graph_lock+0x170/0x170 [ 384.075616] ? rcu_bh_qs+0xc0/0xc0 [ 384.079160] ? check_preemption_disabled+0x48/0x200 [ 384.084219] ? check_preemption_disabled+0x48/0x200 [ 384.089259] ? __lock_is_held+0xb5/0x140 [ 384.093347] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 384.098906] alloc_pages_current+0x10c/0x210 [ 384.103332] __get_free_pages+0xc/0x40 [ 384.107246] mmu_topup_memory_caches+0x1ee/0x390 [ 384.112025] kvm_mmu_load+0x21/0xfa0 [ 384.115751] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 384.120697] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 384.126243] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 384.130858] vcpu_enter_guest+0x3dbe/0x6380 [ 384.135211] ? emulator_read_emulated+0x50/0x50 [ 384.139907] ? vmx_vcpu_load+0xb06/0x1030 [ 384.144077] ? vmx_write_tsc_offset+0x680/0x680 [ 384.148758] ? graph_lock+0x170/0x170 [ 384.152581] ? lock_downgrade+0x900/0x900 [ 384.156791] ? check_preemption_disabled+0x48/0x200 [ 384.161910] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 384.167459] ? check_preemption_disabled+0x48/0x200 [ 384.172500] ? check_preemption_disabled+0x48/0x200 [ 384.177540] ? __lock_is_held+0xb5/0x140 [ 384.181627] ? lock_acquire+0x1ed/0x520 [ 384.185624] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 384.190656] ? lock_release+0x970/0x970 [ 384.194656] ? kvm_gen_update_masterclock+0x350/0x350 [ 384.200087] ? kvm_arch_dev_ioctl+0x630/0x630 [ 384.204605] ? preempt_notifier_dec+0x20/0x20 [ 384.209128] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 384.214013] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 384.219057] kvm_vcpu_ioctl+0x72b/0x1150 [ 384.223132] ? kvm_vcpu_block+0x1030/0x1030 [ 384.227471] ? find_held_lock+0x36/0x1c0 [ 384.231552] ? __fget+0x4aa/0x740 [ 384.235022] ? check_preemption_disabled+0x48/0x200 [ 384.240086] ? kasan_check_read+0x11/0x20 [ 384.244265] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 384.249555] ? rcu_bh_qs+0xc0/0xc0 [ 384.253150] ? __fget+0x4d1/0x740 [ 384.256630] ? ksys_dup3+0x680/0x680 [ 384.260388] ? find_held_lock+0x36/0x1c0 [ 384.264468] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 384.269417] ? kvm_vcpu_block+0x1030/0x1030 [ 384.273752] do_vfs_ioctl+0x1de/0x1720 [ 384.277714] ? __lock_is_held+0xb5/0x140 [ 384.281812] ? ioctl_preallocate+0x300/0x300 [ 384.286235] ? __fget_light+0x2e9/0x430 [ 384.290222] ? fget_raw+0x20/0x20 [ 384.293703] ? __sb_end_write+0xd9/0x110 [ 384.297802] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 384.303347] ? fput+0x130/0x1a0 [ 384.306641] ? do_syscall_64+0x9a/0x820 [ 384.310636] ? do_syscall_64+0x9a/0x820 [ 384.314642] ? lockdep_hardirqs_on+0x421/0x5c0 [ 384.319253] ? security_file_ioctl+0x94/0xc0 [ 384.323683] ksys_ioctl+0xa9/0xd0 [ 384.327281] __x64_sys_ioctl+0x73/0xb0 [ 384.331177] do_syscall_64+0x1b9/0x820 [ 384.335073] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 384.340476] ? syscall_return_slowpath+0x5e0/0x5e0 [ 384.345418] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.350273] ? trace_hardirqs_on_caller+0x310/0x310 [ 384.355302] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 384.360331] ? prepare_exit_to_usermode+0x291/0x3b0 [ 384.365367] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.370233] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 384.375428] RIP: 0033:0x457569 [ 384.378636] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 384.397542] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 384.405266] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 384.412542] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 384.419814] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 384.427093] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 384.434367] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:55 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)=ANY=[@ANYBLOB="0200000000008084"], 0x8, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000040)=0x4, 0x4) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:55 executing program 4 (fault-call:7 fault-nth:53): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:55 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000080)={@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x17}}}) r0 = syz_open_procfs(0x0, &(0x7f0000000000)="2f65786500000000000409004bddd9de91be10eeaf000ee9a90f798058439ed554fa07424ada75af1f02ac06edbcd7a071fb35331ce39c5a00000000") socket$inet_sctp(0x2, 0x5, 0x84) fsetxattr(r0, &(0x7f0000000280)=@known='user.syz\x00', &(0x7f00000002c0)='\x00', 0x398, 0x0) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000140)={0x400, 0xf13, 0x6}) add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r1 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000480)='/dev/vsock\x00', 0x5, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000140)=0x6) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000680)=ANY=[@ANYBLOB="010000000067b278ccf0b7caa23e3800000082000040000000000200000000000000cff597a56556d42688aa259cf6604ec2c5f112b145d42a57d14db302fae5cea607c12607b6b96343975e94eba6e1863a9f25ddb1d7c44dc4818fb9f439ebb4f0a1a17c30408542c1703229d6c9237a8ac784470000733738714d6b524507528cb835318bb5641eda598b00ef62f9b5f11baa5483344b259aeee37bd022a877dedc448532266dafe40030a2de03c9307b3579e3f4c4b7616b233b899080368198b0115ef74d9d1380824edd59b2789924fa0fa06bd0f8bc176dc36fd5bb91a264b2110dd293890154ad73fe4275d65d7c17d6d554949abe0d31ab8f17975a09af4b1e945cdeb8af18b1341bcc96ecf0514ba89d7a0c6e0f156a5b73f0adb39673d79447cac5ef4581f14d183ac975dca76e98f1ef"]) ioctl$BLKTRACESTART(r1, 0x1274, 0x0) capset(&(0x7f00000001c0), &(0x7f0000000200)) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@mcast1, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@local}}, &(0x7f0000000400)=0xe8) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000580)='trusted.overlay.origin\x00', &(0x7f00000005c0)='y\x00', 0x2, 0x3) bind$can_raw(0xffffffffffffffff, &(0x7f0000000440)={0x1d, r3}, 0x10) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f00000004c0)={0x2, 0xf13}, 0xfffffffffffffd72) ioctl$BLKTRACESTOP(r1, 0x1275, 0x0) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) r4 = syz_open_dev$mouse(&(0x7f0000000800)='/dev/input/mouse#\x00', 0x6, 0x20000000c0242) r5 = gettid() fcntl$setown(r2, 0x8, r5) r6 = socket(0x9, 0x3, 0x81) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r6, 0x84, 0x73, &(0x7f0000000040)={0x0, 0x7, 0x0, 0x1ff, 0x40}, &(0x7f0000000500)=0x18) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000540)={r7, 0x5, 0x1000}, &(0x7f00000007c0)=0x8) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000640)={&(0x7f0000000840)='./file0\x00', r4}, 0x10) 23:02:55 executing program 1: r0 = memfd_create(&(0x7f0000000080)="7b10", 0x3) fcntl$addseals(r0, 0x409, 0x9) io_setup(0x404, &(0x7f0000000180)=0x0) io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="7f", 0x1}]) sendmsg$nl_crypto(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=@delrng={0x10, 0x14, 0x200, 0x70bd2a, 0x25dfdbfc, "", ["", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8000}, 0x4004805) 23:02:55 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_create(0x3, &(0x7f0000000080)={0x0, 0x2e, 0x1, @thr={&(0x7f0000000040)="fa62b7ee78b96445f0c0e09924db187f1b3881e68faabf9b370885", &(0x7f0000000180)="b2ec76dcf41e8edb77e8f4d07c54eb1032e76841934c3819e85d80ce2ad64ef5a8ec69c84b8ae6cfbd32fcb506e7d508efed5a36287011a9398cecdb5cbed4e38c9f885dfa6b7146a62d814aa0dc571dec3c7f5d52ce309a67986f3c798b15b5aba52028692c2456d366a55ab6f0d3131df41054d09bf3416ec5d12f63a96336817b0aca523767aaa07242a1b861d70945d3d2f6c8e2435609dca10c6f552a9ae24636d9ac2e9dae3e71c8fc3175647f9300b599241b98380601637214ca9586b08466bad5d7c8a8cfc0542fb6718f281ec5cf03516a257f90390e109f0f97a853c63f4b7fe09d87bc3945cc405fc298fb21e23b9338d6f0b8d15e47d743d30bb189abfcc0b128db1621aa75196860a07eff523e9b837761c055ece56d173a11af43bc4e279668f5530796b55490ef85a0e2433ef2165dce0866195e11245d311a23b466bc18dab6253c83898eab7bd0442549ea6f3161d459c7223b81e9cb36129ff6e4fdb60805f24528b5e29eb67c3691930c2ab095d37d88ebcda4c97fc2e7290e16d58ebb40aeddcf9c4c7a2b385f48e459a80535ebd776ed09661c7068ab3a06d56352b9db62cbd7ee2f241106c8f0431821c85c12ad15b03bfae33cdc1ae022c79b071fa747a9bbf457c63ad2fc5bf7a5620748972a15c211d34f5560ca0fc748c906ffdd7f573c14e57198fea82a06888707cf2d489f2c005eca28b1f1f1ef5dfd558c6cdf5b661194a36b9a92cb64b963360ad5c3db14b52c2a541bda84b3a5f5b4da375a68174bca477b226683e2b972d595a855327b669241153da19b45fa2d6ad0c114f827faf8350075b0355c354d4bc29a525d45083f65972dbcba023d09fe0cd8bd4e979f8f6df9fd1d7ae0893035cff0637214528b30945e689f5adf96107f5305793df2b579d16eaf415f3786e637f4cc9bb92b5a215db7d7e8a5dec4194bdc1859c18ee6be395ca52b9859a493ed2174d207517945dabdace818ac45461e2f79536f662bcef759d02b34f3628e488e6d19d81e9ebbfdbc4d06254addcab1e80a6db67a72aa589b339d058f2b0c5c08ba2064ac69100b7b44df03b2b725b50d9f109b5e76c24abcb1a78b1378968d936e43ce7bdc29291c1ef88539902cded995180bca27bc5373e0a98805101a336a716878b65b62f0cee8a5ce629a105c51e19bfebcc554da105e84d7d833045b88937340ff3dcc40b2ff5c321ce77627d9bbfdd25e719f05162d0ff99dc1805fcd2eaa3305b6ca7fa841dac80820982b23f7f92868e37bb63541acde4cf6f3df88ba1fd84e1712abeb9264a81b4f619d5d31502547d6d6f1a2dd21d2150f26eea5a33b944377b2f54bfc9b0f9510ac99df669c87e9f02fc1104f40f5425ddb199cb86521132faa90de83df4109811ecff76c3cb52598caf35c04325fce4f12b5885ff8771c97e31304d53a7268e2e4e8bfd3920f94d17b16d46b88f7257b143863224f4b9541b29f659cd46e271a973ed53d2937254216fc2577169ee841d8c409ee5729de197c1c1d82a7f2520b10f8b3c2ae7c5e28f46098f9ee2d5669693da4f00e9b5d87ed06cb024ee1d52ebf713be3fa84d4a2a966d27d64159552f24bebb4cfb2ff89c6bae09be1b5ee529bb8b93545f5fe4c32ece52b24933bddb54180557260baaaf8b858d186a70bb7c6b5f480e119d18317885c21ee9af56712fbf0ba765864ad6e04ae5ddf5edb131cffabf43bda24b070af12c6dc2540cbe09cfd527bef131a858e2ab0a9208b53dd2e1e16f557d78d01194020e216c8f0b9139b9225681046f681ca45a91124e79beecde221865ddbd13fb82f6e9317fccf055c91dbe388daab39c3bd84353c6b9a43b2b792b67763380c7090d1c7d1b66326acee1548d6e03fd34a2c9d607bb2f2c1ce76a4d29c8872174fbb87371d5e6819b2d4265ae66e346fa577fda1e57b1f76ddb58b6c111fd1a9b8738d615a6bbb53df7eb27560feccc585ca039da6c231cce003bf9adabbdc399a8a24e6c50986062a22aefc51603c01d48afa862e4b3907231b542f250e840817dca85fdb0f124e4867c1e0569dc3c988b8530b816c8eecb7ed8dd5ca03b38531bd567d205c72e92d55274091ee2f19f1ec8ee546d9f60394f77ae3d38ed1bacfd78ef6167f3266e83dee446ee938edaba5c9fe662a8e1644ebb86d3fe738985fec17bf204bd64092087664fd0fd01c3c543f03a3c395af6cf919c5d4b89cbc8803b2c693178436fb17d8a6e622f4178f4fd2db49ef855a92e9a43be0a0d49cd77c8c6baf8d677b20c7edc1697f9c76ed892df019024627ed44e3ba2b628508db2e6f221cf9b482992d0121aec4be36468ce1b57bf2aa919009b6d7b877faf23d9c69ebdf7e873abb382c9db356d7fabb427c76f2d60139c8d89f0c2445c0d5fac3b851ef9789def732b7b1b61315500a65be7d8d9a804e3242eb9683ff049647eccee95d74b779a186a08c5e90be9421127244cfbc142c1f734b258dc3db14451580cac2fb1a77590757348ecb47298b567f9aaddd3426e7ca56bfc88672940e993fbf6578267ed0bb441c1aaeebe6f53e4af2d23d4a8234cee39b156ebfe3e3197a7fce83609201e7e82ddf5946c66c32233d197046a34cf16eaf33e73b353871669acc020221edb751b581d6229fe1818db1534a7c355d424d4b9d3abf55a65b1c45ece907a3b9c8286b94d79b48c55f63ac8eb63d663a2be47885e6d02fc71754b36bdf18567fa6518db8f74a451edafde49dd14055b0600ac826256e26b543799ad55aefb30dee32857b58b5664cf7659dcd0e0e6793839fc9d187bccdc398c618e949ee60cce4b84c944fc589614a8a74ac8f40987c60207a473bc9581e45f9384d55c23f4ecd6f9d86c9c4af9f3f9bae16fc033e92ad367c4313d45e0533b65aa9bf2b7c8ea8aaad5d8c50fa4d62a4c12bf464dd6b5d910e20ce341da44bbc6b4f452778d85c0f74894487b0cf72fec058c587f4897ccbbbbcb113169efb283abc4cd72ee13b35dd996cd5e6da016fccc55a18470da524919cb96f818bf940aefc298b0f3ed4a74a5b6e57fba9e55fc0088198739dd38dfc243093244c7726f7c413ed397d12d1ca9a79fe5f7e9af39da2f039aa3f23e1312d8c9422c1ab46ac72044d601c9e227448c39c5cb0e333939c1c81dcf8f0a95ee700619094bc1a81968191a79495a44d8d8fbe035aa44d420a93da7f6983bc70c48f410226ca3669f333c9fbd0a9fed4d11e36849b9abceb0e4f8e8a17edda94e2479ebe7357908b469fdbfa704a5fec8f5863dfc3c3b144f52a0d5ebf7a3e2ead612297e71b4b0235e26d06640ce9ef9fde62553016908b27637246eb24829c376459cdc6503cc1bc733ce1fbe0b05a8703da9f6d1d95d517f173bef838fbfd630c01e3801ac0d545ebd8e90351c13f4087a065bfd6ec13eb46acc0dd216fbcb91a513a1424652e4469149a5b85006d566af700566fb540670ab6392aecc204b2d5af36d0e434bf9fa512266291d863084f2b76a34e5c99f7ee3aaaa36ae9bfae071842b7cd291f7ca3bf3ba4205c3e35834926eff868a838d4e7cbd2780d29335dbf861aae58b92122ea5a25ba1074680ed560dd23aed33b33897a5cdb7225fa3f45ecc714359145fd039c79497355ed97adebb6d8f45d9a54066f7e0f1330744c2626788adc9a8de38ada4277c6d37d72eb83e2718ff891767bea678486312a6837809b294fdee1eaa2c1145bc10865fb14f80c62ff52bdbfb1cf8e325df46d5c62e0d323773f95436d0166a3e55889b3074e4625dbebcaa9c944469460e10d75a444b17b413b5913bf841dec95f90141cb21ac12e4bdf3cb5e9d162741bd1e6a8096fb7fa9728c3e39987560c95c7187bc893740b1fa19b8ed1fcb8723741d78d0b66fe4fd58c383fe787f4ab5442d0603c227168d31a114175c0e311d806fc9a7959e15ef2cbb250d65dea443a8a331bc3d200e4bfaaa5bcd2a7e07ec3d01fd31960b23d021d88894a6187e4fbae8969bf5cffba7d1aec7d9fb8c23a85b564e2842a7d05a8bdf2bfc9b04235ca0c0334f80cbc6cce62e6862f35dffe88a63bf75114e18db822b5b724c936659585060edd21b58145d2d6f75baafeeefa44f04ba884f9ded45f198ba2219ee1eed4cd03b25a484676c6aa3a12d7ca5d292baac4bee6a922810ce38b02d50308400c070cad45b4107699fcb5aaaa89f88cd5e5a0e9271e9d4a0302fac5a7ec681c9c1f909edb39154c16300fd32d0705d2d68726b3da3f716f6e6f2a1f0718dc664fcbddd908d5bf8e99f6f44db9aef076e5f7e4117e68c45d29bb6ae73e20f9f74eb67cafd0554555736725f3751a1a9f67e53688d2255cdeba0bc812fbc566af48d2c73d5e567bcc71012323710023dfec201d853c3f81b23756e037e1ce961dedea075173a0f79935fc6f7cf13114d90fe7fb96a2e237fee0918c388ae6e735199381f5234fdec16b6b4d5ce27058b5397954cb5e650ea5a5b310cef042244dd3cfdef716144fb8899f80739312d1e933972f7b3b0801ef550f47de4a542784f04a5302d60fa8ab986492217b2d762ae68f7f066fdaa20e854428c6e0569a8eec973531bf4703b9160e2ff3b8cdcbaee2523d9dd112bd1ea04d10263d6b6c8e7e070c0b1627fe3e0a0af36e885d26fd4d9a1018e0cce9751fc5ef361c830e808af2ba0ed2aca4a389df953c49a24cdbede6bfdc67cafc7e296700ad4971bfd1a7d3add9fced34fe6a48ddb4db7dfcb876c5ee3e3b9e2c07f4b0e8bb282c5476b05c5c3006a512abc388dcb12b03a6ad1a88536142d2a3b34b96c2cd67357baf0c2babcda787a1e2949d643418f9aac744ecacf2a75051ec49e4a5aee4c77c074e9338b1cb08e219821352c9812ac7d9b2c643f9742bcd0dab496930c5c8ecddec689f2c27a7d674c5eb3e8dbe38dcddc0f7ab77e463b7cb515f895b67d0b2fb20f56c90cbf12084e58c9fc3c5df50ef7f284fba3b9e2b52d2a1b041829abc907be61497e6179983b8da5ff7e08a84882932c5e2a438a8fb21850dc871909d22f44a4755dd01438361d56099b0150fd4763bdbd11d6fe6b7b684a53d28b1bed8eb7e859b057d1712be293a2db45f549668ce9778197e4c935d9457e4ddb7d43c8444aef703fb2cc60ef8fe925a18934a6ea46dca98daf23c572e600ad214fae553872833c69838272a719a47e771c4d38442a48df2f4666bee6cb06ff98fa8f39a1c19fb49232cc2ed7d1816bf18a758275c2874f15ccb2970624b44982748b5b3ca17c7aa7bb4f2fa1ab65a71ea91fcc5d80f421e5f96b7065213b974957de67152eccec7c3252336aeac7bdbc085ec7485c0bb05ca96d647f64b8005ea2d24af5e2f55de8b46a4f2632543646483e037ab515f9fe806ee8300a8aa4c181f84d28c35abf24cd4416fc3b678e5f7bb83b27350a7308f1fc8c78aac50f05a93fc6bab6d9b2821290cc5d6786dfaf460a13b191c56adc29bc75fde5f778910edd29d64d9ada007bc569e40f2e041f4a521d6946d9fb3fd603c8bfe2f0b1558991e3d28a340774d7e7c0bfc6ab9bd2ef0d8dc1363800ec306518e2b1ee3c9a7537ca7321ca16b27f2d0a4cc219bdde6481fc9785a5599752b2183c6283033138f67b4739c2f1a04088ea24d1366484ec4533e172b6a9a5e3f0099ccd82d8fed89ae2871a5a6c9c0423b546a862ca31f5cb2c32e45942f19af7f07dc4d913347c7d48fbd479bc3f7e418e9aacfdcaaddc3efeaf34793719b88f1fe6b93eb0c41426058d6d788f76"}}, &(0x7f0000001180)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) sched_setscheduler(r0, 0x0, &(0x7f0000000000)=0x3ff) 23:02:55 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000400)='./file0\x00') [ 385.025676] FAULT_INJECTION: forcing a failure. [ 385.025676] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 385.039582] CPU: 0 PID: 14071 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 385.046972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.046979] Call Trace: [ 385.047014] dump_stack+0x1c4/0x2b4 [ 385.047048] ? dump_stack_print_info.cold.2+0x52/0x52 [ 385.067813] ? debug_smp_processor_id+0x1c/0x20 [ 385.067832] ? perf_trace_lock_acquire+0x15b/0x800 [ 385.067871] should_fail.cold.4+0xa/0x17 [ 385.067915] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 385.067949] ? graph_lock+0x170/0x170 [ 385.067969] ? graph_lock+0x170/0x170 [ 385.067988] ? percpu_ref_put_many+0x11c/0x260 [ 385.068007] ? lock_downgrade+0x900/0x900 [ 385.077640] ? __lock_is_held+0xb5/0x140 [ 385.077674] ? ___might_sleep+0x1ed/0x300 [ 385.077689] ? lock_release+0x970/0x970 [ 385.077708] ? arch_local_save_flags+0x40/0x40 [ 385.077726] ? __lock_is_held+0xb5/0x140 [ 385.077752] ? __might_sleep+0x95/0x190 [ 385.127990] __alloc_pages_nodemask+0x34b/0xde0 [ 385.132675] ? lock_downgrade+0x900/0x900 [ 385.136833] ? check_preemption_disabled+0x48/0x200 [ 385.141853] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 385.146865] ? kasan_check_read+0x11/0x20 [ 385.151003] ? graph_lock+0x170/0x170 [ 385.154793] ? rcu_bh_qs+0xc0/0xc0 [ 385.158330] ? check_preemption_disabled+0x48/0x200 [ 385.163331] ? check_preemption_disabled+0x48/0x200 [ 385.168340] ? __lock_is_held+0xb5/0x140 [ 385.172441] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 385.178005] alloc_pages_current+0x10c/0x210 [ 385.182414] __get_free_pages+0xc/0x40 [ 385.186298] mmu_topup_memory_caches+0x1ee/0x390 [ 385.191045] kvm_mmu_load+0x21/0xfa0 [ 385.194758] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 385.199701] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 385.205360] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 385.209965] vcpu_enter_guest+0x3dbe/0x6380 [ 385.214285] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 385.219844] ? check_preemption_disabled+0x48/0x200 [ 385.224851] ? emulator_read_emulated+0x50/0x50 [ 385.229529] ? perf_trace_lock+0x7a0/0x7a0 [ 385.233803] ? vmx_write_tsc_offset+0x680/0x680 [ 385.238475] ? graph_lock+0x170/0x170 [ 385.242262] ? check_preemption_disabled+0x48/0x200 [ 385.247269] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 385.252811] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 385.258335] ? check_preemption_disabled+0x48/0x200 [ 385.263355] ? check_preemption_disabled+0x48/0x200 [ 385.268363] ? __lock_is_held+0xb5/0x140 [ 385.272416] ? lock_acquire+0x1ed/0x520 [ 385.276381] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 385.281400] ? lock_release+0x970/0x970 [ 385.285391] ? kvm_gen_update_masterclock+0x350/0x350 [ 385.290580] ? kvm_arch_dev_ioctl+0x630/0x630 [ 385.295113] ? preempt_notifier_dec+0x20/0x20 [ 385.299649] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 385.304477] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 385.309492] kvm_vcpu_ioctl+0x72b/0x1150 [ 385.313545] ? kvm_vcpu_block+0x1030/0x1030 [ 385.317876] ? find_held_lock+0x36/0x1c0 [ 385.321947] ? __fget+0x4aa/0x740 [ 385.325393] ? check_preemption_disabled+0x48/0x200 [ 385.330437] ? kasan_check_read+0x11/0x20 [ 385.334575] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 385.339852] ? rcu_bh_qs+0xc0/0xc0 [ 385.343392] ? __fget+0x4d1/0x740 [ 385.346877] ? ksys_dup3+0x680/0x680 [ 385.350620] ? find_held_lock+0x36/0x1c0 [ 385.354676] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 385.359611] ? kvm_vcpu_block+0x1030/0x1030 [ 385.363922] do_vfs_ioctl+0x1de/0x1720 [ 385.367858] ? __lock_is_held+0xb5/0x140 [ 385.371943] ? ioctl_preallocate+0x300/0x300 [ 385.376438] ? __fget_light+0x2e9/0x430 [ 385.380403] ? fget_raw+0x20/0x20 [ 385.383853] ? __sb_end_write+0xd9/0x110 [ 385.387913] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 385.393444] ? fput+0x130/0x1a0 [ 385.396714] ? do_syscall_64+0x9a/0x820 [ 385.400678] ? do_syscall_64+0x9a/0x820 [ 385.404644] ? lockdep_hardirqs_on+0x421/0x5c0 [ 385.409218] ? security_file_ioctl+0x94/0xc0 [ 385.413624] ksys_ioctl+0xa9/0xd0 [ 385.417069] __x64_sys_ioctl+0x73/0xb0 [ 385.420956] do_syscall_64+0x1b9/0x820 [ 385.424834] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 385.430185] ? syscall_return_slowpath+0x5e0/0x5e0 [ 385.435100] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.439946] ? trace_hardirqs_on_caller+0x310/0x310 [ 385.444983] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 385.450016] ? prepare_exit_to_usermode+0x291/0x3b0 [ 385.455041] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.459906] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 385.465109] RIP: 0033:0x457569 [ 385.468369] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 385.487291] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 385.495012] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 385.502283] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 385.509562] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 385.516835] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 23:02:56 executing program 5: r0 = accept4$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @local}, &(0x7f0000000100)=0x10, 0x80800) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000240)={0x0, 0x7}, &(0x7f0000000280)=0x8) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000002c0)={r1, @in={{0x2, 0x4e23, @loopback}}}, 0x84) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000380)={r1, @in6={{0xa, 0x4e21, 0x1, @local, 0x4}}, 0x20, 0x3ff}, &(0x7f0000000440)=0x90) r3 = accept4$alg(r2, 0x0, 0x0, 0x0) sendmmsg(r3, &(0x7f0000000000)=[{{&(0x7f00005fafe4)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f00008e3fb8), 0xc1}}, {{&(0x7f0000000140)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000632000)}}], 0x2, 0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000080)) [ 385.524106] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:56 executing program 4 (fault-call:7 fault-nth:54): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:56 executing program 5: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000000)={0x0, 0x0}) close(r0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/user\x00') ioctl$sock_FIOSETOWN(r0, 0xb703, &(0x7f0000000440)) ioctl$TIOCCONS(r0, 0x541d) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040)) 23:02:56 executing program 1: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r1 = request_key(&(0x7f00000000c0)='.request_key_auth\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)='}keyring\\posix_acl_access\x00', 0xfffffffffffffffe) keyctl$link(0x8, r0, r1) r2 = socket$rds(0x15, 0x5, 0x0) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000200)=0x0) r4 = getpid() rt_tgsigqueueinfo(r3, r4, 0x3b, &(0x7f0000000240)={0x34, 0xc6d4, 0x3, 0x240000}) sendmmsg(r2, &(0x7f0000000800)=[{{&(0x7f0000000280)=@pptp={0x18, 0x2, {0x1, @multicast1}}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000300)="e136ad319d88b6f989426de694a7905367fd1b7a675d37a8a2f5593616163439b3b91aa3838c6d1ac30c1afaf5d58800b0ef7f5b95dd5ef3b1820b59b27f9d9924469a0f47aaa6820dcb9db86136f89876431740297250fba5be21a5f4dc88b0c09ff99e3352bf658fc06ae6391189161c2879311fc3e751fc5683df42d0035848f089c209dc354ad7349b8bb83e10", 0x8f}, {&(0x7f00000003c0)="5ce6df20bab666a977325dc1574404ee365f330368d120af3b7448b6e5", 0x1d}, {&(0x7f0000000400)="c4c75f4d8642d1c4edba8433526d200317fe43f39fec577ca881013db670a19f9145abe6367aa5f2ea7bae14b96ce5ad721dcb7063d5e46801e0a517b8d2523ce21cdb1a", 0x44}, {&(0x7f0000000480)="bf4b1353a72726c0400b1250998aaf1c27fd7add8a1ee1b02b832bf1b816954a47b04f04c71dd24d56f1a2ba092b73e772ee778dffccdccc2860f4cb8888f67844d857683ee49b8ee16071c51e74a99ddf8086f2a840d16b1cc77b06ef724b42152af4c940f91b36ef3070973d1a496a39e02a8a56c78099dcbbc9f7357c8175f76953719853eb79cb08ba67ae259313b71d70cba8f330521ac68c8dd2eeddb4ffbb4d4e44680e79595d4e638e144d8c931bcfdd3a14d1f621338c56a9a10af15e8c536a840fd706e1c128235e59969744d94319b579aa40ff6f562a34a6986427d04ae2897cfb97af841f981c2f5f8531521099", 0xf4}, {&(0x7f0000000580)="b9bf9f2bb1efbdbc1115a0439067685a735fd419f6a10ac3456f071d66fbbdd7ca04cec86d1ac260999d243924a49d53fa0b6948c5dff065c4deff9aed0b43a0dce6ea5cf413cecc005d83441e4ca815ee9093c88ac41d2be6b7792c1e0da40f47", 0x61}, {&(0x7f0000000600)="b03c9187cddc81a5c5cf382207184e6403bce9fb8eaffbbe9b5a936019516998cecee5bd3ec36ff740bf8f7a39b4803e56644f40", 0x34}, {&(0x7f0000000640)="5f28f99804daf9269d97c6a2d6151f10d0ef68421776ed290e363455fba852b81c8347ddde51909987c1b489ba0cad390fac65ebd571f0bf66de160f30cb5b44c664f39b2b008013e1eb0baf56ec1b231c141d0dc19ac9c17933607e7ecdffb38988f3d98218f395643f52d29508fd63b0d1f123954ff01fd32f19c1de6b4c89e8f976ced09e372734677ce3db8833298b50b868dddbe10312bb0d0719dd421e2576da153ef38b51142efc599658ae59adafa677284d4e03b6cd58e9b335023d295cd71efb51d0ad6ee36f9212ea32cacdd44633644f528ec6cd3becadafcb565f2fe4b0e94d8b44401c195134433efeff85", 0xf2}], 0x7, &(0x7f00000007c0)=[{0x20, 0x119, 0x1858000000000, "9c5ba399a84bc6de5bc88566e7"}], 0x20, 0x20040004}, 0x5}], 0x1, 0x4) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f00000001c0)=0x10) setsockopt$RDS_RECVERR(r2, 0x114, 0xa, &(0x7f0000000080), 0x4) 23:02:56 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) [ 385.693370] FAULT_INJECTION: forcing a failure. [ 385.693370] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 385.727153] CPU: 0 PID: 14090 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 385.734553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.734562] Call Trace: [ 385.734592] dump_stack+0x1c4/0x2b4 [ 385.734650] ? dump_stack_print_info.cold.2+0x52/0x52 [ 385.750190] ? graph_lock+0x170/0x170 [ 385.750220] should_fail.cold.4+0xa/0x17 [ 385.750242] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 385.750260] ? graph_lock+0x170/0x170 [ 385.750277] ? graph_lock+0x170/0x170 [ 385.750297] ? percpu_ref_put_many+0x11c/0x260 [ 385.780567] ? lock_downgrade+0x900/0x900 [ 385.784744] ? check_preemption_disabled+0x48/0x200 [ 385.789791] ? __lock_is_held+0xb5/0x140 [ 385.793942] ? alloc_dax+0x450/0x650 [ 385.797686] ? ___might_sleep+0x1ed/0x300 [ 385.801839] ? lock_release+0x970/0x970 [ 385.805827] ? arch_local_save_flags+0x40/0x40 [ 385.810425] ? __lock_is_held+0xb5/0x140 [ 385.814509] ? __might_sleep+0x95/0x190 [ 385.818506] __alloc_pages_nodemask+0x34b/0xde0 [ 385.823199] ? lock_downgrade+0x900/0x900 [ 385.827362] ? check_preemption_disabled+0x48/0x200 [ 385.832410] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 385.837434] ? kasan_check_read+0x11/0x20 [ 385.841593] ? graph_lock+0x170/0x170 [ 385.845415] ? rcu_bh_qs+0xc0/0xc0 [ 385.848973] ? check_preemption_disabled+0x48/0x200 [ 385.854001] ? check_preemption_disabled+0x48/0x200 [ 385.859047] ? __lock_is_held+0xb5/0x140 [ 385.863139] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 385.868695] alloc_pages_current+0x10c/0x210 [ 385.873123] __get_free_pages+0xc/0x40 [ 385.877022] mmu_topup_memory_caches+0x1ee/0x390 [ 385.881830] kvm_mmu_load+0x21/0xfa0 [ 385.885571] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 385.890541] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 385.896089] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 385.900696] vcpu_enter_guest+0x3dbe/0x6380 [ 385.905045] ? emulator_read_emulated+0x50/0x50 [ 385.909734] ? vmx_vcpu_load+0xb06/0x1030 [ 385.913905] ? vmx_write_tsc_offset+0x680/0x680 [ 385.918587] ? graph_lock+0x170/0x170 [ 385.922405] ? lock_downgrade+0x900/0x900 [ 385.926561] ? check_preemption_disabled+0x48/0x200 [ 385.931593] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 385.937152] ? check_preemption_disabled+0x48/0x200 [ 385.942175] ? check_preemption_disabled+0x48/0x200 [ 385.947217] ? __lock_is_held+0xb5/0x140 [ 385.951297] ? lock_acquire+0x1ed/0x520 [ 385.955284] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 385.960321] ? lock_release+0x970/0x970 [ 385.964309] ? kvm_gen_update_masterclock+0x350/0x350 [ 385.969510] ? kvm_arch_dev_ioctl+0x630/0x630 [ 385.974014] ? preempt_notifier_dec+0x20/0x20 [ 385.978540] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 385.983391] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 385.988443] kvm_vcpu_ioctl+0x72b/0x1150 [ 385.992552] ? kvm_vcpu_block+0x1030/0x1030 [ 385.996909] ? find_held_lock+0x36/0x1c0 [ 386.000992] ? __fget+0x4aa/0x740 [ 386.004460] ? check_preemption_disabled+0x48/0x200 [ 386.009536] ? kasan_check_read+0x11/0x20 [ 386.013699] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 386.018985] ? rcu_bh_qs+0xc0/0xc0 [ 386.022553] ? __fget+0x4d1/0x740 [ 386.026048] ? ksys_dup3+0x680/0x680 [ 386.029774] ? find_held_lock+0x36/0x1c0 [ 386.033856] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 386.038813] ? kvm_vcpu_block+0x1030/0x1030 [ 386.043150] do_vfs_ioctl+0x1de/0x1720 [ 386.047051] ? __lock_is_held+0xb5/0x140 [ 386.051130] ? ioctl_preallocate+0x300/0x300 [ 386.055578] ? __fget_light+0x2e9/0x430 [ 386.059629] ? fget_raw+0x20/0x20 [ 386.063096] ? __sb_end_write+0xd9/0x110 [ 386.067188] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 386.072749] ? fput+0x130/0x1a0 [ 386.076042] ? do_syscall_64+0x9a/0x820 [ 386.080027] ? do_syscall_64+0x9a/0x820 [ 386.084013] ? lockdep_hardirqs_on+0x421/0x5c0 [ 386.088641] ? security_file_ioctl+0x94/0xc0 [ 386.093066] ksys_ioctl+0xa9/0xd0 [ 386.096565] __x64_sys_ioctl+0x73/0xb0 [ 386.100477] do_syscall_64+0x1b9/0x820 [ 386.104379] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 386.109768] ? syscall_return_slowpath+0x5e0/0x5e0 [ 386.114740] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.119606] ? trace_hardirqs_on_caller+0x310/0x310 [ 386.124639] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 386.129668] ? prepare_exit_to_usermode+0x291/0x3b0 [ 386.134708] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.139574] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 386.144781] RIP: 0033:0x457569 [ 386.147987] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 386.166898] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 386.174628] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 386.181905] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 23:02:56 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uinput\x00', 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000580)='/dev/hwrng\x00', 0x40000, 0x0) ioctl$SNDRV_SEQ_IOCTL_PVERSION(0xffffffffffffffff, 0x80045300, &(0x7f00000005c0)) write$nbd(r1, &(0x7f0000000300)={0x67446698, 0x1, 0x1, 0x3, 0x1, "083a7b90119ec30d0a8cefc4074d60db61564f4c213d337d884c01cef10153db7641f8f254a05e2923cd40ebe5c219b7827c757dd124b23cf89ff46d084dd4b160604b92c0127a2062764341c963a9dc4b382d4662a56b40ad8c01aff2d5aced77aae9305d5bdfc7abbef38c410830e8ed7ab5a58b14fac8d545ce90c431915b26eaa40fed33d881f14f31c9911dfe681e1afbe08f9b854bd3057a04cd38abf4b6d3091f0d7f161242d9ec0ac85909c7a167e7376fc6432ab3725a499f228aec36623310e409427fff920568411cdba25c6f1b284d933d1c373b6bd2b15240c682a26bebe7a50e470c92e2dbf1de7c643719ceffaa99"}, 0x106) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000280)={{}, 'syz0\x00', 0x22}) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000000480)=[{&(0x7f00000001c0)=""/190, 0xbe}, {&(0x7f0000000100)=""/48, 0x30}], 0x2, &(0x7f00000004c0)=""/98, 0x62}, 0x10000) r2 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x4, 0x0) dup3(r0, r2, 0x0) 23:02:56 executing program 0: r0 = gettid() timer_create(0x7, &(0x7f0000044000)={0x0, 0x12, 0xffffffffffffffff}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x2) r2 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x6000) ioctl$BLKREPORTZONE(r2, 0xc0101282, &(0x7f0000000200)={0x0, 0x1, 0x0, [{0x0, 0x8000, 0x7, 0xffffffff, 0x6, 0x7, 0x4}]}) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="02000000000000053f058c5d22cfd615afdeb77b3643abb1f64dbbe16d9eea63f367e913a8e84af06fb9675ccc218d5d1b029901f66e0c1acb07c50f0db9de6bc4d0e9d3a0cf50ed125bb5214b2d57d2e354d4f2c73a34e8ae0eadead56628dd84879608c4836d7df6da7d04c0b1449a7354ba5d8fa3130200d6"], 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7ad, 0x4000) ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000040)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:56 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x4, 0x5, 0xe, 0x9, 0x0, 0xffffffffffffffff, 0x12}, 0x20) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0xb) r0 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x1000000000002, 0x0) unshare(0x40000000) r1 = dup(0xffffffffffffffff) write$P9_ROPEN(r1, &(0x7f00000003c0)={0x4a7fea505d93c5f2, 0x71, 0xffffffffffffffff, {{0x1, 0x2, 0x3}, 0x81}}, 0x18) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000028fc8)={0x0, 0x0, &(0x7f0000019000), 0x0, &(0x7f0000000040)}, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f00001fefe4)={0xa, 0x4e20}, 0x1c) listen(0xffffffffffffffff, 0x20000) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(0xffffffffffffffff, 0xc0045520, &(0x7f0000000300)=0x2) r2 = socket$inet6(0xa, 0x5, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000001080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f00000010c0)=ANY=[@ANYBLOB="00010010acfb6cb6479dae6f3b3a14441915d033d6cd62d856c5f1b60a22e5a3edc600fc2d193c151593a5c2d3f88df120efd0e8857ad99cc8ddd9c4fd67f692a8d3d4396d6251a530f080d33a6132020e7d857eb64262f3dd51567f6ac7ef6010d176d49b102d34db49eacd70de681ec0af095f802d08c9dc2de3a05803f469b6e853755b72b31f4b2c7d80e9981ff00b41afe4e1cc46e11ea969843b5c944fa4cd2fed539a429e0b25a09e512e18dfc6dd210775124eb382d5a9ce99ec78d5462eda1f6b49cc25bc6a7fcfc08be5745cba78a88544bf6da98ecdf108845d20610dc603ed6c7f614c225ddcd9364dfcf1f3e944383979e3dfeabbcd8f53911f61d3e3954d7f384d28f05a0e3738ce26389f19d18cb694a905b044efc60222dd7d703df273b643f280f16f358b33979c8291720cd0ac4534d6eee1f80cb607f8b78104b2572fd9b2d2b9b4c9776694114cb1b2cff8d30ba096313c115cbb996c6d49c8af966766dbbc3e414538ae7294addb62a537b04b159bb2e9bdd794bc8cd8da50167a12954ef67632b9238fae9bd8af4e39c280fb77aa6a22f2515da70335370080c2677cbc6aab191381e712d4222ae5406675943e09000000000000004f21a9febb2ba0381eddce87888aa4193184ce3d2f94844416515720a37db43c6714ad74d257d7034b04647cca45b38edad4378b7a98982d1bf737f7aa6abe9065907fff35f243f76f737ee0042a83144bed718d1ce16f0f6e4240ec7be3b2bde9bf4c190117b3278b3f9890e1417445b8ac442def976fc4190986fc68665347ab5b55d8f3b95c6ebf6997a61c83e733d528020507cd58e07be75eca658a523e45a0774c71ffb282bd7d9e7cf840bca0adf54c671d52605badd78fbf73c561a94174bdb66485dc7ca8c3d59153af5e2ccf3a2f201a22576fade8bc9c13252c672b3e5c538360b581bbb6b7c3245a5a0ec02b83db704823a599ff805193a970881b9f2f2b6e34d36b58812a2cc4f47d66017d268a7cf35b0285f929afe3b4cf1694d141b8c36dc07d16f88e411938f5adb488a0d95f95575b09c18a25bd36a353bc958825c34a856d8797f51283a6c6cc19c82fcc7d00ca43250cdcd7e9072bd810f35f643c9a1e63d4cfc885ace98d418adbc8d0772179c0ee8e2d0510428e96a294867b7beb8862c3aaf4ad5d41bf75d446ea0278eba969121a2f5154b617de69acd78ee35f3ad32e06f7f94c73145f0e8f038235677a6e4f7c22bfb0f154bfebc0ae10e3807fffbad4f1cdbaa83b05a89b4f8a398173bd5d3d5e805b1b056a068217e099b296b52b6e09227de090a7b4bc5ea33c9a18edf0cdff496a4c1e29ff16994f0563324e05f5fe0754e9661fa9452372d977c3e8fa0caebc6efb3cc113eaf498baa0b53918cc0a50bfbba9ab5a5e3a3986229e60c6a2f87d97baf5bed6a3a1c6c80988eb34b881414a2800bafc677512089b9d398099a717855220b3bbc4a39aa0c9a27096324e12623c715c2d1e7c303097dd197801331049a2205cb03491a507a60d8305fb4df77909c69d3e5e85ce9a3ef13a0b5118e2ad9333036c43b969e27d162c7e5d07a1df7098864cfad077683b85fc7c8a2d3a3a38eff811cb79c2ce4f6891217608625840d2963330785a551170166e7feefa53b699a158ef47abe003000000000000000237895139573fe39eb9640d0be9f08047451afaf202ff1b880c189f738b7ce7e6455ee6a0c48e9c6d8084ae60a3d597feaaf6fd5286982f8fdc49c577b57192ff4fec203fba2fc8dbbbd8908879f30d5ccfcfd8c2897896daa6fe16475dae345adf5018e464cc4aa37ad00fda5181c19cbca92b858215413409d10decf22841b21615fe3021c621c12b4e71e95a4bd9f5172c9e8abb59525de81945e005a3db61050f829fc6fc41911a1a56c0023bbf79d8afd8c016d9c9395cfb81affa16f7c183147eb7599fb2250bc4d7cc771f1be05ffd03bfe5d8865356548a9fc78a0be16597905d511524cad30ce1d08c5c9fd12c4c3b132c6de842f2c097897b8647491c517e2ee0a13629c83b9f1e71e86b0505366495a753aafd75386695f65ce0717f6f0dd094c2323c6d3ca6301f94b0a80f1c6c3b59a02d5e7dd20352924dddc019a34d398623f7118c9769556e372054e15e90e64699aaf7d39d0397cc1590c8fa53877683de67b1346a307cf17fc60de291b8f23865ef4ef75b8c041c04debba861237d73290025b980c277645f61d6e97704e5be7a84667d3971104a20eed173aee6944992fcf424b023cdcc3a5b5ca250388259c264b6a423b5f3f982d566905e02f873d19e6dd4fdc52320914845d3e650ef1386bd2f563c5bb4e6f0204ef0a89f231c950c17f95dfa9823cc8558d9dea056fb8f73a998f8c69d247c788155630531cd46fe2b2d4bd20a97adb8b4dadf6f1799b1a1abd43daeb6f9e44febfcc116b52d9c06a03076241aee72993f3f6e538eb91f23c04487ce2718d39d258a7d40d3da6197ef05b97f33dbba479b811416745c41d9f9bdd28dd067f782822671f214ec0e13c421bb8fc67703f29bc39df22f8a2b3f1bb8fe778f35814e20c6670a579278af40b2697f2b40d0d7b101a0df6ae936b876e627eb694de17b942d3a60736a9469bb54815b7d4ff4e7dbc9f7d3d4b5973c0ede1313180e60674c7fa709c6e5617660c16e549e9edb14adde63ecf42c8439330fd21447e6cce558bfc5066ec88ed110190ea4f3648e95280bb8ec2a008d0ff96f153fe5387a8f335b7c6ff2f5313f3d003bfe2d8b685b7e67523c218ec4ef2d4d0ec91085688c9af548e0d20e9c2c8438c4adba686469b31bb56753a7cb77fcee4436ced29643ff532c140c75774be34eb31b73a617d85932fa3845dcd2ace794d69441845c9e339990464e1418b121d56a3df46557e45702162164832fa2f766eec1e66d62fcecc79c16457c5b293d9300b45570d1fe2fd34fed44ec5a400dc8604b93b57b839537ffcae0eb63958e92d29d94d75842cea2d4f2c1daafda75f8147afa8ca44c12abcaf1eb461e65e8f63e9656255a1bd33f4259ea75c4a4c21729b24f84430ec9ade5500c8d6b1ac3147892f5b7ea9aa548a8efd870d6ee9158e761247ced796317a6550d093a975bd0dba0ddd72ab6f3c5b27ae327d0e430a0e36b840dc7e64da60b6250a4c90df28e4eb459c7a27397a9e4272ce2de6484be7a35661ce9382c06d272e4071bde8bd316d50be35dc9a13ea1efa3e0dd898b60c17345abda36fe4a08d63ffd47f9689c1d9681f321025e8487793b3c53f6c8e237d4424f9f8c86bc304e6b3d5d4ff84fc710408730d168ed358dcf2020a7a2db8fdd77c0eff6557d520a8d9aa0a658f181b97ef385589f438c01d1a48956c518bd11b64cd5d0d1042323128842b9320870c3baadf62377527ca2a2ece6fecfcb70cef9405b1291b9662ec2386f3f38f0528926b918acc91e2e40ce5b8253f58d0b4b66ab4e27a9845bbc07e6d03e3a1100f02709de64d92486faf3abe44f443934c795095c729dbfaa0b39a82d3facbf71f48493b2ba4adc3c346e0991f30e809e48246f066de215710add2ca2c49dff4eae91e38bdc2e5e4510721f054969f32e953c5e207f58662dcf3cb2aaed0ff3ed5b688e8cad449a778c0e03aa0261cc06d0b2375a75aa29fc84677f7221c85e2537286e64ac02fd08149dc47058872c04b0df967fd5050cbe0bd2abf3cc8e36b2231efc1c8e2aee0e9958a2b352c72d5cbfade44b69afa15aae6654d32b4e2b077ff724afd1bc98a03a688ee36cf6c60825192b7ef4534ba269e78f47270b982cbc62aebcdfa8c8b93167640c5cb2ddaa2454ef91e536d9540f2c31f110e5bd05a023bfed1cca7e761d96b7c146364e8bfb7dcc55f110a41671401111cd4682d08aedef2530b1e0189580fd4cf056d572c078c8a17b672f2d48c2d9235407871293ff0e09acb58b05497ab41a331d8461722a7e0900000000000000b6611945940b6c661513440be010f60d96da8ef35e71692f75da5450fdc731d7119d91b0805f9854aaf21e8e51286746e4f7e042948b5312a791b2d570ec1bb8a2fb2b9e0110713c602113a7fb61ebaf347e2d4faaf8cff9321ad833c54d96a09b1befe5c4ddb2cfe7a9ee361a96eab94a9b0d860049ce97b1358eece60b77c5dddcbbbed749ac49fce6e288d871890736ea039a75a37c51a5115cfad247cb080b654e34972918da473028c3da25b4b688b728a3d9e1edf88fbe20eda188a5d971f44ea71246a874f0cd448c46b85e270fe098b651c9cb4802b6ea180edbcdd73d85e1a85f987a90756b9a9670fba4442c18e112d2793e4e36b33010470c304bf254441d75887b08e3361379cea7fefefcfa9b4d0c2915c9d8b3d2ef161ab9244c4299ffe7e3c41beac0b690856bd0c2cb201e2ff8a4ce9ec18d0790992f54090a81f62ef1256fdeeed5eff7e5e20b21010cef59333e6fb4bcb98841763813959d43721aab12877ca676b54fc0d40010a2fde7f5b676140d4591d2eabb81165cdb12fa32bd29b8335cb333960183cfe71e6408c06fb6e02c1f02f3a094ab1c7cd4c420b5be949f99e0d0006a942be97f5ad393abf3450d6344f6d28371407987e1d6e32f22d1059cca4b56c1280916894567ba57cc2c26694318e6f62d47a54e1b79c472b3788827aa7fa3497640da34ef628bcdb4870b75ab44eea69d2d965412e10cb3f6382b6b0031a62ddec4f29129a2d018f255d0f9f3da29eb0fb90fcb437d6bd8f9183af98a93eb8496170614a2180cc25faba79751f0e4d94744f31736a730c2f8b3d84a77180cd913e36e3d270657a11b8300000000c700c468526c45aa702b36d08c1442fc36fac7b217f1ac62de33ae68544ecbbfff6320241322c8fa53bb558ebe103b5fc4f588a3831c3c72e349020ad003f3414e33aaee027f5b50fb0113caae8e8dd1b3b903c5b72bcb859a4ab85788a614f40c322dec1a5bfac423ef5ce379f169b6d259383dcc9fcff365002691a1e1ffffff4bccf1577f357d8f52b5ef67ef051e9983a452eb157e4b3f8224fab4e58ece3c9e6e1f135a54b54d7db6bbeda0eec7ea8ceed32ed3b735e6e0d1b517c066459d3d7f20e24936c8f063face35a3421af1e4a2a2c6516e558bf54a78a43af0201331e860df7e8b710cf8e57aaa0047ea8b7b885f190a5ed6c382457be01c248701e15b784a47fd8cbd1e675eac7b6a7d379af0db820b9091ed092b1db40536da5d88288afaffb91ddfa18ba4803695823e51dc8a24e940e517513475505a7db6049057e0075c78122f39aa2bd6a661ee3cb2f0931d51d252fc4d3b095928d3d83935f6f4b8bf0f2a0e50e96ba24c88389adfbf2a88f7320dbca45742fec75d86bb997719efc8256f04edf26eb699dfd6898b1cc2745efe089c50a6f7633fc7b528039adee97b556774b15c211464f4f72658c3486556ae7a6fc5608f42c2603d9f184e81de7afd9ae7a49c655706145000000000000000000000"], 0x1) setsockopt$inet6_buf(r2, 0x29, 0x40, &(0x7f0000000f9b), 0x0) ioctl$SCSI_IOCTL_STOP_UNIT(r3, 0x6) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f00000005c0)={"fb69a99762b320f9069a9ba801fc99e91a10a9ce9c2c5b8e8c8639999b0c9ebe03b660143691b1082ad3757d061d19bcdf15ab8ce6c7398d87d51b0179652c7a3a9123cc09642db39c7771587d3aaf62cb5e06dc15e3a0cda89b364413c025752ce3283cbf88825facde7dd8335820656a45f35538d0a3e0f9a930130dfb8146548e4ca51251b9610a009eeb293c87c53bb9c6177cbf2b298cf4bff1b17460b95260ec35628f9d9fb43caf927e118401b3373ed716805ce2c105d3b0dd490770e96b1211d28110f4faec63574c1d839cf7cec799286103fe696062450916a1208e630588d17617c1ca5e55a8727c74a2786e4e9c1d22a5f0c9e65fd819e71f3ae07b8a82f4d8d1d7e47428ccfa4e4438bd08f3c9f2318d68d8a4ef0698e9c284096454ec757ac3a92ab7bac24e01bc4413430486e2e97764097b4f805af8f63403aff559db40ee2ec947777e1baac29ea893577dd166d76d283bc89abd520da60eeedb149e39f30edfd311ec58693aa47c3819e24600f7e7f0d10a0c61e0ab3dc280e8047a0e0ec24b6698d39af27d6a956060695dbfc84c89c382daa339f17f50eade330b87df23a62f868d7e13427f48d0b618b9de8fca05c4ef47eb26b923887cb99be47cbecf6218d62d23afa4789d125b9f5a2c426033713e9b2e5f47d69ec15330ccbd859a62cbbbf61f5f1c4c80e32ccea120cfdc76aba579760720eb8e3b2d6d99e83d7a869f41dcb9f00824c256880b54fef53d53adc03e116ac8fd27f28d7d232094f2cdb77603c33d4119058837165b19b4a67affc2f7c2ce4a8000dd498090f3dc1153a226866a1cc5cc8770523dd0a22310e2d19ed8dad8febe08522bb931f160dd07c4e3c997573c27b7b7bd7741fac78094186dadf8f6283d5bdd4d4f74f80922bb664f102a7a9d8b526e0ccecbb49c959866681139c66db8fcb82d69ce8a7265c4fb1bff14539bbddd57c6f317ac5587bedc739a4da4886f63700c76a13b3d3ba8839c22a00b8c24697cd2f26c875cb878922be429a4f5f806eab76df1138e4d61d25d68d7b525829065d9d0f0f7e6128f21bd6c6a80186fad6d188e5e3fc08319253e248afb08d322cd1243edf6cbfe8059501e25c160f18fd5685a8d64f3f029b6040c5b9507bfcbef8bb6df271ffe532ffc801a645ed07c0b11098d73db7f04cfa734743770c3ee4e7966a336e3a5f7b27b406d8957a54711f24716a27a07850b9d98261e11bbc7fc1b1eeabf593982f7ca7cb359db458c0ca432f204a3f2374fdbbbafb43b3b8060632f39eb5c139d0ae6aa0920afa03a47c8e80fbae365dd10e584bcfc65154b5336fed0a5f79ba08c95d95222f9a9acb86b652c0bba345bd0c8cb03874805a87c53537699232e0db390fd034c484ea451804d007a4aa81e1166c5d7a70e8b596753142db9601710e3ac01a1c93476"}) sendto$inet6(r4, &(0x7f0000000100), 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400)={0xffffffffffffffff}, 0x13f, 0x1009}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(0xffffffffffffffff, &(0x7f0000000480)={0x15, 0x110, 0xfa00, {r5, 0x3, 0x0, 0x0, 0x0, @ib={0x1b, 0x8, 0xa1, {"d0fda24b6d61078df1a7a8bd55d8ddc6"}, 0x18, 0xd2d6e28, 0x5}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x21}}}}, 0x118) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(0xffffffffffffffff, 0x28, 0x2, &(0x7f0000000040)=0x800, 0x8) r6 = creat(&(0x7f0000000080)='./file0\x00', 0xf) write$eventfd(0xffffffffffffffff, &(0x7f0000000200), 0x8) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4068aea3, &(0x7f0000000180)={0x7b, 0x0, [0x4, 0xffffffff, 0x5, 0x1]}) ioctl$sock_inet_SIOCSARP(r6, 0x8955, &(0x7f0000000240)={{0x2, 0x4e21, @multicast1}, {0x306, @random="fbdf6e1f027b"}, 0x46, {0x2, 0x4e22, @multicast2}, 'bpq0\x00'}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000140)=0x14) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(0xffffffffffffffff, 0x800455d1, &(0x7f00000000c0)) perf_event_open$cgroup(&(0x7f0000000340)={0x0, 0x70, 0x8, 0x5, 0x0, 0x9, 0x0, 0x9, 0x1000, 0x4, 0x0, 0x3, 0x9ec6, 0x1, 0x2, 0x9, 0x5, 0x85, 0xffffffff00000000, 0x79c, 0xfffffffffffffff7, 0x1f, 0xf93, 0x0, 0x1f, 0x1, 0x136, 0x3, 0x2, 0xe77, 0x5, 0x2, 0x3, 0x9, 0x8000, 0xffffffff, 0x9, 0x527, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000002c0), 0x1}, 0x0, 0x0, 0xfffffffffffffffc, 0x4, 0x75b, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x9) [ 386.189208] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 386.196701] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 386.203977] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:57 executing program 3: r0 = gettid() r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x9, 0x20000) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) [ 386.296662] IPVS: ftp: loaded support on port[0] = 21 23:02:57 executing program 4 (fault-call:7 fault-nth:55): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:57 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000001400)={&(0x7f0000000580)=ANY=[@ANYBLOB="38010000100001050000000000000000ff020000000000000000000000000001ff02000000030000000000010000000000400000050000000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe800000000000000000000000000000000000006c000000ac1414000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000480003006465666c61746500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xfd49}}, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) ioctl$RTC_WKALM_SET(r1, 0x4028700f, &(0x7f00000000c0)={0x0, 0x0, {0x39, 0x32, 0x5, 0x8, 0x7, 0x6, 0x3, 0x15e, 0x1}}) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100), 0x10) 23:02:57 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) [ 386.441234] FAULT_INJECTION: forcing a failure. [ 386.441234] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 386.472948] CPU: 1 PID: 14122 Comm: syz-executor4 Not tainted 4.19.0-rc8+ #286 [ 386.480337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.489706] Call Trace: [ 386.492316] dump_stack+0x1c4/0x2b4 [ 386.495987] ? dump_stack_print_info.cold.2+0x52/0x52 [ 386.501203] ? graph_lock+0x170/0x170 [ 386.505037] should_fail.cold.4+0xa/0x17 [ 386.505061] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 386.505080] ? graph_lock+0x170/0x170 [ 386.505105] ? graph_lock+0x170/0x170 [ 386.505121] ? percpu_ref_put_many+0x11c/0x260 [ 386.505136] ? lock_downgrade+0x900/0x900 [ 386.505153] ? check_preemption_disabled+0x48/0x200 [ 386.535823] ? __lock_is_held+0xb5/0x140 [ 386.539937] ? ___might_sleep+0x1ed/0x300 [ 386.544109] ? lock_release+0x970/0x970 [ 386.548096] ? arch_local_save_flags+0x40/0x40 [ 386.552696] ? __lock_is_held+0xb5/0x140 [ 386.556807] ? __might_sleep+0x95/0x190 [ 386.560816] __alloc_pages_nodemask+0x34b/0xde0 [ 386.565500] ? lock_downgrade+0x900/0x900 [ 386.569660] ? check_preemption_disabled+0x48/0x200 [ 386.574692] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 386.579715] ? kasan_check_read+0x11/0x20 [ 386.583888] ? graph_lock+0x170/0x170 [ 386.587718] ? rcu_bh_qs+0xc0/0xc0 [ 386.591274] ? check_preemption_disabled+0x48/0x200 [ 386.596306] ? check_preemption_disabled+0x48/0x200 [ 386.601348] ? __lock_is_held+0xb5/0x140 [ 386.605480] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 386.611039] alloc_pages_current+0x10c/0x210 [ 386.615465] __get_free_pages+0xc/0x40 [ 386.619386] mmu_topup_memory_caches+0x1ee/0x390 [ 386.624160] kvm_mmu_load+0x21/0xfa0 [ 386.627887] ? vmx_get_nmi_mask.part.77+0xf2/0x130 [ 386.632836] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 386.638394] ? vmx_clear_hlt.isra.37+0xa8/0xd0 [ 386.643012] vcpu_enter_guest+0x3dbe/0x6380 [ 386.647363] ? emulator_read_emulated+0x50/0x50 [ 386.652059] ? vmx_vcpu_load+0xb06/0x1030 [ 386.656230] ? vmx_write_tsc_offset+0x680/0x680 [ 386.660916] ? graph_lock+0x170/0x170 [ 386.664725] ? lock_downgrade+0x900/0x900 [ 386.668882] ? check_preemption_disabled+0x48/0x200 [ 386.673920] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.679472] ? check_preemption_disabled+0x48/0x200 [ 386.684502] ? check_preemption_disabled+0x48/0x200 [ 386.689548] ? __lock_is_held+0xb5/0x140 [ 386.693633] ? lock_acquire+0x1ed/0x520 [ 386.697628] ? kvm_arch_vcpu_ioctl_run+0x234/0x16e0 [ 386.702663] ? lock_release+0x970/0x970 [ 386.706651] ? kvm_gen_update_masterclock+0x350/0x350 [ 386.711857] ? kvm_arch_dev_ioctl+0x630/0x630 [ 386.716365] ? preempt_notifier_dec+0x20/0x20 [ 386.720894] kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 386.725749] ? kvm_arch_vcpu_ioctl_run+0x375/0x16e0 [ 386.730802] kvm_vcpu_ioctl+0x72b/0x1150 [ 386.734885] ? kvm_vcpu_block+0x1030/0x1030 [ 386.739225] ? find_held_lock+0x36/0x1c0 [ 386.743315] ? __fget+0x4aa/0x740 [ 386.746784] ? check_preemption_disabled+0x48/0x200 [ 386.751819] ? kasan_check_read+0x11/0x20 [ 386.755981] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 386.761270] ? rcu_bh_qs+0xc0/0xc0 [ 386.764838] ? __fget+0x4d1/0x740 [ 386.768313] ? ksys_dup3+0x680/0x680 [ 386.772036] ? find_held_lock+0x36/0x1c0 [ 386.776118] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 386.781073] ? kvm_vcpu_block+0x1030/0x1030 [ 386.785439] do_vfs_ioctl+0x1de/0x1720 [ 386.789369] ? __lock_is_held+0xb5/0x140 [ 386.793492] ? ioctl_preallocate+0x300/0x300 [ 386.797929] ? __fget_light+0x2e9/0x430 [ 386.801917] ? fget_raw+0x20/0x20 [ 386.805388] ? __sb_end_write+0xd9/0x110 [ 386.809481] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 386.815027] ? fput+0x130/0x1a0 [ 386.818317] ? do_syscall_64+0x9a/0x820 [ 386.822317] ? do_syscall_64+0x9a/0x820 [ 386.826305] ? lockdep_hardirqs_on+0x421/0x5c0 [ 386.830903] ? security_file_ioctl+0x94/0xc0 [ 386.835332] ksys_ioctl+0xa9/0xd0 [ 386.838836] __x64_sys_ioctl+0x73/0xb0 [ 386.842755] do_syscall_64+0x1b9/0x820 [ 386.846657] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 386.852037] ? syscall_return_slowpath+0x5e0/0x5e0 [ 386.856977] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.861837] ? trace_hardirqs_on_caller+0x310/0x310 [ 386.866875] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 386.871905] ? prepare_exit_to_usermode+0x291/0x3b0 [ 386.876946] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.881825] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 386.887060] RIP: 0033:0x457569 [ 386.890262] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 386.909169] RSP: 002b:00007f3ba50f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 386.916891] RAX: ffffffffffffffda RBX: 00007f3ba50f6c90 RCX: 0000000000457569 [ 386.924163] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 386.931439] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 23:02:57 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) [ 386.938728] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ba50f76d4 [ 386.946021] R13: 00000000004c0027 R14: 00000000004d0108 R15: 0000000000000006 23:02:57 executing program 4 (fault-call:7 fault-nth:56): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:57 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f00000000c0), 0x12) [ 387.165376] IPVS: ftp: loaded support on port[0] = 21 23:02:57 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(r1, 0x0, &(0x7f000006b000)={{0x0, 0x1c9c380}, {0x0, 0x9}}, &(0x7f0000000000)) tkill(r0, 0x1000000000016) 23:02:58 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:02:58 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:02:59 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f0000000200)=0xc) lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000240)=@v3={0x3000000, [{0x8, 0x1}, {0x1, 0x1000}], r2}, 0x18, 0x1) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:02:59 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f00000000c0), 0x12) 23:02:59 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xc020660b, 0x0) 23:02:59 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:02:59 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{r1, r2+30000000}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:02:59 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4020940d, 0x0) 23:03:00 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f00000000c0), 0x12) 23:03:00 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f00000000c0), 0x12) 23:03:00 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000200)=""/28, 0x1c) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000000)={0xbf, @time={0x0, 0x1c9c380}}) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc0105303, &(0x7f0000000340)={0x0, 0x0, 0x0, "717565756531000000000000001f00"}) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc0105303, &(0x7f00000002c0)) r2 = gettid() ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{}, {0x0, 0x1c9c380}}, &(0x7f0000000180)) tkill(r2, 0x1000000000013) dup3(r0, r0, 0x80000) 23:03:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xc0189436, 0x0) 23:03:00 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:00 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0xf, 0x4, @thr={&(0x7f0000000000)="208b3a03ea0329f272ef68c784fd17c6a73f2df56c9b3552a0fbaea0b44ff39c4f63026b84f287dadc3c3961c147515397f2c99db6bc7d21347f72fd468bf426f261c5717c01d37e1555ae1eb218d2a0361381d63cff9659f4dad680b7eb1e67f577f8524bfd05924f0f117524d66652abf6", &(0x7f0000000080)="e122e50caebfc5527f055c0a1d7044d483ffa7c21275045008a83f90a117ec"}}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:03:00 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0) 23:03:00 executing program 5: io_setup(0x200000000003, &(0x7f0000000240)=0x0) r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000280)='/dev/md0\x00', 0x0, 0x0) close(r1) r2 = signalfd(0xffffffffffffffff, &(0x7f0000000200), 0x8) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000b40)=""/4096, 0x1000}], 0x1) io_submit(r0, 0x1, &(0x7f0000000b00)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) signalfd(r2, &(0x7f00000000c0), 0x8) fcntl$setstatus(r2, 0x4, 0x4000) 23:03:00 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:02 executing program 3: r0 = gettid() timer_create(0x7, &(0x7f00000002c0)={0x0, 0x17, 0x0, @thr={&(0x7f0000000040)="364416a00f58fbdaa90bced4e9201a23d01e3248bf614e1604", &(0x7f0000000180)="0f94e0dd9566449e0a9bd02820ea8b286db0b7efe136c895bb91c4a44131b446c2cbd3aa1b467481393482b37608aaad601bf1bf2820b8745128ca465344ec1d556d8b184a30fcf4ad6d172011daa49dc5726acd0eceb24e08660637dde0bd3b0622433479efb84ee4688060703f8f691fd5aae45a228fef7d64d0657790e15e232fb251b516cabe4e4303d5459016d089059d161c824229f54de16cbc07d9581548c9ffeb87e97fdd8c6067a7c7"}}, &(0x7f0000000080)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x501442) perf_event_open(&(0x7f0000000300)={0x2, 0x70, 0x3f, 0x8000, 0x2, 0xce1, 0x0, 0x0, 0x220, 0x2, 0x100, 0x36, 0x7, 0x7, 0x3f6, 0x2, 0x81, 0x8000, 0x735, 0x401, 0x3, 0x9, 0x7, 0x3, 0x7ff, 0x0, 0x6, 0x1, 0x4, 0x2, 0x0, 0x10001, 0x6, 0x6, 0x8, 0x8, 0x4, 0x3, 0x0, 0x101, 0x5, @perf_config_ext={0x7}, 0x0, 0x3d, 0xa23, 0x7, 0x3, 0x100000000, 0x10000}, r0, 0x6, r1, 0x8) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/loop-control\x00', 0x102, 0x0) 23:03:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xc018ae85, 0x0) 23:03:02 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:02 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:02 executing program 5: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) r1 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x44b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x400}, r0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000380), 0xffffffffffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000380), 0x0, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000040)) getsockname$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs, &(0x7f00000001c0)=0x6e) signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) tee(r2, r1, 0xff, 0xb) shmget$private(0x0, 0x4000, 0x2, &(0x7f0000ffb000/0x4000)=nil) ioctl$UI_SET_SWBIT(0xffffffffffffffff, 0x8108551b, 0x0) 23:03:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x5450, 0x0) 23:03:03 executing program 5: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) r1 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x44b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x400}, r0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000380), 0xffffffffffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000380), 0x0, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000040)) getsockname$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs, &(0x7f00000001c0)=0x6e) signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0) tee(r2, r1, 0xff, 0xb) shmget$private(0x0, 0x4000, 0x2, &(0x7f0000ffb000/0x4000)=nil) ioctl$UI_SET_SWBIT(0xffffffffffffffff, 0x8108551b, 0x0) 23:03:03 executing program 5: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000600)={{0x1}, 0x0, 0x6, 0x2, {0x9, 0x6}, 0x3, 0x3}) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4068aea3, &(0x7f0000000040)={0x7b, 0x0, [0x1, 0x1, 0x1, 0xfff]}) syz_open_dev$sndpcmp(&(0x7f00000005c0)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffff7, 0x24000) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r0, 0x4008ae48, &(0x7f0000000180)=0x2000) r2 = socket(0xa, 0x1, 0x0) clone(0x28000800, 0x0, 0xfffffffffffffffe, &(0x7f0000000200), 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000540)=@filter={'filter\x00', 0x2, 0x1, 0x1a8, [0x0, 0x20000180, 0x200001b0, 0x200001e0], 0x0, &(0x7f00000000c0), &(0x7f0000000240)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000000000000000dfff0000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000001500000000000000000073797a5f74756e00000000000000000079616d30000000000000000000000000626f6e645f736c6176655f310000000073697430000000000000000000000000aaaaaaaaaa000000000000000188c20000000000000000000000e8000000e8000000180100006c696d69740000000000000000009722611a681755000000000010000104000000000000000000000080814158e66bef334d489cadaf8a0000000000000000000000000000003830325f330000000000000000000000000000000000000000000000000000000800000000000000000000000000000041554449540000b827d85034bb5ec6a3000000000000000000000000000000000000242ce08c5a6d598e84ef7f33b31430ef0d38f72b6b9e7ce2f3fc17e446d70039cb928ed0f85e65ed386167086a4dd1cf997736f61e8a9d2570ba6dfb9155d5a7c53d716ac353929c68fa9ea1f5f5dfaa8f86ac9baf8daa8bf24055c7c48791bdf5c39502944a50c66500000000000000000000000000000000247eb3007a137ab098d309720897c01369decbc31be74f0bf2851f28505146405c4f0aff446345cf2bb802461b3577c7632a2dc740695ba25278df801718d4346d350ff3897408da168b848db42f531d10e0724d46e098143fee0839b1dd72dfbd6a6560ab62477568a5fb675ff8240b91e47f215c401cb8c467fff29e777b549d6481fbdbd38b2c8a94b449a32cf69e5744912d392715dfca"]}, 0x322) setsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f00000001c0)=0xac3, 0x2) setsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f0000000500)=0x7fffffff, 0x2) [ 392.586197] kernel msg: ebtables bug: please report to author: Wrong len argument [ 392.602733] kernel msg: ebtables bug: please report to author: Wrong len argument 23:03:03 executing program 0: r0 = gettid() r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="28f8ab17e3664e85f2b5bf519da14441be6b6211f5e0b4f78c24ebeb629e628a87eb966763c61c396e43c255911c113dd63f3ba88eb9241626d58a7db48d5a0a852940d24715a6fa1badddf0fcf089d6fdb1c132044a"], 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1002000000019) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:03:03 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x8090ae81, 0x0) 23:03:03 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:03 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:06 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000000000000408f5030ba73ec9e4f990564c30e5ecd80f681793df394cfe0e24a4748b7759c1b0b70c79f6656a49e6bdf729bfe523adc730df7144e1743a1fd17b5706e4dac30abd4cef9a91dfdc9"], 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x8000, 0x0) ioctl$SG_GET_SCSI_ID(r2, 0x2276, &(0x7f0000000240)) ioctl$IOC_PR_RELEASE(r2, 0x401070ca, &(0x7f0000000200)={0xb6e, 0x0, 0x1}) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:03:06 executing program 3: r0 = gettid() timer_create(0xb, &(0x7f0000044000)={0x0, 0x8, 0x1}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) clone(0x0, &(0x7f0000000180)="fd16a3805e580ffc9281e807bc3ed20ccee2448c1770b288dcf87a7b350a906dafd1fb37a673bafb9c808b636fb86a11919b56d4873af869a8730a8ce6591dcb921a63731a6d0179fec26dd282ed9befa1f50358c6d13c0ca6049e8e416c83323d4ecfe1847423149d551287b1490b568442fe590bf9bb171befda53c509f73a1d157748864f507b8b966ad3a5b33db2fcafe1b9cd4ce578d5208a3716e443b33e4fb63f9e4d7d0ddcb89da64ccbfd60eac9eb0092edaff3798bdbf783938f5b179c3596351d3a", &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000280)="f5bf43b7d62a1dd33172234fed25a91ec803f0a1f6a4ed59caecc2a260a6b65a30f317be59681c0d21b392112a0ce049b636f675a75987d3eb1afd4692068f8a1f739bfa2a8fc6f045cfb28c76aef926d01f863908901062d0ee7d48cf78b0d51767e37dc6ed0be1c0edd4311ddb2f3f0c103e96998b85eba1759dc463217ea6de8839e8645413385cf8359f37755ce1ff5e849840509ad1ab25e8698117abed29295d7e3174db0b576870944705ea21e5f306bd8c3fa66733425a6fbf59be2ed877ed0209b0514ee2bcaf074d8df03884092bc4059d86d1bf125d2e849fbcb58993dccfb74c280e1c3e6899ebe0b670a9f8a3e0445215bd9bf1944ca5010a91aad1944f64d40a3ab5b4b42374e63f343e031e2e27252a5beaf7f93b741e04b081bd063935f20ec0e71f7a97d7869311180273c1d5af15af99853da087512afd4730f0707a8b3deff7988769956b260a3dc1793c125fa91c915293e2e8b309410e98bc14de985b119d88d04772c942fc266abdf48aade259a46e0e0a8274d0a09f593b66127d763d48cbc8a145a895b954b85036fe08d471916bf4c720207c181fd16a537b84ddb2425eadc562fc93e1f7b9970c502dab817e11630d14d26959da4f059858e2132ea12bac03e3c9e5a588f5437f1c6c236cbbe435adc9bb5f72261ff8cdb909f64da2fb1f0333222dfd210cc6191d872ead83405205eefd6867bab54f272342ab21b65708af3c7f55d09aa20cb164db1c9189062f40b9dfbae4e77bb61ade09def7a7d06fcf5bfe551a95c4704588eb32ac0d642d564f742ddfdc16635d8bc1b0a79c4878b62c6249ae90d78b080cb021730c320fb12428461cca81794f672f33db8eb5a2800792d2d245ff39b2b9ccf225fe5f2b31ee292373ef3e28175ca6ba040c377f381663bd86d796cee3c09951615845125ba8d532b42cefb27ac5c5f81a4044f76b761a464d38a50b72e48be7ada0c0a67c3d12d2aa49db375dfa5b0e6c6f534380e84412756a18e69e23deceb4a33ff00f246170c42dc1dda7d32fa58064f1836d22269c5ed0abb8381e53dba2728b65a11ade1057277f8bf88ef8928515f4d4990bd91f4e5bc072db66c9aadf6310c7c808faae2d4788a41562b62aff4d390d7ccdaa183eed1340bcb764da9d0a04fef46f18b4deae71932791b1fa4eea76fe183706e5d6d87ff7a7b0a17e4c9931951eb836f3f4802526f0dd17ead627c1558498635c8520e8afa074918a1dd287f1169f0b42538f4c386fa5c78dda4478f602b7813a3c7563fffdc77155538949d8068a416005b7c706496efd8948f9dfafa8c6cedf7076a52cc4da6fe18a6dd326e01e7f5b55e6f5baea0b3f9d843670071946800ff91507cfc10adcb5b3da7d5ec5f5b9e4b1cea67ff81c991b16806ce135b8b91bc47c7df7dcb0a8a137eb59b9a38e9f3fbc303bfe33bdfc051d002050c79daebf0811be8bdb253a7a11967902e86c7432fa9e6059cbbd7af74b0a1013aa92eea036238a07c1828622e6e383e6d7372d1c3e5ee6e0fac5adb17d98290732179c16d6eb748ab1aec05e7e8e3d7ced169f6e9f8c27a71ae95cc234a3a1e1d29d0d078e968cd78acbfaa874dc56010f6353474400d6028da9538932ed42574c15f526d718ff91c05bd7739a3f71cf4677e5611753d8c18bbe7719f29c02000469d3eff1dc42d013f98f70967a0991d3d00deba9f1eff594f30d4a6f400f542e72f052a05420a874b6fe649ce461a1f5426af3ff373d1e2c68c5e0c1eb59b67429b33fbc489d893f926dfb745c92c7890aeb6e48b42ef8bda1a9c3e17be3c42fbed5ec77623baee3bfa4a9a6dea69d8eda705908e3481c853734a6e965daf9ea2d7eea9d1284ff7da98b2f9b8bfa20380c02b3cef70132dbf0280686d767f108fed48bede9161eff4da04f2408feca221027f43d55766d19aa4145747362d787c636edc960fe020ee4943b26456a69eacd4c3a4f163ba23940f6faf5adead3cfb97b9235574192baf284f19336ec36c665c9d4d448ab27227256265e113d8a064d5cbc39974a80712c3cc3b2243220b83b5cc76f160332ad2ae3669857d08d29362d920b91a1906a257e2b1df73125f43ab544e1ec8c8f4d3b43d9a914db6459777da66962373be59dbe196a0bc36040b689b8f7834ee6f73d1cb6f4530b3b8e58ea5be4eee1f3d22c823430b5a2c4e3af192ad36c1d26ba225d29e017e5c0e30ee9696e0fb30a2762ece88167c3a0efa31130b943927d1b16c5a2af076c30d8f127c72f4befdde384925ff1e0910b7fa83d90bc28e84adcfb53be504559c568d1d02f05fbe05292532453dced754b43fcf9308b2ab9cabf89dbe045365915fcd86d825eda1efc24bf63dcde7993c20bfcd6baf01b383b5868a4018abc3e1e4e637ca0bf49d35cd5e3d0d5b59c8e2ba0a6bbfc48603f646aceee7167540505bec542eb5efced8efea8d25743ee59dff17d7e7293e1942e39beafb0195f4f7e3be9608d5ce07d4deb25afde181be422dc3ed895f94224c2f95db7b1b66d0bc7c913a67a95395461df86adb230fde4df0b9b43934dd4e375e6e077f2743f0ad136d401b97ef31491dcb887f90d42b9db034d02e8a1ac2edf73ec42add3db1d38c9a2e3cd7856ccd110891139ff42cff63ac4606f7b5e44ac7e8c4774dbd5a4c0c95494b5f2f7d7cb0981a5fa9df6e2e89fd92ad9134e186689c7fa0eb8b6e76079c2e69643102936734bb8776b40579122fe8c3b795f0cfaed4dc5e9b4456a9cc1df88c4a3073a3789f9b7c80a8887612f7657b9f536b6ed0717284548187316f1d694845c46624d48fe0915b7d2beefd20a009101999e26cff4a2c8052ec229986d0fb3c9d4744e21bdaf42e7059615e304bd34d60808a0bf414c0ef056a5ea6f38fa112c43c296ef362169d5e98dc40226db1590996c028bc3ed4509018b0e16392d4f25ee644e9b650b94e9a565fe0bec18e2a60b8362cc2091310de9a7125281f46b4bd8e7147c3105adb9963b5dee525bdb51c63dc40e2c3f068d0b7d5d4e241f455e5d5116d901c078297e99876fe27f68220f1d91ee66aa851182b7c6f7894398e9c6583fc875af7b757c56d6048af2a0d9d58e444d39ee687ed87030834ac6bb87693def7e7facb7c94550e945ff7044ed8c511633ddb8070d634def32ffa65db5d58849402b6a0532bd63b712ea061faf151122d624de4f4b10e8bac83f8c5e6b2095c3e632d1804198f0cd256f27ffcf0210cdb6c5bf39ff2624e4785fa47c7ea965dd83901601aa7e8146912a3442726ba82c64dea888bddaee4c89451239117e276aaa5e1b303463e07c8b95abc031ba1d9e0c4a1524f43823a1e76b7975c324596e887bfeaa4df10b83512b16eead6f9be17134e2bb1ac55d057194ccf114a6281d4abcde6f0471ea89f892b86c1941d238f651f335b8344fd05b719cfe5b37a1fa49765fb8c8ca5eba14f971e44417a5cb2b0b23835693b42079e8586af6a6a69fcd5f73edab4dceabf4e4ba421acb15bb7cc6f3888c6e05193edab4633cc4575b98d8d755fef04bedc85dd8b9abcd3c12113b3a23bc1a1ddc79f9804930d84c846d8f9b4a90a2a20ab9547b06bd781a8310ac1b85c5ab35b2adae33cb07093a9ac66e8ec9c18788535ad0199ab335976cf5acd55f191d94721c25af9189d4b9f12b6ef35f5a7bcac0568ad714d2b0a4f65f4c27205ef68c79e99a497595a5083e5bbb8dfd2a8a4e07a6a4a04f7dcbc418b0d489ee00f3dc7bbc4c3c42326f068b18929db8a4a889602c4caa5d8a80a8b3e03702e8718f8001c326e2de5b7e906d9d02e5ddda1e325abc74544309de9a6d1adba76da270dcb13c0865bdbd2c2b22fd30b8dd1992f0a372d4c3aa31346ab5cb0d6600f829ab1dd01329189f6be2eebd3d3f1d0625f675fcbd42d7735a5546c1435ee8d8b6b643760cf6c17f040c0488c0b6af9f13f122676b995a1fbf1d9abe5cf81a2301d226547f100270fa689902bd63e5ca15957ab11df3205759206d777f769c2c0f77bb53002dce703c7ed79760b2081c7dd5a65c23455ea79af7901509be3f70423692ffe3e8433468738b2830cc68b94fc3b2e8119a1878a572bf031bf58d234e6ec7674b211ff9e2a948a8c7d5346d81396da5f18faeaedb9c6a6ac01b5b9392f513a63e85bcdbb1eb5212fc68364c510c0b966ee61398781c9cb8b327da15febf1ac636e91767624c22e91985f45fadf32edc52f7122c590d9d56e0ebd3a2779761383ec5d7515951b571aa7d6a72e3b2a4b08880435a71a4d93fb072f75155f551e698bb9d0e14559fbc21fc26b33671ca3ce8f03bd925cf370fab440d4354336a0ac0d69000c55eebf93149a367f1acc70a0ec12ace85b6e460f645f054cf2fd45465802fe5afb4b9464fd4758c78fc40182bbad89cac4e8f13d2846f223a594ea0dd6d7537f31f651fb1544ee2134defe77beaa6bb4feb843744b59214ef0170611cdca222b23f392d91e4b614aca2c99780e5d554904e9ff57d26ee5201f456935582188368ccc7d95e2076d65d524c9d7d52586c80a84a9f391cc62cd9caf6a6dfe37bb8a0b6785846b15164640665bf678666e32b7bfdf6730886e73c28b07a19952a8232e42530f398907c2bd8c4aee39b4f58f90d32ed7393eefaf2e575ca9266dbc1eadf42db258e4d1584afb2c63bdbc57ba8826f7a648e9e978fe8add3a1a5ad670447cd68c7885e9f33f7a53fcd6b07c46b7b2af85f3142cc130f7cda34266096b07473219f144b164a452b91963df38a3af676fca437ac2b43bb734c0fed39dda9b0d750c9822382145cc1b939388c34548eddc117cb774fb539a16ef77e5aa024e9ee419b2a80a7aa69b28e543c34fb4220b7b8a42e10c68b67f6c9c54f5511d268e6ffa785426b27a85179d8b329b37af8e1d1979d90b90cf0523085c187c0e00bd17b6ca2d616f08bb30741f85c212b60ba934dd3d5a0d32b6db0e18680498d7423c4cca7750721aacea109c843051f9d4fe64b4f2b22713f7f03339f7601434c1f2e55aadf3f06fe7be4b1a5ff54dd8698f50200a34bd49f76e9af524328c8cb6b890058ee4c8abec4ffcbb4d20775a29dad549b2bd537952fe404a5bc611520ecd575caa3257fb7c0055b7780d23b8ab424949666a00c9c2cc44d344c08dfdab298f8cbebe39c0df85b3c4ac65fade0bf8294d6c578b67f668290c93852933f870f0abb3369fc7c44af30224ce0570949e5868b7e50d67ebe180e8322e4b0fb67068d19ba89c2cb8022849eeb0260627bb88317a87dc575482ee64eea1dd3e0179225e680a306fcd7cd1a2b7cd7ac64431531feb7c51761eccfe4e31a0f60658d4c7704e881439dc2ed95b6db11982c69a1eabbfa77fc773d2323224babd1e676ad06c2258975bddcfd568c0cf7a98eec594b1cd7b90afca45bc82d5ea00b56dfdea6546507523a5edd6f16366fa3c5c2df9186402a753a38de94f53704eb9ad29145e41857aefb43128053fdb66e470d606863c4960af581526c37396ab27d65dab2e1acea50be62679f13aff58a4e55162697627bcc49e19a00eab1cba67a49870bf376f86f5cbe34ed988da4cdbd38e7404d874678785778d691b9fd55cb2be9f9d2a2c89502105555020d5cda27f80b3e3a44fd4436188f0fbd7b94b237b3453aa799bdd9872f826773823fabb1a12f5d9c3635dda76bcf4b75cca1c09ba5de40b1a6612fcaef410c18df5c2f171e327a88ca74e83967873debc8ae797f2b11272d2721204df015d74dd6c6") 23:03:06 executing program 5: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x40, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x6, 0x2) connect$l2tp(r0, &(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e20, @local}, 0x4, 0x4, 0x1, 0x4}}, 0x26) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.events\x00', 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000002c0)={'team0\x00'}) flock(r2, 0x0) r4 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(0xffffffffffffffff, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendmmsg(r4, &(0x7f0000005fc0)=[{{&(0x7f0000005680)=@sco, 0x80, &(0x7f0000005b00)}}], 0x1, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x101000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0x1ff) ioperm(0x0, 0x8, 0x0) r5 = socket$inet_sctp(0x2, 0x0, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000094000), 0x0) ioctl$KVM_GET_LAPIC(r3, 0x8400ae8e, &(0x7f00000006c0)={"ae4fa7869ca6fcb22abcac2ed2feec59a06b6d041550bd6b77cdc813e135badc2810461584cf0fc6b359c729528c6d86e14070e96d0ff27c53f29aa70f7acbff575bdcae6bc77b9cb99bb59eb9eb62fa878d0a2052a715546d8fcd246fbd6d13272b3b663c6b83eb167adf8f8182a330fd99696dcf186c3b8937527df838d52ddcb94631b1260c2ef4f3e1f43d7b11b5f18e9a1207f4e2cb7d109653566011c458aed0d4fb3e10ed123003784b1f6ca86b012c50c8f195fac19c181c030a2e11f70168250edde709574a719007b517e89dc9fc27ea5fe6410b84d28b11f422830af72ba3e03ef3b8ff554a1665491591ed9d82773e7ad2dc3a4b1f80e333df42926cd5bed8c48b0faa32e421ff6617a4c41601737bd288942a4ccc38c813c42782e1e4ab2b50e435cad0005113b6610918240ee74eb6770762e35d02ffd3616cab5e904fb1156e5c56e3ed81a59b630b006ab23cdb4b881751123fc8c85f3217e37d79ec132e4eee427fa2290e0772de51f29cf8ff3dd19668483b7f6710c9125295c3c9a72f1ae9a6de6cc9c0c88306a8847571f4a3d5189ba6d846b6d5c1a7c93f638ee55c5ca5d4c8a3f6495968961f222ae3193b2937820d17c00ea49aa5d33a0dc5eea3e1a03e11e73fc94ddcf9e64988f1ddc21d5be0c517aea56921a8aa6e9a166ffed04b2164159d2073b5e5f3f4af2a8b32f4cda3c9b2d10af929a939bfe8760e70b42bb50ccac52a806729eb43f4b7b7b6120d1825cf1a8985328e98526d9b73061ad3e1b1c09682d6fb2f7ed901a85a02b8d9de93fae382d4b8c364cf1e03abc1d997c854199b776d07a772e2a5991b07c5204606ac2938ab9e115ba8f14fe3d8feb3d4fd4011c6b5b8d38350828f3dd199c5bc0b93845fc8e39aee980820c80f0384ef2f728e0cd596ab53c27e30d999ac6edc40867c438cc8db628533e13870408fb35045913218d04834d45fb536fbb0ca35a1ed12b4b76d90c15a88664e9c2740b1629c9942b1d4973e3ca8dddd5bde6bd8918fe0779f7ab9b22d7a3a18e9f0124ec1ba5429b61e12374580a20a51c94e5bb8b76cfd31380e94c4c8aa689b1f07fda642fef177a195ab6610b168a36b75c7ce29cdcf58925e2b536902959ebf6a5889b6d6cfa06dcf58957957fa59472557b33cd18aa45a0626a97de2e74ebbb82e29a95f2d9766a661e7465c7e7d9e13e2e7d4fccf57b09a1348a07e5da7176f532a28ac8f504f62285d1b6c216b6d29ffa13608258adc3bb467fcade021066496bc5ca63ac0d1fcbefc7f56d63f1766674c3272616d414209e412304647f50251cac12b17a698c94514c20f2cc08792a1f3190df06430b3c5aec073e485e9f349d7cbfb192695be825d5388a320328f88ede204aa0cc3262c02054f0cf8448449455a50a9fba5233d289e6fddee018cb82607702aea5de8"}) connect$inet(0xffffffffffffffff, &(0x7f0000f6fff0)={0x2, 0x4e23, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(0xffffffffffffffff, 0x0) r6 = accept(r5, &(0x7f00000011c0)=ANY=[], &(0x7f0000123000)) listen(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000640)='/dev/vcs\x00', 0x0, 0x0) getpid() r7 = socket$netlink(0x10, 0x3, 0x4) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r6, 0x84, 0x6d, &(0x7f0000000300)={0x0, 0xb3, "c92c77071581af9466bb17c8e969df0bdec8c195d7a75634fb1f89755ce2a704b5455d2da00deb8dab78230ff151d5fa12afc284241d88a681a363b9c1777e39b4c27d8a36c2b45116fda7a19e81731849bc0843ceb32632b5065f470f790494642402614b99f98d9788977f620083e215b68bf899f687c8a992efb18bd07f77f5d6ea98f75c332c7a92bd037b95c8a963753454b0a92bb32042e628b1d7f0657eee452d3128747af162a7f69ada2196548f8e"}, &(0x7f0000000200)=0xbb) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000240)={r8}, &(0x7f00000003c0)=0x8) writev(r7, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="153f6234488dd25d76") 23:03:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0) 23:03:06 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000580)={&(0x7f0000000080), 0xc, &(0x7f0000000540)={&(0x7f0000000180)=ANY=[@ANYBLOB="2000000013045d8628649f7bcdfc000000000000c84277c969f260da251e5091b9e27d30ed77b3208cfc7632e4451ea3f4790962deb1729d4b8990b55202b5356d3603392eb9ccb7024eabbf9ed4e5a5c2deaa6f0199e32698ec8c5c6c60c32e85b524122a24bd381cbdc71c2b569040d25df505240a22324392ae", @ANYRES32=0x0, @ANYBLOB="a627e6c49c82e4c3"], 0x20}}, 0x0) 23:03:06 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:06 executing program 1: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a8d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x0, 0x1000000000}, r0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000), &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x1, &(0x7f0000000000)) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000640)='/dev/qat_adf_ctl\x00', 0x88080, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000680)={{{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000780)=0xe8) lstat(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000880)={{{@in=@multicast1, @in=@rand_addr=0x1000000000, 0x4e23, 0xae, 0x4e22, 0x1, 0xa, 0x0, 0x20, 0x84, r2, r3}, {0x2, 0x1, 0x10000000000000, 0x6, 0x2, 0x6, 0xde27, 0x1}, {0x459e, 0x5, 0x0, 0x2}, 0x2, 0x6e6bb5, 0x1, 0x1, 0x0, 0x3}, {{@in=@loopback, 0x4d3, 0xff}, 0x0, @in6=@loopback, 0x34ff, 0x4, 0x2, 0x10000, 0x8, 0x0, 0xfff}}, 0xe8) mount(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='iso9660\x00', 0x1020, &(0x7f0000000340)) mount(&(0x7f00000002c0), &(0x7f0000000240)='./file0\x00', &(0x7f0000000100)='nfs4\x00', 0x0, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x2, 0x0) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r5, 0x84, 0x4, &(0x7f0000000280)=0x1, 0x4) r6 = syz_open_dev$sndpcmc(&(0x7f0000001480)='/dev/snd/pcmC#D#c\x00', 0x2, 0x0) ioctl$sock_inet_SIOCGARP(r6, 0x8954, &(0x7f0000000140)={{0x2, 0x4e22, @multicast2}, {0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x12, {0x2, 0x4e20}, 'ifb0\x00'}) setsockopt$inet6_opts(r4, 0x29, 0x0, &(0x7f00000000c0)=ANY=[], 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000014c0)={0x0, @in6={{0xa, 0x0, 0x8, @remote, 0x1}}, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x2a}, &(0x7f0000001580)=0x98) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0x40605346, &(0x7f0000000540)={0x19e0000000000, 0x2, {0x2, 0x0, 0x8, 0x0, 0x2}}) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000015c0)={r7, @in={{0x2, 0x0, @remote}}, 0x5, 0x0, 0xc4, 0x100, 0x10}, &(0x7f0000001680)=0x98) ioctl$EVIOCGBITSND(r6, 0x80404532, &(0x7f0000000340)=""/221) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000001c0)={r8, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xa}}}}, 0x84) setxattr$trusted_overlay_origin(&(0x7f00000002c0)='./file0\x00', &(0x7f00000005c0)='trusted.overlay.origin\x00', &(0x7f0000000600)='y\x00', 0x2, 0x2) connect$inet6(r4, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev, 0x4}, 0x79) ioctl$LOOP_GET_STATUS64(r6, 0x4c05, &(0x7f0000000440)) 23:03:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 23:03:06 executing program 5: r0 = userfaultfd(0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000100)={{{@in6=@mcast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast2}}, &(0x7f0000000040)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0xc) chown(&(0x7f0000000000)='./file0\x00', r1, r2) mmap(&(0x7f0000000000/0x7f2000)=nil, 0x7f2000, 0x3, 0x31, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) r3 = gettid() process_vm_writev(r3, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1}], 0x1, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x197, 0x0) r4 = dup3(r0, r0, 0x80000) accept$packet(r4, 0x0, &(0x7f0000000280)) close(r0) 23:03:06 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:06 executing program 1: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) mkdir(&(0x7f0000000240)='./file0\x00', 0x0) mount(&(0x7f0000000440)=ANY=[@ANYPTR=&(0x7f00000001c0)=ANY=[@ANYRES32=0x0]], &(0x7f0000000040)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x800000, &(0x7f0000000080)='\x00') getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000140)=0x8) r3 = syz_open_dev$midi(&(0x7f0000000580)='/dev/midi#\x00', 0x9, 0x100) chdir(&(0x7f0000000200)='./file0\x00') ioctl(r3, 0x8, &(0x7f0000000480)="5821c7de6d66791afbc0c22472d624bcea782d321e75a3515e403378e3f6716336491a000474b2a23c8c73ebd96b4b4ba3d7ea70741ca66c24c3d2b94e2352a553109e7b9c3c973349ad2ddfa806e56053a9f74fa737194b45d41a334d3e265fe1a0fdbc5cab17d71913f336761d78d46370560f347f48f74d094962704cdf00278aedf731cd716096f8417ed04b4b83b8110e016f64ed47e1aa9415e3b0091120ceb3a2b3a694143258e4406091b61db7f86f7c3d5546041f017bb4db619cf9997b624cac") getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000380)={r2, 0x3, 0x1f, 0x200, 0x3, 0x4, 0x80000000, 0xffffffffffffff50, {r2, @in6={{0xa, 0x4e24, 0xfffffffffffff000, @mcast1, 0xaf5}}, 0x1, 0xffff, 0x0, 0x4, 0x4ce3}}, &(0x7f0000000180)=0xb0) r4 = open(&(0x7f00000000c0)='./file0\x00', 0x141042, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r4, &(0x7f00000002c0)={0x16, 0xffffffffffffff84, 0xfa00, {&(0x7f00000008c0), 0x0, 0xffffffffffffffff, 0x0, 0x3, @ib={0x1b, 0x0, 0x5, {"5cdf923c8e69c14d65d7292829ccf773"}}}}, 0xfffffe11) 23:03:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x5421, 0x0) 23:03:06 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x8138ae83, 0x0) 23:03:09 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)=ANY=[@ANYBLOB="0200000000006300"], 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:03:09 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) r0 = memfd_create(&(0x7f0000000040)='\x00', 0x7) accept4$inet6(r0, 0x0, &(0x7f00000000c0), 0x80000) madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x7) mount(&(0x7f0000018000), &(0x7f0000027000)='./file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, &(0x7f000000a000)) rmdir(&(0x7f0000000080)='./file0/bus\x00') 23:03:09 executing program 1: perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x50040, 0x0) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f00000000c0)=0xb66d) r1 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000000)) syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x0, 0x0) 23:03:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x5460, 0x0) 23:03:09 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:09 executing program 3: r0 = gettid() r1 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x7fff, 0x80000) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000280)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000}, 0x2}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x10, 0x0, @thr={&(0x7f0000000080)="bfea3f64ef60c3e3c78a8e86078e61d443dc42a6d8fa56a23a801ee0710789962dfe77b2f75541038e76630a48a3ca9486d933", &(0x7f0000000180)="17f14b7268da562d8189c7a711bae33b78c0f6d8556f15e3ed399049ac4ed2f1266d44279d2337c8ad8e9f40c2d9aaf9a3c4ba92aeb1e47306fd397db2f05764f48709f0bf806072ae64c1c65e89a20bed378cbff1d7291ee10b3c9154d9d61c287572ba481cff1f503c400abf4b9fc5167f33c0acea900532b221579bf2985624aa0a812c6abe017de0ed"}}, &(0x7f0000000040)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:03:09 executing program 1: perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x50040, 0x0) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f00000000c0)=0xb66d) r1 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000000)) syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x0, 0x0) 23:03:09 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0x2, 0x2001) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0xcfbb) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x65, &(0x7f0000000280)=0x8000000, 0x3) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f00000000c0), 0x4) close(r3) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000040)={@multicast2, @broadcast, 0x0}, &(0x7f0000000080)=0xc) ioctl$sock_inet6_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000100)={@mcast1, 0x6a, r4}) r5 = fcntl$dupfd(r2, 0x406, r0) ioctl$TIOCSLCKTRMIOS(r5, 0x5457, &(0x7f00000001c0)) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000200)={0x3, [0x0, 0x0, 0x0]}, &(0x7f0000000240)=0x10) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000002c0)={r6, @in6={{0xa, 0x4e22, 0x6, @mcast2, 0x35}}}, 0x84) close(r2) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000}, 0x3}) 23:03:09 executing program 3: r0 = gettid() r1 = syz_open_procfs(r0, &(0x7f0000000000)='io\x00') move_pages(r0, 0x8, &(0x7f00000002c0)=[&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil], &(0x7f0000000300)=[0x4fa], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6) write$UHID_CREATE(r1, &(0x7f0000000180)={0x0, 'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000040)=""/109, 0x6d, 0x9, 0x3f, 0x8, 0x5}, 0x120) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:03:09 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000001000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f000000c000)={0x9, 0x0, 0x0, 0x0, "ddfbe36de3f9b5e3e004bcc0ae4de5d4e831c68b6c2956c2874476ee83e417454f684cab6a71b139644ea97a"}) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x3a70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9a1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0xc1105511, &(0x7f0000000000)={0x9, 0x0, 0x0, 0x0, "1ef4bc48491acd5e0c4b976cba7eef36c40efce39f2b9c125ba7a77d8dd019d6041e65648e7f165944391be5"}) 23:03:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x8004ae98, 0x0) 23:03:09 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:10 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) r2 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x80000) write$FUSE_NOTIFY_INVAL_ENTRY(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="2c0000050300200000de37c263244a0000000000000003007c141f5fd7170000000000000b00001b2f6465762f3e05656d6978659e63ba4866fd75caa84ad24cbd8ab56ef80915eaa37430b54dc3ab1a5c0fb255e352158f24fdcaff52c6f25448f92d3fabb7e6725a4d2c6c572ae5c894d540f8bd9aafc6a618a3e0371fe81569c73ccc8dba545d34814bcd26616678ffd4d454ef5ccd74110c4150cec79e42"], 0x2c) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f00000004c0)={0x100000000, 0xff, 0x1, 0xd0, 0x9, [{0x93, 0x8, 0x4d}, {0xfff, 0x200, 0x1}, {0x3, 0x8, 0x2a8, 0x0, 0x0, 0x200}, {0xf7fd, 0x8001, 0x10000, 0x0, 0x0, 0x1008}, {0x9a25, 0x2, 0xa212, 0x0, 0x0, 0xa02}, {0x0, 0x3, 0x2f, 0x0, 0x0, 0x4}, {0x7a1, 0x1, 0xa19, 0x0, 0x0, 0x80}, {0x3, 0x5, 0x1f, 0x0, 0x0, 0x6}, {0x7, 0x3, 0xffff, 0x0, 0x0, 0x80}]}) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x18000, 0x0) ioctl$RTC_PLL_SET(r3, 0x40207012, &(0x7f0000000040)={0x934, 0x2, 0x7ff, 0x200, 0x8, 0x2, 0x101}) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r3, 0xc1105511, &(0x7f0000000380)={{0x7, 0x7, 0x6, 0xa61, 'syz0\x00', 0xffff}, 0x0, 0x40, 0x8, r0, 0x4, 0xd74, 'syz1\x00', &(0x7f0000000080)=['user\\cgroup\x00', 'vmnet0/bdevmd5sumposix_acl_accesseth1\x00', '{\x00', '/dev/mixer\x00'], 0x3f, [], [0x1f, 0x40, 0x7ff, 0x1f]}) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:03:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000600)="3faf5e5516d02b8d5713afcecd28c37fb298d21dd9e9225fa3cd1da754b2657f457161f94778e56293276bb49909205a317b2ca1b1ea26c31303c4727ee20ff67c07ac3827bde4c8507a78e6870df96bc7a04880854fb18a04462c8d37b656117ad83ed5942d13cb06877ca1ecca50575ee668a7a4ce169b76abff3272cc4d01a21a690311d2a95e730504d57cd9a30c6cd015371795dbccefb6a7e63aa8fa81b54082f9c697f5cb844cc537e5c153ab1bb639776800c6562c718c0c935d294af370d4d788834f2349797e9ff44fcdf2b7200fba4b6ee6e7501cf32dda5ccbf67829756a3402a9ef65ab67e0d78c5ac395d6472dd831cdac0bee1351cc09eb872d7c657fcea0362d2109d8d876cc4a332b26b01a05fa19b65e96f5f741930613a9c84ade3054966aab13257020542414e421a6545298d17725fbe5f323d90c71e87f9da305ff17a5f5a28ff1f740d1fc43ae95de881eac5facb7274d1f13a4c9f1afbbb47ff219b24001533f6cf4cbf2dd1a4969540e1d70f2a6801a5961d517d1a3bfb4dfc96efc4da3ca207af755828670d2d8e50e49392d1ac259e40cf365de6805a3541e7cc3258e2c3c76acf526f06b0bad9cc88c528d94e669f8a73d34057d7934016df83cd9199773edd769b23ee7cfe5085f78b85385af8698007fcbba5f9be8ac6fda90177a1d0a3f136f06755af391533609c7b723721f20c7fbc8351694f01d7d4ea4a81167744ac76fd0b4a107bed4d44d432db40c02adae67b456e8e30db0a7712eac0bcb86d8e4eb5f36bf93b402f9ca36728e6d8bf3be3d8528eee266e8a0d41f6e2ecd54ea3434188990a887227ffebffa88a7e971d55811aca104abaeb4ab03735b86f476e2925762c3cc959ea252bc805da9a7f1d17311633e1491e13a70b1985d5a1a237abc0793fe45719f068c8100121549038aedd28933a8f995c9d799b4a6014a66dd78ba0627e88af305a9800a521c63f3ccbe70fe2e40a0dbb09493d90935d23449fe9c1a6d251d0217086ee7d94c093f3bd80ccca8eae1b7b1bdecbd575a2c603c0ceb9bcf96b27d883cca46bf6057b339952547f754ba2848018e137d5b57e07472167f6e8dfcf1e3d37b15341dfad27312624088788f4223f796bdac5400527ba01ed565a32f7c978ec24b9f39a5e3a3db6389ab29c8b7ace82fe2d96e44174e82d35b701bbb98b64de00d82809a5dd6bc6194ef10762758ad20c8d2601db5bc0883375dbb09a5c86a0a9a6853c8877cf63c1fada2fde9340cfdcfa6cec9fc15e5583309936729b2b196ad7d507df42feba48631a24b70b6ab82248f030c89d48631811e11301742298350dbf4205d0ba7696ac2dc687d0cb8e9825e918857bebe9b8b489795aff82186395a238e340961cf3fda2204e671135612b2fac60195bd5f7c9f80d0ef01ebeb0680b13e3853a1eb53a173ead1f94c625972fcd603a85f859052a4f183b49b8f22fae754ff1da87794f8a28e6ae91fad94ada80bd23b265149106e80eebbdc4a1b6c33ed01d1465a7d714d509e5627a63c68aa78b953aa50be7d3d7dffc174a05355f88f0b1316b7eaf0613838e75af5f174f7ca62cda670029baee44a749cdbd4d5d40ecc1c705f6c1b6b6cb117f6171565ef2bac72dc2dfbb361a4f6b46a7e8c3c31c2883a9b0e4615707b07fed220c47bd13bb2284775342eb8c4ca6e76a50acb7875e2e2e633d285cac0e4c3469ddfd6cf6a03f063092c36577a0acfc838472b068259cbcf22da9fd978cf20aab9e393754708f011f4ce854bc10a73f2136827fbfd51ee6747932498169ac79a9f9108ca181cb00ea8133c2b67f07b7a56b475d6efa3c1185eb4d1f37fa11747759857cc1b9dfdb9c3e5b915a5a573580787e0b7e747ab48f3f934f12632aca79aa2769993290ebce12a1424cbd9db206d669cbf5db14e79f147123765c6014f881daeacd9037e2a952677ed531b0c62702a0f6fc93e742fe7f97b2bf007410b5a8728d627896c3b45c40f4ae70340d941b64f0bd3cf87d665d9247c1951dfe34d58fb8048100a0ef77f62d0083255dfe0a345152f116e89dc6444a5e01d788e3f786be92e31ea661e908e8e70884fcde005339e57e7fa2c83b6ce3441ae17cd98de16f402983f24022c6d07032b80b6583634116977f494972570d0bc78b6f617a26c3485d2d720e865a554b059c44beb7a85282824c31a786aefa4a973a864fcb545fd2dae615da4a64b66a278c39d80cfbce60125fecdf99e08befc16b9c96ab981a7b87d040ac4927a05e1271d97ae1a54b5d1e6cbf910839dfff5c5253d7ae06273c30611d40a44ec03ba1a619071820402acf6acf6be8ec806583c3bbaf71ed21b410565c579f868fb1aabe48c26c7ba16d8f8d0c7b9b61160e93d2ae616a960c7c52779d794e316a27bdbc57f36a2518a8c5c26c2f8e7e19a09f08c4ad0559a1078fcb8df8c781228ef54ba5363144d7ab54aa149d339fbfb3f887f66e346f55f4bcac327283618732bf519965ad40fd87c3d334e6b189ce90e01fea07ad3086fc392bf69c9c6dd359b2bee5b00e31be11667b80bf36e306639739f612ac14af02c1987cd46afc26aae783ce0ac28bbc857f97e84384380c435c2237c81144404eff136f39b7feac9c96f09cc3191b57ff8a7e44b9ee82b909fa9c2bc29b6e56cd182f4740d4cae04ef713f7cf1efb65116851e7088db376ba5d261d629c94f1fa0aaaf6fdc77a46eaccb954241d8d5ba63ec4d58bfadea8e2ec6527e2e9d604d3fe6b5b1f1cddadd39c45e974db369be7914a06a1ea71a7b687c2a4d9ce54f2a8e0b86bce970d534b61552fd75e0c5644eec2c9fd907a40330315f15da8ceb74042286e70ee384e2fe8061c01d3252c92ed2a029014db332c40ad966ee555558e8874b2bcdcde8a51b64e0df43c0e93881321c9cce0d6bbd5313ba2dd36ccc491301ced79b81fca0ef884180675e60a1d827450a8415e30419c646d4bfc21cbd60961d80b0a64a83f0b6787bb3b526ae7be386ce180c4fa6417f65206f9ec63a51d0c7cdb1443cdbea64f4ad37afdf0d90959c6cdefdf0577897d53c3137ece40078e3c316d442d9e4686fe2a5e5af50459f77a90de435a0846595fffcc3808e3768f711eb39b2cbb64c5e0098825231340be0c6348fccd0a35e02d877af262cc48be8aaaf0aaad595c90d9ccfa1e8fb213a01454bb2772d71f1cf4a1b48fc066ab3b2a5974103beae14bd86dc95a2c36dd4e93f9d20436e202866776a7efa18f0a7aa350c17ef2f0d8a890f0940dfe2b50f4a4412ae68f195a8afb134ded061343912a815e1365b120d661d4220e78294b44ba111977d3c286eee24c75dbdab6b9b4e6d419c890ef9325ca0a9cf9a99fb94e489994c905984ee57f34fbc25ea403b4c4f94f641ead130da66038b80dda20adbba3be1ab764f8a", &(0x7f00000000c0)=""/90}, 0x18) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x8000}) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x602000, 0x0) ioctl$PIO_FONTRESET(r3, 0x4b6d, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000580)="65640fd2134f0fc71bc74424007b2866adc744240200900000c7442406000000000f0114240fc71df70000000f01b7542f000066baf80cb830521280ef66bafc0cb0d0ee0f0139460f01cbe48a0f005c8100"}], 0x1, 0x8, &(0x7f0000000000), 0x310) ioctl$KVM_RUN(r2, 0xae80, 0x0) 23:03:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x2, 0x0) 23:03:10 executing program 1: r0 = syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x5423, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000000c0)=@llc={0x1a, 0x323, 0x1, 0x100, 0x7fff, 0x100000001, @broadcast}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000140)="6f7106003eef1f7eeadb89e3bad311701f5440ea7040b03ec71d55208e88ba33f00fa83475e91fbd956716ce844ce175ca8f2034a831565d4ae61a92", 0x3c}, {&(0x7f0000000180)="5211e44643a3d89232bf707d0a0319deb5d6a08acb370c36c0f616da16c586c33e792196399018d7e681e72774f2a3e447d91ca2a9d47f7b751778e59ee4407b22cab9661c082670a9cdd9e88902727c7b23012be4335a1a44795dc6c1117cb3d6f9747c08f979fa6f15bf58b18b54012b40de714e2aaaa9f2779942ee1e4193bd00c3fcba8df3590d042c56e46b6cb7f9bcb6980f005561d9fd86bbbb776606f0f351a4f622955a14b0c25705646ada1697421e2b8c59", 0xb7}, {&(0x7f0000000240)="3b3427a4c51c38864420063f6f30b75dea21aa0875c82d2fa6e72378125390d4fa0f092cb1211bb981c48dca71683a2bbf4f2291ee1eb2756fdff480f9a230cc96d77bbccc2e8b09e073d13dba512410ed9ac127b8e30f375145d8f9c0908aa23caed2500738df308b7beb6730a6b12243c30c53aa12a8124a5af18fd1e016c98cf37ebe07c679d586a1719bcc02fa2d2ea2db360165eafeacaa3025f72f9c747207dfc69dedac27d69f", 0xaa}, {&(0x7f0000000300)="b85f8325bebe60cf4186e267fa3a355fe9ccd985da8e341afd12e3bc3604435145086bc68c5fc856c5a17024ca", 0x2d}, {&(0x7f0000000340)="499456f0a830fe3e3049614123acc6fa33f8de101a06c5d178972cac30579770e43c00fbd4920bcee8951610490cea06a23c0422b5245b209368514a61b02803595c08cda3eb2575be93ebd35bf2e17a2568d773cb0aeb59d2b8718c52b494cd83aef5f48c86b4fa5882299a16d876b7ac8ebdbc21515221383f5fd2f98320541a7fe80fde387041f453803e5283c7193e7b662c2068a6627858347175ec2c176f6ecf776351940dde03b7bb7fd0dbaf8e767edf5a77cba07d9109f6ba49a3f22a4de148c1468ced5476cf45ef4d09b72aef0cf17c0af8a552c44cb2a1d627a0eeaf755e3c8345230dbaa878a18b530c466ab4", 0xf3}, {&(0x7f0000000440)="321861d72e85660a83bfc65d81506470a04478905ad640d3dba89c176e3e7aaaa27aba544b8d265607e13fac56a4d22c8278a8710ca8b529d191e0f9fb58ac5fe60dfa2973875e73b694f81ad54610d465eede932b4e05eea482115d895eb20e57dc6f7a4a84e35b48425323ee932f4270f249c5091582754aefe133704df9f0f08e11f0c447c5a2324c9757c9f2e3c5176f59be8480d839f3500b78690abae6ae396f23f96861ca951aa9137576354c1ac77d32d9f8fe3f5d94529a2d1e9af440b2c0547297afffca7ddf5a0d", 0xcd}, {&(0x7f0000000540)="44fa2c87717cc8f803f5163b3b7b09e9ff70fd8bc8141d", 0x17}], 0x7}, 0x80) 23:03:10 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:10 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) [ 399.444958] kvm: emulating exchange as write 23:03:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xc0045878, 0x0) 23:03:10 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:03:10 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:10 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4090ae82, 0x0) 23:03:10 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:10 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x7, 0x400003) ioctl$RTC_IRQP_SET(r2, 0x4008700c, 0x175a) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:03:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4138ae84, 0x0) 23:03:10 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:10 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:10 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="ab553fec947a1333177e24b5ebadf404", 0x10) r1 = dup2(r0, r0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000180)) sync_file_range(r0, 0x4, 0x1, 0x6) r2 = accept$alg(r0, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000140)=0x80, 0x4) uselib(&(0x7f0000000200)='./file0\x00') write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x4, 0x12) sendfile(r3, r3, 0x0, 0x7fffffff) recvmmsg(r2, &(0x7f0000004740)=[{{&(0x7f00000007c0)=@pptp={0x18, 0x2, {0x0, @rand_addr}}, 0x80, &(0x7f0000000e00)=[{&(0x7f0000000840)=""/82, 0x52}, {&(0x7f0000000940)=""/191, 0xbf}, {&(0x7f0000000b40)=""/166, 0x7fffeeef}, {&(0x7f0000000c00)=""/197, 0xc5}], 0x4, &(0x7f0000000ec0)=""/210, 0xd2}}], 0x1, 0x0, &(0x7f0000004840)) r4 = dup(r1) write$cgroup_int(r4, &(0x7f0000000000)=0x4, 0x12) 23:03:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0) 23:03:11 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:03:11 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0) 23:03:11 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x5451, 0x0) 23:03:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x5452, 0x0) 23:03:11 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x40100, 0x0) ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000040)=0x2ea1) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:03:11 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:11 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r2 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x4004ae99, 0x0) 23:03:11 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0x40049409, 0x0) 23:03:12 executing program 3: r0 = gettid() getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:03:12 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r2 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1000000000000000) 23:03:12 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:12 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x80042) write$FUSE_IOCTL(r0, &(0x7f0000000080)={0x20, 0x0, 0x2, {0x7, 0x4, 0x278b, 0x7}}, 0x20) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000680)={&(0x7f0000000000), 0xc, &(0x7f0000000640)={&(0x7f0000000500)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, @ip6gre={{0xc, 0x1, 'ip6gre\x00'}, {0x18, 0x2, [@IFLA_GRE_LOCAL={0x14, 0x3, @loopback={0xf00000000000000}}]}}}]}, 0x48}}, 0x0) [ 401.742899] netlink: 'syz-executor5': attribute type 3 has an invalid length. 23:03:12 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r2 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) [ 401.811425] netlink: 'syz-executor5': attribute type 3 has an invalid length. 23:03:12 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)={{}, 0x800000, 0x0, 0x7ff, 0x1, 0x0, 0x3, r0, r0}) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:03:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xb000000) 23:03:12 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r2 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:12 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in=@remote, @in=@local}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000340)=0xe8) getsockname$packet(0xffffffffffffff9c, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14) r2 = memfd_create(&(0x7f0000000040)='\x00', 0x2) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000140)={{{@in6=@ipv4={[], [], @multicast1}, @in=@remote}}, {{@in6}, 0x0, @in=@multicast1}}, &(0x7f0000000080)=0xe8) r3 = add_key$keyring(&(0x7f0000000600)='keyring\x00', &(0x7f0000000640)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff8) add_key$user(&(0x7f0000000380)='user\x00', &(0x7f00000003c0)={'syz', 0x3}, &(0x7f00000005c0)="40e45af4b882f125754704efe5afe689261be65f15480afbf7c7d844f036e8420e999e7a193e1e", 0x27, r3) r4 = getpgid(0x0) r5 = getpgid(0xffffffffffffffff) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002780)={{{@in6=@mcast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@remote}}, &(0x7f0000000500)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000700)={{{@in=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@remote}}, &(0x7f0000000540)=0xe8) getresuid(&(0x7f0000000580)=0x0, &(0x7f0000000800), &(0x7f0000000840)) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000880)={{{@in=@rand_addr, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f0000000980)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000009c0)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@broadcast}}, &(0x7f0000000ac0)=0xe8) sendmsg$nl_route(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x57ffe}, 0xfffffffffffffff2, &(0x7f0000000440)={&(0x7f0000002880)=ANY=[@ANYBLOB="00000000130014002abd7000fcdbdf2507000000", @ANYRES32=r1, @ANYBLOB="0002000020100000000018000000010000003a004eced58ffaf4be1d923abe0b32a4f3385896de09040063b39a17bde72be52dfeab608b1f2e983d33adbe63b2f304115f72106940234acbb15c60ce1a8b839ec3bf46b8f64a68634486d9fa18f6111d900b3c0f164536692986514513d91462ab60c2260dc7d494486c1ca33b31d4c89e8383620000004e0000006100", @ANYRES32=r4, @ANYBLOB="00009000fe80000000000000000000000000001e00005d00", @ANYRES32=r5, @ANYBLOB="6d48349e0211eef70a7fa7fe22bd1faa3296e8423a014608e105cfc088627ea7bf14f6f9fd4bb6c39bb5f86902aa68d5e29ba3860f85061fc1cb137aadaa98da9e6424c5715c8627afd143f9758e696f00278a068565d477fce94755a53adb68f43e43a33c34e040e56cddebfee45dd080f50f12426f2ae9812be7cca0503d29b39c7d8f608611f2a2ba9f23e5713964e6464f578bb23a15cf5c5de79df7a1df7e12336518de5e3b050a8729cbbf615ded041b5faabd16afc009bb723032041fd2251167effcf43fdaa50cb87a8c3ad25ca403077fb48bda16bbce6bda838ccb0000010000000800000083007e93957ddbf2be15c57dd21ed6a3bc68817c0a3de28e395e154dae313908be1c1d3920a23cb6fb6680f934f74a62d36200bb1493ce7f2163aa39eec2dd3136c8205cc24534d66fb254f9854b48109c4952a11ab0ca18553435834b2aae084c4fd70b1f9f3ca1227298d6e98890aa75665accd1a82169a1a6f738517711b82eea1cdfd7064ca028b797d4eac2e5f5c3c8f23f9e5091642cdb3ea1c030580a0006575028cd7b4f39eedf7704832d2588e3a5ec58dc5b14331a3c1e65090c17b7d2e4148c2a2e72fb75abeb4745d8bcc1104b29ea0a6d65b1de35d7046c005b674f44e62f02463d000000003800626f6e6400000000d43ec812a5973e384454854dcb79cb026a16c4ed5d0d5cafdc4c0c8b5b6a11245edbb900aea7e675273fca7109a802e2b062e2c0bc5a20a5219d36d871521b4e420f7f9e548284e07c5348429cf3d81aca3b5b9b664d56c85dc6571c21cd6af52858bab1fff79440dcf644f8db53e0aa859e68d4855c19a612ccf6d62edcbee7d3b95bda11eacf988c7b361b543426c928b59cf0369c2ed453e4e385e2816e2183c45a1ee470c905b78edc6ded48e86b0291ff04121cb67fbad14a51c6b637ea506178e6fc6a57a521722bfa9193b7c309725de05a99ea4dfc23afcf137087fef2f084be2db66fc13dedf718c93a4896194e5cc5378a7df3fe22ef68cca13caa00000c00b54e10751e4624d9fd5716a2908a5852a296c2cb74b1f2786d076d4e56a9e6087ebb8d6e31f683ec21f0ab9b2550cd4c83eb95e3d43e5465e93f71e5fbbbdc6ca2b3f5dee7eb6950b2d649c4124a31107bef375ae3e314117fdfa4cae0aedb5aed99fdbf290beed58dcfd69b50a85e734f35bde21a099aec1705bf64d7c2796a93ba4e54b390d25c4ca2fa8c364aaf23b3482cd200003000", @ANYRES32=r6, @ANYBLOB='\x00\x00S\x00\x00\x00a\x00', @ANYRES32=r7, @ANYBLOB="1937190386d65f11b0b68ac56f8113ac328a302d96685a9f747258f01cf590957dfa5572183647f076990354870578664e16ed93d791aa24a93883423e06642d59626e6ddfcdc535c7e95dddc0b3e02910f38928f3200f2c5bf08df00602759500000c00", @ANYRES32=r8, @ANYBLOB="0000080013e606fb4840f071c1b8868da72dbb67b557ab211d04c4ef8434b64cc39073cf7cf738a0927ceb5ba87226648675f909776994b9d5c9cef30712563dc9f642cfd33d873e7e83886d55d909dc2c2bf5906373350c80368e89bdd7fd6c5d5d93020c49fe61e6dd090c9aa7476737d0c5680b46afeb2b13b9c34a4d3e24a04842979231ca7c240e06f2e04a8741a5fd1b9ee5084581947410a8a9df4a1963c1669d1adf50c6a105725c0238ac104f4f44a639cf6d3240d712ea51f15c1d87c042e8246a496d2e1b95649dd8f1b12a7d123e805054c328b86e1c0b7622a167fd5e0dd82dd1bf0d6f6bf1937b0ae4042565fd7f1ec2dcf7588aeb5e363b903100003200", @ANYRES32=r0, @ANYBLOB="000000000001000000020000001a00030000000000000043c5dc18a1f1e5df2fd0dc9c90ddf7bb11da0ddee7e2d49b1957221f63e19bbc6c487b000000010000003c0000000400", @ANYRES32=r9, @ANYBLOB="000012000800000067d5dce176da69397fc74995a69ae11f2c7f8d46b6e412a8f7fd92a5f419ecdf183fc069fc6023566c31000000000100f15cbad1408f66da1abd8bc35db0dfe12cae973d27c7902910745add05292903ff3f8cd866a2d82fc643bc0a2a0ae943819915e0610479b37ddd9d1e22552b972af47633cc4632655f88e6241188de59977d34c70e3875fbad12f0d69c89a61f6a72d087ba96488758a48663cdd71034580b79630b187911595817422c9c29c34c36e6eb44fde172d035d3523244597dece5551547fbd74af802873fa9f16612ae29390826e6a377f41fe8484cf81aa4c505e1ab120557c0d3874a18456f3b3ad5825063dc5e90500fdf37df898b4cda706abd9556dd719339be929424704c45762faf320772ce5bece463d762fc52cbcdf463963064536cafd04518d4a9a3349f08e05ae5f6eec81042be0efc6ffea6b833276c6fe6b465d32b9480a54a37f5462852da49ec5bc19802a6726c9b927056548bb100005a00a15a62f6798a5c27bde8388617923544d3c6f96e4ba5c261c1923460d72200d14ca2fa4f1087e6fe034df4244ae8088fdc1af5e8b1deecf67d7715f76f2f065860891c3432d12723f034fbbf14a03a7557950b43555735905d7db43af8b730c4773fc8dcae9f3288345fdae8cffbffbf2e4f6ea5e64210b0785279b38cf0563fb31c65707e85c7afbed84e7f927e00b19bf254c23dc020ec7cc7bc80465eb57e48a5772a788aea5bdef576c02db98ef2d3ee4d873c2032566c5fdf20bb5c643815f62c38b24e0f995b4d9eb7d30466fe1f4f67004f823c5e5879dedfa8c8d1d19ea93590f90d71f356fc5582af61d2a19282025b7a21d2f1f9e1485569fd82af71c79ba7302be848c54b63027eb863ab7a6efc1d99a0f309eeef1613565f4865634e251e42144203d1970e73698a7821fb40db09771e284928946743bdcd187821a801a782fe3af0c91b38c28d96e7b0afc442128a27563e94b0a824db3ea9b4df1cb46e0592938f35648c86783ed75bb12330aa0f2f54ca4db956b59507b6a8132c4a0f02cd402989e8e5fcd0a3bea3ce8ba4aa1593861e265c833ceb00f634de82d8dddef2eb757743deb4e69ddfef36350ef6f33eae0c16fe32430b9390a04e75718d729b87e7ddd2dc0000003500000069000000000000004200b761fcaef8505f62733ee1052bba19328f66f486a72332cc03887a6da2c7a2dd7fe2684570ee6fe6bf5284ce44c5af3cb8002ee703dd766ced48ff91ebf9eb6be2d99d599a437e3fdba79c630794a8493ac2ce2f1ac82250b3c3b98d3bc6de36c643d4657cbdd9deafea8ac3db98ebbcce6ead391fb0ec4d778b021c576a769ab8062043d76cac00b98c836777a29226e36b15a0afe9cfddb59461810686d588c6bd59b57125cf59185c5929d34c9e47e5a29f90a3600772fd4681ea7101300275e558ceb6d49df39225eaced8eaf83bf5158093b2c230ebf6ded08e3dfb20b933c3fa5cfafac2d27670b7d8d29b1117699fbc330fe1b86d186ce3ea1cc0156249987a09c035943200204f57f25b22a9b6beebb8704bde3bfb624b8a6f977b34dd1ffe310d8eaaf9ff5595b06d30f0819020c6521e31a589a129e752af2c679951ed10c73ae6b665ef60e98b32409ea91c7fdd9755867b0bcf6679e8e3f85e28273a15a6b0183bbae9958e9899e566e87e18530082dc84a423ee55b9501e1e01bb581d785f00002000", @ANYRES32=r10, @ANYBLOB="00007c00ac1414aa00000000000b006c901ab6bf074ba038265e4163c662baacff9717b324a99be141fcf43127d693f2b328a1efd4313402b855c47b2b435d14b53af814e5e72b06092a169cc32a0e8e68a2c7bf7dcc064311aff997a155c9e6ed63d497281b53e79f287fa777642e0cd9f90199ecf3faae648a8d4711607ece7b2b0bd52c9470bf802932e1dc0d763f1d90aa4320efb3d03b650b752b6a0a046ecc7aabb0601f2647c268f7bfa80e76174b87e038ef087ef21b795ab2352401f5dfdc6a9f815bf43e9e211dbb035dc6de64d8a58451204a5360a655e83721fc7727456578f1bec152264fcef1744cde311265edb7f0b13c24e3b690d00ba60fdc8b72b5b7a01c4d0aa7bcb3e5b4267fd6146ed3cebb7ed9dd7e3bffc7f0dfb738edafb1615dbb31d80000b85b8a9156157ae2b580b58f4d3685da0c0d0575e11ed2950b58dcad4ae3ea3e00b56e9b5850d5634373f5edfd5a2daf886a5e0e6f664a84ac40198bc6ca16f0d8b9eff7d2278492baa492453c180414ee17197fa6bdde4f816c18a09e7aee345ecfd0888f6a81529fa299b5e0115134fa4aff54ff9489a97d78591587ca1ad0161325b92154ba7ac28947179b6a98c10146ccf160545d2d17dba53da5bc7d2abdfb69d18fe99e389d5cb71759f27782a0f160e6751eb7f6d729dbc2733bb356814fd072ea87ef7f4c2f57ad213cb1820e8f1d685d0eaabb7432fb81a39dcb9a882f33ce49f23222cef35a06e2983f55994b9ca4982a14f1af535fa2c732388b1de6f19a0f55660f8429c5769ecda980b8540d5e1b9c30078c5efb4f0a1b37616753c74034d31be47692844ca2baf438e8c2b3a45a4194cd068365b75a8e74e36f8fb5fe4695c58ce773a2d438c5622ea3fd638ad9132478c4e27a2638ef41a604c3484e825e12a2caacaf75b454b4e64944b6fb8f989598ee63cca74448b419f478160698114382401ecd22fb742dee673f2f78a0c07c3a2239ed752374639a5aed3ac69fc4deea75283c240b20e78900e990d9901012d019796a2e56778322c5c1e114b7b183c26c0294e5c6e1082e0131aff099324958770cd8662438873962477f26e6502a231526682082997da80427b08fc28790534089f7b7ccf7094034efa1f40970d09842d09db3026e8720c23ee268c254bbde0042ea189dee9b9af404323f718189e7f73e9b1f32c0ab086c0d63a4cba789d38592df8ef35f6ed9ec0f418ab8c9156388845d4235958e3cd44e47edecf64726eaa3a47b299ccb1b892d8eb9a053f5daf87971c85cbdca4eb309382a6c54f41efba659f9599f93b59cb8df0f4c65fcd80ce450ca0171f73c835386866de395f0c25aaa94ed126406a7573601a0255337deb57f298d288951b1736de0837e135f568ec8db9efa554658d0721f441262b272b32e4a40a8ac7d6dc516e0a8405a013bc6181bafe0b21f4126ebd04454ac0be1be2373d0bdfa887f2e38e07a447d41ffbb630edd00c33ba36df8407861bf2db0f8a050aa4479aa3294d61613c066a7c21d9210efb6c4096f93b1ccf0b1d4070d57f00b544f70aa2a126c904d1b3cfe1af3bf3ebdfe5a3337a0dcac96fdca57c6df98c22733b4072589b3dab4ccbac4b6e82725746e21ac22c5e956425205cb50af194348d31c846f978baa55d15b8238f4c87ce3941e31a17b4a6cfe87396ab07ff3fcb34dd87b77505c3951e132025b719cab59765567cc3852cd1c336f7d63652ee359504007030ae20f14c49d181a59dbb719cfcf8d14fac1ef3f9621de0c05037d2f53e19e8a0ecc02b8d9ab51153f5a7392f4c1a0f684ccaef1ecc39b2008e91390ddce1a5e709f8c91c18ecf45ce3447e733575475b9f5d8a4592ef36a3cdf6f2fc589c425344689508b31d9a71a26f7c82d673f6b14a88ec89783d3a9560259f2f8e4c53b1e834aff3a0a4c13e6bd1444db88d2f2aa3953e0783e5125831442d73ba65f5ae82f9f3427510ae0bd9765b93074e8f7c67ebd4a8465fc95539b2993fc8ee4eb052eababfe31050d3ac7b731e46d1188a1d6fc2bdfb953c0d314fb3d8e9d8a3f041f1514875bbefc900ee75c2126c58bb9da14026644ba87b9b3d240e7b329b513253ec3635a592008e05880256bca3592c483630a9e96928b213875e41d83974d242e4333b51c8466ff5c1dc2087e57691e1967b4b1b736660a5ce48a3144f47c0b3a9187dc86f6cb9dd626f4e37672947240b1e5f96d84c5f8c270718509c8e39a7956b8b9848133177e6a840be19497538b9bb33da48cd664669f74abd50582f551cf2298bf99c272b239a51726ec26efc89fab46eb0b37598dd13e6408012b8ab3975eba3e0d8991f1429b764acc5228a700f4550102810e41aa32daa77dcddd927eb12c271928648be05805fe779cd21e5d80053e5dfe461c06a18f9824f532241867ded3468011d1f998c1d42b1cb1b612dede219e9552361a10294c4e3f938fe1bc2bfaa2aede28406193d5ee9e6a6891c82eaa093a4b282b9da9da61c03c1a54be8cd78a5a0805cd9415bffee1b922b67d9d669c7863b3aaf53e7fceb3a26ffa99b70d28d21163d339f1fe7d4749276e010540eb25aef72667fce78154a486054ffd13c65f7c12913fff9a038ad2d90f7896c68a84b146d14b2395f061990b64460553e4e749f75b6115a159d230e73e92beb9c882d5028f08bf75978cb2818a2d7a8bba3f7e41c12993dac2f7032e0dc551257aedf8c1b6cc5f9b7e13db793332cdfc1b2879d66f117146bb265ca5290184d67e1c815783c41d401dfbe7d15867cd19251a128bf88f7481425d48129d57b903575bc2e80da0f71bbd5abbe6dd63e8bfdf35fa0b668ff92012cdfcde1447b9c04e3ed87224cf457fdb1d4a1666c2ce3ce5d1f17c0d99ae327c38bd67f90d124daa9e5645936a1f55c41ef7ceaa113b9af6ab60bfd5d0bac939a8c8a5d53f543ec6dca4524b8663a712a3850c8bc85a2548cb7d2e1c9131317a45d70791a4e58f9fe898f2f6afc396e728b8160dc4951b2c89e1ce09d9c97aff0f7a01bf15fd3bb9ee432d818da6091d640cc26f1b18b4846559fcf7737e310a09cc6367839afe50b302efb246325bbd5d705ae7c74ad259916c6245c2adf433d19e772d70d65ad37f8f184a1ae777c8b1772bc8c2c01e98f0cebbfc9bea0a670cc4867d9f52d8517ea8e4ca5c9776adcc11e0715795c68ce94d058483ebc36ee502bcda3365eb41ed77a53e413676eef05f7a90406ed3e9b3cab8ca2acdbd1bad3ba7976c012b3a2cedf71e9d31d327ae5cd5cfd8e158cdbb7050dd543f4a7175d409ac8932da3049e27bd0fe1c0909cd38a962003af7eda504e5b4df5c51467c0b17d5ba73646093f4a9cbc66c93f2b75f2cc61d7b6feaa7ed66860c6ec178a14b6e93ab2a3294903d8bc44859972ea27e759a7622260ecb521767738b2350678c7bc3745b04d9325c7f63f45bff86ae90d2b36497615ecdc5942fb1e136e690367fd27d8dd4570ad83dae69589e55cddd02be32c4ba411c76eb7a5fbb4049f999b5bd867b88a06ef35ec3bc108296198e4fb4f72a0d18d0bf690d5d375a6db0fb1fa6c27d10b485aa03d1e31f69d74a5f35eea82f8014bac3e6b6b087f29d4a95897c1516ecef6a0a4e7de76beab9037f940e648626454db7e586921e743170c1f92d88db39b490a47df0d570fca42c5bb26d954811102a54480ac91f2fd605ac4cf01bc18836c51729b4fa5e376f909372d9a3f65835521002437af9e8cbb01e593ad86b250e40ed80d0a56132e06f6ff67fcf4521def44f125c7e119240f64753b4efb5e902b31d9e9dca1a9ec6d67418431e99a3cf576179119526d5445eb5217698f43749f7bfbc43f248c85f9ea644446899ba5e38d9e21777e457add0ce9c18bc6d7da9854af8792069d9a555bc08d0d63b00eefa6aead141ee1b8b627df5d34ff67bc01bbf72b040b9f4b7dd0ae2e6f095d6a120e7f0c67fd8523b76c18ca6c4020200a4d30e019d2750a414755e4c3d33aeddbe2507e968f2d2f77e89fc33613dd7a4ed3281411e09cc4043503251c24f672201952901db99dfe2a7e836e5d38089fe88cf938a41400d1f36803c8c5feeaa3c007ee25481b77ae5aa372adfdace3184224a2f9f744e20972786ed311b3138e17f91cbd50fefd2a8b5791b7fb2aa756ac06f201079871a5f789fa954eee6a28f0698d27efa1c601ad2ed49d2b782fa37c4002c407e28188ca48a7c3ff108dfdf375d46c9b1b3c169ab0d3aef6f9a2d4a9bc49d2a700f12f92c4569133be27b49fb9cb26b0544ba4032d17f7c2cdb15324a7acedf2d4175c91b35305a6ab0554986afee249176a085ee5ddd6074c5ece17a5e95591e1e2d20197980be6a7f441f778f4d6ebcde70493dca33e5c8c6d41cd01de9c3faea88ec85cd3ef35e6f56a764573fdf7979767c3b62f6f5ced203eccd05660c2045702941dcd7de15539444c26e86431133dd58b5bffc51a34cde15464ffccabf6b717d643f468e6500147f3c07d1c1bee87f905921b3760d55e5c886fc81a0460b94ff0467e7b1c8c4baa0bf0979e92fa95e200bc490c516771c68a6304cccdd328bf0ae44c6ecc910b74c48c643a73967f3c8abfec454aa171620ccb82eeb2ae39430d8a18c0a349178229aae201c3c034f08417ffa58c824e42e679a3a7c86a30a91b54a149e16d0aa6c93c38c63050286d37f3dabc94fa1f94c0843f2e06c59d63e2b32a146fa2e2425bb5c750d3e75cbfeeeb6913c2ce728c96a6f096ed89684c605459b0a20c8b4ce87bbef2bb21676eb697ba08deada2f7167d70880996d3153871e49e78aa57424d4bdcbe6e57281e6ebce829ce018543917d070246a61d7f2ce130b398551299d3b4e3964bc9163ef076073a8cc3da502b1be49efcb8a29c2e18c7276c57477e65eaffd5d3925ed3be83a4dba3252c342705293ba2a3dc894a04851efb3c0b31de68984ce8457183628d824a1bbfb94da967765b8f55afe1b4f9930e086e3f995b1978e3ddbfd8b49aaf4203eb4aafb3891babe9aa45763c8a8ead4e83e6bb4ebc739183499e6bedd7efe1ccc2110086f6dc0030a8b1d8f2b5efb7d9dd12e8031aa4f0ca3942dc3814b662211e02779c0e95886e61c506ff74357c9cc1fa83124651cdb0eb292d7b79785c1c7e535fafe49559a1c6c27df91209ad50b3d3f23b62055fb9af739f220b0657ebdad7686ef826a17e90412939a5f6b8dec1b2438cbc8643e2c03daab14bc01f8d3005a6efaba2411344f447ee9bd4554d21722e50959f19dc26941066525d7814148c96145ebc4bc1da2aa4f2f18bf18630ec79685b1f796a4ee07957e539d9af43b92d6fa6de353443af5d57c766e678aa1cf7ad1e2673923a175ea583c020f3d356bac7f923338d4496ffc8fb192a5e8036f4bba410ba4ee4302776f8d38afea605bd35b1c1305f56725d76c2145ebe6dcd85d5035b1673d717fe63b29235028b4e74e4de9d83a3687295e9b23d87056a25949146e0a75c3e96c58b0773db092f103d798bea09961b2bd238c01ac23d89890a28ec2d5b99f1ff2fa5fcfcb6325ac378c2cf9133667f4cd781e5352ab78ecd19c424cf778555ed0118150f1a8b9d444eea23bd2d316c388a1b05a580c199bb429f5b5a950c44ac52fe8645dd33fac47934ce1627137309a958d836fbf0be6bded3602b6aaa19024903afd9a5bf97c6200ad56211c0006c6fa63915fd72046652f1148a7470fd69de5dcddea1733c747d12c8f2c5704adcb38cbe4af78d5b2ad510a2f8f9071fa37abe4cafe4cd83bc6b1bb0dd5c5ce2c0c9718b7df2863ab1479bae4a0e2894d7f5b004446e7a6e171b3f4c89b6a5d97709a35d55904d60cad7dffe57715163313720890441725019e92dbce2da5191a4d35009b4c26effda6ef9ed1d7d53248709aa28b1e7844e9a0ff0f4ec6df44bdaf1d595a4c6835532d68367b05b7cb95b74fc38575648ca06692859ad2de95a5cdc754d91abec762056854be16e185a99a3f38361c1ff14e96b2724b4fc6bceb2a574f823a68107ecffdb4a2dcfc697023ba46f3022d6c826dac6fa11aa0afb423bef0a68b87771eb42dc912954e1fdbb1dbb7658a33d77ab45fe9365adb97535486a22232bc2e55ac502b1d2ceec046b4305ea365f1c19e13f23dcfebad331b4967c3a4e2625b9fd14b63b2a379b4d6c28a00002c00706f7369785f61636c5f61636365737376626f786e6574316367726f75700000000020000900000000002200d282c9d737e5973a41b80000000024004b5f852fa3239b362c1a944c59d4e6721be81b91bcc3394b3600000000000a00ff070000"], 0xbb}}, 0x0) fstat(r0, &(0x7f00000000c0)) 23:03:12 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:12 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xfdfdffff) 23:03:15 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) socket$pppoe(0x18, 0x1, 0x0) 23:03:15 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r2 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:15 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r2 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1e) 23:03:15 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:15 executing program 0: r0 = dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000000)={{0x9, 0xffffffff}, 0x0, 0x414d, 0x1, {0x3, 0x47ca}, 0x8}) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000200)="8b6eef87c82fa1d81e8317fc0f5bb2d264381b4560d7ef9cd41742e34b8edb9886a72fd0f2b3ded71dd4ea34a54573883a6ac3fbc8c9123c386fa79eb305b261e3523c494c1a8703fd59bfa914705c4d7136e88173017d3869a1f176b50187d06da21db1035904a471257e8a60f27b9f2af27dc51dfc001945f5a34c0e69973a9d0ea036bcdb8ab6edf3a2aed03a3d900149c4a9034d3d6c6a36c80fa83f2195399dd742535ff04f9c0f93bf0cff10ff55d378d62f21ae43b1118f266ea89407ab1242f445a52c89ca0cf70bd76dd263d5c782d527f89a9a925fa54080afa51da52c3a90e7020fc5f4406786a679eb1f1084734ed57b2f5759d5df40317243e641941345c8a3f5103941aae5c90828be5f5c1c80d1d389b8bfcea070d9c1da3ebc5b483443ab3a3a80cf58b0264083e5fe6efbc3aa6ee5ab041494a87efbc626a84b4aada73e00c3b307bb0467f83f5389cbd865a97a65d4088728229e14f62e5ceafb1e5c917799dde69cd42514ad1a54746b4ee8735d7db392c30adfdc736d022a41fdc4933dfb7908c59c470254e78f77583c4ac3a4e3c68a566df958ebd3e06b1507c6a5ff1d39a06cc0f0663f8cd16b181475d7ddec14cc8e52be11dd186d397aa067894abf29a0fea34b18eec9be5f2b426fb31fe5378e876798d8296bc189d5d30134abcad6c419116f4fd43fdca665182008de956a947e4cf35c3528e0fdfd4e62adda1f98b01a5ba32cb13776128f9bcdc4095db0db4e97490cde04a4032d1dd70d322dc7d3bd68819ce6b317d1beae7726bf315afd795ec481d85928843e65c04a25e307ec5fb19a489c14ff29c3a29828888b6487a47d743d7ecbc27953a0944b5383582083387e50e65b67782f5cf54b2e4bb01fc9e86200ad33c284445e01c64b7b529ec669505364add8c5260ac6d7cf766b20a779a1fa63383acbc1a556d1c6a13c85346bde56a65d09c8ec890843dd69be2a1721c17836ac2fee1c1c6e797c4f129257ef443ab1070aebff989d68a390b5cded0d0ce2538bd75e95e71df96a0cd8d93d57a2d5692bb58633d9203fa015009fd3c25090e50eddb3e9b87810577ba4fe548b4c045c8bfc58d32c6f11f18c3128d7890338345d49b907d440f94ed369a8e625051c70b3cc27d8541572a8c48c6c143e1826b98bdf5262a6b187ecb471c2841fd8b0a1e8dd9bd214e0f0a27eb9e62d9023dd2edea8126f8c468e38c2cd0f6c6e859cfbde27def924741e031252f8915cfa588fa3b6afac72082f86ae1b08d0f028e6e6aba2bd48efcce771508fe746446417790cf82273ce48c69a827e26250e71e14eec0412316a1fbba6cf2865a8d37fd485024705e6481a7fdcba505bfe3c356e928b209a3d048fccf730e1d69d36cbb7a7b3324ce8c32bda641d987a69341061cae203309be0abc1dc31972e4736b08ea84996cb8df97e205cd9b66c5fc428901db779f5c85e9055fd6c483250139c291cc9c477f93bb6bad01b2c30cb22a1f101f3bc75fb76885fde8561f10f7efe2e88323da2fada89c03c7f89a67e838eec669632456b82ae8f1d5749f00e787b0ed981e6daea35c2bb103a2fd441d1bdd515a5f038ae3c504febe99e1ba7b67a64a1a0e154fcd132a64bcae6106112f8e00ca774755e2499c860e0ac94679571013f0e2fe023093af1cb783def98e18d012b7936bcc50cf6d151ff0a22a49a4bf0ac106557b3c5b6733ffeefac9d2623662fec7b7662dc9449cb8dda1a43603de2a2541065f83ecada4749cea740ee892f6580795856af9afb51cf3d40f40b2f739a05adc5d5f1b2716319b6cb99268d56ebb2128355963c5b8a1b04cd8e213d5f3c4ca5961137d70da410fea022954d4d3127b5c40f96a4594a85e8193dd805f47dd852525c196ff36cb75e9f49b15467593eb8717b1b192ad63d1e5c69ce1474fa43491bfee393060bc1559e7b5b7cd799d5daba075946b3484162065d4409f2325f5ff80dee359e2255918441acd2eb186dc7b9a81144da6bd837fa4f7939b26cecfad71b0fac857dd2a331b4404513ea1daa02f403fadc6f845f6a80bcbebcdfd48ca5480c9a2f941e0f76912a3647ced3ef5f7b27e3b98691f68108977eb309e69c28e96a0b1af7e796aa0a6c46248e44125854c4263c2bd63115eca505033c5ea3ed269e75357ecff6634e66ec7e609e17df30f5ad58418c7e5e9e19fb125932b8f8cc70151916da77020ac490cfea5ce6e39aa103ce3d86e79cd6ed4df50163739d873b710976e300514e4d3ad0d78009ed3208db4c2403e6a6d5f93ffcb0f009466af93c76048da97e21915f322b743912798f39917254f4a5b1188599a15e4cd3f5bd1316ce74712d29ff360ae5eed45b6e954e14238447a1033fdb5a1d560fc29331d2815af47fb57edd669f489e32655ac99fc9ddc6c2b1a9304e1e94d0f79437b7bf0a169f58a03b3d91d462d00d3ae1985b8618323ab62c0c8ed8e8af27eb31aece2f846ca2589301778b5b7e5bfa4d82326cfba37cfe3f7c6d8632be2535618eb5f1b568c6caf679a6317d731a68f91d70c73588f29bfe9a56988ec6f6cba4e669ed5731381c85c2802bffd4a91ad561b9e1a7f0f4bb6248a73224fbc2df21657c4a180c2d288a601db2757abbca4d2236c2d8b423f45c7ec1d4d58446dedfe47a3f66dacf7fcd62502aafc2745fdca754c692085a389f5ef19b7ed10a4a49519cdea270f4163bfe66b6c056225c6a9a175e9cb78eaf062ef4b3e337403174de89bacb8223905257a73598d5c78adead5ba9be7850e884935261e392b93049edcfab8a32643e0d2607e8f46f8affee7e6b074b79a5b6e5442fc333c1c81a2917377edbaab77b62fff7a645af69d0fd75893908bb67f1d2cdb3e3775555770af908af3e9ed4303e858f58a3ddc01a395c6a257514d34686b535860609186374944c04e644fe83c535e2256c7e2571f2889fef7f4eb241b3037689119bfd9284e07bb0c83d9bff27a96c3577375316a348a1a72149211acd8f645a101868e268c258b491cf18725a49fc2172ec6476d48c3dbbcbe5396e99c875aa5d67bb40cff2c06ba1090a65fc2f2ddcf865b4a4eb4c1fda64890dcb0388f3671a34f4aa97dba38e419d08ddfc40fecb34ec247339502aadbdb129f98a92545725a21b31831a235f3668f7717ae3c57dd51ca532c0827f41ff7ed8155692bfa946414280bd0295397cbda7cfb51b4e14b2071d37b0772b5b02234bbabb3e5914fc5571fc02cff7e32d8771e5cf386dfc81a9bab040aac3e57601507e608da424289b71f8d1f96680c5ceb40e83188998561344fafcd01a643720fa2b8f530dcad594695720c0b8235c21a646422b8fd1086d964a15b74d7754443bdb7b952f9ef49c6db5a45939570fe714179473c1e1cd2b8162ffd9898d3c846a160cb1e28be768b7085d3d7994ec0401be3019f3747f068190a188d3685c96c46dada36252d7ba44d60a679738e692b1972c203a69e2d5fe41ccce9e7b436592655cbd14d3507acb0458b38f91888d31f65bdabd031a9a01f8d9d8e1b56891a096cf6b7f444edf67ee835d6121b2f4951314bc4880ff699dac1ad56031f00b6cadfda9cf324cf33991153931f7de25b39e126273f2e9c3e050aa5e78b55c7e6ff6782199518f3bda039d0f564e18da3f5da468759893b39a60763c01b2fa6b849a53b3dbbc591f2d6d11334ef60fee9c5d2a86f953793e6466cda9f9c0dfc4127813f60f06265ee4a1431e678c1629747a610bedd37cb4b6a6110f7faf6be32e9acccaf9c7ebe58ef6f64cdd6fd13b072f4beed74e090ddaaa91fc2cf8e29f45b4c2a7a3050f7c9805711d399ba5f895ec1719d9d9892bd1e81eab0fb88208ac7e27907a4b824ab867042582304b5bd7edaf58df87c0b4f19f90956f5b76c2fbcbbed1851a6bd6dad1ea9a4483be72f69dc6fd4777a90384533ba337c5abbfbf989b082362b5f4133588be63a2cff9e969edfc74031e716672e240e7efa9071e3d3067ba999505f5636bcdbeaf1e53f0e9da3e9e6e6d346d9a861d5156cdf0f095f06411bcdad63458620c767e70a13a3ab5a2c88ec47656dee43d8f50195aa9579b849af6a8eb3b6636c48c274751aae1b081f391b0e10e254c0704dd8d67a7d507052f166eeead87a07890447d20f1b1b2556250da2fdf8bc610b11590cb67968359b8ace37365fb6b4920891a89e588e05278ab73a6c6aebdbf958de0e1d3118147b8cd75f6e0754158031fa0961f40f2e872487703acb8408db2bfb4b572e39e91e4c7f078bd4edc0a2a5c6077812ce4b2450420ec677c59bd02a01983e0a44128501f32eed98ebbd3db1e585d57ebb9d6710538b335e003263aa607615f452702d0c57ee975be2671d26f7ddafd7a18ed6bd53397fece3c4d832640bfeac0545982ed4ed523f1f7e73e034a6204045238e4112578824f2dc23e6789dc4e37e384d41481fd086c1816356d75ccf8bcba0f7684ba883be5c4af7ae8a5b64723024ad282cc8ae4ac35a2551cb7cdc54b3d7c9ec2ca094e24c3a12a8aaf01ba44658e12bb6f089cf1be1407c0032c29911c7dac32eb47d932a46409004d2c01f97eef589f0957470acc244babb6555b351c6f1a34822c9df284c1076e02ce31ec0bebb05d2d06f9a3041efd83fbbbe5bed275e0edd5cb224e4b09030dfba52c44d388b75581b9f2d9999259a798af6ff7be1b02da4a03d6f83aca8c5d2604db7f7b3422f350f11b390586568502df4e0e9e068990797088065495cd483278a6bc4b9e08d6ac0e68e86881d04198375cb0be9cd12bf0d3295f952face9c309faa00c759b990539ae0b0d90650d6073463c345888f286e870ebadff06de74940a282374a80c8aafeca7b2835e983b96a02161a1b940b73a256bc986f8220da863b5af4e387999fe61b0303a209a2be93b70e62d1dd732c5e6812e4d64201aac84c515b773541d26ae10f6308c5151f70db27b71800880187c9311d001d9125d2a623a4b8688222fb33e6a1405848ff380e4426d3c8a8c0d91bfb3b5338e4f625269178b22c3613ac68d986c921d96e12e0c964c332afb4768af982f1f39896cc0f03e77e877d02b7918503dea2cf44645ce67ed7c9af7fda95cc7b8460b3b74c3ec9f82ce7a0836bf64107ef22dc0b3a48a6f91a229c3148ac1a66a21eac579db9ed90ebb041aca61e432704e05471af5b3777e7bd34d3a1ab13147376d6ec0b86d3e041d07dcfba7975c7f6f83b9720e23168e4adba3887d29f436a99e572656f47ae38e0715db2b1c52078a428511acb5ed945f5df11b4d8e736ea1aa777a211ff5ba429ed53b32fe9863badaed12693ed48c3b2edc590b73bf70193108981a10fd4df44c9365c4b13666edb9a7d7a967dfd90e5091715477e0959fb5864938e5725429ab9229fe50d4ba7537ba78f46fe6c4bd0d0b3a6c6af2a26ce04998dbacfbeeeb3d82435235d4e4dad68ee4a1dd6058ab6ba36e1dfed957acecfb253350ba184ba9a0f1a0ae7ac53b42c6213395628070a3452b850a6d148bedd3ecf7781326e624e3b6ed24530012ba99347099b9dbe80507f0c29cafbece7509229970e89a72ccc46974203888cc3a4cbdce5674c89497786502fb2d2ac7a1fc5f2e5ac11e65f6e90b71e6aac47742d5b4d614914c0f7fdb3e3ac14cfff14d4c7fb2b92b882e64979f275a1fd87c011dbeb656787dadc9874626dffd9f422f6ef83b8cb37c98c6ddc901bef61d0955c8a8b97cb1b68eab86b8d08d382f89fa610a8c59b61752a74ef3", &(0x7f0000000080)}}, &(0x7f0000044000)) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f00000014c0)) msgsnd(r2, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r1, 0x1000000000016) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r1}) 23:03:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x2000000) 23:03:15 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r2 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:15 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:15 executing program 5: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000740)={@ethernet={0x0, @dev}, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x2}, 0xa0) setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f00000000c0)={0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x4d, 0x7}, 0xfffffffffffffdb9) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x0, 0x0) r2 = socket$inet_smc(0x2b, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47744279}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) read$eventfd(0xffffffffffffffff, &(0x7f0000000140), 0x8) getsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000380)={0x3, [0x1ff, 0xf5, 0x0]}, &(0x7f00000003c0)=0xa) ioctl$ASHMEM_GET_PIN_STATUS(r0, 0x7709, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x2}, 0xb) ioctl$KDADDIO(0xffffffffffffffff, 0x4b34, 0x2eca) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000001940)={0x0, 0xebe5}, &(0x7f0000001980)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000003540)={0x0, 0x10000}, &(0x7f0000003580)=0x8) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f00000004c0)={0x0, @speck128, 0x1, "e27f5eb025e91e06"}) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) writev(r2, &(0x7f0000000c00), 0x0) semtimedop(0x0, &(0x7f00000002c0)=[{0x0, 0xffffffffffffffff, 0x1800}], 0x2aaaaaaaaaaaabe5, &(0x7f0000000300)={0x0, 0x1c9c380}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, &(0x7f00000000c0)={0x0, 0xfffffffffffffffc, 0xfffffffffffffff7, 'queue0\x00', 0x2}) 23:03:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1c) 23:03:15 executing program 5: r0 = socket$packet(0x11, 0x40000000003, 0x300) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'gre0\x00', 0x0}) sendmmsg(0xffffffffffffffff, &(0x7f00000031c0), 0x0, 0x0) bind$packet(r0, &(0x7f00000001c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14) sendmmsg(r0, &(0x7f0000009900)=[{{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}], 0x1, 0x0) 23:03:16 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) sched_rr_get_interval(r0, &(0x7f0000000000)) tkill(r0, 0x1000000000016) 23:03:16 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r2 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1200000000000000) 23:03:16 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:16 executing program 5: syz_open_dev$admmidi(&(0x7f0000001240)='/dev/admmidi#\x00', 0x6, 0x0) clone(0x210007f8, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8326, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x81}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @host}, 0x10) listen(r0, 0x0) accept4(r0, &(0x7f00000000c0)=@ax25, &(0x7f0000000140)=0x80, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000001380)={0x0, 0x0, 0x9}) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f00000013c0)={0x0, r1}) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f0000001580)=""/4096) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000001540)) sched_setscheduler(0x0, 0x5, &(0x7f0000000200)) geteuid() getcwd(&(0x7f00000025c0)=""/162, 0xa2) utimensat(0xffffffffffffffff, &(0x7f0000f8eff8)='./file0\x00', &(0x7f0000f84fe0)={{0x0, 0x3ffffffe}, {0x0, 0x2710}}, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000001c0)={0x0, 0xfffffffeffffffff}, &(0x7f00000014c0)=0x8) 23:03:16 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000000000)={0x0, 0x12, 0x4}, &(0x7f0000044000)) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f00000014c0)) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x20802, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0xb8, 0x4, 0x7, 0xe80, 0x0, 0x5, 0x0, 0x2, 0x9, 0x5, 0x3ff, 0x7ce, 0x6ac, 0x9, 0x6, 0x3f, 0x19, 0x1, 0x7, 0x67, 0x100000000, 0x0, 0x5, 0x5, 0xffffffff, 0x8, 0x9, 0x5, 0x3, 0x2, 0x7fffffff, 0xffff, 0x80, 0x9, 0xffffffffffffff6b, 0x7, 0x0, 0x9, 0x0, @perf_config_ext={0x8, 0x3}, 0x2010, 0x8000, 0x1, 0x7, 0x10000, 0x1, 0x1}, r0, 0xc, r2, 0x2) msgsnd(r1, &(0x7f0000e74f60)={0x2}, 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:03:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x40000000) 23:03:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000140)={'raw\x00'}, &(0x7f0000000000)=0x24) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0x8000}) ioctl$KVM_NMI(r3, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000340)="643e67660f3a61ca9bbaf80c66b8bc5d158866efbafc0c66ed66b9800000c00f326635001000000f30f40f38c94bf80f380b5775260f01ca0f21360f180ad810", 0x40}], 0x2d3, 0xfffffffffffffffc, &(0x7f0000000280), 0x0) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000000040)='trusted.overlay.opaque\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 23:03:16 executing program 1: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000100)="120000001200e7ef007b0000f4afd7030a7c", 0x12, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500), 0x0, &(0x7f00000000c0)=""/7, 0x7}, 0x0) 23:03:16 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1c00) 23:03:16 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:16 executing program 1: r0 = socket$inet(0x2, 0x80003, 0x3) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000080)={@multicast1, @local}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e0000010ac1414aa0100000001000000ac1414aa"], 0x1) 23:03:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1900) 23:03:17 executing program 5: openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)="2f67726f75702e7374619fd474002b044a7b09ab0b0274e10985a6fa15b35ba69421f204dec5668a06000000b90ff880e01f262bafac7559cb61ea0cd9ff7f000000000000ea93a7dec9b4168e468be0576d1d0ebf3b43478f8ed85b547c6924880400000000000000901e428b98add1375d51e135848fea98c6e3574511e0c61f8a4ef61f00000000", 0x2761, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000065c0)={{{@in=@local, @in6=@local}}, {{@in=@broadcast}, 0x0, @in6=@mcast1}}, &(0x7f00000066c0)=0xe8) 23:03:17 executing program 1: 23:03:17 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r3}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) 23:03:17 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) r1 = syz_open_dev$midi(&(0x7f0000002240)='/dev/midi#\x00', 0x1000, 0x1) r2 = syz_open_dev$vcsa(&(0x7f0000001780)='/dev/vcsa#\x00', 0xffffffffffff7fff, 0x400800) r3 = openat$md(0xffffffffffffff9c, &(0x7f00000017c0)='/dev/md0\x00', 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000001800)={{{@in6=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@dev}}, &(0x7f0000001900)=0xe8) r5 = getegid() socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000001940)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000001980)='/proc/self/attr/current\x00', 0x2, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000019c0)='cgroup.stat\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000001a00)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) r10 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000001a80)={0x0, 0x80000, 0xffffffffffffffff}) r12 = syz_open_dev$binder(&(0x7f0000001ac0)='/dev/binder#\x00', 0x0, 0x802) r13 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000001b00)='cgroup.subtree_control\x00', 0x2, 0x0) r14 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001b40)='/proc/self/net/pfkey\x00', 0x10040, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000001b80)={0x0, 0x80000, 0xffffffffffffff9c}) r16 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001bc0)='/dev/nullb0\x00', 0x8000, 0x0) r17 = openat$audio(0xffffffffffffff9c, &(0x7f0000001c00)='/dev/audio\x00', 0x220801, 0x0) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000001c40)={0xffffffffffffffff, 0xffffffffffffffff}) r19 = bpf$PROG_LOAD(0x5, &(0x7f0000001d40)={0x1f, 0x7, &(0x7f0000001c80)=ANY=[@ANYBLOB="1800400002000007000000000300000018000000a64600e10700000007b62ade000000180000000400000000000000070000009500000000"], &(0x7f0000001cc0)='syzkaller\x00', 0xfffffffffffff371, 0x3e, &(0x7f0000001d00)=""/62, 0x41100, 0x1}, 0x48) r20 = openat$userio(0xffffffffffffff9c, &(0x7f0000002280)='/dev/userio\x00', 0x640, 0x0) r21 = syz_open_dev$dmmidi(&(0x7f0000002200)='/dev/dmmidi#\x00', 0x2, 0x80000) lstat(&(0x7f0000001e40)='./file0\x00', &(0x7f0000001e80)={0x0, 0x0, 0x0, 0x0, 0x0}) r23 = getegid() stat(&(0x7f0000001f00)='./file0\x00', &(0x7f0000001f40)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000001fc0)='./file0\x00', &(0x7f0000002000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$unix(r1, &(0x7f00000021c0)={&(0x7f0000000180)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f00000016c0)=[{&(0x7f0000000200)="7a2b0117299a21e17e5adb7595f624d0ecfe14161519729b01a9ca63c60ec08ce9fb0fe6713c7dea6cbeed7a771b5f8fa170a2a0d8c9273f4d3bb8287ef527331d5b39744435d4e83251abf07ad948e4e2b2aa466ccb1f35c6aee10c5d56fddd95b178913fa627090788b336a6c8115c716b11149d04b515b69bdd7a18425fb6df89c524a4a74964b86c1964f760352543b5400f04d5b284557540b462e456befacdaed48a15d8e249acb2588b14e212fb6c26dd7b7499256531b21007ca5c1dfe0440862eedbd4ea2517b084c6665cce56c79d4b829bb8b85919f1db4e09473db71bbeb58454ecddb0cbfc2647642798504723e9355add142c5c933121b0c58727713c9c47e8636830ffc804a1bf4d633805eb3388035137ad57f867f17228e8fed7bf404f81837cafe3923fae4ba0cc1fa89504ecd27a3135ae7fe70afcb88604b5d390955a18b02b8e55fe4c3d21dfe57dd68c6da3e6223e74bfc360b14a097c9fcd378fab3e9a3f95ed19a6fb72e7893e94e87ed271d490781a3830e3c5addf1f6ea2604041a073b671a9300c83fbdd9060c97cffc4d23a66be954df22b40745620748e67713db600dae848dfd13fd584d69bc2f2c01d39b8bf0da617ebec23bc54e50ea533bac3c0e7450dd38df588c7be958e0aed32603b966da6761774260ea75544413a5b547a8110a988335a0253428b281acc00672a2fb4f075dcbb329ef9d2b6ae7ec5de4886cf20ce247eb6b06bfc43876de0fc7a2d038651ced480bfe0abcd3af62bf0f806f5b7392219b1684fbe547311a0a55d5f0749d41a19cf4504ca84738d044d1fa48c2ab22224bedcfd200f539ec7104cf3fa7d0664c48ff6f0602e7bcbdbdff5ce1f35bdc009eabdf12edea95b4926d5d24e05bfca02988795b8a04d894dc3682f9bfe39edecb8091ceb34e445155c063e50fbb34e69bf64e4b426cb82f9ece97e6c29dc30466b18bcfd2681c3dc2bd6c6a04816a93c575ea8c10e439338a87d132b8ebbdef29d350625205ff09d689b727b6af9317681db12091a145663f3f68b0c70f8ca52c826fef4a07c8681bf6fb0bf561567d034efabf3d8b64f56cb8ca2e10311a5838da076a12c4904c1d0ff490364f2ae14b2bf134ac8187192f8bd0ee369e31015ac1e0b634785e34f35e2d3550f0e76d925602dd4134140c26ca183967b716c6a50e32e4a255187a960d040d64ce04949a5eb79350872bbcfb6e85195a9ba69acca7b2a88738fb36923d85dcf815e96bee1aa0e30a05225fb2cb9058099b67bd9bb2d8c828b2a8ebeec335f2a88b6bfe2a28b99a2455d9470a3b2048a9e2d8323e785f152581cedc17e9cbcef1d63d5bce638504c98651bf37208f07d9bcafe226afc371793802823b0c2b5541f5469ae11fbe7667561f07453ea34a287fef50f16f2a49ef8eee680cab28bd90e9c494ea8f8ab7d5c21aa4c928a48098f37454d650b8b6ef6a8d3790f8a9a58f8eefdc94fe28575465ff3c892c83456d6e2e826ec71449155b55ad1de9f2aa5597157461443734fa471e137c9c6f37cdd4258793c67eb55fedf41b7fc9c66741c482caf094ac5d4e8a42765f1f7af71a4716efffa01e7bccc7653b849d3ebd7e7789efa5cbb26f7b369aba4613ace14f8a3685827316862b3b1f2cb588bc05f54a3c04b2ecff810f6183edbde90bf79ecbaeb6ecfafaba8f5d414a4bd97ac7180f2e2132ad7f62fce23e8cdb73cabe29cdd7db06ae7573ee5f3ae32c95456f62d55cd96a9f0a4e7651ccdeb9be05ea38e0d4111a72ee71c4aca875c8a823b3065c658b473fba6db5a7bd8d36a491eb5a54ee2b46765e5d1ff2ffdd613692a80202863acac1ddc89b289e17bf622b61914c7e19b0e4617b5c546fd6c540543af5018697a020e7a6eb5ac194ed8599b9bae23c41f6d033823cc3af390a78a76599245228d68d86bc41c3e361d449f7d6985b1dbba4f7ffbf22ded6608553afb0464428621bf1d4cafd54e095c7548c745bb078e3b18582e6e7da6a8e197348fdd136f8c8db855057ba404746f6cec223bc0c11e213e4d0a1d727dc19fac2f76fc6a25f4815a38d4b41bb1a3db9d0f3d563bfa9fbc9e455069af818d1c96150c3d31239c6f6a791807811bfedafbded4f0bc993f88b436833011f3dbba1eeb0ae75a4dffe39d40d12c79df3b2b0e8f1cd95de8ea304a654e0ee8483d576027282c197afbd8fcc7a28e370b137fdf13d6c65b2e5ade98e3256019daad924eab76c57d7e75f396e5bc9d27c5cb415698b7cb9e4527706cb69d634dac2cd3f15432aa37e7627d08188094457677962aef940580d7829788e447527cefb745a7def86648838b1b9cd4f5324221a608d09991d1f75c79629303bea255201fd7eb9ffe20b7124da28e8ba7d2d05eee72a89ab16d1f7be8c8f5a3ab045ae5bc60fbc3603e83fd60177bf421e2b199d3b3975b911b7dd925fe8331f5a12a7f79edbf78e724cecae4fc77b54d13c35b25fe57643a04d0a98bb390c2dbdbb983d74766bc3e39a47cd45e48bc47795850cfba5ade54f79235acbf8348f9c6f08e83e8c2bb009dcc4ffc151830851c22d105f4941c09b509973b66b053f69871e54decc43609f41c28c504df4dda9a8cd7b649729d4f04c2be801d127e01f757bf2245d381c91d91e7099b7c0391e7ef267f972d0009d7e91aabc9d2fdea8fb4334c9aff557fb43df4742ea5557e09ec5e6bad685df80d2e3a1e9961a49aca894f8e0a1e1448e1fa50c68b610d62644e7e7ee831872bac448b21bab5c6af640dd3ff860d2ee443b241f941916177c7328102f100693ce5f05fb7bf9767e64fd027a238fe9250055df3fad51bdfe1caef33cbef3676ce923c5d05fd449613baba7c3cbd22d7314d646d373418a64e7fd03df3443388f7ff0ab29e029b52c9b9f729e07bd9c1dacf2d96b706f867fd0588a45a10f800113c986c0c8a6a689a349dbffd9c1990494ad895f6a5dfd85b87a460c049bb9926c68d5ba1793b528dec8e6891d5248d74a942c2922d6de3aa8bd692ea20d4e05b17068c274400ca128a302c7ddfbe453c2352e4e39881857c119ad7a32baec61bcae288d31d01cac587d499f0aa48ef23657b942da58f1e41c2804480d492c5efd73711c13331fe70a0107b52704c74216393a6f839d3365ae4da856a2a759124652b34d98225e8b3e4b6f9c6aacff8cf85797b7b44848c9a3861763072d290645761c7569de8ca7246fb0f0ba78f349785a489ff8488ec78e419a8fee547e44450b95d263ce7c3aa99658c9eff1793c77bfc7aca0a06cd458b53daed87c77aed489843954a38ee09278502920999df24e0077d58744fa78c6d8fc3ae4500439529f464599768aba4051b8bb82705e9d2cb3361a9fa3582dbd63d4e12fca3797516eeff72257657baab0a6a8bacebd58e2766f2913f7495d6355b361101fbb7fa35ca9e4ba3ec782dedf6d8b47751b8ba37e3a79da25adc65526f9ad3734797f3f6140bb1402381059971a28a64665be371ce30bd3d36d3e66fc680027f80564c1a7e3f70db37bdb61f281720597fe55562699f637ee7a3f2903312973f08b805fdbf8804dcf91f471377ff704e971b725ea83842c7ab4b3ec0b569f74d3ebae0dc00d644a54b385086c8192efc043c27f6a2b29ec79e5f8aed2a788daf584489b7dba42a5161ed1d15a2f603ec1a17803b3c9328a11a2ab8f85b40e1c8805871614d0d7aad1a536236d9bc70d12c318109872b98623db72b74330ecfebbffde8dd7dc174455cff3cc2f02dc9fcbe7e4892bda5f67a8d736d434f648b73bcfd021683638cfba81eca73f558d23a923502d2dbb1441b7c480fc25eb7226000787f47839520d904d8c8f3bb016ff7f0cc4136b8b6392f23ce1cec3c5bd35f44c172ea0de574ce07495e168c446fc0b4bc79af0f61d7f260a3cf40e6db32cf2f8bb047fb3cac7549ad2bc72a33cce01e2c2d8191dd3d83eb3ad1d76808d4131486f2b970796b84c62beb4f3c07da33b1501e7483091017eba62d2b0c2233949d3891433b7c34c4b0524431d6f1235d9827c9f33346f8beee0c257e9bd378e67c7e6ee2029331017b9c61a3f766f8710d27de25eb3c92038983478bdfd8a1c8b560924a56bd687025d8508100d1fde77f7779e54847db7b02928a909ddda581679bb6d0e642e03f68969ae245d16e1542e1ed1993ebd7dc93247c4a37a39dd27e376ef7373548acc7205d1b4e06ee2859e333a2b92d9f565bd0bf0641cdfe037175d320263aebaf76ee691746b808bf24d2f8d9ec9f24f953dd8eb95cad465b88aef2344d4b15c47a8e91c629ab429487d9b393ef88ef0751beff9b51fda704880222418d431d5114f0d45389e26d3a6ef808b0ea2da6a258ac8bb1cf3e875a9a0d7a9cb3f3e447c591c545422c8bb389e2ab0ae29efb1c68a2e277446e202c05ae25898b3813f1ce352f9d7e1c221001eedd171a555aec4caa5d271deeb4272bedf3eefc2fe1dd3bda0a0fa50ec4b5f4ed6734fcf574f6dfb0b57b098e71563bf93f458962a94d681fb83d86a1b9bfa8f7d6f3740ef40a5a118ef63327a9fe7dc4432a271e88e220056b5606b874ca140f30f622cfa78663e294901a1de29e1642b0b1742d62ec559893af240bcaac71ba1890d62ca56912d421b87bd23bb5bc36f97c4d798acd081e5174022ed7e8908b71cdf58166820c8a40e08d4c0b530cf72147391061e3d01aa2ba9cc1e5a7c0d948db07c662412f31dd10af5d41b20be1e206966eebadfba6c307f62f0f3c1703bc7a0e8bf644eb94e2bc2084fbab3f3a3a96379f1434c9947a1cab115e4e58332fb756c8cc0f2ca00c87a6422f3696f4a85d8085ea110837f9893ee82265873a6286e81c37dd8359051631d8a361ee9630a2b131ba255913e29c6c2cdc198df5fc629c821197598d9e54110f88363e17d9e986a5106f96cbc5865d2ba8b7164bea2e66b912127577813b2ea8713a3ab64987a38b4fdd5eb473a57217f56215802809095f98758ee029218cd98d2248389afed3b65c0e0fbdc66789e9f78e9799509d6815462df174689917aff1461fff72a9034e3e2da269959ef76b64653640a9da74c876bdc48f20e4888ac5671da3f97f05e375e92f984923c8b81c7694f4cbce95cb584f8b7a601fb54c8a87db0947f9c5145070c38d6b0c5763197384f2ce2a2f169665e3b92fdc1a5215e6507a74bd0a7429e0f000f3867a138c9e3eafa5828b372832cd83f9b8c7b642bc72f1c7267acc540d7f48ae5742cd9c2d5499912331ac4e22c83b9b370a9c48e1b7a38f77aab073efcc792b1c60331f8a151b2ef43ed1816d09e3e2d3751152c4a51a2ae65e58965dfc7f772649f35e761791eb467d18822f8e142f7d23f37e216b44d5b16ba29cf085371dbfc34699361a2f2c0f0dd7c0b62f9eb3f99f33d86542eab377abe10766235cda7f419c6a155540e5a578aac4921046f9bfbcea098ab7f6f22df7d7a4dc56583e44f0433747112634cf9bab5c98cd4140c505f47dc8ad8e7109482098606decfe623e8d251b135cd74d8b2ba66cfb147de85862c6267ab63a073a810a76809673cc9e0ff9e6bf99557c737cb54912dd11a2e3bbc5987020a64bf176e513e9809bffe7c6e259c02f7bc5b261014fa251f4cedc3e68cb578f2fc8b255d117b74258464858daa114e76ad63076bfa09fc900c15e8f79b67ecd68af7a28f29994f37d11cba776d9ff079112f2862619b70195b90eed554d0c58449c78374ddb3360a09b9a000cfc2757a762338d39e", 0x1000}, {&(0x7f0000001200)="b2ecf5b7cc74df408a2b42e376771e515112537eafeb12d091a30ce038cddb4980917c2c6a4cb9ec88920c878234683fc6bc7b24c1f0aeff00", 0x39}, {&(0x7f0000001240)="d33bc8f89c", 0x5}, {&(0x7f0000001280)="58f7fac251885f7b95c4683a8dabefd7315520e1bd92e8e5e89e4c67616123fd3351a9605da8bb94958c680b36553bcd80c671480aecfb14ecf05a18afc475367079ab9085b5fe955e4d16c00ea6af0225a8d3bff4c0759b6709e49a0513c724ecd63181930ea02e1d4cd0d6e4c31f5b1fdce25a95eef58bbc4d0e71e62986e4f2b1b9994655a5a67bfa1835f7ad4eb2db866245fe3e6a25bb02d9ebc34c81e53e9dbc63e0bdf469395525558d8769b0aa9d69d7b7648c65a1616dea7ab27e2e1c4afb6cf4212a77cf66fa93ffb61eed591e26cf8478", 0xd6}, {&(0x7f0000001380)="14b64c89a2277fc8008dc135772d72bfffc54ead20c7638ee46b6e545a1b2e7f6377601105f45e3b753e0916bae1a90e27aca4f5d01b7b38fae9bab32e056bdd8fb0a8d480e8752c5f01585c7ca25f481d6bf35c7b28c452876003b8e75405b699fb040605f5d378ff369428886748da51743f67b3f8e9a783ddf88a406bc722326222106eed8b8dfe90e45377c9fba145d8cbbeeee518d622a3a55945c806fdce93af5b6bef81c2ca3f82ce3dfe9df4c5b44a3a", 0xb4}, {&(0x7f0000001440)="4fec4611607d20fa38a9cc3363336aa739dd91c60415acbb64540c98ea3fbba682419479be", 0x25}, {&(0x7f0000001480)="635f757243506ef665", 0x9}, {&(0x7f00000014c0)="63ddc19ee11586f14f004028406bc0a8d0fc8d2580ccf707a9e8adb95545f5b1c726076df2044c8769431a941fb9799ef15ed98f0d2f1821de9cf51c335468b436d7cef8e2b66e811ab206c321b0f0b42d4f8e8011f0605f90ea88e8ef183b73e6f5127be3fc", 0x66}, {&(0x7f0000001540)="27fe98603f3093fc685dda2d2367eb85d8a892110c74e895c46fd63a1ed8c2c0812ab6c426fe364b028e3a83a24a10f14f8a50e0a2452f80eabb008c8a6defcdff451ee1addf4d763c5db199eead3a2ce1ec186a7f82014e15da5d9366d9ca0497386f4834134a6fc952ea8d4fdd630fb0fd999ffa7dccc65f137f474e69dbd91236904f0d9d85867ab113c449ee11abb164a77db4c327875e35eb5533355a3562ac8ed2477d255459697eebef866d1ad6e433dafa0406fe75a2", 0xba}, {&(0x7f0000001600)="01efb5f79a893fb78af4ef314cc36fcbf00fd4ea295931db1c595ce5c813e53285a6a8484ca0ba9d2b2019c33d6f5a4fa1e93498e0230d1c1ce5d558c65ee60c845f15afd8e10615e8bfec2a4dc79099486aa3e1a6c798ee00650a29da1cdaf371150b4d3c37767c7bc943b0f3ee3ab17feac7b4e0652c023015f12dab9c62304740e10ccac34bca5df85e865599903c33416fb675717ee206", 0x99}], 0xa, &(0x7f0000002080)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r2, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r0, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r6, @ANYRES32=r7, @ANYRES32=r8, @ANYRES32=r9, @ANYRES32=r10, @ANYRES32=r11, @ANYBLOB="28000000000000000100000001000000", @ANYRES32=r12, @ANYRES32=r13, @ANYRES32=r14, @ANYRES32=r15, @ANYRES32=r16, @ANYRES32=r17, @ANYBLOB="18000000000000000100000001000000", @ANYRES32=r18, @ANYRES32=r19, @ANYBLOB="07000000000000000100000000000000", @ANYRES32=r20, @ANYRES32=r21, @ANYBLOB="20000000000000000100000002000000", @ANYRES32=r0, @ANYRES32=r22, @ANYRES32=r23, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r0, @ANYRES32=r24, @ANYRES32=r25, @ANYBLOB='\x00\x00\x00\x00'], 0x110, 0x40004}, 0x4000000) r26 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x800, 0x0) ioctl$KVM_GET_ONE_REG(r26, 0x4010aeab, &(0x7f0000000040)={0x0, 0x1ff1}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:03:19 executing program 0: r0 = gettid() r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x20000, 0x0) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000080)='nbd\x00') r3 = syz_open_dev$admmidi(&(0x7f0000000200)='/dev/admmidi#\x00', 0x81, 0x240000) r4 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x0, 0x8002) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vsock\x00', 0x20000, 0x0) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vga_arbiter\x00', 0x2000, 0x0) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300)='/dev/hwrng\x00', 0x4080, 0x0) sendmsg$NBD_CMD_STATUS(r1, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2006000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x40, r2, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_SOCKETS={0x2c, 0x7, [{0x8, 0x1, r3}, {0x8, 0x1, r4}, {0x8, 0x1, r5}, {0x8, 0x1, r6}, {0x8, 0x1, r7}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r8 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r8, 0x1, &(0x7f00000014c0)) msgsnd(r8, &(0x7f0000e74f60)=ANY=[@ANYBLOB="b5238f22387dd244"], 0x8, 0x0) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) msgctl$IPC_SET(r8, 0x1, &(0x7f0000000180)={{}, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x81, r0}) 23:03:19 executing program 1: 23:03:19 executing program 5: 23:03:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x12) 23:03:19 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) 23:03:19 executing program 3: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x2, 0x30102) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000000180)={{0x1ff, 0x9}, 'port1\x00', 0x18, 0x90003, 0x308000000, 0x2, 0x0, 0xa1, 0x8, 0x0, 0x3, 0x98}) getrandom(&(0x7f00000000c0)=""/148, 0x94, 0x2) ioctl$SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x1000000000016) 23:03:19 executing program 5: 23:03:19 executing program 1: 23:03:19 executing program 5: 23:03:19 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="1db26bc8"], 0x4) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xc000000000000) 23:03:19 executing program 1: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f000000a000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xa000003ff, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000200)=ANY=[], &(0x7f0000000000)='./file0\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f000000a000)) [ 408.795773] ================================================================== [ 408.803370] BUG: KASAN: slab-out-of-bounds in fscache_alloc_cookie+0x7ad/0x880 [ 408.810750] Read of size 4 at addr ffff8801b953e814 by task syz-executor1/14774 [ 408.818206] [ 408.819868] CPU: 1 PID: 14774 Comm: syz-executor1 Not tainted 4.19.0-rc8+ #286 [ 408.827243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.827253] Call Trace: [ 408.827280] dump_stack+0x1c4/0x2b4 [ 408.827306] ? dump_stack_print_info.cold.2+0x52/0x52 [ 408.827362] ? printk+0xa7/0xcf [ 408.851326] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 408.851353] print_address_description.cold.8+0x9/0x1ff [ 408.851372] kasan_report.cold.9+0x242/0x309 [ 408.851399] ? fscache_alloc_cookie+0x7ad/0x880 [ 408.865892] __asan_report_load4_noabort+0x14/0x20 [ 408.865910] fscache_alloc_cookie+0x7ad/0x880 [ 408.865935] ? fscache_cookie_init_once+0x80/0x80 [ 408.866044] ? rpcauth_cache_shrink_scan+0x180/0x180 [ 408.866081] ? __kmalloc_track_caller+0x14a/0x750 23:03:19 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000500)='/dev/midi#\x00', 0x0, 0x200000) r3 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x0, 0x20000) syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffff000, 0x2000) syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x97b, 0x0) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='vmnet1security@systemem1:\x00'}, 0x10) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080), &(0x7f0000000480)=0x4) rmdir(&(0x7f0000001540)='./file0/file0\x00') perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r1, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ppoll(&(0x7f00000001c0)=[{r4}], 0x2000000000000127, &(0x7f0000000240)={0x77359400}, &(0x7f0000001340), 0x8) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_procs(r5, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) [ 408.880196] ? kstrdup+0x39/0x70 [ 408.898397] ? nfs_alloc_client+0x383/0x760 [ 408.902735] ? nfs_get_client+0x8e8/0x14d0 [ 408.906982] ? nfs_init_server+0x357/0x1010 [ 408.911316] ? nfs_create_server+0x86/0x5f0 [ 408.915650] ? nfs_fs_mount+0x17f8/0x2f1c [ 408.919808] ? mount_fs+0xae/0x31d [ 408.919826] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 408.919837] ? do_mount+0x581/0x31f0 [ 408.919849] ? ksys_mount+0x12d/0x140 [ 408.919868] ? __x64_sys_mount+0xbe/0x150 [ 408.928163] ? do_syscall_64+0x1b9/0x820 [ 408.928188] __fscache_acquire_cookie+0x230/0xb60 [ 408.928213] ? fscache_cookie_put+0x880/0x880 [ 408.928234] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.928257] ? check_preemption_disabled+0x48/0x200 [ 408.963892] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 408.969457] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 408.974750] ? rcu_pm_notify+0xc0/0xc0 [ 408.978658] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.984283] nfs_fscache_get_client_cookie+0x463/0x600 [ 408.989582] ? nfs_readpage_from_fscache_complete+0x200/0x200 [ 408.995504] nfs_alloc_client+0x563/0x760 [ 408.999670] ? register_nfs_version+0x280/0x280 [ 409.004389] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 409.009018] nfs_get_client+0x8e8/0x14d0 [ 409.013089] ? kmem_cache_alloc_trace+0x152/0x750 [ 409.017945] ? mount_fs+0xae/0x31d [ 409.021518] ? nfs_put_client+0x30/0x30 [ 409.025504] ? nfs_alloc_server+0x5ca/0x730 [ 409.029838] ? nfs_wait_client_init_complete+0x210/0x210 [ 409.035302] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.040858] ? check_preemption_disabled+0x48/0x200 [ 409.045882] ? check_preemption_disabled+0x48/0x200 [ 409.050943] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 409.056150] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 409.061196] nfs_init_server+0x357/0x1010 [ 409.065363] ? nfs_clone_server+0x920/0x920 [ 409.069703] ? nfs_alloc_fattr+0x48/0x1d0 [ 409.073862] ? rcu_read_lock_sched_held+0x108/0x120 [ 409.078914] nfs_create_server+0x86/0x5f0 [ 409.083114] nfs_try_mount+0x180/0xa80 [ 409.087043] ? lock_downgrade+0x900/0x900 [ 409.091210] ? nfs_request_mount.constprop.18+0x920/0x920 [ 409.096774] ? kasan_check_read+0x11/0x20 [ 409.100936] ? do_raw_spin_unlock+0xa7/0x2f0 [ 409.105354] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 409.109958] ? kasan_check_write+0x14/0x20 [ 409.114201] ? do_raw_spin_lock+0xc1/0x200 [ 409.118454] ? _raw_spin_unlock+0x2c/0x50 [ 409.122618] ? find_nfs_version+0x138/0x190 [ 409.126958] nfs_fs_mount+0x17f8/0x2f1c [ 409.130972] ? nfs_show_options+0x250/0x250 [ 409.135307] ? nfs_clone_super+0x420/0x420 [ 409.139547] ? nfs_parse_mount_options+0x2660/0x2660 [ 409.144665] ? lock_downgrade+0x900/0x900 [ 409.148854] mount_fs+0xae/0x31d [ 409.152246] vfs_kern_mount.part.35+0xdc/0x4f0 [ 409.156844] ? may_umount+0xb0/0xb0 [ 409.160478] ? _raw_read_unlock+0x2c/0x50 [ 409.164637] ? __get_fs_type+0x97/0xc0 [ 409.168538] do_mount+0x581/0x31f0 [ 409.172098] ? copy_mount_string+0x40/0x40 [ 409.176359] ? copy_mount_options+0x5f/0x380 [ 409.180782] ? rcu_read_lock_sched_held+0x108/0x120 [ 409.185829] ? kmem_cache_alloc_trace+0x353/0x750 [ 409.190698] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.196414] ? _copy_from_user+0xdf/0x150 [ 409.200580] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.206147] ? copy_mount_options+0x288/0x380 [ 409.210658] ksys_mount+0x12d/0x140 [ 409.214296] __x64_sys_mount+0xbe/0x150 [ 409.218300] do_syscall_64+0x1b9/0x820 [ 409.222197] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 409.227608] ? syscall_return_slowpath+0x5e0/0x5e0 [ 409.232565] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.237426] ? trace_hardirqs_on_caller+0x310/0x310 [ 409.242458] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 409.247486] ? prepare_exit_to_usermode+0x291/0x3b0 [ 409.252523] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.257391] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 409.262588] RIP: 0033:0x457569 [ 409.265797] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 409.284702] RSP: 002b:00007f09443ecc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 409.292416] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457569 [ 409.299690] RDX: 000000002015bffc RSI: 0000000020000000 RDI: 0000000020000200 [ 409.306976] RBP: 000000000072bf00 R08: 000000002000a000 R09: 0000000000000000 [ 409.314249] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09443ed6d4 [ 409.321519] R13: 00000000004c289b R14: 00000000004d3c78 R15: 00000000ffffffff [ 409.329281] [ 409.330909] Allocated by task 14774: [ 409.334632] save_stack+0x43/0xd0 [ 409.338087] kasan_kmalloc+0xc7/0xe0 [ 409.341840] __kmalloc+0x14e/0x760 [ 409.345405] fscache_alloc_cookie+0x6f7/0x880 [ 409.349905] __fscache_acquire_cookie+0x230/0xb60 [ 409.354756] nfs_fscache_get_client_cookie+0x463/0x600 [ 409.360039] nfs_alloc_client+0x563/0x760 [ 409.364191] nfs_get_client+0x8e8/0x14d0 [ 409.368272] nfs_init_server+0x357/0x1010 [ 409.372419] nfs_create_server+0x86/0x5f0 [ 409.376580] nfs_try_mount+0x180/0xa80 [ 409.380483] nfs_fs_mount+0x17f8/0x2f1c [ 409.384460] mount_fs+0xae/0x31d [ 409.387832] vfs_kern_mount.part.35+0xdc/0x4f0 [ 409.392419] do_mount+0x581/0x31f0 [ 409.395966] ksys_mount+0x12d/0x140 [ 409.399607] __x64_sys_mount+0xbe/0x150 [ 409.403595] do_syscall_64+0x1b9/0x820 [ 409.407499] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 409.412682] [ 409.414307] Freed by task 3192: [ 409.417592] save_stack+0x43/0xd0 [ 409.421063] __kasan_slab_free+0x102/0x150 [ 409.425301] kasan_slab_free+0xe/0x10 [ 409.429107] kfree+0xcf/0x230 [ 409.432217] kzfree+0x28/0x30 [ 409.435328] apparmor_task_free+0x13a/0x1e0 [ 409.439672] security_task_free+0x4a/0x80 [ 409.443843] __put_task_struct+0x195/0x620 [ 409.448098] delayed_put_task_struct+0x2ff/0x4c0 [ 409.452862] rcu_process_callbacks+0xf23/0x2670 [ 409.457535] __do_softirq+0x30b/0xad8 [ 409.461349] [ 409.462989] The buggy address belongs to the object at ffff8801b953e800 [ 409.462989] which belongs to the cache kmalloc-32 of size 32 [ 409.475476] The buggy address is located 20 bytes inside of [ 409.475476] 32-byte region [ffff8801b953e800, ffff8801b953e820) [ 409.487174] The buggy address belongs to the page: [ 409.492126] page:ffffea0006e54f80 count:1 mapcount:0 mapping:ffff8801da8001c0 index:0xffff8801b953efc1 [ 409.501578] flags: 0x2fffc0000000100(slab) [ 409.505851] raw: 02fffc0000000100 ffffea00073daf48 ffffea0007394c08 ffff8801da8001c0 [ 409.513757] raw: ffff8801b953efc1 ffff8801b953e000 000000010000003f 0000000000000000 [ 409.521636] page dumped because: kasan: bad access detected [ 409.527356] [ 409.528987] Memory state around the buggy address: [ 409.533940] ffff8801b953e700: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 409.541304] ffff8801b953e780: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 409.548666] >ffff8801b953e800: 00 00 06 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 409.556026] ^ [ 409.559917] ffff8801b953e880: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 409.567281] ffff8801b953e900: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 409.574639] ================================================================== [ 409.581994] Disabling lock debugging due to kernel taint [ 409.603904] Kernel panic - not syncing: panic_on_warn set ... [ 409.603904] [ 409.611290] CPU: 1 PID: 14774 Comm: syz-executor1 Tainted: G B 4.19.0-rc8+ #286 [ 409.620035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.629391] Call Trace: [ 409.631983] dump_stack+0x1c4/0x2b4 [ 409.635630] ? dump_stack_print_info.cold.2+0x52/0x52 [ 409.640848] panic+0x238/0x4e7 [ 409.644058] ? add_taint.cold.5+0x16/0x16 [ 409.648211] ? preempt_schedule+0x4d/0x60 [ 409.652360] ? ___preempt_schedule+0x16/0x18 [ 409.656772] ? trace_hardirqs_on+0xb4/0x310 [ 409.661101] kasan_end_report+0x47/0x4f [ 409.665074] kasan_report.cold.9+0x76/0x309 [ 409.669403] ? fscache_alloc_cookie+0x7ad/0x880 [ 409.674077] __asan_report_load4_noabort+0x14/0x20 [ 409.679008] fscache_alloc_cookie+0x7ad/0x880 [ 409.683514] ? fscache_cookie_init_once+0x80/0x80 [ 409.688378] ? rpcauth_cache_shrink_scan+0x180/0x180 [ 409.693492] ? __kmalloc_track_caller+0x14a/0x750 [ 409.698337] ? kstrdup+0x39/0x70 [ 409.701701] ? nfs_alloc_client+0x383/0x760 [ 409.706019] ? nfs_get_client+0x8e8/0x14d0 [ 409.710254] ? nfs_init_server+0x357/0x1010 [ 409.714575] ? nfs_create_server+0x86/0x5f0 [ 409.718921] ? nfs_fs_mount+0x17f8/0x2f1c [ 409.723071] ? mount_fs+0xae/0x31d [ 409.726617] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 409.731368] ? do_mount+0x581/0x31f0 [ 409.735080] ? ksys_mount+0x12d/0x140 [ 409.738878] ? __x64_sys_mount+0xbe/0x150 [ 409.743043] ? do_syscall_64+0x1b9/0x820 [ 409.747108] __fscache_acquire_cookie+0x230/0xb60 [ 409.751957] ? fscache_cookie_put+0x880/0x880 [ 409.756455] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.761998] ? check_preemption_disabled+0x48/0x200 [ 409.767016] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 409.772549] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 409.777827] ? rcu_pm_notify+0xc0/0xc0 [ 409.781720] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.787260] nfs_fscache_get_client_cookie+0x463/0x600 [ 409.792541] ? nfs_readpage_from_fscache_complete+0x200/0x200 [ 409.798434] nfs_alloc_client+0x563/0x760 [ 409.802585] ? register_nfs_version+0x280/0x280 [ 409.807264] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 409.811859] nfs_get_client+0x8e8/0x14d0 [ 409.816008] ? kmem_cache_alloc_trace+0x152/0x750 [ 409.820864] ? mount_fs+0xae/0x31d [ 409.824414] ? nfs_put_client+0x30/0x30 [ 409.828395] ? nfs_alloc_server+0x5ca/0x730 [ 409.832722] ? nfs_wait_client_init_complete+0x210/0x210 [ 409.838174] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.843715] ? check_preemption_disabled+0x48/0x200 [ 409.848729] ? check_preemption_disabled+0x48/0x200 [ 409.853759] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 409.858948] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 409.863968] nfs_init_server+0x357/0x1010 [ 409.868138] ? nfs_clone_server+0x920/0x920 [ 409.872459] ? nfs_alloc_fattr+0x48/0x1d0 [ 409.876619] ? rcu_read_lock_sched_held+0x108/0x120 [ 409.881648] nfs_create_server+0x86/0x5f0 [ 409.885799] nfs_try_mount+0x180/0xa80 [ 409.889694] ? lock_downgrade+0x900/0x900 [ 409.893844] ? nfs_request_mount.constprop.18+0x920/0x920 [ 409.899402] ? kasan_check_read+0x11/0x20 [ 409.903551] ? do_raw_spin_unlock+0xa7/0x2f0 [ 409.907986] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 409.912567] ? kasan_check_write+0x14/0x20 [ 409.916815] ? do_raw_spin_lock+0xc1/0x200 [ 409.921050] ? _raw_spin_unlock+0x2c/0x50 [ 409.925195] ? find_nfs_version+0x138/0x190 [ 409.929518] nfs_fs_mount+0x17f8/0x2f1c [ 409.933500] ? nfs_show_options+0x250/0x250 [ 409.937824] ? nfs_clone_super+0x420/0x420 [ 409.942054] ? nfs_parse_mount_options+0x2660/0x2660 [ 409.947158] ? lock_downgrade+0x900/0x900 [ 409.951310] mount_fs+0xae/0x31d [ 409.954682] vfs_kern_mount.part.35+0xdc/0x4f0 [ 409.959265] ? may_umount+0xb0/0xb0 [ 409.962890] ? _raw_read_unlock+0x2c/0x50 [ 409.967037] ? __get_fs_type+0x97/0xc0 [ 409.970930] do_mount+0x581/0x31f0 [ 409.974472] ? copy_mount_string+0x40/0x40 [ 409.978727] ? copy_mount_options+0x5f/0x380 [ 409.983132] ? rcu_read_lock_sched_held+0x108/0x120 [ 409.988147] ? kmem_cache_alloc_trace+0x353/0x750 [ 409.992993] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.998532] ? _copy_from_user+0xdf/0x150 [ 410.002683] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.008217] ? copy_mount_options+0x288/0x380 [ 410.012718] ksys_mount+0x12d/0x140 [ 410.016344] __x64_sys_mount+0xbe/0x150 [ 410.020325] do_syscall_64+0x1b9/0x820 [ 410.024213] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 410.029578] ? syscall_return_slowpath+0x5e0/0x5e0 [ 410.034517] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.039360] ? trace_hardirqs_on_caller+0x310/0x310 [ 410.044380] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 410.049407] ? prepare_exit_to_usermode+0x291/0x3b0 [ 410.054435] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.059296] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 410.064497] RIP: 0033:0x457569 [ 410.067693] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 410.086593] RSP: 002b:00007f09443ecc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 410.094309] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457569 [ 410.101591] RDX: 000000002015bffc RSI: 0000000020000000 RDI: 0000000020000200 [ 410.108863] RBP: 000000000072bf00 R08: 000000002000a000 R09: 0000000000000000 [ 410.116129] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f09443ed6d4 [ 410.123399] R13: 00000000004c289b R14: 00000000004d3c78 R15: 00000000ffffffff [ 410.131580] Kernel Offset: disabled [ 410.135215] Rebooting in 86400 seconds..