0140)=""/229, 0xe5, &(0x7f00000000c0)=""/40, 0x2, 0x5}}, 0x68)
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
setxattr(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)=@known='security.ima\x00', &(0x7f0000000340)='security.capability\x00', 0x14, 0x0)
lsetxattr(&(0x7f0000712ff8)='./file0\x00', &(0x7f0000000000)=@known='security.capability\x00', &(0x7f0000000080)="0000000201000000000000010400000000000000", 0x0, 0x0)
listxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=""/59, 0x3b)

2018/04/06 01:05:16 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pipe2(&(0x7f0000e3eff8)={0x0, <r2=>0x0}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[0x0]})
dup3(r3, r2, 0x0)
r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/pfkey\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f00000000c0)="0f01c30fc71a9a06403b000f2093f326f4660f3a449fab000566b9800000c00f326635000100000f30ba6100ec66660f3a0964003a66b9b308000066b8e500000066ba000000000f30", 0x49}], 0x1, 0x0, &(0x7f00000001c0), 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r4, 0x4010aeab, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r5 = geteuid()
readv(r1, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/250, 0xfa}, {&(0x7f0000000440)=""/67, 0x43}, {&(0x7f00000004c0)=""/48, 0x30}, {&(0x7f0000000500)=""/196, 0xc4}, {&(0x7f0000000600)=""/164, 0xa4}, {&(0x7f00000006c0)=""/52, 0x34}, {&(0x7f0000000700)=""/129, 0x81}, {&(0x7f00000007c0)=""/10, 0xa}, {&(0x7f0000000800)=""/13, 0xd}, {&(0x7f0000000840)=""/91, 0x5b}], 0xa)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
quotactl(0x4, &(0x7f0000000280)='./file0\x00', r5, &(0x7f00000002c0)="2414743a73287064e5181e6f7ce8fcbcac1fb57fe19c18e106b99ac5c74823ade6bd7f70c9a51e65c9d6ac676c2bea4d4ffcf6c907c0c0d670cccae6a762286be7ab29e6a09cb5")
getsockopt$IPT_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x0, 0x42, &(0x7f0000000080)={'icmp6\x00'}, &(0x7f0000000240)=0x1e)

2018/04/06 01:05:16 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3f, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="116348400000000000000000000000000000000000000000000000000000000000000000280000", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:16 executing program 3:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x78, 0x3e3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00')
sendfile(r1, r1, &(0x7f0000b58000)=0x200000, 0xffff)
sendfile(r1, r0, 0x0, 0x0)

2018/04/06 01:05:16 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r2 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r2, 0x4, 0xf, &(0x7f00000003c0)=""/171)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r4, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000300)=""/143)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_newaddr={0x34, 0x14, 0x109, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_FLAGS={0x8, 0x8, 0x284}, @IFA_ADDRESS={0x14, 0x1, @local={0xfe, 0x80, [], 0xaa}}]}, 0x34}, 0x1}, 0x0)
write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r7=>0xffffffff}, 0x2}}, 0xffffff9e)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x8)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r8, 0x404c534a, &(0x7f0000000480)={0x70, 0x78c, 0xb7})
write$rdma_cm(r8, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, r7}}, 0x48)

2018/04/06 01:05:16 executing program 7:
r0 = perf_event_open(&(0x7f0000d2af88)={0x2, 0x70, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='net/fib_triestat\x00')
bind$alg(r1, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r4=>0x0})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x5d, 0x100000000, 0x6, 0x0, 0x0, 0x4, 0x40080, 0x8, 0x80000001, 0x1, 0x891, 0x1f, 0x0, 0x9ef, 0xffffffffffff7fff, 0x2, 0x0, 0xb804e59, 0xbeb, 0xfff, 0x3ff, 0x1, 0xfffffffffffffff9, 0x3, 0xe000, 0x3efb8c88, 0x1, 0x3, 0x44, 0x7, 0x9, 0x4e63, 0x100000001, 0x10001, 0x2, 0xcd44, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000040), 0xd}, 0x4, 0x777, 0x58ad, 0x7, 0x13b5, 0x2, 0x800}, r4, 0x2, r0, 0x2)
sendfile(r3, r2, &(0x7f0000807000), 0x43)

2018/04/06 01:05:16 executing program 5:
r0 = socket(0x11, 0xa, 0xff)
getsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)=""/46, &(0x7f0000000040)=0x2e)
getpeername$inet(r0, &(0x7f0000000200)={0x0, 0x0, @broadcast}, &(0x7f0000000080)=0x6f)
getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f00000000c0)={@remote}, &(0x7f0000000100)=0x14)

[  103.530014] binder_alloc: 9253: binder_alloc_buf size 18364523706581032 failed, no address space
[  103.539123] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  103.547875] binder: 9253:9263 transaction failed 29201/-28, size 9224833837563944-9139689869017088 line 2963
2018/04/06 01:05:16 executing program 7:
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x20000, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004900002c0000000300000078ac1414bbac1414aa830befac1414bbe0000001890300000000009078ffffffff"], &(0x7f00000002c0))
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x200, 0x0)
ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000000040)={0x3, 0xffff})

2018/04/06 01:05:16 executing program 1:
r0 = syz_open_dev$sndctrl(&(0x7f0000004fed)='/dev/snd/controlC#\x00', 0x0, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000200)=0x3, 0x4)
r2 = syz_open_dev$sg(&(0x7f0000000100)='/dev/sg#\x00', 0x1f, 0x0)
getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1a, &(0x7f0000000140)={@empty, <r3=>0x0}, &(0x7f0000000180)=0x14)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCGIFHWADDR(r2, 0x8927, &(0x7f0000000240))
ioctl$TIOCEXCL(r4, 0x540c)
ioctl$KDSIGACCEPT(r2, 0x4b4e, 0x1c)
ioctl$sock_inet6_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f0000000280)={@dev={0xfe, 0x80, [], 0x16}, 0x34, r3})
syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x100, 0x402000)
ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000000)=0x3)

[  103.724862] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:16 executing program 0:
socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x400000002}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f000000b180)=[{{0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000001500)}}, {{&(0x7f0000000400)=@in6={0xa, 0x4e20, 0x0, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}}, 0x80, &(0x7f0000001280), 0x0, &(0x7f0000003740)}}], 0x2, 0x0)

2018/04/06 01:05:16 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3f, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="116348400000000000000000000000000000000000000000000000000000000000000000280000", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:16 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r2 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r2, 0x4, 0xf, &(0x7f00000003c0)=""/171)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r4, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000300)=""/143)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_newaddr={0x34, 0x14, 0x109, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_FLAGS={0x8, 0x8, 0x284}, @IFA_ADDRESS={0x14, 0x1, @local={0xfe, 0x80, [], 0xaa}}]}, 0x34}, 0x1}, 0x0)
write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r7=>0xffffffff}, 0x2}}, 0xffffff9e)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x8)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r8, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, r7}}, 0x48)

2018/04/06 01:05:16 executing program 3:
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000240)='/dev/audio\x00', 0x10000, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x3f)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0xb9, @remote={0xfe, 0x80, [], 0xbb}}, 0x1c)
socket$pppoe(0x18, 0x1, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, &(0x7f0000000000)={'IDLETIMER\x00'}, &(0x7f0000000040)=0x1e)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f0000000100)={r3})
r4 = socket$l2tp(0x18, 0x1, 0x1)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x10000004e20, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0xa}, 0x1c)
connect$l2tp(r4, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x4e21, @multicast2=0xe0000002}, 0x4, 0x0, 0x2}}, 0x2e)
sendmsg$nl_crypto(r4, &(0x7f000037ffc8)={&(0x7f00009dd000)={0x10, 0x0, 0x0, 0x2}, 0x176, &(0x7f00002ceff0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="000100001300000128bd7000fcdbdf25706f6c79313330352dbea5f1af9188f98067656e6572696300000000000000000000000000000000000000000000000060d751ccc0b9ad00000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000de2177005dcd0bd4e5f7f253322c00003f000000000000000000000000000010000000000000000000000000000000000000000000000000000000000020000000000000000000000088d9cbf2ce0000000000000000000000000000000000000000002400005a90c30a00000000040000000800010b33dac0f701000100000008000100060000000800"], 0x100}, 0x1, 0x0, 0x0, 0x8820}, 0x81)

2018/04/06 01:05:16 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x400000000001c}, 0x2c)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18)
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x50d60c56054c5288)
connect$ipx(r1, &(0x7f0000000080)={0x4, 0x4, 0x8, "ed0eee3dc946", 0x4}, 0x10)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000180)={r1, r1, 0x0, 0x1}, 0x10)
socketpair$inet_udp(0x7ffffffff000, 0x2, 0x0, &(0x7f0000000380))

2018/04/06 01:05:16 executing program 5:
r0 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt(r0, 0x3a, 0x0, &(0x7f0000000080), 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x6, 0x8000)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r1, 0x800442d2, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @broadcast}]})

2018/04/06 01:05:16 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = fcntl$dupfd(r0, 0x406, r0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)={0x40000003})
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000040)={<r2=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000100)={0x0, 0x0, 0xfffffffffffffffd, 0x6d, 0x0, 0x80000000, 0xfffffffffffffffe, 0x0, r2}, 0x20)

2018/04/06 01:05:16 executing program 7:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00006f3ff0)='/dev/sequencer2\x00', 0xfffffffffffffffe, 0x0)
connect$bt_rfcomm(r0, &(0x7f0000000040)={0x1f, {0xb1f1, 0x1, 0x7fffffff, 0xfffffffffffffc01, 0xfe87, 0x101}, 0x7}, 0xa)
ioctl$KDGKBLED(r0, 0xc0045401, &(0x7f0000000000))

2018/04/06 01:05:16 executing program 0:
r0 = socket(0x1e, 0x1, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000001, 0x0, 0x100000001}, 0x1c)
bind$packet(r0, &(0x7f00004a9000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}}, 0x0)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000000)=0x7, 0x4)
close(r0)

[  103.867234] binder_alloc: 9303: binder_alloc_buf size 18364523706581032 failed, no address space
[  103.876274] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  103.885056] binder: 9303:9305 transaction failed 29201/-28, size 9224833837563944-9139689869017088 line 2963
[  104.010619] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:17 executing program 5:
r0 = memfd_create(&(0x7f00000001c0)='@&prockeyring\x00', 0xffc)
r1 = syz_open_dev$sndseq(&(0x7f0000f36000)='/dev/snd/seq\x00', 0x0, 0x8000000000104)
r2 = dup2(r1, r0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000a00)={&(0x7f0000000840)=ANY=[@ANYBLOB="1a91c53ec8a55f182cbf8ed9bf1500c24c3861be7662ee266e58a3282a8358bc220bc01e6c734babae3c4624438ad6659aeb9a2125c22b1522bb4b55ca137459ee0e878dc8e7ca12ef1738ccf738b1fb5693f517c244dbc8574de61dd2bd5885a1a16fab046e708cff2c7ada7dc3d2ef07f495914c303c093d7c8f3b6a7a4cc2", @ANYPTR=&(0x7f00000004c0)=ANY=[@ANYPTR64, @ANYRES16=r2, @ANYRES64, @ANYRES64=r0, @ANYBLOB="d0b96d42da0dcf6e22e543c3d98891878f9d9009834773493da2161d6a4bffa2751e097022b11c1a98b547d6761769b6d05725e0dbcb9e93f3d65b8b16109328d2ff24f71ce4b00a440d78a00b731e88fc9d61e636fbdca9e221a0d7f2ed21b3236e365c1730962274f0257709df6827b6caa7a3156e067498ba200062eb15c3d18ae2d2921fdda3d565868539ad580da1ae10a11e07adeb83a1e9177e975dc2a2e06b6f8f1913533a32ed0e7e699b2d29aa0db438efeee3edcccd6d45b60c40680a4636357c6929a2315ccdfacb81fc9b830c0f09090ff99c35ac9a9ca980bfc57c26814ec06b6e0a5360135b239e10760c", @ANYPTR=&(0x7f0000000480)=ANY=[@ANYPTR, @ANYPTR, @ANYPTR64, @ANYRES16=r1], @ANYRES64=r2], @ANYRES64=r2, @ANYPTR64], 0x98}, 0x1, 0x0, 0x0, 0x48010}, 0x800)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000a80)={<r3=>0x0, 0x1000, "9830dba20276ca80e2601c0dffb769884d45e60ac396221df2797ba411704bd7dd728d92e5a07740d8f10c40c5d3a112a5c3e4d3723060b34eb0e49df09ccfc4e8a2b9429e8b504bdfa3d30bc14abd811e00d5c742b4592266cefb1e44e9bb6b1612fde9b6b64e5c7ce0328f4698153dcf59a34bbda8573e40ecdae4cecb56a421cb1f0f318960a5e31decd4898adc93b0a12bc4e25dff1596b639459d073b766a858ee0f7506a34714e8553f7456cc66f106b50b46180fac4e3c027eeb50ff553bd722d2d15126c50bd0bea9c1573a9a9e8ed5d70b401625b5a380bfb73c6197718858e50695c1ff073efa45973e550d39f3291b065482bdfd65158f6bc57e3a095ff4d5e9fb59662c92019dd24147b4bab845efdc284ce650ae7474ad7910899b17b49af172e7ae09201b09d6059955015fc3cea8d9ae918d43ec0e7c25e812dd6290ad1417c0778c9ac56f8b5a0eb4b9a2858465b0f6c6c1fb88c75961332e014ae57486c5c96d7742a9f937896be3f5be302a0c6a045eddf8de606161e09c886e04f19b22b0e134b7bb940c3813eba80b84dcaa2f536d56b6d39fa26fd0c252d4ac744fab6b816a773529ecfa0a9acd17862f25ae311d51ac02b4a66c72ecbffe8116f12c6567c46a3cfbd275cff4584813f8673ba7387d5e996db5369b16c9cb46e8e535b6420dc407d76a690b78b6c228a446da486da386b3ae1adb884928d4a6a389de6f6f7da028e619e83807a638981e6696fad5a273f634398cd06ee604f3b18a7bc066e2c51df7fb0124e4818f825360adb010b98746839ee791fa2605ea52f5635e08e5c319b63d48f7adf90d7027198a492796e0199cd3042381b273d2bce11dcf1cc882db843df1f6177c71e72ee6a894f1052183c0fde4f7431cceec8a317077936f91f53b9a828c4ccac5a537f796679bff7e96c560f8769e074c257d91aedd4daa9772f83b7a71c0cfaf58d7c9d1c1c8612c5b73b5a3bb6bcaaba2e1940b65ff107aa07c460a496876f4ba5bac6500642572a729a13cb7eca6493b2c9e7189e9173aa7321b8e61953976097cb8e68f11b5921de85b21dfb3d194d19dbafa116d4608c637f4d742795feddfecbb998abd9b701f0437093d63eed91b797f9d6c06b6612dc78b64277efdbbdbfef190a1760a7384c5246c98a67cea7498e9229cb74fb3dcedb1f3e4dbfd4f10e0b778214b6dfb52858bbb8300fdfdd36a2262e075c9987debee1ab8de4a0853bed53df41fcb3d0778fd4e8b912f210ce891ce569e11103b69d6974a0892d09d8563d001f4e74ba07161829569bf6b62c95fb81de436b4ee121f6fbd30309cc09b2e88659f49236edc697ea8730ba523df9d934f491b1b1582fd2197a129fad5bf5ba85a33f7fedb11de2696c1d68be6458e5d46352be106b351c5286fe82b15e54be1eee0afeada4991ec40c479d5fa49182467f988eabc0ae255bcacdb67c3f74bfc17731948bd6ca467b3f277d104d10920f15f17d86be17a06fd85bbf2c182a516c5e9655fdee30e168af13a3494c124b7e2af3a125aef2e3fd54f68959ebb633180404e0361e7b93a3d1da0a3f2aabf16d79eeb86e16c6db3c32939961c49f11d4892f9bfdcb778be799ee33db9ee2a9594d6d4d935028a22331d10b1846d8651ef10155793ca516891601e8d3382f8b1d8f7c7f0f1ddca59209e672f828c4398efa4d44051b11632f16fb41349a1b8eda53e2214b79cde5f8614f4f2c40a782284446a9eec1377f464a4700685072fc33bc9d5fd3a75a45a7361977bb3eddbe5f935b3c2a667abc8532fac1d98b794193f998812e305c403ad1073c2adc41ae9fcd915e46e71ae9dc177487e4967f2b1fb37edb9b4f366edd03af7222ca146199526c1cef20d2e31e393def72f50042effed140c81ea717fbbb47733b15da7b3c99831580aa6010df3b6e43a3349b584aec649043b56befba38cfb8090be4439d4731efa9b28759b27a202550f8bd76d13fef41777582ba02d675acf3cab8ecc1b9f5a599e596f12c8aff7954a7d9023192ed3e23545be46448ebf3f6deb0b2a0d36f32a767d994d5a1e8c4a89a4ef341ea94d522c3fdbcf113b6807c22edfad0d607b399da4eb59f0a545f1db65d8deb09564a608b2aac20d07850d9bf8d731c81305766e9bf839b422cd0a450395f9da2ffaa1e4b5d7690893cc6cb8c73009b878bce6ff4c746c86b8c597923b576a2307e42b675b93464efb721e2da5005cf5e336c8db832a0dbfa6b6ed67bb0e9c5ec117c87243c24691dbcef4dc6b41f30f9fc7fe4613d6c234259a617cd9821fad5282fd52ed0bcdaacf1ea8217f35ccf7b81f0670efce72fe2b6df051a9df3588fc4b7aec152f7320d3a4c3e7a4a2ad46794ed30a757ea69167abff806153617b45a1a548cc99446221358640adaf2073573235d9fe7ffb53f532a1da1d01e2b8e8cdd496e4315c7693b498848ac227c708591a19a4fe456df47911f5fcc46483d239a03c17c71e670166ca6f61b7b7eed5fcf8605a2b3c221b84b89084aab0299014075428f518d82b425f8688ac759ebe604c52faf8c8c8bca7161e61a4d537da9d7483ddac0a817bab99a21a5debbe9da6d03eef5007eacf0207255d683c16cbd0613e7fed9d6f47226acb439107d20283be302e1c25764df957ac6084818c87b2baf41a2783d2a7e8382597b37ee8b336e16f017add44f34d6810242120f4d571c3f9d7cd9eadf54d9aa197b3746c5abb3d881a4713170fcac423ebd3a28a6a85d0bd7bf53a6b089b6d4d28152d09ac9dac4b59da8d0b466b78c006224df6bc6b7d8c98fa23884f75c3502e56d655d7e358fd0c7f590e78f8b4245bf7e626cb2fd07235552bbcb8b3b5cd74b8dff3de3bd809ab3a9fce6e96a1380f84d0e6b2c8324e2ea06fcad14ae293abaea7f71cba9a74ed765f375465dbf475ccbb2eec109c8c3eca0a0430c47944ee0ea245a3143b196f279cafc77d76ff7ae91e711333af82e9a16d0f7fdc9dfffc8f205f1c324efd26b9a1b03c41676e613d7b37ccb46874079724c942aaa22edc6a4cfa497eb2077876ae3c984f8a738d01e676dcdeae4d0247c9c8c7117b0d107127142b9e5d5723e58d4564e2a545a024023574133d815a50e8eed5f4a73f75dee3425258dbf4943e2950057a1836cf37c27f8ca9f0995717755c19fe8ce805d32a0605b2dc5d5b0bf84ee64fc76d3f53efc2a142cf6e2c7fa03ca34cd068c6f94e6f75ae2a55f0ebe68368a8442720d63415a57384a492ef9cc103e4e74ee72ff82818e8a230be29f4550d83250fa58e6790b4e1417ea649fcf2ebfcea66b6ad93b377f62a418a74280e7d52ba66095292848f534052e08d9eae0691dcd8b732d7f46e0ba409ae25d37894286d22aabcb8c063139677f23f81cd028bd7f00ae6dc29981917637cd05fd16058c903c3b1a21797bdf28fa3730829d821f194d168b0741dad1d8dad0a3288cace36c8755c87e2f49cdccd34b154c467cfadf8d6b7f614b932536bad8fd726e83da107c3f76b6b050d5ce61c1810d1483dafbffa3e2075b66e190204246c7899820ea11936d80f87d9bcb41ae9b9ed8c80e16f10a3c03a8ddedad9b53f86aff77770cc3c7983b8e5466ba64b2b56ff2ed5f56c4c4ddfd0b351cede7f2feae32c7cb4fd713516b49386753b2ae1a243dac0e343667be43f740dee5dee0f4875eba021366e9cc45ed358685f96a630e0c233202f2ed95660c0575ceb8d704bfd44b7d9ec6d88198acca049c2aa1df0b4c386cc18d152a3c57afd9873ee4166e622ee804dbcc605c83a3495463d76d490a5e99db71275f7552bc2c761b74022cf975f216c7dffe9c3b7cd3ff73f0a19a25568ce335795aba4253399f376d6618115df3e1f3641efc2c911b66af2c24929d18a5c8d7200f1a4e9b704d56cca44a920c2b12cb1d0b4fd5454ab1b59cdfd238a148f1f22304af39dd520d099a82f1ec031c6919322d9445dbb60253a9e2e6c94aeb6e6ab1fbbd601b14affd4748b5c79370cc4a40ecd5c8aa3eb25f5f48c04d1b964bac09b4b1c776fd3d04713209883a23e22a7563e8582437c0add9e3bfbb2cc18e83facfc4a0d0dbe693b8d39a989065a410552fefbe4450bffdb2a315fe23c06c10c65b022736ed107fcae72fe37e89661a748e358b6cc6c4ebdeb3452d31d5546eb40798dbe54762fca558551f3504fa709a50a76a87c15b7ef45ee39617427e8af55f457df5bd6ee2d0272addac29b68e000561ec7bbab8c22f8a3741cedcf48f6127b87dbd085233b52a3b9829a9e203f24288952dc46b84864e42cdb125782956254c2aa71e248258c56c7f1c0dcf47baa233f906aa26591ee6c96ee7e3aad4999379286b1271db511b5069a45b67ade068ab0e36e975707f545c39a18f6f702c48473ca93b5ff5a526d2586e06a8de1989ad2e63423feb9f100bd1975014ec67790cc645d2d214a643e336323885561c365e19068a3f984828c587f7e72969ee533b24db3137b2fc60d6dcc972977f6132a43b8f8a9fbe99ee24dcf2b3bfcdd9b886766952a5a4e06512ff2f453b3e3bfaf5cd626a41cd5fb464785138f7e806005cade0567a3283b4322e14b509560b8d0b0f8192e80fc1dc73634a6db6cbb83d5d11c503f99cd99eec652ad2b8c0f0bdaa5bc7116b2aa1ff349931041a0a63679545c2a3dfdf87b348b7c0c8ed5827f361c9fda7911523f3eac30bff4349a274e48632a6e193c037f72661c9d60ff395c00b43d1c19dffe3b8690f6c3287bcfab6477f833f4215cae76964b45a8d7b7c1d8d875af0fcd4775f73a15ff8cce3c9c38b81714bd96e91fd0fee016a471afbbfe87c48267bf68c0d2d22a1a23751d996792db58887e0fdef59f8c4316955c41be6638d9096fabcadf173151fa13413f91b38cc8e11f1a3775effd4de3531c110abae2a007e889f213ec1bec8360eff9ac6a848fef9a0fa4cf4def5494d18f5bfa1fda0532cd699b256ee80c6cfb20eb542fc9211b2f6f1bff2ecb0872a5aeec8cad88aefd7501ecc1d3a7e406dc8889990a3290e1182f61e6a9e2c75b45a0ad21c071d22d43e6a4960fa3e52e2b76c7057866b89623c4ed196ecc28e434f04606041ea68111df778c60356583836ab137e13960577c83a7be212f17025ca458fe40bea08c6905797998fdddeb1b3c8a7c4acacdc49c141f77b8071a7b36e16c2ca35a7ca69c038ffe5f398d603db93232afaee23789747f6b188894e839ffde7cd63a22607dc3d3791e867345eb19d00c421c28236bdcd151bf81cf4382be1425d5d78b82e22fd750fae14c045ae3e88567e803ea6c26bd654774615e46c6c18a151e8e14721668144db075f37a0531a9ad23552508cac767cc886002701574945cd9c51aba11acdb2a5ab7e60e2e064321c7e2ecf3c621efc6275bd7b68be56fbfbe4f66dc5e66f6fa395147bb5b7b8b372814fa68971985e1503955d70c37cf1e96e7b4b3eb0b11b04a28e4781ad1526643a8742af0a5ca398bc1748f5e106da907ec0a676fdd3ade62cfbd38d5f8a5288eaca8f79d90f57617c3506a41491a46b3ec1003cab04027ac4ba4927539df571173b8aa1b85f61aec9a8c9999b9e66fcbc8b235b4fb0051dbb110b7d56446750a2e43bd1c3a69b4643f5afdacf2b871f11be57ad1c40b67bf0e8d702ef6dc3cea95226bf1f0d6310195bdb406d26059fa5fc3533cf99f8f51a7d66be03e64556d96fc24411c07a080d71b4fbbc397e2863cc4d0d3a9ee991e828343bfb7282125bae434f1979cc"}, &(0x7f0000000040)=0x1008)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000080)=@sack_info={r3, 0x2, 0xff}, 0xc)
epoll_create1(0x80000)
clock_gettime(0x0, &(0x7f0000000180))
write$sndseq(r0, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {0x0, 0x4}, @queue}], 0x30)
r4 = memfd_create(&(0x7f0000000400)='keyring*\x00', 0x3)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f0000000280)={{}, 'port0\x00'})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a85352, &(0x7f0000000340)={{0x15, 0xdc}, 'port0\x00', 0x8, 0x8, 0x2, 0x8, 0x8a67, 0x8, 0x6, 0x0, 0x4, 0xe287683})
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r4, 0x84, 0xc, &(0x7f0000000440)=0x3, 0x4)
write$rdma_cm(0xffffffffffffffff, &(0x7f0000000640)=ANY=[@ANYBLOB="06000000180100fa000000000000000091610ab6a45bad756b6ffb8da473eb17caabbd274199d379f3ec684fa11ef16e21a1317905570a0e46f23ad37679ab898e5ca40768eecd8b50e630aea09d13002d2633d7a0e8ba5850d0971882fb9f84ce99e311f5f42401c5c754d79cde66707afbdbcce2000000436abc00511fd91643a050686c38b8ecb86dc7e2b8cf770e9058ccac155a18239117d4656c8cdd1958d67fd3caf11c60ef83091efd7fb527d329df60b1a27bad0b9309e3a19bc60ca074c0235b290ca968f9c9999cd5d31ca9e555a814b17b2d5965aa1ea0b0c3a927840393ec702f900ba37233f71aa04d7d4e556e5f03292be6035d56ef2af1cfe335bf343b5610e47e5ef9000000000000000000000000006812db4e65ece32c717558b553c6ad263f3cc787dedbd3476c26067884fb21723cfea39dcc8ccde8354a77eeb05311d7617b289722d92adfd18e71aa049e90429d946772da5ce156de5f7b926fabbf08f9c3390a95b45fed72146b1810f5a0fd4f0e42f0c409080a4e88b4dedfd92859821a7e62b70702df74ac19b2fd0133545dd731c2f68de0db500d3b4f52586975f7695c367925f4a8778194d733fc5a7f99a497c12723a457edc5baa26b9813125ebf05"], 0x1cb)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x40400, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0x1f, 0xa5, 0x6, 0x82d, 0x7, 0x3a})

2018/04/06 01:05:17 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(serpent-generic))\x00'}, 0x58)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x2, 0x0)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000400)=0x2, 0x4)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)
r2 = accept$alg(r0, 0x0, 0x0)
sendmsg$can_raw(r2, &(0x7f0000477000)={&(0x7f0000000080)={0x1d}, 0x10, &(0x7f0000000200)={&(0x7f0000000240)=@can={{}, 0x0, 0x0, 0x0, 0x0, "96480e86d0d8e2ac"}, 0x10}, 0x1}, 0x0)
recvmmsg(r2, &(0x7f0000000580)=[{{&(0x7f00000000c0)=@sco, 0x80, &(0x7f0000000100), 0x100001d9, &(0x7f0000000140)=""/94, 0x5e}}, {{&(0x7f0000002f40)=@pptp={0x0, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000003100)=""/226, 0xe2}], 0x1, &(0x7f0000000440)=""/239, 0xef}}], 0x2, 0x0, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x200, 0xa81)
r4 = getpgid(0xffffffffffffffff)
lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
ioctl$DRM_IOCTL_GET_CLIENT(r3, 0xc0286405, &(0x7f0000000300)={0x0, 0x4, r4, 0x10001, r5, 0x3ff, 0x8, 0xbc48})

2018/04/06 01:05:17 executing program 7:
socket$netlink(0x10, 0x3, 0xf)
r0 = socket$inet(0x2, 0x3, 0x10)
setsockopt$inet_int(r0, 0x0, 0x2b, &(0x7f0000000000)=0x6, 0x4)
sendto$inet(r0, &(0x7f0000ff7000), 0x0, 0x0, &(0x7f000066354c)={0x2, 0x0, @rand_addr}, 0x10)

2018/04/06 01:05:17 executing program 2:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x2, 0x0)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000380)={'nouuid,', {[{@inode64='inode64', 0x2c}, {@nobarrier='nobarrier', 0x2c}]}})

2018/04/06 01:05:17 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3f, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="116348400000000000000000000000000000000000000000000000000000000000000000280000", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:17 executing program 0:
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000240)=<r0=>0x0)
capget(&(0x7f0000000280)={0x399f1736, r0}, &(0x7f00000002c0)={0x9a, 0x0, 0x3, 0x1000, 0x4000000000000000, 0x1})
sigaltstack(&(0x7f000047e000/0x3000)=nil, 0x0)
getpid()
r1 = dup(0xffffffffffffffff)
timer_create(0x7, &(0x7f0000000140)={0x0, 0x24, 0x6, @thr={&(0x7f0000000080)="477a69dd528715401f2756868316ac3867776744e1cdd46e1d587920b47cad6e698454667d1623b77c93fcdb8ec2cfe8e88585e4e56fede61b21869e3ae042f38740b035b0be0e50ecaf63842003ce5ce258b5540ca3eaf4b433d231d44f387311d0c0a0e275a9116761e4bc3616", &(0x7f0000000100)="59a67261015df82d5e7277bd86f7a3e0c651962bca15ec2f85a49f061dd3df3f159795cad0ce1174dccf599c7028a8e0f1c01370545eccaf02fa9a5c4936"}}, &(0x7f0000000180))
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000000000))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
clone(0x0, &(0x7f00000d1000), &(0x7f00000001c0), &(0x7f0000858000), &(0x7f0000478000))
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0xe8000, 0x0)

2018/04/06 01:05:17 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r2 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r2, 0x4, 0xf, &(0x7f00000003c0)=""/171)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r4, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000300)=""/143)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_newaddr={0x34, 0x14, 0x109, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_FLAGS={0x8, 0x8, 0x284}, @IFA_ADDRESS={0x14, 0x1, @local={0xfe, 0x80, [], 0xaa}}]}, 0x34}, 0x1}, 0x0)
write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r7=>0xffffffff}, 0x2}}, 0xffffff9e)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x8)
write$rdma_cm(0xffffffffffffffff, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, r7}}, 0x48)

2018/04/06 01:05:17 executing program 3:
r0 = epoll_create1(0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x98, r2, 0x20, 0x70bd2d, 0x25dfdbfc, {0xd}, [@IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote={0xac, 0x14, 0x14, 0xbb}}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7fffffff}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2e}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x84}, 0x800)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f000070f000))

[  104.112680] XFS (loop2): nobarrier option is deprecated, ignoring.
[  104.116534] binder_alloc: 9339: binder_alloc_buf size 18364523706581032 failed, no address space
[  104.128104] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  104.136891] binder: 9339:9342 transaction failed 29201/-28, size 9224833837563944-9139689869017088 line 2963
2018/04/06 01:05:17 executing program 7:
r0 = socket$inet_sctp(0x2, 0x7fffffffffff, 0x84)
r1 = socket$bt_cmtp(0x1f, 0x3, 0x5)
getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000380)=0x7, &(0x7f00000003c0)=0x1)
unshare(0x28020000)
unshare(0x8000000)
connect$inet(r0, &(0x7f0000f6fff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000002980)={<r2=>r0})
listen(r0, 0x2000000000020)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000440)={<r3=>0x0, @in={{0x2, 0x4e22, @multicast2=0xe0000002}}, 0x7bb7, 0x4}, &(0x7f0000000500)=0x90)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000580)={<r4=>r3, @in6={{0xa, 0x4e22, 0x6, @mcast2={0xff, 0x2, [], 0x1}, 0x7f}}}, &(0x7f0000000540)=0x84)
socket$key(0xf, 0x3, 0x2)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x5, 0x41a, 0xfffffffffffffffe}, &(0x7f00000001c0)=0x10)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, &(0x7f0000000080)=0xd7e, 0x4)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000700)={r4, @in={{0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}}, 0xfffffffffffffff8, 0xe98a}, &(0x7f0000000140)=0x90)
r5 = socket$netlink(0x10, 0x3, 0x4)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000200)={0x3, 0x42, 0x0, 0x10000, 0x8004, 0x1ff, 0xffffffff, 0x3, r4}, &(0x7f0000000240)=0x20)
ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r1, 0x800443d3, &(0x7f00000000c0)={{0x669, 0x8, 0x8, 0xbf52, 0x7, 0x8000}, 0x1, 0x10001, 0xfff})
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000000)={r3, 0x307}, &(0x7f0000000040)=0xfffffffffffffdac)
writev(r5, &(0x7f000051c000), 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000180)=@sack_info={0x0, 0x3, 0x5}, &(0x7f0000000400)=0xc)
close(r1)
getuid()
sendmsg$nl_netfilter(r5, &(0x7f00000006c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000680)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14100000140101002dbd7000fcdbdf2502000000ea8b550ab69ce4b7bb033a4e044e2bf060100a4e6eada4bfc4152977159e3dbc4cb9c8fdae267a9fc44fc3d81c33b3b746cd8179890881cf20937c3f498a6e17953a59a25c7c5fa6b5984fbcec758cf33ee7e0d535d449597b930af4e0f19f568193ba3ba29e5e2dac6011d26fc40863fbc5646d5cdb63ebddda87b862f6b658031956d8f5a88cd793df161f44208d61e186456c68f1ec974bd5a0afb17ee0684a649caaae5ff47f564c8d4fa570cd6272c74ebb45c6c42d5ace3189aac9acc4a81332147514e4f98d259f876f64ba640f2c795bea74435cf91400e00abb3ca1b3409f1744aae72166266f49efba9e494c3f80cd1d7222c6907d70b3330372f72dc9d8bb4396854776051eea3ffe61379f7ebaf623b2fb952244811302154a05ac6fb7ac501e8f16ecd922366a1eed81a4a725f0864b1c61ad5d113b8ccd28d48937e09d995a28c9392ff2059723d55871e532cede5baf0ba00177164cc951a796bd14ceb5e4d819ce0c455a0c8377feaf00744d9b02205043cd5ecc810b943a9f48391cee7437a550d6c14095415c5ca0f7facfc7c96ae27c517ee43802c0665ffaee143ea77da24ccbed44a5aef5c19d37257d1964a83822461bb2546182fff87f067735f1c6e5a3a600002755b3350cef274443efc727a0966613c1e54701ecef496232f4d8aae9f969030fa79e9ec169427bb3e4484192870c2d1f55a52a94b57ed6552269f77eee132588477677618a8794933aef836bc8ac3825f8035347160e3178431af1a55b20976dc7cbb204a9b90bc575b1b8c4b20b3712c8b18386cd14c58d2ac9ed5aa4166c8fa49dc927037eabfca812efb35b30551e1bddbfe4c6f0e96ac3136b0fdb4f7c6578bab2b8a10c837c5aa49d2ef8835bf84940c3b777fd237316a1e4a007a67b0034c3db0721c2c32470445739cc160bca0459f196f99a564b276f1f7bcb0e6b59c5f5ff4d40d023e88801f83656c0ce35440576555872c71c7792559934188b765dc47dc55ded625298dda3bf2a5e63f6deaeb64f62c71dedcfc65b06b6b5ab334f472888325cb1531f8b247f8aa81a82f010e8035d13f1dba7649e8d1fd7b19eedb717f1e271c39d1a4fc3c6b078bdef350b1e8b939efca878347da90a501c9cdf5c127fc172f8a5bc9f1406a63c2a52aa697ff2a3c1fdb6ad9717de34fcfaf1b111fdc3079b3137aff15a6acb584a70029ccb92ffbfc14182ef88f4d2456f537f537d3e9ebc139b655835af90ef5292af7d67216f4d5ca10b709076512fed79e5cbe46bdc67836f8f774e42b142324828094d13e8be5b1d4d3a7d872bd2ad2fa05ccbd6c9c778b2fb331021f3e25a35ab6d8cbd620e8508c1a1cf047bb0cd52ad42b476caa50dc93dc8d523f80199960b9763c6ff7adbd7893d2e7a816bf3a5523a4eae49318fe657b242ac859beeaef4b5a62277469a59d0c1d7f06dcf4dc977b1ae2028da2c5583df87e5a9d12b1320edb096f759a6b564fff269c6b09f13a26a170eb2d8e1ec709fd4130f1d1201e3e14802c823a4ec7e66890e6fa94bd1f1482ae8351f74e2ffee299feb621c5096dba5b341def054a0a670497ef1e091e77afd55199352fc31055a51a10b6b6757d39a944cd03557b657fd90cf285c1a5d628110db7b13d252c33543818841b62b6952b27fa2f4ae387dd2f3591dd2d7e6f130509193ba03303ceed9b781f1c90c5f4091c6b2323bc56742eb716f48d2ef5d262dc9e58adfac5ed0c788d7a8169271fa2b74ed19236b2168dcc97301ce59e69f8588c29e4c1be176fb908d36f8fe44d14748a07db655772d0ebaf1f4b4a3f302e7f39a2f225ac8f82eb03b0592ceee060793eff6a4e7d979bbfe344888d79db20d8359ac3e9307bf1cc72aa77dc159b97ad6d0c5b0b2cba68bc8bb5162480c697a5e7a77c478a2e614b78a2c3be2da4c88fb26fa1b469e7c49769d000907aecc8724057b0ba4646c20c13ce0169d050591f3163ccb30aeae65a2bea74bc469525c064575f1f6cb5da4ccfa7b0784dc5425d1d831c06a6aa26a3f7c7af2c7282c594db1daa49f93e89d4ba48ed573b1842f1053d53df3b831c11f27d5701c899ddf4eda4e9894fb16d3dac302f850567f967a268696503dd421f676518ee277dcd693f85ca89bba641a1efbbb2ad7a6fa8743e4e0ec879968a2cd3ebcd654c97f000fc15379e9669921f11526a02130b065f579a3f0c329cd74de7d8db2d48365d0aca1b9336dbcfc71bd97ca541f3b64b2875f30367cc1824188bbcffab8100803ac65b61d63f5782b26b7694518ef2fe0c1f8d347854f9353e30454a3ec90fa7462287c7efbcd83251ba2b020f6b745c4e1cabbdf0a97cd33d1604f8380b513b869d502ad6a05c1be83b5bf8b2c0d6b1a80ab31f35780d9cd4e18cb6c50afc4894546bb30af93098ecc5bcc11ce6cdb6d373d067b4b0fdc668e2c36754f71069ec2624f06424e0ad3cc8a8f2c44b71ee9af843104ef918ce6fb37de5f5ad1675a118df9d959868155aa382c7cf734295c7988a695256daebe37f1d3a11b07f78b1afee8102876722023be08c836955be14d41fd18e02b510b9139e716fd485d7a4a8059504f94f1554b87941f23ceafd9bec5c52555d699c6e5be66243bbec0ed7526ac4c18f3bc13cebeb3ce3e895751a32a1b0c949104331c1b6b0d391bd6227bf11b2d107e7e448ee8972391f3978d6459cd64587589815a642a88bea9c5c91d8d094ee7cab4945e78de11dd392fe9882e86b57810918979d41708979687ca95f76faa963d9490577a53ae479c37c0b0406101ce2cdd802ccd65d3c09bf40073b349aadfb8309da26e42d37b5402fab5ff2d80b4f1b3ad9174d553959614242e257528cf4c3659e0773f623caef73832434e6343fcf0c1d1242bf3a4238e760e532c46280d0af962c6c64653a03607def03bdbc95a379147f92f2552d374aabc9bda9114f6ff2cce9332376c7cded8a0d016a98d23b5e7cb9c16769600a542d11b6e60dfbaf0b8c2a1e83dcb354504d1551234e580958a518a94089859246612f6a304722eb2f54843bb8d3dea80cc9b1fe2df57def35dc21b9b6ba6f7c4442f1d8d3a2155e6461925b84ac4235b4d294ec4850f690b3c502d739721e53cdc4e3e4be9aaf13cb741e31a30f7c67749c2683ff5f92a917895ab1e3f3e411199e82cbe5dcf5252f922dded5b8b055fd5ca2e935341acec01fef2f2c3888f0d6ccfb7ac988676af366350ff016001b194cf6018cda8a8198471ace4901101383d7fee73fef74d8bbc1d9d36f9608091c5b414cf775505749826983c16b85a3ff96a2ef67e29d42d031bd72573dd70bd232eee9fc923a0ddfb64acf38c09d3d6ef6699aa702f0f795f1ff7180dabbf5c1fcb78b194cd8d7828a995430444c2c16003b9663baa57a1b9485a53ca9df33a71a80f0f8330c439432f3059b9d59b64ca4cf46f317348333ee4563bbe3a55d0830af442e311ba1bcc058049f3098510d073d69adc79cc7cd9fa03fbb1207936e0066a4be07aae2459d3acf0534bcee9f33bde965073786e1f602ccfb033d6cf75f3b59017d258d3ac5d4d66ac0451cf7d63d47c7a1df5414a7add04cffdb878959a556d25a91700290b7b599798e8cb468b3f0aaf0b3d3871ffc45a2b2c48c1e87de1ef422bd4ceb78a8271f69454800579fdbfae3086a21607696cb76bbb55f4f998afab6fdd81be77f12abb0af195ec48a4176f1659f9be72a40f2f3b010c0932b5fcee6d1fd04a844aebbd3139366b73f8bedaa1d787dbee70dc96a57bcaa0503f953095e1e9e9b2787fa59e119ef70c82a0237a2ff108d66167c535b373059b639efd55282fffdbfbcdd1bee098a29e7854229d0172dd6deebd14284f8ae225860a7f5d0e56ce648f0b930a44e049d7a96ebd0e2ca46d9c8f392e3ecb9a84121dbded2e66d5303bfb9875a7f71bfe9280f0b16cb99fedd215982acf5f9ef8cb28598ce429319178ed7426b43a95c7d3e63f1716e5cf410c26ab515e0f328eafcb3404d99cb5cd1d1d04996c3de2aa153c3ebf947dcef19478ddfdfcf42a4b330c51015b1c87a109f92cf446782725aca53036211f13e40f77f28bbcbb85644d6171c01830de6a6b56342031733e8bf7a6b3f43cf8dcede8ba444b3dc2ffeb80427014df1670ae732a8694f0e47534ce47bdbf04c3e504c0d8ec5c165c35cce5ac4cc3c3572a56b5caed71990ca2da9f45d3ce0cce884ff7f40879911bff631a500d21b016291b72b0f202d7eab08d9c8cc2b4d7fec89f28b75aa98745b68958e62c9e824870d39ef5480ec9a395e779814f303562a5b98677bad2cb777b25f2d563016b8785a46d1b09a1b0e02f12ce6604d35860032c95749f959feb1a9b321ec7b9c63b3ea3edfd7af61f47026d6c451ba87c47bc16faeccd37703cb3d560a6531018682a2b3ffa24e24ecb718d1fb0876ff69d66027f0dc82aadbf0dc27a19cad94d21491f5f680e8b74880211a458117cfd50a1dd2ec5816168f35cbc6ce7e8dec80ab0667059b1d99fbdc879e93ff1a09a822d7817dfe2f25046d86ecc7ef32d9c86815cf5eb93f64dab497e71fc1b621dbd169cfac4fa2972a516d58f9c3341eedc180d9ae2b139b2c886725bd82aaff937f1188c4e46987ea18a00cc31bc5796c0e87a18a75df8bb253dc20cf90aa6cd7350473505bb7ec23da8304a187ea459656180b5544979b363191a9e46f70102dd65f3932b3032f13ac25599d9e661e1af2e67bba108aada8034f145a0dcd6e66ba9db32272bb8c1bacb148b2a324a0f5178f7129262752f8b3b45565057c0cab756fc41d725f442edc43cb5793d6b98282edeeff3337d644387e1a9ba30e1bf1d6356450bb96c9aa616b1dcd85deb19b31ebffb325fee9f4a9d72f8aaa77d5c97fc45de4d57adcdc908fc853a404cbc2223367144d4286a776b8413fdb4144cb06b91d4e87750b2d21096e0e2bc3392fb2781f32ee42b9db1300e7c42906f39caca01c8df2eeefcb2b307b5cbec09c56ae6644313e3377cf3d659488af1c11b7bc5a85304047355f0f2236e58bdcdfef8c905112277548a651747761ee68a72e1b45874bdcdda94b2c7336aab68a8172cf9d7a3862d071ca1c75ee25b8dbd60aa4e571e164a8fef90098dd8713f5e1e573e47d07a36f55b57a14596da5a67acb40bff6ecc642decaab12d1aba52c347505cc4184b79d5d471ff93a3ba4c96cc9b55c4528f89d3687fdeb9007074f71dfec05053bf01d9b49d1483f6f780da33d5ca18acc96ad02b5220fd184cbbbfe586c33b400330a5793e5728ac0da937e92224a3443a6e82e7773ae69eded7023695cfcbf9e373ebd8b4e3b4eff25fba8434d9564775904d1ef96d9df66421597aea313a5b79b8cdacc52b9d46a66b868bf2e2fd442505337e5561a3d73bb78d479cd8bb94e6fb521f9e6f64208abada8b1495c4ca0b4ceaf9a13aa6e3aa5fd4678bef4f3b26f780a31b25230c945a62e008458626ea1eaba9a6a294909eb2247e482566ff7b0f05b52d521587e2180dd26e9e734d8cf8f9320487eb5d147fb4cc0d35c153b746189106c4507412bb55a1ac43efef487d6a0f97c7986c891c2e45fa0211655a3963539d71245adc465b62c6d9f2787f78c29380b29fad28418f2cabcddcab0e3e995c6697764e700c86773b83041265f772923d7b0da1ea7942601801149677b7d2c56f58e3a0cfc0961f99ec15d6b3500e92ef65c08d4cdd786da3f3d489a7642f97bb6c66489de17df0762f1088b2278597b5c1"], 0x1014}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
ioctl$PPPIOCSFLAGS(r2, 0x40047459, &(0x7f0000001800)=0x42)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x89f7, &(0x7f0000000280)="58388e43f2d10d649f0d5b185c241ebdec1bec36a2a74799bdcb561ccf45bdd0485b14427c0e1813fdd99f1f891262df71ce709447ad4d6589c1702f242fca638093623bfb22dc59255c84b7b2732906fd01eabe1ab64e7f35103964b11c90ab6ebcdbb1ab764481a0d90ff452089a0fff039c36533a0b9cf5996d3ef39c7de0bfd81ac6897c7ca4387873f6acfa908c79f335d2153489d9894ef591ea4896db697e739bb0edc59cdf6d07379d56e724bc9bdf53dcf63760777a5acca65a334497987c485ff564c081c200d46b5857c222c0f0e9bd0b9999b7aae07b5823668fff79e680c748b0eb7534422498ca9a")

2018/04/06 01:05:17 executing program 3:
r0 = perf_event_open(&(0x7f0000001f88)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x50000, 0x0)
connect$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x4dd412b1ce17c1d4, @hyper}, 0x10)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)

[  104.197404] XFS (loop2): Invalid superblock magic number
2018/04/06 01:05:17 executing program 5:
r0 = memfd_create(&(0x7f00000001c0)='@&prockeyring\x00', 0xffc)
r1 = syz_open_dev$sndseq(&(0x7f0000f36000)='/dev/snd/seq\x00', 0x0, 0x8000000000104)
r2 = dup2(r1, r0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000a00)={&(0x7f0000000840)=ANY=[@ANYBLOB="1a91c53ec8a55f182cbf8ed9bf1500c24c3861be7662ee266e58a3282a8358bc220bc01e6c734babae3c4624438ad6659aeb9a2125c22b1522bb4b55ca137459ee0e878dc8e7ca12ef1738ccf738b1fb5693f517c244dbc8574de61dd2bd5885a1a16fab046e708cff2c7ada7dc3d2ef07f495914c303c093d7c8f3b6a7a4cc2", @ANYPTR=&(0x7f00000004c0)=ANY=[@ANYPTR64, @ANYRES16=r2, @ANYRES64, @ANYRES64=r0, @ANYBLOB="d0b96d42da0dcf6e22e543c3d98891878f9d9009834773493da2161d6a4bffa2751e097022b11c1a98b547d6761769b6d05725e0dbcb9e93f3d65b8b16109328d2ff24f71ce4b00a440d78a00b731e88fc9d61e636fbdca9e221a0d7f2ed21b3236e365c1730962274f0257709df6827b6caa7a3156e067498ba200062eb15c3d18ae2d2921fdda3d565868539ad580da1ae10a11e07adeb83a1e9177e975dc2a2e06b6f8f1913533a32ed0e7e699b2d29aa0db438efeee3edcccd6d45b60c40680a4636357c6929a2315ccdfacb81fc9b830c0f09090ff99c35ac9a9ca980bfc57c26814ec06b6e0a5360135b239e10760c", @ANYPTR=&(0x7f0000000480)=ANY=[@ANYPTR, @ANYPTR, @ANYPTR64, @ANYRES16=r1], @ANYRES64=r2], @ANYRES64=r2, @ANYPTR64], 0x98}, 0x1, 0x0, 0x0, 0x48010}, 0x800)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000a80)={<r3=>0x0, 0x1000, "9830dba20276ca80e2601c0dffb769884d45e60ac396221df2797ba411704bd7dd728d92e5a07740d8f10c40c5d3a112a5c3e4d3723060b34eb0e49df09ccfc4e8a2b9429e8b504bdfa3d30bc14abd811e00d5c742b4592266cefb1e44e9bb6b1612fde9b6b64e5c7ce0328f4698153dcf59a34bbda8573e40ecdae4cecb56a421cb1f0f318960a5e31decd4898adc93b0a12bc4e25dff1596b639459d073b766a858ee0f7506a34714e8553f7456cc66f106b50b46180fac4e3c027eeb50ff553bd722d2d15126c50bd0bea9c1573a9a9e8ed5d70b401625b5a380bfb73c6197718858e50695c1ff073efa45973e550d39f3291b065482bdfd65158f6bc57e3a095ff4d5e9fb59662c92019dd24147b4bab845efdc284ce650ae7474ad7910899b17b49af172e7ae09201b09d6059955015fc3cea8d9ae918d43ec0e7c25e812dd6290ad1417c0778c9ac56f8b5a0eb4b9a2858465b0f6c6c1fb88c75961332e014ae57486c5c96d7742a9f937896be3f5be302a0c6a045eddf8de606161e09c886e04f19b22b0e134b7bb940c3813eba80b84dcaa2f536d56b6d39fa26fd0c252d4ac744fab6b816a773529ecfa0a9acd17862f25ae311d51ac02b4a66c72ecbffe8116f12c6567c46a3cfbd275cff4584813f8673ba7387d5e996db5369b16c9cb46e8e535b6420dc407d76a690b78b6c228a446da486da386b3ae1adb884928d4a6a389de6f6f7da028e619e83807a638981e6696fad5a273f634398cd06ee604f3b18a7bc066e2c51df7fb0124e4818f825360adb010b98746839ee791fa2605ea52f5635e08e5c319b63d48f7adf90d7027198a492796e0199cd3042381b273d2bce11dcf1cc882db843df1f6177c71e72ee6a894f1052183c0fde4f7431cceec8a317077936f91f53b9a828c4ccac5a537f796679bff7e96c560f8769e074c257d91aedd4daa9772f83b7a71c0cfaf58d7c9d1c1c8612c5b73b5a3bb6bcaaba2e1940b65ff107aa07c460a496876f4ba5bac6500642572a729a13cb7eca6493b2c9e7189e9173aa7321b8e61953976097cb8e68f11b5921de85b21dfb3d194d19dbafa116d4608c637f4d742795feddfecbb998abd9b701f0437093d63eed91b797f9d6c06b6612dc78b64277efdbbdbfef190a1760a7384c5246c98a67cea7498e9229cb74fb3dcedb1f3e4dbfd4f10e0b778214b6dfb52858bbb8300fdfdd36a2262e075c9987debee1ab8de4a0853bed53df41fcb3d0778fd4e8b912f210ce891ce569e11103b69d6974a0892d09d8563d001f4e74ba07161829569bf6b62c95fb81de436b4ee121f6fbd30309cc09b2e88659f49236edc697ea8730ba523df9d934f491b1b1582fd2197a129fad5bf5ba85a33f7fedb11de2696c1d68be6458e5d46352be106b351c5286fe82b15e54be1eee0afeada4991ec40c479d5fa49182467f988eabc0ae255bcacdb67c3f74bfc17731948bd6ca467b3f277d104d10920f15f17d86be17a06fd85bbf2c182a516c5e9655fdee30e168af13a3494c124b7e2af3a125aef2e3fd54f68959ebb633180404e0361e7b93a3d1da0a3f2aabf16d79eeb86e16c6db3c32939961c49f11d4892f9bfdcb778be799ee33db9ee2a9594d6d4d935028a22331d10b1846d8651ef10155793ca516891601e8d3382f8b1d8f7c7f0f1ddca59209e672f828c4398efa4d44051b11632f16fb41349a1b8eda53e2214b79cde5f8614f4f2c40a782284446a9eec1377f464a4700685072fc33bc9d5fd3a75a45a7361977bb3eddbe5f935b3c2a667abc8532fac1d98b794193f998812e305c403ad1073c2adc41ae9fcd915e46e71ae9dc177487e4967f2b1fb37edb9b4f366edd03af7222ca146199526c1cef20d2e31e393def72f50042effed140c81ea717fbbb47733b15da7b3c99831580aa6010df3b6e43a3349b584aec649043b56befba38cfb8090be4439d4731efa9b28759b27a202550f8bd76d13fef41777582ba02d675acf3cab8ecc1b9f5a599e596f12c8aff7954a7d9023192ed3e23545be46448ebf3f6deb0b2a0d36f32a767d994d5a1e8c4a89a4ef341ea94d522c3fdbcf113b6807c22edfad0d607b399da4eb59f0a545f1db65d8deb09564a608b2aac20d07850d9bf8d731c81305766e9bf839b422cd0a450395f9da2ffaa1e4b5d7690893cc6cb8c73009b878bce6ff4c746c86b8c597923b576a2307e42b675b93464efb721e2da5005cf5e336c8db832a0dbfa6b6ed67bb0e9c5ec117c87243c24691dbcef4dc6b41f30f9fc7fe4613d6c234259a617cd9821fad5282fd52ed0bcdaacf1ea8217f35ccf7b81f0670efce72fe2b6df051a9df3588fc4b7aec152f7320d3a4c3e7a4a2ad46794ed30a757ea69167abff806153617b45a1a548cc99446221358640adaf2073573235d9fe7ffb53f532a1da1d01e2b8e8cdd496e4315c7693b498848ac227c708591a19a4fe456df47911f5fcc46483d239a03c17c71e670166ca6f61b7b7eed5fcf8605a2b3c221b84b89084aab0299014075428f518d82b425f8688ac759ebe604c52faf8c8c8bca7161e61a4d537da9d7483ddac0a817bab99a21a5debbe9da6d03eef5007eacf0207255d683c16cbd0613e7fed9d6f47226acb439107d20283be302e1c25764df957ac6084818c87b2baf41a2783d2a7e8382597b37ee8b336e16f017add44f34d6810242120f4d571c3f9d7cd9eadf54d9aa197b3746c5abb3d881a4713170fcac423ebd3a28a6a85d0bd7bf53a6b089b6d4d28152d09ac9dac4b59da8d0b466b78c006224df6bc6b7d8c98fa23884f75c3502e56d655d7e358fd0c7f590e78f8b4245bf7e626cb2fd07235552bbcb8b3b5cd74b8dff3de3bd809ab3a9fce6e96a1380f84d0e6b2c8324e2ea06fcad14ae293abaea7f71cba9a74ed765f375465dbf475ccbb2eec109c8c3eca0a0430c47944ee0ea245a3143b196f279cafc77d76ff7ae91e711333af82e9a16d0f7fdc9dfffc8f205f1c324efd26b9a1b03c41676e613d7b37ccb46874079724c942aaa22edc6a4cfa497eb2077876ae3c984f8a738d01e676dcdeae4d0247c9c8c7117b0d107127142b9e5d5723e58d4564e2a545a024023574133d815a50e8eed5f4a73f75dee3425258dbf4943e2950057a1836cf37c27f8ca9f0995717755c19fe8ce805d32a0605b2dc5d5b0bf84ee64fc76d3f53efc2a142cf6e2c7fa03ca34cd068c6f94e6f75ae2a55f0ebe68368a8442720d63415a57384a492ef9cc103e4e74ee72ff82818e8a230be29f4550d83250fa58e6790b4e1417ea649fcf2ebfcea66b6ad93b377f62a418a74280e7d52ba66095292848f534052e08d9eae0691dcd8b732d7f46e0ba409ae25d37894286d22aabcb8c063139677f23f81cd028bd7f00ae6dc29981917637cd05fd16058c903c3b1a21797bdf28fa3730829d821f194d168b0741dad1d8dad0a3288cace36c8755c87e2f49cdccd34b154c467cfadf8d6b7f614b932536bad8fd726e83da107c3f76b6b050d5ce61c1810d1483dafbffa3e2075b66e190204246c7899820ea11936d80f87d9bcb41ae9b9ed8c80e16f10a3c03a8ddedad9b53f86aff77770cc3c7983b8e5466ba64b2b56ff2ed5f56c4c4ddfd0b351cede7f2feae32c7cb4fd713516b49386753b2ae1a243dac0e343667be43f740dee5dee0f4875eba021366e9cc45ed358685f96a630e0c233202f2ed95660c0575ceb8d704bfd44b7d9ec6d88198acca049c2aa1df0b4c386cc18d152a3c57afd9873ee4166e622ee804dbcc605c83a3495463d76d490a5e99db71275f7552bc2c761b74022cf975f216c7dffe9c3b7cd3ff73f0a19a25568ce335795aba4253399f376d6618115df3e1f3641efc2c911b66af2c24929d18a5c8d7200f1a4e9b704d56cca44a920c2b12cb1d0b4fd5454ab1b59cdfd238a148f1f22304af39dd520d099a82f1ec031c6919322d9445dbb60253a9e2e6c94aeb6e6ab1fbbd601b14affd4748b5c79370cc4a40ecd5c8aa3eb25f5f48c04d1b964bac09b4b1c776fd3d04713209883a23e22a7563e8582437c0add9e3bfbb2cc18e83facfc4a0d0dbe693b8d39a989065a410552fefbe4450bffdb2a315fe23c06c10c65b022736ed107fcae72fe37e89661a748e358b6cc6c4ebdeb3452d31d5546eb40798dbe54762fca558551f3504fa709a50a76a87c15b7ef45ee39617427e8af55f457df5bd6ee2d0272addac29b68e000561ec7bbab8c22f8a3741cedcf48f6127b87dbd085233b52a3b9829a9e203f24288952dc46b84864e42cdb125782956254c2aa71e248258c56c7f1c0dcf47baa233f906aa26591ee6c96ee7e3aad4999379286b1271db511b5069a45b67ade068ab0e36e975707f545c39a18f6f702c48473ca93b5ff5a526d2586e06a8de1989ad2e63423feb9f100bd1975014ec67790cc645d2d214a643e336323885561c365e19068a3f984828c587f7e72969ee533b24db3137b2fc60d6dcc972977f6132a43b8f8a9fbe99ee24dcf2b3bfcdd9b886766952a5a4e06512ff2f453b3e3bfaf5cd626a41cd5fb464785138f7e806005cade0567a3283b4322e14b509560b8d0b0f8192e80fc1dc73634a6db6cbb83d5d11c503f99cd99eec652ad2b8c0f0bdaa5bc7116b2aa1ff349931041a0a63679545c2a3dfdf87b348b7c0c8ed5827f361c9fda7911523f3eac30bff4349a274e48632a6e193c037f72661c9d60ff395c00b43d1c19dffe3b8690f6c3287bcfab6477f833f4215cae76964b45a8d7b7c1d8d875af0fcd4775f73a15ff8cce3c9c38b81714bd96e91fd0fee016a471afbbfe87c48267bf68c0d2d22a1a23751d996792db58887e0fdef59f8c4316955c41be6638d9096fabcadf173151fa13413f91b38cc8e11f1a3775effd4de3531c110abae2a007e889f213ec1bec8360eff9ac6a848fef9a0fa4cf4def5494d18f5bfa1fda0532cd699b256ee80c6cfb20eb542fc9211b2f6f1bff2ecb0872a5aeec8cad88aefd7501ecc1d3a7e406dc8889990a3290e1182f61e6a9e2c75b45a0ad21c071d22d43e6a4960fa3e52e2b76c7057866b89623c4ed196ecc28e434f04606041ea68111df778c60356583836ab137e13960577c83a7be212f17025ca458fe40bea08c6905797998fdddeb1b3c8a7c4acacdc49c141f77b8071a7b36e16c2ca35a7ca69c038ffe5f398d603db93232afaee23789747f6b188894e839ffde7cd63a22607dc3d3791e867345eb19d00c421c28236bdcd151bf81cf4382be1425d5d78b82e22fd750fae14c045ae3e88567e803ea6c26bd654774615e46c6c18a151e8e14721668144db075f37a0531a9ad23552508cac767cc886002701574945cd9c51aba11acdb2a5ab7e60e2e064321c7e2ecf3c621efc6275bd7b68be56fbfbe4f66dc5e66f6fa395147bb5b7b8b372814fa68971985e1503955d70c37cf1e96e7b4b3eb0b11b04a28e4781ad1526643a8742af0a5ca398bc1748f5e106da907ec0a676fdd3ade62cfbd38d5f8a5288eaca8f79d90f57617c3506a41491a46b3ec1003cab04027ac4ba4927539df571173b8aa1b85f61aec9a8c9999b9e66fcbc8b235b4fb0051dbb110b7d56446750a2e43bd1c3a69b4643f5afdacf2b871f11be57ad1c40b67bf0e8d702ef6dc3cea95226bf1f0d6310195bdb406d26059fa5fc3533cf99f8f51a7d66be03e64556d96fc24411c07a080d71b4fbbc397e2863cc4d0d3a9ee991e828343bfb7282125bae434f1979cc"}, &(0x7f0000000040)=0x1008)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000080)=@sack_info={r3, 0x2, 0xff}, 0xc)
epoll_create1(0x80000)
clock_gettime(0x0, &(0x7f0000000180))
write$sndseq(r0, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {0x0, 0x4}, @queue}], 0x30)
r4 = memfd_create(&(0x7f0000000400)='keyring*\x00', 0x3)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f0000000280)={{}, 'port0\x00'})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a85352, &(0x7f0000000340)={{0x15, 0xdc}, 'port0\x00', 0x8, 0x8, 0x2, 0x8, 0x8a67, 0x8, 0x6, 0x0, 0x4, 0xe287683})
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r4, 0x84, 0xc, &(0x7f0000000440)=0x3, 0x4)
write$rdma_cm(0xffffffffffffffff, &(0x7f0000000640)=ANY=[@ANYBLOB="06000000180100fa000000000000000091610ab6a45bad756b6ffb8da473eb17caabbd274199d379f3ec684fa11ef16e21a1317905570a0e46f23ad37679ab898e5ca40768eecd8b50e630aea09d13002d2633d7a0e8ba5850d0971882fb9f84ce99e311f5f42401c5c754d79cde66707afbdbcce2000000436abc00511fd91643a050686c38b8ecb86dc7e2b8cf770e9058ccac155a18239117d4656c8cdd1958d67fd3caf11c60ef83091efd7fb527d329df60b1a27bad0b9309e3a19bc60ca074c0235b290ca968f9c9999cd5d31ca9e555a814b17b2d5965aa1ea0b0c3a927840393ec702f900ba37233f71aa04d7d4e556e5f03292be6035d56ef2af1cfe335bf343b5610e47e5ef9000000000000000000000000006812db4e65ece32c717558b553c6ad263f3cc787dedbd3476c26067884fb21723cfea39dcc8ccde8354a77eeb05311d7617b289722d92adfd18e71aa049e90429d946772da5ce156de5f7b926fabbf08f9c3390a95b45fed72146b1810f5a0fd4f0e42f0c409080a4e88b4dedfd92859821a7e62b70702df74ac19b2fd0133545dd731c2f68de0db500d3b4f52586975f7695c367925f4a8778194d733fc5a7f99a497c12723a457edc5baa26b9813125ebf05"], 0x1cb)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x40400, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0x1f, 0xa5, 0x6, 0x82d, 0x7, 0x3a})

[  104.248375] XFS (loop2): nobarrier option is deprecated, ignoring.
2018/04/06 01:05:17 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x46, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

[  104.298758] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:17 executing program 0:
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=<r0=>0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000001c0)=<r1=>0x0)
rt_tgsigqueueinfo(r0, r1, 0x1, &(0x7f0000000200)={0x29, 0x100000001, 0x1, 0xa7})
syz_extract_tcp_res$synack(&(0x7f00000002c0)={0x41424344, <r2=>0x41424344}, 0x1, 0x0)
syz_extract_tcp_res(&(0x7f0000000140)={0x41424344, <r3=>0x41424344}, 0x0, 0x1)
syz_extract_tcp_res$synack(&(0x7f0000000040), 0x1, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x9a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaaaa08004c3c008c0064000820009078e00000010000000000071b01ffffff13ad0414107f000001ffffff8ec17e7a630bf4aebb4e244e20", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="a00200039078000302041f654e43b3783ff18139010203b701000000c1373aae4979f03abe9f7039b43fd0f4f42a753ac6cc667e235a9be6740d475596d8387a0ef23c22189992d9d8e5a512da6ae15f"], 0x0)

2018/04/06 01:05:17 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r2 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r2, 0x4, 0xf, &(0x7f00000003c0)=""/171)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r4, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000300)=""/143)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_newaddr={0x34, 0x14, 0x109, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_FLAGS={0x8, 0x8, 0x284}, @IFA_ADDRESS={0x14, 0x1, @local={0xfe, 0x80, [], 0xaa}}]}, 0x34}, 0x1}, 0x0)
write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r7=>0xffffffff}, 0x2}}, 0xffffff9e)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x8)
write$rdma_cm(0xffffffffffffffff, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, r7}}, 0x48)

2018/04/06 01:05:17 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r2 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r2, 0x4, 0xf, &(0x7f00000003c0)=""/171)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r4, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000300)=""/143)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_newaddr={0x34, 0x14, 0x109, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_FLAGS={0x8, 0x8, 0x284}, @IFA_ADDRESS={0x14, 0x1, @local={0xfe, 0x80, [], 0xaa}}]}, 0x34}, 0x1}, 0x0)
write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r7=>0xffffffff}, 0x2}}, 0xffffff9e)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x8)
write$rdma_cm(0xffffffffffffffff, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, r7}}, 0x48)

2018/04/06 01:05:17 executing program 2:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x2, 0x0)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000380)={'nouuid,', {[{@inode64='inode64', 0x2c}, {@nobarrier='nobarrier', 0x2c}]}})

[  104.406341] binder_alloc: 9390: binder_alloc_buf size 36034507178056 failed, no address space
[  104.415345] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  104.424133] binder: 9390:9391 transaction failed 29201/-28, size 40-36034507178013 line 2963
[  104.501513] XFS (loop2): nobarrier option is deprecated, ignoring.
[  104.573417] XFS (loop2): Invalid superblock magic number
[  104.608887] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:17 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="0a0775b0d5e383e5b3b60ced5c54dbb7295df0df82147bd46f000000000000e6", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
io_setup(0x1, &(0x7f0000479000)=<r2=>0x0)
r3 = dup2(r0, r0)
syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x9, 0x2, &(0x7f0000000280)=[{&(0x7f00000001c0)="b5b9d152a81a9a9b477efd705c3873497be09e151cdbd986e104efa0cdfa78f21d7e8faa7eb723ab4dde829d8e39e89ce81bbf17be685de72c6124f22b5a1ce9308156631a8159a42107d4f0113b1993b4ecc78a54d8964c0799512334e1e37f2d63a281a6f231a267a45cf668349ff0fa7d0f69b7930b8f58f133c0f64cd6a60488c607a1883050f0e6f9aabbdc53754ae2598d68cfadd542d48d1d8bbc1f14c1d4957e53da6bcb6dca041acc8b", 0xae, 0x8001}, {&(0x7f0000000140)="52189938dd1b0d9c3b57bac48551ad2779d9cf7dfd6cab18eb54b79de683027b5ca585c0e8e13742f70891bdf3e0be0f000c", 0x32, 0x101}], 0x2400, &(0x7f00000002c0)={[{@noenospc_debug='noenospc_debug', 0x2c}, {@subvolrootid={'subvolrootid', 0x3d, [0x37, 0x33, 0x39]}, 0x2c}, {@clear_cache='clear_cache', 0x2c}, {@max_inline={'max_inline', 0x3d, [0x3c, 0x2d]}, 0x2c}, {@subvol={'subvol', 0x3d, [0x7f, 0x7d, 0x39, 0x7e, 0x74]}, 0x2c}]})
connect$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0xffffffff, @host=0x2}, 0x10)
io_submit(r2, 0x1, &(0x7f0000738000)=[&(0x7f0000f73fc0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f000079a000)="16", 0x1}])

2018/04/06 01:05:17 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0)
r1 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0)
r2 = dup2(r0, r1)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$audion(&(0x7f0000000140)='/dev/audio#\x00', 0x1000, 0x2)
syslog(0x9, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000000100)={0x9, 0x10, [0x0, 0x0, 0x0, 0x0]})
ioctl$VHOST_GET_VRING_BASE(r1, 0xc008af12, &(0x7f0000000040))
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0)
openat$cgroup_subtree(r3, &(0x7f0000000000)='cgroup.subtree_control\x00', 0x2, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0x0)

2018/04/06 01:05:17 executing program 7:
r0 = syz_open_dev$tun(&(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00', 0x2001})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
readv(r0, &(0x7f0000000240)=[{&(0x7f0000000080)=""/232, 0xe8}, {&(0x7f0000000180)=""/191, 0xbf}], 0x2)

2018/04/06 01:05:17 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x8, 0x4000)
getsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000180)={@mcast1, <r2=>0x0}, &(0x7f00000001c0)=0x14)
bind$can_raw(r1, &(0x7f0000000200)={0x1d, r2}, 0x10)
write$cgroup_int(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="b44f4cb82a7b20196e1093aceb181c0bbdda731ab99df368c3403f2017a3112259a794263700958ee22a17932aabb6f7db35aa6e98d1440312d6fd3dd83b1cd27e53facae4a802a283d6a662ebb50ea15d50b8ceaf767bf496805095a26d29fe79758ef491f3e815b8b89a735a71ea030e81479664eae37029262cff4ff1eb18171b677cc11a76b88478"], 0x5)
sendmsg$nl_netfilter(r0, &(0x7f0000aba000)={&(0x7f0000791000)={0x10}, 0xc, &(0x7f0000e2a000)={&(0x7f0000831000)={0x1c, 0x2, 0x9, 0x1, 0x0, 0x0, {}, [@typed={0x8, 0x2, @u32}]}, 0x1c}, 0x1}, 0x0)

2018/04/06 01:05:17 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x46, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:17 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])
socket$alg(0x26, 0x5, 0x0)

2018/04/06 01:05:17 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r2 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r2, 0x4, 0xf, &(0x7f00000003c0)=""/171)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r4, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000300)=""/143)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_newaddr={0x34, 0x14, 0x109, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_FLAGS={0x8, 0x8, 0x284}, @IFA_ADDRESS={0x14, 0x1, @local={0xfe, 0x80, [], 0xaa}}]}, 0x34}, 0x1}, 0x0)
write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r7=>0xffffffff}, 0x2}}, 0xffffff9e)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x8)
write$rdma_cm(0xffffffffffffffff, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, r7}}, 0x48)

2018/04/06 01:05:17 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x0, 0x20000)
r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0xc1, 0x2)
fanotify_mark(r0, 0x0, 0x10010, r1, &(0x7f0000000080)='./file0\x00')
ioctl$KDGKBLED(r0, 0x4b64, &(0x7f00000000c0))
connect$bt_l2cap(r1, &(0x7f0000000100)={0x1f, 0x1, {0x1, 0x9, 0x6, 0x800, 0x7c7cb1e9, 0xeb}, 0x720, 0x2}, 0xe)
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000140)={0x101, 0xbab0, 0xfffffffffffffff9, 0x80000000, 0x11, 0x8})
ioctl$VT_RELDISP(r1, 0x5605)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40042409, 0x0)
delete_module(&(0x7f0000000180)='proc{$\x00', 0x800)
connect$nfc_llcp(r1, &(0x7f00000001c0)={0x27, 0x0, 0x1, 0x2, 0x1, 0xfffffffffffffeff, "927d32926695dcca65f965d4a322cee889164ee206301e0f710530f44fdd41b4896c52433107f719e9a7b6976d89602b77f0f0153dace9a67a41bb6b55bfae", 0x3a}, 0x60)
ioctl$TIOCMBIS(r0, 0x5416, &(0x7f0000000240)=0x4)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r2 = fcntl$getown(r0, 0x9)
getpgid(r2)
r3 = accept4$packet(r0, 0x0, &(0x7f00000002c0), 0x80800)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000300)={0x100000000, 0x6, 0x80, 0x800, 0x4, 0x9ccd, 0x81, 0x2, 0x0, 0xfffffffffffffffc})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000340)={0x80000001})
accept4$inet(r0, &(0x7f0000000380)={0x0, 0x0, @local}, &(0x7f00000003c0)=0x10, 0x0)
ioctl$EVIOCGABS20(r1, 0x80184560, &(0x7f0000000400)=""/147)
ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f00000004c0)=""/100)
fstatfs(r0, &(0x7f0000000540)=""/242)
r4 = creat(&(0x7f0000000640)='./file1\x00', 0x8)
write$binfmt_elf64(r3, &(0x7f0000000680)={{0x7f, 0x45, 0x4c, 0x46, 0x2, 0x6, 0x1, 0x7, 0x1, 0x3, 0x6, 0x9, 0x1d6, 0x40, 0x179, 0x1, 0x3, 0x38, 0x2, 0x6, 0x6, 0x2}, [{0x6474e557, 0x40, 0x7fffffff, 0x4, 0x40, 0x1, 0x24d, 0xf89f}, {0x6474e557, 0xffffffff, 0x3ee7, 0x7, 0x1, 0x3, 0x5, 0x7ae4}], "dc7072602c12cc24612c9892e9ceb80efa5e7e862a105494bf4265d7b39860b7b56fc41e0462b8b36a3e00bc51fc9bdb4f4a40430505a7cf863922e0440bb756c1fe5eff188f92438c59976c56aa53187d68f23fbf4fae3412d13dd4be14f0a68aeba993d218e55d03597aabbd8b7628e8596d6ee72cf59f0a639a2264cec54442cb188689602fe82f12983df661a4707d7ec13e1d5883e0e3e38c789e21ca816a0f51ec024d889b0292ea188c7991b130614d6a2b188a541e1361c55fab141b7f04abe25761c6528a1179552fa7f4806a2b54880aac834dba2f2495f6a8e63e9f8eee14dea12c2a53d033161c7025dc7004dfd7844a12f93754fafb112a56efc3544b872e56f35c32953cfbd7e799b274e28ffb5ec6c63b86fe70028c88b2cbb7d65e4938822104c3a68344020da953e33fe585148403abd9d7c47a1be68ed72a4f16656ecd3adf43db4c405a1445d3b429319eae1e6f045158fdd589bcc53a6c1e825606745d13955b4232f43b00fe22b762eb92aacf141d6acc62cd7e9c2c7fb0e1b7cf7d1cba13aa8caa8f511cbbd7cba5950d3e453fde647735f211d5cc386f96f6c414397dbc71fe9a00dc59a9ca5e3ff550dde35314a7372cafc21e3bafbf9b8ae238acf1aa994fb697be05648974d139821ac454e6d61b1578945659485acfe8781de8232111fec4314687a5ad686f3ae45e459e6307ba38587bc557cd957f89cd96af2a31b770647727698a3222192f1aee796ef9bd5fea8b83aea13814632530c97ac4400c8413b7d6d76377162b93231fa4e940bfd94cb2471024d2904c3fa7f87eabbb2e6ead149f532374e7f05ab8cf1e993ca2ae0d1ffa482244278a5db07a42d031e9eae7a342cbbf98eaa4ac675b081c56fa33f5cb55f3b56de7d5664e4b5e39531d261d5e685aeb77c0f4e7bd774ca2f3368bd1b647a8deb935cabe25a082d29975d1cde0452953342aae554672494b4ffa45bdaff083e39474f2110e363ae6ac8f52f5b825eb06951c2e83b7d8d7b75444bcb4845d02472fa1fa5b99b202f3667e1412771c05d3d70998ed41fbfecc07ad8a9de5fbc8f1b4ff5571886cfa48304e1f47b2e92df5b81bffaaa157eacd3d927dcf0f8c42e98ede057191e141037f72138e917f0419cd8c9c6dd2b31634f365a27abc9d1577f1652a09344f4af7b973d6f5bdd8238028b268d089b9f1b5ffb62a7fd76a8e1677bf6f1fb1ac2b512f789e85f5b9acbc05d423e92476b5c9cfa2ec766f550e8295f733dd2f8860ccc3da3f350275a8d7f4536ceaeb51f6381117974103ed40843a8d2662b4f756907e4076e6e5fb1b5c07ead479dc94a4d32a974b5b8aa57f9572b681b5caa386dea7912c3af9afeea59bf66085bcdd4a575179f11f7454516ab776d4fd00d492eb62e1ef4b05a119da13d4370799def2e058ddb406234de93d436eff5d017a79ba3d05488a793ea49250f3f4a54f6bc00fef687acf09d025ddb553a6e2e34e4994678d48158e15f0cc5d6017878b553527da9b888b22e8d94c739c74158bbbd73846f22ad3c14342c2e061a00f6779edaefe74ac2e70822ff116a83b356738e4226d6f1aa1a641f5c13991ef8a0e2b1a240f8e622909a45be4d168f953b29e3bf6d653b5a34d47b98699c18a56fdd372a08b9c27f17d13997a67409213e269fcb2667fc4ace05710b56c2be8df31d39192332c4d96e02e1d5f84924884f41f65d5bd147eee9d5565187f1663e910d2bfddd9da87f88fec645c8c715daed01b179d7577975088ce40c92bab5d91754d778521eeb3a593ae7fd20fde935ca71bb08b5629ab954c4ca01d67f1c345d04ac5c8b483c3f77bfc223907420502db8a526d9e425e32f4f4d7bafae3d75dbaba059ed92342cd73905d206d58bbb1398e489ba5efadffa827bbb0550c89b6118987dee5d08f0fcf8935f7c135d2297b62c11efc1ebb5e189e78e70c1553dd8d510621b5ea3e2a2ee92a84a03e02806b4f2e9a97221cf3a90dbd28706dd6cc06c9d22f5c78ce724163beaaebc4cabea647cb2c146291e4c9a194c12dcf101bcdd31ffb6891ff9c176f6d8875db4a998b5c24c10bd1b2434f8dea2333a77b6cfbaae93578a98bee44abd8fb10b3f49271709e83b718108a6d37c358aff95b48ffc65328b40db99b3dc9527b56510d1189ccdef5c698d499a0ae0a87bde3586ff14cefdb22a284353acce212d4e9a78de957286c5ae1bdbca66aa2be2f67c7c1df26e2a3e78f62d287465f8f30cee1d8324ca66880c86f486f8c6b71f5a560548f2b6fa0795af6d14c9165fe1e55698b308a44c4e42e5b084e741b86ebb6da22943c71b18777edc42f3d7b2d3bb2f8362bd7e66daffe00cd401fb588e4b7c68ed6a07709351fad3fdb825a31c5e5836187de011821864c8fb584269e0b8cd3323893f6caa0c0900266f992aa6a69057754b1f68c6b8333a5dd0c31a719646558c4a581334f6dfbbce8aa72bb8b2dfa2e0b37a1bf892e4dd935fd3171bc9a09f166e4112a1fde098d9d06b22b99410c3eb2fc78baa879b999f24d7ebea63e303ee51b5f1122132eb5c7be0e8f1a06684d8f5722acefa190228ba0e5622938d2b860a8340247e1d94ca90bc62f2f8c1598dcf7c4571b7ee0eaa1c80f8a3a8e605625a9d2c856336d03f6ee5f7a508802087040b7c6ca25ef431eedafccf0e29b3ad6f653f948a725d70571ad23c8f0b8b6ace6aa10f3e5a9e2b907f875111210b2f13175c091f2cb735e9d4023e19f68ff1d1e3c1cf8e31e56679733b03d4f9b94ea0ebce7e9b1961b18eb7be8d3deb54f94f9b2f3e85c1ea8a0dee09ec0bd4692c95ad3ac76aaad618e0890d1e51ce5d0a7f33f18566c61a4c9a6d3e32961f901f8dd67fd3757a08e3cf4a81d368659af383110258db1c2d32e31c8dffaaa5dd912d1f8e04ba715d00960d5f39af1d8bb9a09dc6ae3d4577e42b1e24237967264f7788c9a557b8fd5ce639bf6161dcb4429ff2cec1a576b47846c6475288bd5155e301f7964d4191db3f44365db47a0ea23039f98602acc0eb101761d5ea8f8f3545f1bda684f5b2a0f000084b6986f8491ff63aeda0564cc41a72fdd8a90b298dd8e8a91a055b8312818962944f2ea42ff979af688013a3a00c90f35c841f4f82b8cbfb677efb56be7cc965105a7dacc1f2fd3a11545bae4903471679eae014a8b06aa396ad6214ee61c0c1b50b8f4726ab0c782aa7777ee8144917488acabbb711efc753704ab3d2724d798c9adc280dff9f6888384e755126393b4aa09b992432ffbb1e51db429cdc0dc3349ff22b18b085d63637e4cf2dc3a07ef58ff499c601c3d2cd7de903f29b56d6d6f32c47d9c993716c8a254c4d200d557911f0e31283a2a4cca24e4094e3797fdb735c98711d6eac8f21d6e0b6b31b2eaa40b8685068214c1ac8fe094cdc0909023c7f5874a770c0b7bf972e6caf5632abd8850d02dc601aa8fb4520dd707d65f699f288f8fa1e6a50f803f59fa37a3d1b7a44910ebd160f02af60430295f435fbecb496539e2538adb6632d35897998734a1e1b1c273281c493b1cbf563d573a585765ad3135179e1f14b8da56de911d2e606ae5a4df71597475ead58cc1687214f1abc8daad3bf559565a12d55ad415e76541ad8f9ce1e03a199f00418e4b669260584d8bf522e30d04c65507ad5f9cf08f92ec0c5eb5d40d11e0dbfb6d0bed0c3dd0f190a034949838835ae6fc9897cf6933bc5b03966f6d683191b97b1e0bdeeacf47623960b7fd8df8133b161792a8150fdb5909b7366f07ee776c41254ddb7cc7218fe3ecf796040e2345af02c726962cedffd71262860ace404a65eb794788cc79cf5ab21b01fbfbd7793c7dffea3fb486c0af1b4a79289ef34d3d9d7e19588f6c138b6ac01bf705b6319f7ca208b6be9ec555bcbbda369142d4591b4f20a42673b026210322ad075d67861ae1ca0aef433cbbc6b7f3d745e0f3ed07d61019a3697d3ed6fa5aafb0ea9e9bf631b309ead7559a63b3e50ec142de6bacd9bcc23161dc633ef626f4fe2f34b3f5ea1593aae454362f8cba2e53ad7113c9b054e402fc9dd3e15f4b85ff61208ce19499b7f941108d166b984476aa7ebd95624492ea13b6528c1af355be44f44c2fc815977c13765eea45d5b2b6c5d418496092cac79ae4b66c1bb4bcfacbb173307d4d2519283dcd0fc3d6274437d8b31d71f9eb13c88637eddb05dbcfa14120bd7c9956baf5b4f9a67d3fe605490e113a3534b3c7c55daa770d68e73409250028428a9fde95ee284d1750fb8bd376c22fa06afd3e0916d16138b44c1d5b373883d8d770745339b2d0b1b775badf653ee58481f39a7ee52260d63733313f1896bebf7b59298f3bdd2f00f05edfd94ae2fbb4fcfc6e23baa8243e1a17e21ad977f3e07b9e74f4d5057f873242b4556d8ced4e417b41db1a6bd54ea07209a98c0331f811bfcaa6dc0e2d55d5365a8c2288fef686457fd4ef4c8370c2f3564b0453d37dc7863f79b09833c634935500d33fb3c2286ee508099842f74a9c07be7234b43aef25b7d3f8998b7a2d9598f538bd613dba1e17a9c97161a8fc59822a34714aedda2da86fcc1da65b44366c881c5f2c9b67699e1d2e14b0a40a37fa416025a4e24a438f20cf15e1e715575fa04b4a4d04bf51c06d79da20e41b5e1ed183788a563696ea3de12833e843828d68c123b1cb61a4ea44adebced2adb34c341ce33dcfc3367a5b2d006ddafed6277e7db615d7170ac63d1aa69e4af7f6141179c784036bbb9b34787763ff75ab59b673f5c71385a111251bf708a1353aa01bdb876eb85830be7d96e123c926e653fc9693d94111b42948e5b30887058520f92719b9b1ff701dd46e52ff687e843635b7b12c8f40f9e81cddef8f59bb33c38ab3c929c856d3523a3f3825fc269d4979d23ce4091ff12154a7d9f9d7ff2df6b8811a52faf4b4602736dfddfaec720301e8cad38f7fc4415fc259389ab1037b60d54b284232e47c147b185a8656c1fcce59aa8637ad11de73d73c3096a30f2211137cc79b29d879fe3a899ef60c5f96f784a0e984414a5f7174cf0438c31224ce897ea04b211c999f3d54690db9b2fd5b46561872838bfcd805a50ed6c132e04c7fa6f89f76f5a0b56568bdee4583ca8ad4a967ef00a9c5b105daaf184b930791eef7cd9e84f9f44bd7eba8c016ef19065ac00cf0acf3aea3a0f7b75bfd57266c935453559b3a43642514b3f9e5e55f6bdb22ceb6ae6e94d77d93911a7f619f10acaa92a72eb4eebd215c76c19c6f883017a1176a4497ae6da51487c56f2f47d57d0334f5c8e998fe63d42fce0d5ab919407f11d83f73884f74b94fa0ee43be0854bb479b16bf3ef2f7f5206c2d06034ea0880e50b018ed85adbd0fa4225e806f020de5755c64e5d60d63b65e2b3b055bce74b982b94082426f9b319b508e89ca69cf8dc4b2eab92b8e1b2a486f2f9b402db51a07b4bf39c7b4eef87445b3f35e81eb3863b512abcbede78c232d20d32b97cdaab7f137631a8f864cd94c64544d025eff9d85ebe7a6d939c2f29bd8fbc9b5a0c22f436f3da237a5be5574632436e99790d026264edca40ed1b53124d5a322a82c6a5f61785d0bc45eabf0f9f7d8326025397149a20d4ee19207c5d917130574be17493fd909b42afeabfb3c8b63b8855a709b0215454ec8ddadacc32cde69574446a9f1317db16c5b34542e54e033fa3011495c48f6a27322ce24247875b9814a8895fedc1be1864fdba0f191b717c950642403522cbed2ba35426bd752ace61604", [[], [], [], [], [], [], []]}, 0x17b0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000001e40)={<r5=>0x0, @in={{0x2, 0x4e20, @broadcast=0xffffffff}}}, &(0x7f0000001f00)=0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001f40)={r5, @in6={{0xa, 0x4e22, 0x5, @mcast2={0xff, 0x2, [], 0x1}, 0x1f}}, 0x7}, &(0x7f0000002000)=0x90)
syz_open_dev$random(&(0x7f0000002040)='/dev/random\x00', 0x0, 0x400080)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x8)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000002080)={0x1, 0x0, [{0x40000070, 0x0, 0x200}]})
unlinkat(r1, &(0x7f00000020c0)='./file1\x00', 0x200)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000002140)={'filter\x00', 0x7, 0x4, 0x498, 0x3b0, 0x0, 0x140, 0x3b0, 0x3b0, 0x3b0, 0x4, &(0x7f0000002100), {[{{@arp={@broadcast=0xffffffff, @remote={0xac, 0x14, 0x14, 0xbb}, 0xffffffff, 0xff000000, @mac=@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x12}, {[0xff, 0xff, 0xff, 0xff, 0x0, 0xff]}, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, {[0xff, 0x0, 0xff, 0x0, 0xff]}, 0xfffffffffffffffe, 0x9, 0xfffffffffffffff8, 0x8, 0x7, 0x3, 'rose0\x00', 'nr0\x00', {0xff}, {}, 0x0, 0xc}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x1a}, @mac=@random="71a533e3e24f", @empty, @multicast1=0xe0000001, 0x4, 0xffffffff}}}, {{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, @mac=@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, @loopback=0x7f000001, 0x2, 0x1}}}, {{@arp={@remote={0xac, 0x14, 0x14, 0xbb}, @remote={0xac, 0x14, 0x14, 0xbb}, 0xffffffff, 0xffffffff, @empty, {[0x0, 0xff, 0xff, 0xff, 0xff]}, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, {[0xff, 0xff, 0xff, 0x0, 0xff]}, 0x1, 0x401, 0x20, 0x9, 0x20, 0x3, 'vlan0\x00', 'irlan0\x00', {}, {0xff}, 0x0, 0x1}, 0xf0, 0x130}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x80, 0xfffffffffffff001, 0x4}}}], {{[], 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x4e8)

[  104.706636] binder_alloc: 9430: binder_alloc_buf size 36034507178056 failed, no address space
[  104.715429] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  104.724749] binder: 9430:9437 transaction failed 29201/-28, size 40-36034507178013 line 2963
2018/04/06 01:05:17 executing program 7:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000028000007a0a00fffffffffd630108"], &(0x7f0000000000)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000300)=""/206}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xc, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f00000004c0)="73797a6b584e3e2f9afed6d0ee3d5d5de2f791e4545b69c564e359a02949ab535c1b25caa665b968d2f1a32e3febe4189befa5f044722bae83e5b6959e392e8d24e41b4ce153c97b5a23e135e38d3b1d14ad7a9eeb7069347fee053569544f1a0000000000000000", 0x80000001, 0x7bc, &(0x7f0000000300)=""/187}, 0x48)

2018/04/06 01:05:17 executing program 5:
syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7, 0x6800)
r0 = socket(0xa, 0x2, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0xffffffffffffffff, 0x4)
mprotect(&(0x7f0000375000/0xc00000)=nil, 0xc00000, 0x0)
getsockopt(r0, 0x0, 0x40, &(0x7f0000b3ffac)=""/84, &(0x7f0000001ffc)=0x54)

2018/04/06 01:05:17 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])
socket$alg(0x26, 0x5, 0x0)

[  104.759005] netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'.
2018/04/06 01:05:17 executing program 0:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind(r0, &(0x7f0000000100)=@l2={0x1f, 0x401, {0x2, 0x0, 0x9, 0x6, 0xfa, 0x4c}, 0x7, 0x6}, 0xfffffffffffffd24)

2018/04/06 01:05:17 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0)
ioctl$TIOCMSET(r2, 0x5418, &(0x7f0000000040)=0x2)
pselect6(0x40, &(0x7f00000abfc0)={0x3ffffd}, &(0x7f0000f08fc0), &(0x7f0000086000), &(0x7f0000349000)={0x0, 0x989680}, &(0x7f0000d0a000)={&(0x7f00001da000), 0x8})

2018/04/06 01:05:17 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r2 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r2, 0x4, 0xf, &(0x7f00000003c0)=""/171)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r4, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000300)=""/143)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_newaddr={0x34, 0x14, 0x109, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_FLAGS={0x8, 0x8, 0x284}, @IFA_ADDRESS={0x14, 0x1, @local={0xfe, 0x80, [], 0xaa}}]}, 0x34}, 0x1}, 0x0)
write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r7=>0xffffffff}, 0x2}}, 0xffffff9e)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r8, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, r7}}, 0x48)

2018/04/06 01:05:17 executing program 3:
r0 = getpgid(0x0)
pipe2(&(0x7f0000989000)={<r1=>0xffffffffffffffff}, 0x0)
sched_setscheduler(r0, 0x7, &(0x7f00000000c0)=0x5)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x4)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000240)={0xaa})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r3 = creat(&(0x7f000009aff8)='./file0\x00', 0x0)
write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30)
lsetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=@known='security.ima\x00', &(0x7f0000000140)='em1vboxnet0trusted\x00', 0x13, 0x0)
chmod(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r2, 0xc0bc5351, &(0x7f0000000180)={0x6, 0x2, 'client0\x00', 0x4, "519957acc6d9916a", "17d6cf9b8c3d9295a098e702b699efec67d3bf7f99ed2269448881bd737d2247", 0x7, 0xbbb3})
dup2(r1, r2)

2018/04/06 01:05:17 executing program 5:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x4, &(0x7f0000000440)=@raw=[@initr0={0x18}, @jmp={0x5}], &(0x7f00000002c0)="47504c108dca991f70bf275537734dc9b547822988af491f8ca62ebbf559edbbfa5bbd76392bd94f16b635dffa14d5226c7cab261fb2b02b956207d6d4b4997f614711ac84f24fdfa10d69e1e19e81f6aae740529b16a695611fa3834ba0ac82223b33d7a2f725bd461977e368f0c19ea50c7585886b65945b8882f9031045af576d3fa812d92018698b9313c4f50cfc08dadb499a194042d0518b8d8a43210b505f8bfee43ec7879cdf9e6594d52e35421ac22faad93c58f9c5bb329284d122de33212b8531cdcbb5764103f663a354f00080f1fdd9eb56a45142cad9982502af99552aae7eb7a8b9ab24dcd26cd6b923c5d9b94d10943238700894f7c7e1622716d34921b48bb473e7a400b1f9388deb499109f41d33dab7f77d4b16eee7bac5e1132024664d7aa66fa028255283b44cb2a279f81c7abf4ea1cf79c5fe9927cee51ad482474478b6b32261eb7d024646c614bd7affd74c0df38b0af2872a843eda9ec5c9836591e944fb8578a31df094c7", 0x1, 0xaf, &(0x7f0000000200)=""/175, 0x41f00}, 0x48)
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xfffffffffffffffb, 0x44000)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000040))

2018/04/06 01:05:17 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])
socket$alg(0x26, 0x5, 0x0)

2018/04/06 01:05:17 executing program 7:
r0 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x6, 0x80)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000140)={<r1=>0x0})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000200)={r1, &(0x7f0000000180)=""/91})
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x400000, 0x100)
getdents64(r2, &(0x7f00000000c0)=""/9, 0x9)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000065000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000402ff2)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000000f06fdff0000000000000172d5d1301a308b6b95eae33a750000000000000000000000000901"], 0xfffffffffffffcb0}, 0x1}, 0x0)

2018/04/06 01:05:17 executing program 0:
r0 = socket(0x10, 0x2, 0x0)
fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000040))
sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x321, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'syz_tun\x00'}]}, 0x34}, 0x1}, 0x0)

2018/04/06 01:05:18 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x46, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

[  105.056410] binder: undelivered TRANSACTION_ERROR: 29201
[  105.131262] binder_alloc: 9498: binder_alloc_buf size 36034507178056 failed, no address space
[  105.140151] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  105.148903] binder: 9498:9499 transaction failed 29201/-28, size 40-36034507178013 line 2963
[  105.177593] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:18 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x5)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a060000ec04a200000543dfd87c5800004824ca943264008900050000000000000000048302000000ea000004000003d46b05a38100000010000100070c09040000000000000005", 0x58}], 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$KVM_KVMCLOCK_CTRL(r1, 0xaead)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x87, @remote={0xac, 0x14, 0x14, 0xbb}, 0x4e23, 0x4, 'sh\x00', 0x20, 0x1, 0x44}, 0x2c)

2018/04/06 01:05:18 executing program 3:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
r0 = memfd_create(&(0x7f0000000000)='}\x00', 0x2)
unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0)
mount(&(0x7f0000212ff8)='./file0\x00', &(0x7f000001c000)='./file0\x00', &(0x7f0000982ff9)='mqueue\x00', 0x0, &(0x7f0000000000))
getxattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=@known='user.syz\x00', &(0x7f0000000440)=""/224, 0xe0)

2018/04/06 01:05:18 executing program 5:
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff})
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setpipe(r0, 0x407, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x101001, 0x0)
write(0xffffffffffffffff, &(0x7f0000fe5000), 0xff0c)

2018/04/06 01:05:18 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])
socket$alg(0x26, 0x5, 0x0)

2018/04/06 01:05:18 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x49, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:18 executing program 0:
getresuid(&(0x7f0000000080)=<r0=>0x0, &(0x7f0000000100), &(0x7f0000000140)=<r1=>0x0)
ioprio_set$uid(0x3, r1, 0x2)
syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0xca2, 0x200000)
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000000)=<r2=>0x0)
r3 = syz_open_procfs(r2, &(0x7f00000000c0)='net/udplite\x00')
r4 = socket$kcm(0x29, 0x2, 0x0)
dup3(r4, r3, 0x80000)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0xc)
lstat(&(0x7f00000002c0)='/\x00', &(0x7f0000000300))
getegid()
getgroups(0x40000053, &(0x7f0000000380))
syz_fuseblk_mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x8001, r0, 0x0, 0x7fff, 0x7, 0x2000050)

2018/04/06 01:05:18 executing program 7:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, <r1=>0x0})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
ptrace(0x4207, r1)
waitid(0x1, r1, &(0x7f00000000c0), 0x20000008, &(0x7f0000000100))

2018/04/06 01:05:18 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r2 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r2, 0x4, 0xf, &(0x7f00000003c0)=""/171)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r4, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f0000000300)=""/143)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_newaddr={0x34, 0x14, 0x109, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_FLAGS={0x8, 0x8, 0x284}, @IFA_ADDRESS={0x14, 0x1, @local={0xfe, 0x80, [], 0xaa}}]}, 0x34}, 0x1}, 0x0)
r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r7, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:18 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f000039c000)=0x400000000000001, 0x4)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f00008d6000), &(0x7f0000bd4ffc)=0x14)
getsockopt$sock_int(r0, 0x1, 0x3f, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = dup2(r0, r0)
ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000000080)={{0x3000, 0x0, 0x4, 0x1, 0x2, 0x8, 0x3ff, 0xffff, 0x3d, 0x2, 0x200, 0xfffffffffffffff8}, {0x1000, 0x4, 0xf, 0xffffffff, 0x400, 0x58, 0x80, 0x9, 0x59, 0xffffffff, 0x7, 0x3690}, {0x6000, 0x4, 0xf, 0x1000, 0x7, 0x0, 0x0, 0x1f, 0x5, 0x6, 0x18c, 0x6f5}, {0x13000, 0x0, 0x1f, 0x80, 0x100, 0x6, 0x1, 0x2, 0xffffffffffffffff, 0x9, 0x1, 0x8}, {0x4004, 0x2, 0xf, 0x5, 0x7b9, 0x1d1, 0x5, 0xffff, 0x25d, 0x9, 0x0, 0xaf}, {0x0, 0xf000, 0xa, 0xfffffffffffffff8, 0x7, 0x6, 0x1, 0x0, 0x1, 0x80000001, 0x2, 0x1ff}, {0x0, 0x6001, 0xe, 0x6, 0x4, 0xa8f6, 0x1, 0x100000001, 0xff, 0xed00000000000000, 0x9, 0x1}, {0x7000, 0x10f003, 0x4, 0x8, 0x200, 0x800, 0x2, 0x1, 0x6, 0x1, 0x2398f6cf, 0x3}, {0x3000, 0xf000}, {0x10f000, 0x10000}, 0x1, 0x0, 0x115000, 0x8, 0x1, 0xa000, 0x7000, [0xf3, 0x5, 0x8, 0x6]})

2018/04/06 01:05:18 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  105.932358] binder_alloc: 9518: binder_alloc_buf size -4183844053827190712 failed, no address space
[  105.941699] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  105.950500] binder: 9518:9524 transaction failed 29201/-28, size 40--4183844053827190755 line 2963
2018/04/06 01:05:19 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000003c0)='tasks\x00', 0x2, 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x7})
readv(r1, &(0x7f0000000300)=[{&(0x7f0000000000)=""/5}, {&(0x7f0000000240)=""/188, 0x6}], 0x1000000000000274)
r2 = dup2(r1, r1)
setsockopt$netlink_NETLINK_RX_RING(r2, 0x10e, 0x6, &(0x7f0000000040)={0xfffffffffffffffc, 0x1, 0x7fffffff}, 0x10)

2018/04/06 01:05:19 executing program 7:
syz_extract_tcp_res(&(0x7f0000000000), 0xfdd, 0x5)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x5d, 0x3, &(0x7f00000003c0)=[{&(0x7f00000000c0)="4b2fdc0ac9fabed9e4261cf0f405addfc113dc0ddeab4c3809d5756b5028cb8dd3d2bd85152fc5ca9a8cb439d635cd3a15eb7d1a2737b364621eae15bbcb32895d9ff5d42e6758672041894565461df539bb6d83a8ea3caffe124b43c57769ffdecf31d5bb8d4462cad0d94b3568f20dfef7830b7200574ad50aeb9674a608886ab5cabc261429152a053d4d4143107eabaff73c365fc70cd730e1cf36329e0bffea0deda38d77a24e6cc5b88053446b1339478feb831872a3184097eb83913490747603ab9ea40c57c6bff74045069af0e7802ec26bdcc7cdb6a50b554032f62f3bda4ca688821749", 0xe9, 0x8}, {&(0x7f00000001c0)="954e987e1d2ce9c4f1afad2be6af6a337651ab8831f6791bbb7a7bd417179b9d1a272c5abd0696f9a930c64e2cafed30e166d48d4975b33e12f57fcf2adb3ba353dd0375811624cd4ff7b0de820432adc9468fb6b60fa8ba1591bb6d9ccb29c0efea7b5bde906c22dbfd373b016a645ef9ece21dcab6025564f2e5e52817b6c05d3a241b0300ee345818434d8cdedb4efe6f3e1f845be39552a32fab93739b1c3736687d7f5a8dcb29f503e1374c3e5b13160eda0fa42d9fb06097636a9136b4ad97596555c894cd2ee44ea1e456a5eebfd2f205d91f025fb30e8d6f53a3b0a5", 0xe0, 0x4}, {&(0x7f00000002c0)="4fd7f48b6fb204319df1a00cc5b8b148f2f7475db899e080a40465f0e3b85c612e17375438c3777c5bb6ae113f58ec1d0ae15521d1bffbe8db24431f3586fb4f46161a5bdf16dd7111994d8c56cfa48bf36d3be93a8f1513a50f136cb9f75c59cc0e6d8b2438374be5877211998bec7ae9c78e45346028991ccb24bc0a8543d9e484f3dfad80061a1c120b1fc78524d94f460601192730061844200cc8f0fc75033b5e3967503651e343942ff8aa3132c6b9cee5cc7d24c1ac1664e9ed5947bb0e48f7705145665fa6257ad62c3dace7b2f5ec6b", 0xd4, 0x80}], 0x1008000, &(0x7f0000000440)={[{@sysvgroups='sysvgroups', 0x2c}, {@nouid32='nouid32', 0x2c}, {@nouid32='nouid32', 0x2c}, {@nomblk_io_submit='nomblk_io_submit', 0x2c}]})
syz_mount_image$ext4(&(0x7f0000000480)='ext3\x00', &(0x7f00000004c0)='./file0\x00', 0x4, 0x6, &(0x7f00000009c0)=[{&(0x7f0000000500)="4d48b2ecb656fd78d9774c34bdfa24e3faab39108d59d34b00fd6502f9c8bdf348411b9c500401ef1010fecf783f87cf121fb0034ffdd05bead9d165a319f144cbc0c6cae858cf446f357c846d6168aa7e7910b4b79638319af4536de11bd7562277ab89340d85921067bb3bf28f45e456469b3f4f46069ee5dbe458699a8a0f902b7ad50a8fb6b8d53edb763b711a1093cc931dd0443c7cbcf5a0ff6fb4c597a2b7373a387a848cbad3f977cd4f45d71d36faabf59a1265b0b31531de09922c71f4362197a579c055ff15b17ec44e81576f765df3a0", 0xd6, 0xffffffff80000000}, {&(0x7f0000000600)="108f1f960ff5310bce18098ef223a67fb3abdc632078eb4e47864f45ce83a8d5f2dfa25871b898cc2f0f16650fdb4c4978b29c47222ad5da585b6ec9ef64698d987f17e26f780bd92ed8cc265a06dbff0a31a45431ab2b14a61db0c05f66dba91906c7cc475db45299f0b707b5b445fe47e9ba7f99bcee32ef46cee98b12dcb50c5b2451a0cbdc820d8172e9dedd931f08f31418b84eedbfce8407ae18f48b6fc6895aab8c2207a368ccfc1338912d11066b47da8c15637cd4c3b694fc48fa6d03ecb70fb252563f8bc3d210fcdf859236a83b05c491081f1080270ee3b15d65597c2d4a6665ecf76c32bf21a156", 0xee, 0x3}, {&(0x7f0000000700)="48ba2291f4aa1c8e5be5dfece79d2294326879e47d4d7469038633e4082da22bb6d67b55e41d5f0f8f0c4bd786cbeffd6fe968e8c44bc1ae7f36d4de26d52336886962c9fff6c9e54bdc59710b24c800300f831d9666a3663941aacfed3ea491b99cb6b7c0e1ce", 0x67, 0xc2}, {&(0x7f0000000780)="3922b53dae0e87f94d820c41058b143d5a49118cd635a6e74f06724d1c4c909ca636efb9660b669303a78536bfafb79434dff99f28830be674e2a79a87684a0fb169bc50ddcfde83d626577c5b81e6395dfa8af2638d419e62b7528271ddc73212c2e5e4a7", 0x65, 0x800}, {&(0x7f0000000800)="eb7cfd6bc7498b87da80163ff117b6dcb4ae53c43ad2169a2f773c630172f742bba0186c99ac6c8add4716178a3ce027d20a8bce72d870db66328592c9cd00f080b3313f6477a4f6a072ed73d9b74bca86c065dc64305b0810b816d6dcdf5222f5bdc59bf20afbce987760f38d89c800501b0c44cd2de2221eff0b7a640f2adac87a9a25f4d1b2ec0d0c8a7c191830ba5f0cd5b487eba784d0c96fc1db385902cc59d685", 0xa4, 0x7f}, {&(0x7f00000008c0)="d02be133e52e6cae12e1debce54c0cf62b52bcc5cee8d7bed10cca11c2792f83681013ce3fc69a04adebd2cd005031417abda7a4b90c9e405c94d0f6fa7f9ee33d0201966249b281bbafdc8c5345495416fc50c95b9747cbceb017d3eebbf3cb4dde14bdff10ce9d36a4cc99084c69f41d8537becfc9c70c122891e41f362555588de1bdcb154ba58ea150d457d95b4ea9b84ee7921ae517e3d554459e1dc782dbc33a03dc37c3e492bab730b97383e9525e498172c1c52a6e6d4f6b8937c7f9883a44ab9f2207", 0xc7, 0x4}], 0x0, &(0x7f0000000a80)={[{@nombcache='nombcache', 0x2c}, {@journal_path={'journal_path', 0x3d, './file0'}, 0x2c}]})
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000ac0)='/dev/sequencer2\x00', 0x4100, 0x0)
ioctl$sock_netrom_TIOCINQ(r0, 0x541b, &(0x7f0000000b00))
r1 = getpgrp(0x0)
timer_create(0x2, &(0x7f0000000b40)={0x0, 0x38, 0x5, @tid=r1}, &(0x7f0000000b80))
setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000000bc0)={0xff, @broadcast=0xffffffff, 0x4e23, 0x3, 'lc\x00', 0x25, 0xb1f8, 0xe}, 0x2c)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000c00)={'rose0\x00', {0x2, 0x4e23}})
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000c40)={0x8, <r3=>0x0, 0x10001, 0x3b00000000000})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000c80)={0x1, r3, 0x1, 0x1})
r4 = creat(&(0x7f0000000cc0)='./file0\x00', 0xac)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000d40)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x40000010}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x1c, r5, 0x800, 0x70bd25, 0x25dfdbfd, {0x8}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc1}, 0x4000080)
ioctl$KVM_PPC_ALLOCATE_HTAB(r4, 0xc004aea7, &(0x7f0000000e40)=0xa2a)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000e80))
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000f40)=',^bdev]wlan0\x00')
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000f80)={{{@in=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@remote}, 0x0, @in=@local}}, &(0x7f0000001080)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000010c0)={'eql\x00', r6})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000001100)={<r7=>0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000001300)={0x6c, 0x0, &(0x7f00000011c0)=[@free_buffer={0x40086303, r7}, @decrefs={0x40046307, 0x4}, @increfs={0x40046304, 0x2}, @transaction_sg={0x40486311, {{0x3, 0x0, 0x2, 0x0, 0x11, 0x0, 0x0, 0x0, 0x40, &(0x7f0000001140), &(0x7f0000001180)=[0x18, 0x48, 0x38, 0x48, 0x30, 0x20, 0x38, 0x0]}, 0x1ff}}, @register_looper={0x630b}], 0xa6, 0x0, &(0x7f0000001240)="f54a67364e76d92ff9b74bdd1ac4d0fa38c70ac7f7d299288e6928b5091af4554d3d4815975d1d432841c1b80a6519dc8c115db796b5fbca82b56a43d0d4a9196e6310b38a8ebd2dfb621dc9261148ae8ed08a45be784c0a0b5296890bb38ef023cbe828a4bf582852d2eae8d933333e9f6db6a3a66b4c23e1d064026a2588da6210d77750514b4b8fb07cb8e38fe5477e2eb541456e22e481d48ba4361d5d0b0d529a69d535"})
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000001340)={{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, {0x1, @random="6e3a8465b3e6"}, 0x50, {0x2, 0x4e22, @rand_addr=0x1}, 'ip6gre0\x00'})
getsockopt$netlink(r4, 0x10e, 0xa, &(0x7f00000013c0)=""/4096, &(0x7f00000023c0)=0x1000)
iopl(0x20)
symlink(&(0x7f0000002400)='./file0\x00', &(0x7f0000002440)='./file0\x00')
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000024c0)={r0, 0x28, &(0x7f0000002480)}, 0x10)
ioctl$LOOP_SET_CAPACITY(r4, 0x4c07)
ioctl$sock_SIOCINQ(r4, 0x541b, &(0x7f0000002500))
ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000002540)={&(0x7f0000ffc000/0x3000)=nil, 0x3000})

2018/04/06 01:05:19 executing program 1:
r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x3, 0x20000)
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r0, 0xc0405519, &(0x7f0000000040)={0x8, 0x6, 0x1000, 0x9, "4c0d174c7858c1b06e1e88ab2014ee08fbac55f9bd6b4afaa4e5e88860c073645e79567cda286d189ddf443c", 0xe98fd5f})
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000080)=""/254)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000180)={0x9, 0x1, 0xffffffff80000001, 0xbd, "c9a98aa1c5750dbc1f43f64b3966120d8d8f078020728bae3ffb0e6f115c3bd1d0707727515730d4935acd8a", 0xcd})
ioctl$KVM_GET_FPU(r1, 0x81a0ae8c, &(0x7f00000001c0))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000380)={0x40000000})
mq_timedsend(r0, &(0x7f00000003c0)="383dcad2fae59c3e3b63931452d65824e94fb90308c3558bc1e7638b16af3966d41d40f5112a7d4fd7948fb4b4575d4d712e06ac5940d90a78e7c1cbf1e6d47b798ef3c7c62437f8c77f87e0b6035914a786b128a0b6055b37df04726706f26fafbd09fb5d3d211388d57fe7b8b83038cc0f5f97f2200308c699aff1dde398f1c5fc07ee85a3f7886caf5a61a38b152792c72baec9cf8e25fe54340a374e181c297e39472bd03c4527b9ef00e71cc15e", 0xb0, 0xaa, &(0x7f0000000480)={0x0, 0x989680})
connect$bt_l2cap(r0, &(0x7f00000004c0)={0x1f, 0x9, {0xbf3, 0x7, 0x3, 0x29c380000, 0x43f0000000000000, 0x7}, 0x8, 0x9}, 0xe)
connect$bt_l2cap(r0, &(0x7f0000000500)={0x1f, 0x0, {0xfffffffffffffffe, 0x17b, 0x2c, 0xc000000000, 0x5c}, 0x6, 0x6}, 0xe)
syz_kvm_setup_cpu$x86(r0, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000580)=[@text16={0x10, &(0x7f0000000540)="0f011f66b80500000066b9070000000f01c1b829008ed0ba610066b80000000066efb895000f00d066b9940800000f32b8a3008ec80f08eabd00a5000f015a0d", 0x40}], 0x1, 0xa, &(0x7f00000005c0)=[@cr0={0x0, 0x80000010}, @dstype0={0x6, 0xd}], 0x2)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000600)=[@in={0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}], 0x20)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000640)={<r2=>0x0, 0xa2, "4b88c61700d1b0b29ea215115a4c5553e86831a55b02b700740a2be96bdf690361c8b09e50f398ccd59282433291d861d12cd8ad7ef1af947a29918d6726d812d9b4c7b2c5e26ff0df548d9f3db80fb4e3a6e0445649f975fed7a474b86636f54950a19ddd615a61574e2ce3b09e3c8bca78ce4b55e058af601e70f31cf8c721214cd64b12a07513c719d55a1b5c5b778589ae909293a46fd721ab7c02180e11f896"}, &(0x7f0000000700)=0xaa)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000740)={<r3=>r2, 0x2}, &(0x7f0000000780)=0x8)
fcntl$notify(r0, 0x402, 0x1)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000007c0)={r3, 0x6}, &(0x7f0000000800)=0x8)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000880)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f00000009c0)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000980)={&(0x7f00000008c0)={0x90, r4, 0x20, 0x70bd2c, 0x25dfdbff, {0xb}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={[], [0xff, 0xff], @rand_addr=0x83}}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0xffff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7fff}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7fff}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'lo\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x80}, 0x10)
sysfs$3(0x3)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000a00)=0x1)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000a40)={r0})
ioctl$DRM_IOCTL_MARK_BUFS(r0, 0x40206417, &(0x7f0000000a80)={0x5, 0xffff, 0xda4, 0x10001, 0x1b, 0x3})
ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f0000000ac0)=""/31)
ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, &(0x7f0000000b00)={0x3, 0x100000000})
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000b40))
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000b80)={r2, 0x5}, 0x8)
r5 = dup3(r0, r0, 0x80000)
ioctl$sock_bt_hidp_HIDPCONNDEL(r5, 0x400448c9, &(0x7f0000000bc0)={{0x2, 0x9, 0x7fff, 0xffffffff, 0x1, 0x80000001}, 0x800})
ioctl$sock_inet_SIOCDARP(r5, 0x8953, &(0x7f0000000c00)={{0x2, 0x4e21, @multicast2=0xe0000002}, {0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x0, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x15}}, 'yam0\x00'})

2018/04/06 01:05:19 executing program 3:
clock_gettime(0x0, &(0x7f0000000000))
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x34)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/qat_adf_ctl\x00', 0x8000, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000002080)='/dev/audio\x00', 0x40000, 0x0)
connect$ipx(r1, &(0x7f0000000280)={0x4, 0x0, 0x4, "d7e7d4e0d43a"}, 0x10)
r2 = syz_open_dev$amidi(&(0x7f0000000200)='/dev/amidi#\x00', 0x5884, 0x80000)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001e00)={r1, &(0x7f0000001e40)="b82283392dc55849d2f5916ae2fdc24e95e12a06000000393e72be9cc66f"}, 0xfed7)
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x21c}, 0x2c)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f00000020c0)=ANY=[@ANYBLOB="1800000800000000000000000000000071100000386dd46200000000000000009500000000ff0000ca1233c30cbdff8d6fc3d1a40508c4d225b85f75608467efc9ab3568344ea0bc77f97515b8c09ac1a7031ba31df1339e68f5f11ec486000cd0f44ab7aa68648076ed9dd00d4b5df1424314ee6d52fd295f688f26246e"], &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000001f80)={<r4=>0x0, @rand_addr, @local}, &(0x7f0000001fc0)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000002000)={0xf, 0x3, &(0x7f0000001d80)=@framed={{0x18, 0x0, 0x0, 0x0, 0xab, 0x0, 0x0, 0x0, 0x20}, [], {0x95}}, &(0x7f0000001dc0)='syzkaller\x00', 0x9d, 0xf8, &(0x7f0000001e80)=""/248, 0x41100, 0x1, [], r4}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r3, 0x35, &(0x7f00000000c0)}, 0x10)
sendmmsg(r0, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000003c0)="0eaa5b4e82de6c921a36aa0304273ca8109559244990880c4c02e52d3cfc64e231c04d802b119276a56a942a68fcd9f0d493ae69bc892baac52188beab662df6e6f661547b237090f2c28c25749e77f4886de05a5144a0c89e75c59e9c", 0x5d}, {&(0x7f00000002c0)="b839fe32cd5b11ed27b7494dabc3c17f3ae2a61e23de46f16d63f27569ac7017244a49d5d7d2736f3da2ff085474c9bd29c187ced275684a216640", 0x3b}], 0x2, &(0x7f0000000480)=[{0xc0, 0x115, 0x6c06, "ea2daaa4032e2e4dae835cea39bd4e7f5adce9bf6c8485ed9c71e3eee04f9409178a6911a5162523801388e357cb8ba6f1c557cc06b3cdac58552f3f58c664473a761077993d444a48d1d110c436c6db0dea76073006c887fae3dbc89bee2879a9a0af36281a86441161f43e6e45405199d097266d6bc42ace08d7469022d7f0fe84ca716a32cd2313e46e2fe01dbfd2d1ea010a2f8479f7380d6d91a8391a9259b0b7735880f1f5480e6d17bee47da7"}, {0x1010, 0x3a, 0x2, "c49b129e3fc66993b767593529328ee3cb5fc4662dae01e93223a10c28b025c144749d3b56a63e6c4f8fdd79dbed6c30b3659c774d15be0b9933b1afb437a15897d3522663aec4ab35f2df8bb29bc980bc864786b5b61a7f7844bc461390495eb6cb107f6193f169b35137ff0fcbb941983ef03fcd3ffb003b9b588bf122ff5f752b3c6251e33df787af9561a85745e22865dfa897c68ee45d31a941fc08577d0bdd8f1052a589adb1f07ecc032b81e77044602f8ab7d3ae11d4fdd7e5927fb9261ab5d82fec446c3dee89590cd4ba1beccc5d479df3cb3ab62f32d5eba9bac1e3f1b98cd25f02f740c35b0bddedf324d15844e352472e04fd433161b58e9c5096904b8350feb4515a36b90fd887c9b4780d2b9bab8bc94ec0f464bd185bf3db64f77157dcd21996139b207afdfc44d42a01fec9e51cc8c72bfaf50a70c1e3ce852e890d083fd74b310dd228a33ca481b2e918f3ee02238949d2c91b43eb9afb4e179835ad6dff672a3b063c81f5366881951202ecc48667d360c24f235a148e196bb15f7d703f0354af6416b5b3a9ce32ea938783b823eec29228c8863ee3d2cfb20f026d47b0bc8f0234d77049b6dad9f5164d5fd1ff6697715c0352f0c7f2ca5e25afc393cf5e17237a14fc0913934209728163d5dd09c40af43c26b82c104b2b2523ace52d414b2ec8701a35f18b93f4b6ef53ae6ded6e47f462d465e8d6009af4320bccf1cfb4346c4ce7f99ffe45d4ff90c4a19884e980a424d40256d18bbf9e4e729b8a4e19315f968a3c6ed74a93d78e16afa404971ecaa4f4f4345242bca938e47875787f9e5275fc6509f13b9ced6d8aaf960add043d495dfe90681cc58857ba5795dbf1a208f34dd2cf655b127ec5e3af56328bcb472eeda6b77add1fd168a92b31d5f6b0d99d3c8f8bc7f4b5e3fe743b7bd937065e194d560c41a18510f735476358e0a21dda644fbea0591738c5b887c729014b484768baa86da6ea7578e0513bb3b8ce706ccf0b326031bb9ef2efbf930af970ae6c37fc6888be7f6cc364a1cd65b95a6b9c936b9a55752ad4bce93bc98a72f470c47971b2fd6922050894dc5b1fdded14f78d554c581b61c97eeadf7b03a4b20b51df67b3c618fbad2e7d080ed57372dab0f98f1e439ee9063b413dd6417d4c074a4045fd51c90320aaed18a7e5c7f22aa791e71906ab879ffc7f127c72bcb100070498b6a08287203d6c3e00f040971316d126b30876486033e283a656cf555f204e41ae335ccc6a5b98fd456acdab46452b317be27bdbe9b68471f35cd0ecbb4a5e205d10f67ec3eb3e4c87ade70a2f0156f1d7be2bb978fff959d1ac2aaabd61c6fe4b0cb8f14ce632b8eff2640888c93d9e222903b8ed613c67b90e147a1d94c6e39a4bcbe21b1b632fc3e8b95e86631fe1ca9b725206ef7b878f8ff7e122f1db773e6a07852d42049af8598ca6cce00e2f4c8cf2806f65da9443f2903af066e8554817b640108d12b93d93261fc6085af2faf5d08a7c11045b11d2e067af0169259f696fc30cb3206f7f216f46bd228031d1904680f273585a06152cbb54fe0d7abe19a09fbaabc871e231a629fee701a396fb748117e4df04c3e971e5bce81927f83fc81496d2cf6dd2c0882fecea5cbc18f8c6345b810b3c01dc89974f3b396083bd9e2513cd2efaea73fb2361b7af681199ade3eb4d9bd45665b124548c00e659f484b41032578f34c24f329d0b349564a71f36b6309589ea7abeac377570f418ff49d421968d6e3cafbeed175a2451ab8f01afe19057df08faee1878d3b92b236b2083493c37dee0703115bc874199179781404ae6cacbc3f9a5d5ee349bb69cf27767f850b61548fbc101a6bf721ab579d35433004ca5c33703d48bfd04c37bb9753c4de1b2d1c0cb2d4b04426c047b15944380f6eeeafaf216e00b3694332e3bb34b888750b47ae30241b2e2535ad2d97b6a1da48b437486e3b27ade4eb46aaef722b095edeeda365c4b95b577376a9628cf4fd810a5af500c907a2c305a0ee2fbe6de499ab222c9cfb33fe12253662e453e2193e0ab6da725fb2a654f66089420ce21588c9cc597fcc53b25b2b3efcf3ce4e7f3b6fde60418af53eb4ce3c8c0748a924e2edbf4b82604f162a6ecd794db328aa60781cb0d9b7a38767a8262a10dc49a1fddde8cef051e19cec490ea4e2598824296088b0b1aef7782858da6cf88ce267c9eb9bd28022d9e2cd2bde0a0ab64c935b770235c75de956ca30c66815bee6f962f0f8e7d968937abdfce5fed0b7c2cc9694261b7ac503ddfb9ab6e829ac1868490e6438699e2c11a65e0c021bb23b0631c93a60a1df3a89b389b7288198bf72f5ec9d69aa5a9bad5d049aa3b397333b4f0ffc1bb9e0b4cffda17a1d95a34826f4890c71f96cab3fa5e01ea5562ee5a36a4a0c74e8524b14d5be06c07ceffeae904c2dc13d024e32c09e5627d1538b3005d4f86367cb8ad544dabf2b7e3d3b7b76188be6f330499b0a865db8ff5cf0b9d8b30b77d50753f2bc22aaa75baefffb9a0f1f4c630fd31e8de8b1b0f85f91235f434433d1459aa1ab41e846e0236cbd9d2cbcbdb3eb7faab18e934c6053ffebc0689347bd539a20f20ebbd2974ccfa57a3f420e24a8c38b9be4e9c67303d7fc675370a7c950e5cf0d6023a7f7154b863a849b293cc68d77e79d142f0c2e4a7505054e0e85c87175cd002d23789b4736778648e680bc3b31ab5ee1545dd4c8c44d52200d96e30a7be994c0220788655e586b0caee06a34eb903552c351dda2a71594282ddffa100472e8d3d9ea0eb75aaea1e83ca90370705a72dbae871eba3752d7848bfc64a0232e17494599fc5cda0ef3886e282126d258bb7411a8733abc85d10d8ca00ad30c90ab747d775d318a54fadf987308f57627e2959efb3db83df650d981ac25a62814ee7203cdea6519ed2b9cb3f024f7e5dcda4edc153ea2a81d7b8cfe48a92a3468ee0aaa950978d2d97fa415a80c79b49fbf880995cff7302d86e01bc5c8202b33b20f0a92ccb5c5ca50227109bafdc2181c1506018f3974f6c3455cc8244eb5d0b20a0cabee96146090d7de216fbb4ea1ab1a37d9c53e92bd79bc00346a13056271b6f70344de3bb54639f9663a6db868df83a0d9ca450be27e768773e4383086471d8c6f7a35fbb579dc91cc0c0bb6627eeaef8c1514e913d9128a1bd38d33fa11ab6d473691b013e0413ed698020d37b8cafcdcdd27abea0b0f325eece12483c2d919b4f09a2f358242f6f94b3a88ecbf50ca9c6cf0abd4517fc7eabe1ddb243eb3027ee9ec587a14121683ea6876c67b065357491a7aeed58f048f7b0a3cb08c05cd1940aa28c0a952703e823424cab6a6fa0785c34195d4f7791d0c0f25e74a56d3b885cb913f4cd3531b98e6ae13f573076a23e015090e8403b6945c9913f06305397e4cc691a380f93847cef034740e6a509bda567cf3e89521bb80ad4d6d7db174a97aa8d1ff77d0a907f5befa5c383a0aeb41359f35fe035a4c097b289c878ab625508f808da7a35df16c2fdd9a7619bab9ef3af0f388525a3d81d8c69fa2638ad34b9c6f6ccf934657052882db660932000adf1243fde811e113fba1f7eac285422b8006e6a9ef9c93c88159e6862af767a7afc36db022f1195fad61c0893ac943b7af5dbc9e18cb6b2e685e0fdd3a2139213f200ea01e8b341d868e0fc0904fb423296e6743a725b65d52f834adbe30440d3ff9ce36027b119ed4d03f241e574910184c657d6a82127237187cd9521160b3b1e218de7f88c1c0fb8c85f930e1df4ddd30a5c28438ae8a397352dc7833ec165a422e91c992528c27ee3f2e9373d97ea3d6211980a19b70206cd57703717bd9a82fc20b3da8d9332970f956db06b0a10b85b1a6f7be580e11873da29919ef9a4752c5da6fc79cb73ce1d797120850ce5fdbd8c1b9c2057c2373e0c77c28b96609162b6cf40d695c67aa39d2695e004bb0255c3d64128fa98cdb2598b48cca4e1e0e8d7e1dd3d4c45ed86762f5a53d635d299fff7c3f0cdfb21c5ca0155fee3cdb787046a9ec589f2879f96d1470b2f9452f613d86b68d41454f490c9d7d77600d247d99928416dad125c15e62aeda7332b24cc52f4da59a8b9430f9c07b47e4e479bc3d58289ffd9665db7f583bfdc93dd5f43f6269e138877692e9508a0c4a2ca2bfaa520f32db4ac5891fe5b8ee04d703949ed05bd68746ee85392629372b0478cdaa269cb0c1576ac3a92f993d0d18e5031526d68f77471ee400c10ee6d5ba1a19b55d8c1af12201fa32dc0756b63bead3bf12b7969ceba0e041f7bdd2a74b43b47df37552b2c980e1923c25a36247f89e0c160c031846c3d273dd549f45daf6135f97a01bfac21962b04ee9dd59ce9ba620cc1f3ff4a1f94e812daf94685450b1f249b9b0d5a641beb03af8ab8a9c4838039cf0f17121f3e002af247b920b891d595f67da88e33d2a0b81ef990766f3de5d26265ca834b7bbfc45ca468a46a0727fc648ad530c4c2d6bc30432e742a107d508c347084b96431590815d3cf93c8612ba967777b68737333914ad25b883f656d0185c95c37f63375039b61e0ea5399719e1eabb577602a3806f495f6779e6382c490ee7e9c43415ca804cfeef31b382ade8978b03dd1824e2904cb4066fec9dfdfc06546474de6276c81db0f85a8cad517533be7b2acf83c5d13c767d7c5d452f9ee5731faf07f503b7ff4b920a03dba4ef3f3c89401abd7a9df5aadb9c9d0b1defbe3d820fbbfbda3e8424ac947615f858c66cd6899060897e7de4443d226bb45f35d44987093ae8f45ea490c7a53c10f65d692b5bd65950bf703bb767b6816bdf11575418d5ee985c3da705e461fc30fafabb709c2aa191732da3a3d69ffeaec3185f7f68fc42cbb1311e6fb2e7a1b151626f8245036786538aa25c6a7a0cd947e7bcb6ff93d4a0a074ba4a261d88eae6f33dbb94ddc5d62abcf8d04b7a68e4cf8c664f886fd32ed8543dd923a74e50cc36a54db5439c41b8498ad4e36115ec8f212ef196b668aeeeea6966b60a4e9d20d74119ed94c41b54ccf4b49cf95cf927fc8aad0053f5bd0cfc40ff4b1683e1d0504cdde348279e40b51820952f2aa23466765b7d40dbbc6163bfb4f551fa9738d0e04f7c4297f320f4b00f804388cd8ef5b21db6cb882e6c15b93808ab25d107020f653b1945609c56969d3ec3cb38241e942d0ddfb3adf0054b21dac75e2187c9d370b6d924d875a5fc42bc153e1b60ffaca4bf2d485125eb820465d8d9b85f98bea12e19273b673bdd56a7c674a2b2d284636247a28c01e5962b79b3d964a3c0caf9e10b15b449b7dbae188343bf478f27e5678123902ca4f39942bb30a1821298b27cf432d761cf96eed0f8b011a7d4724b80cae42daee542c75b062bbc63f6e7b638d9ef7d4c1492ed5d1cda56e9c6aac07d24f4fdd162cba9fe24034ed3e353f0bfb3e465065c63bae57342dce0b84a1111f902b7db3fa449e417cd1349bf6a536392337bf9256a1fa1834ff6ad8d45551ddec95010e1fd1a9c2d94fe014d60dcdd4a91695ad29335955dcab4c68a21ae6d202cfd5fd7e8a0a10a78ba7750a7e447bb4a41939ad0e7cee5d53defb55be32ca2a3635c9a5290b8c21d96d1cdc626352fb6b6cf1a3fbf26c19d28ee33d245ba69022b8a0bdc950bd3d77af01bfde039bb98520c3dacfde1fb1fb885fb24e3dfcf9361e1e0cdc01014b44eb9f30fc4101922a6cdc058da294169f3c9e181f1aebfbfe418703f49c682ba01740766b74ef85147a"}, {0xf0, 0x111, 0x1, "74a0d7a9fe2065ec90ae607c14a27823fae42fb1fbaca3317145718d2db4a22dc6082e2bcb93425976223c40f0396060f64be4acb01561497bafa044c4468b10109cc312256628c2029e02070cdfe9732f9e1fa1e2d15968a03f916ccfa8bea7120d3079e659bd1ee4c193fab15136804f684be7db278088dcfdbbcad10edac15352377abb5535fc639b98d1e1ecff4c835c4a5c4581ca9d2d4319f9c8c93eb7cf1cd4e12dc8842386a4ca2a43afda90d6effc99e7220a90b68d71bfb899448fbbfed598857476f87b5302ca782596bdbbcf4a80917ee3379e55e20253e5"}], 0x11c0, 0x8080}, 0x9}, {{&(0x7f0000001640)=@nfc={0x27, 0x1}, 0x80, &(0x7f0000001c40)=[{&(0x7f00000016c0)="4087ac90ee184633d4e6cbb511acc73346f1a9ee25fc1b457cda4775c5ea54f50721cf9c0c1e317c4ae6385d25508aae563fc9fd0935a448c5023068012457be385d196da48dbe9a0441d6f9dd6b668432c1ee9daf9498d46f95fe94d04470a3768bf1457eeefcb80f8bf94be1737faa04e8c9a3515380deac956b7618ef620635f248a0e094c99bd56b1ec958ceef66c8b411fb7789f60c12f72f15979a02a9b54251296ff24c6a6452735f0793fa0e9fd60b8c7833698f57fbdd78634f1792e6cac063d9bfd29766ad14a05e", 0xcd}, {&(0x7f00000017c0)="35c317880a6fa3efd23382f2e6d9a7e1c5cde4c988e5067f", 0x18}, {&(0x7f0000001800)="a7eec4bf2e501f2f48cecdea81f2962b20efb80403be7fd6ece4d292cf17522ec9ae2bae7c62588c1e8b484a74380a0da3c5ea660c34", 0x36}, {&(0x7f0000001840)="942fa6e85c1b3a5158dc49c10ad5f4250362d02e368a0e82d788cd73c48c29c7765ab5f907772c4bba9e9994a23c9734a4d108f2b80843ae1e15ec76d4a4a89010368f755992b8395c26adf44c59131b9985d67430e9a95b40fd3fbd6ea1334d32afd1d17c1e1421060c8eb359df9b6695e893848c44dffc1ee6ce6a9d9336f2d8c5adbf8aae5d35d4f9ce179ea6e1932972ef4910d41dc4cdf3b2f07462a3cc46e919bcf119c34c76e09f0b5d0168c9671929afc09af917ee89115b29e9270f856bda41e95e450730e68d7faa88cec5196826d3424b0014d4d532deb8f6195de717eba2cb", 0xe5}, {&(0x7f0000001940)="1b4fa793832e466d5966c2d4cf2cb63a5cbe7f3b9d6e35fb9c1bd98a1ee3faac80061f18ec30845abea34ffff069ed9a1d89f6312bc35dbb5ea0f27857d4bfaf0acec2b9fc0f5d55b2f3780713ab79768ab92ba34cea6f7c1fe134c02039ebdc2a7ad327983e08ea9a39ff5b8b919e0e9381d1eb9748416034ea3692f4a6ad338f949d2290471df873172fb80775c5e416526e0eb20a1718f880038c2043274821d217c439d022c5f7e1767441585e1ef23369c91288421d6c856e", 0xbb}, {&(0x7f0000001a00)="45c9e3a9be18d426701e668b96ea3a6c3cd0c659b7ecf98e6d63365a1107f9bd795b706536b8e2e04b90b2dc2180e26338f6713c37457d2781543d101643d7181fadb0538733ddc5d8c695ef6974901e0c5b06b6f8c70ae39ac12d371ac99b93a1c31ce7705fde54b6a3f8132426492d0eb52e2f72edf9bfcdf6523f882c350570b324410c4eb6607be28d032d6eddf9496bead0fa86c6bcba8f334197c50ad62afda83f38e4d91fae43fc9aaa297f355843f980ef643933cd66ee7fc9e0e7b8a7cbef6770ca93f56d3d666496bb65c87fb42f0b186111e71d70e46fcdcc", 0xde}, {&(0x7f0000001b00)="7ea2109eb5ec02b0eea24bbcca88f6452987d66637be8e98de79b2d62d70eccdd411987a18e15d166b9b5db7f25be321c7ee2524a6fdd542c8a46c983a67bbb78a50f2cc66469f526e09cacc43a48c860258578e4b04227f7381828ba1ce406c12952b4635055d1cce62e76682068ce8ec3d727d463a2451287b93dcd982308137d0a77c9698d368e4038a945144795c2e9bdb0a7081ba073edeb37d7eff68338c53bd5e16006ca3479bbb6ba7aeff775070c7f8173e2c6e569440751b1811a9", 0xc0}, {&(0x7f0000001bc0)="863a788d0a", 0x5}, {&(0x7f0000001c00)="28e999", 0x3}], 0x9, 0x0, 0x0, 0x40}, 0x10000}], 0x2, 0x20000000)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000040)={0x800003e, 0x1, 0x12})
sendfile(r3, r3, &(0x7f0000000240), 0x800000000004)
socketpair$inet_udp(0x400000, 0x730000, 0xd, &(0x7f00000001c0))

2018/04/06 01:05:19 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r2 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r2, 0x4, 0xf, &(0x7f00000003c0)=""/171)
socket$netlink(0x10, 0x3, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r3, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
ioctl$DRM_IOCTL_GET_STATS(r4, 0x80f86406, &(0x7f0000000300)=""/143)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'syz_tun\x00'})
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r5, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  106.187630] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:19 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001000)='/dev/snd/controlC#\x00', 0x2, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x6, 0x3dd000)
ioctl$RNDADDENTROPY(r1, 0x40085203, &(0x7f0000000100)={0x0, 0xd5, "0dda4a6045f3148fff0982fb233da93bb7d6bcbccf7d1763d5e69f51c17467795465f439d770eea795cb7e9a70b223df448ced99f8a7b0dc29712f27b7cf7a1eed7341c77d07153a87ea3e71f8cc29202dfb100b9608404d7f3b6413677ef348d94e8826ce19f04f5829a1b679b44830ea35ec00c16cca8a8e6e38937b37fc77dba25f09561b685c99cc2e5809e902087c16b5b65b3b6a4c71a1646a9830c1ffa68d9955c0d2a9616e07c5f4cede426d14a5438a2af66903ea885af5ed4a91dd01969bd74538abc0e3c4f2a99d956f9150b51d14e0"})
r2 = accept(r1, &(0x7f0000000040)=@nfc_llcp, &(0x7f00000000c0)=0x80)
ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000000200))
ioctl$LOOP_SET_FD(r1, 0x4c00, r0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000000240)={0x6, {{0xa, 0x4e20, 0x100000000, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x4}}}, 0x88)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000005000)={0x0, 0x400})

2018/04/06 01:05:19 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x49, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:19 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
r1 = socket$inet(0x2, 0x2, 0xffffffffffffffe4)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000001540)=ANY=[@ANYBLOB="666988746572000000000000000000000000000000000000000000000000000005000000000000000000000000a3e97bcb1bb2d8b70000000000000000000000007739493b4900000000000000000000000000000000000000000000000000000000000000000400000040009803"], 0x78)
keyctl$join(0x1, &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0})
kexec_load(0xffffffffffffff25, 0x6, &(0x7f0000001480)=[{&(0x7f0000000140)="8006b741e5326fae6d5241c02e2ccfb270df834fa99e4d2507e454c2c16d8ec4795db05b8328428096562a1c4044261795e0940b33820f659a9119f2c830cd2ef351a790418ca8fa950b09141a6db36a225c233dc383c86bb2d1e48e377b0aa0b232ce1f0ad73de8eab052981924888d5e613b892a75140e42838ddd46132b055ab254f9c882e586a755b9dfe71d53f5d5e98779afdb9a0673992986643898087f5a7f6b5b5ea42f33c1c6900af46d8ba750247546d29d08f7eaf61e3850604bf9b52f6fb8e5b1", 0xc7, 0x100000000, 0x10001}, {&(0x7f0000000240)="cc3cb31aa94cdabc8b65e341e7004f3deeb34d6d7c90918a9d7838e7674ed43a8fc3972cce3621005d7187680876baf8336683df448b56286f929e2a4c3c30bd406eff653cb1319de2edc4b62ee980d2b405d6f430e6e94d4e9b8b5b891ee0e3b04df6769e5d5d701a9afe832fc99a6e0b8a272c924fd03b3491f6ad93e61657f9f58d324c00ee7ebde64e1526f32181a143602e441acba6160e47d68ce4098c99d9f3e5a685f1a4cf1add5828d03f5747fe9f2a1c17299054ffd95e27433e563a51da8feabf73f5af299ebec656b859b35cc58fff19a41bfbc0e26cbffb53467a98b631d9411d4305d08b949fa238b7283c7317e38174cf14198538cca4a07b8bc55301af86f6ee0646490b3123637c9e5e908556141075ed664baa460c69aa1c80d7359c2c23a7c719e6acbe7196a7cbb861386aaed8212de6339bdffa3a4aba0f2939b934768ecf09bcbf932f91e6e6ac87b9ac54cebf5e7858c1ed5ec73a88a6ec39b95e247b862c63adb08301f9feac01e029055cc5ce1bcf9c81ba3065979fd61e0ff4bf3c97fc12fd65d4cb48c6a762e0730d2e1a4e6f562d98759cbfcfc74b448207dc3935db88a487e86831cf1a70490fc3c635cae6afbded3303c167ac9830440fe0595d83f22a05b784cbfe34e7e699fedae1a81a4bfae203193b211f0f97738e5020269b73143bde062b8463836683715b41cc932eedd029ccadcc367ff6a5c0c887fa1974378dc56c2261116ca9ba8f6e1341fb1c3292aad33f16a4d22aafdc78490df5e6a529b167c74e4bb498fb2d37181452c037d134b86945d4b04c2f89e7298278e0e8cb4eb220fbc8c23701349a758e91793ffb5a6e5d229ac630068710592541ba40c13d9cb5edd61469ca4be8c2f4bf14cbfc84be91bc96d8d0174a06b9375684d8133bb363cb1a7e1aa9651c2ecf36265f3a95920cb7c50c9f91a5aa110812258517194750c5a5bc7c2b6b542ad4c03612c368cb197fc6900fa66d33e0d0c86adf8787a20f4c8fd92a80144a15eb543085111b0e7dc08c6734e6877d97c7f72f71ee0485bb7f814d54b13f35672f6d7200f9456ba00577492aec74162a5baaec56be0f8114ab6c609c0ece501d86d4779c7bcc1ca7743ba156682e841e3ddfbae2894b03869bdc33d24353f87309f062a5a17df8e260057c8dda19713ce8a0e760d909ebe0a6b8ec93cea358fb4308b1ac8d6bca3de54fca72bef823a0bcd89caa635fd60cbcb3201c4417fcfdc070eb004c2ae8b836c50bb095eef2b0dbda6cd33c922c8a4a1ece437ff06c34a06af263d24d866d73f453384f20f4eb388bf5ba8ecb7b79b83f7fb9f45f64088960d413e4de53d0f7b2df75da4fe7db57386de696c561cac580a7ba15023302fc9f65eb9ab7ec39ae22ade91f3f50e211fe51965add64d525236cda4115a1cb061e25c8e78ac45583cac6d05b8d786a42b711fae961763aba76c059edb3aae0110b67d98ac1d1e9c1449ca5abee28ada079ff7d54ff971bdb5b223a5543102d3989da9ce6a38724a6ab73a66194741e0f7d049d83a7a97c45e46c00ff355a3ed0168eb889a6b7b81626ae9154962b5314b7403f72fa8e2c4f51f885022c0b649cd80b2f54369eedb08eddcff9bd600af3a61615b2b3f23703eb5d07decc0607029b113d07f4fc715efa6bfecd6619efac8053bdb2846e8235362c556cea95837db1caf114fd299e137f6f864004b9894943a09650809441a60b1baac1c311db9a6b03696b54561e609e50be051bbc6b58807778274d1bb8532c3d574f3b6e1f18375d8b2bece91c9b32c3fe80eb27a9de2ca33de12edb89fa3f46f23cb0b84d2b79c9d562b57bf6004b8567c620947ba97beaee612dd01d789b6f1db9f6031402d1ff1098637d57a7439009c2d2dad82569fbc9a16c5e06a6f3ff25e696fca38b827efee2ee47aef48e0e5975155fb6e8bc6d4cc80bbb632477c2bc60a5b4b2278c54bb0b8ea10268f1a761b4874b494456bb947a58bd3acae4612123f1316afa554bb892aa95523c807837214f09efa8eafbeb47f3d4a22a4b8e39a125615df75e2de0287cc253d1ffa8ea4d8f8a525b1a5c2d50eb09e551339bb49d3c0179fa3544edc13839ca06b2bbb198b473ecb6073f3ffc97dea03d2fe2cfaf724f5cd54ae449c6aeba8eada6648d774327a6aa0ef1ec57a765a25b1aebb75de4f4b00ab340881c35ffd23cdab52041238b108698605f9ac37f4076a7069a6afa22901b0f6785a64e667f4026848e5c0ad8141253675aeefd38a27b141ed11e649ee1f64a31e25365c1e1d06dc35bb25f013e5a9d7c676059280225b5e8fb0c20f670c25096f80e99f47ca7c11c6dab8852542c2709a8baa2a97d5e8a2cfda4c4b584d31ff3a237027d63e53e8bc2b6971041e7fff3cf603c27db37a881786c7c8ed90637a38592feabebc8d9dce3d0cd787615379d9fdab7a912a4ca85ab1759f4262b674ab164eed9ba742f029471fd47f420114af6a0b36f3db564b99a7e9fbb7688c8454634f9093d9aa82eaf35c961fcdc290896ce3430f0c5d9fbd1770dc7a45875ff06e981457921caa02cbb166e3ef4ab499008b077a5dd578476e353ff267b8902cbb4f0e2e0dfc7660bb626657b1192878ed2c106baab7d7dd3c9ca2af14c70df9346d819d3d43f129ebd460e7c0e9a8813112fefbc21175fff0b6bad2cb82473de1cdb4f294eaa1caf1ba09ba0ecad3ff725dfb76d1716ded664af9d54262b38a20b37fa51c0ee93eecf7f9cdaedcee8940e96082457e4637158b23a9bc366fdd6bda8eb1b6a4501f68ecc32769673836b904d62cf638b953d88847fa00369f2a82e7cb911034c2b393263a2397de7fcc5092228a39ed5502586a368414a6cc9dda13606acbe2e9cdae9878e646083b38c39099c338829e2cfd49726595a09093113918702f06dc34960016022beb4a34ff1f36697acbd7f3e69bd90697439980ac9427b7e5799091d2a5740b52dbbc9ff6393912010c196157d06823bc6f5dc4e3c8d4fb360100af517f071d5ff3e5c373aac7a75eec0f66f82b2f619304e22a44810012b96d638a123977b33c519840da29c1cc6d1544587a93e31b6af5332e5458b5ef7939ca43ae03dc3afa88d8526a044da7565dec0b2536e6093251fb13cf9d078d9911a4015d15af195393fcd5d30e6aa10d152400e17853cf5c72c6c920585ca099180f941c6dbd9abc70d11ad4bd8f9189b2f49d0fde7e77558708934c787850ee12a9806bc96e450403e3b291ac8113d553fa708577761949b0408458be5f5650c650cb39d4d0e3b91f8a9e4e8bca42ccc7519dba255288b8a0865083ecbaddbc6ae52f13cb0b2b17abf2f39be398031e2113387bce6cdc87e7201fef96dd02cc83e70ccdfdf035f64ce8cab826d7d148c5ce18203de95c94afe4445b87f259c408fedb286f1f0ebc579df2b54c0b5df831b4d1cf422bef7bcc8e438fe857cfb8d375ffcad0fb9424937e204a74b450a75116f6d050a2e101f8820ccfeba18afb5777c7ef861eb6e2dad32c26ce88c9af0f11a4b817e86a9baac1ee9398010f8baee015caeb22528a206239172bdf2e21f6f565df06330ffd700b01de54529ba072f1e194f9ac1d544410498cacfabdcf3449bf1b9f732a7b63e14f8d105e47c83563636d48aeef8081f6f9993edb558f0a2a294371ded11a484a0d860a1cea879f8ae4b3e448ea57386cd6f2a676e4cb116d4d894a4f1fd1d439cd16fc5e63e607eec1d0f4b4a2e4b31ff3b0795a05955ab0e456405385d696effa03d0a6f6d8250a542846301537ded4e36391f16d25abfcd5670175a64245d84a86dd03e0d798c39777335d8ecb286c748cc8fa58dbc244ddd02304b7f3826851f91f7ffa61b8007875e77df2d4e7bbf5b79792f0670abe7ff30ef7a1bbc4f527bd36e13237029923ee3fcb14bc23ebac1865546e14d0075ab9ae069d57cd4ec691dd1b5857ec3aa379ab412d88d5c265061c0bb8e98c8e17187b02de7f5f57efd6843a83cf7335a6c4baa8d6ce7839c45df7c15b5cec3654dbb117fb62475b2751e5df746d9e9e3697011c9b51eb631ebb05aba69d7c3c9ac3226bae715fcba94f6af755076491d916f79f4323b596db79981033b7d0787439570e0e63254778b20fcfaadbf625eab937241c9551353e75ce1373ce29c2b4898acef8b5ce3f58c01e6fadd81acb0090723c8d423549742e2ee02211ead13f65d40fd565fb384c0b59dbb6dcc2df02cbc0590b04ec5d1088c0f0c8b03fc020a65f3402a2c92c178db9f1670955d5e6df021db3f949b7ba73b894d963fbd458760a1f36e13a777b9460250d419adfc23bb5423b20c5ed994b563db2a97ee31af42c8c43260ae29250b796f70051546dad3721e5b9528b8eae6f4dd992d127fdcebd1544819066dd5c5ef75d0a3d02014ffe13a21bd48062432103f16b52f47d3cca010a0b6ced41731d914c199f6dc1846f4fbfe281a948564a18c6895123ad788a221aa7050523fbc7efd8692b33e5ccd8468e906a2ed0b79d555ea5061f796c98183e54df6ebb4892b89b13491e7698c265262112a5220f36f33abf4558545adf920e618c0250708c82c62a00aca2241a86e49885eef8b5656f61119da725432f563fa1e4d650e12fb7c8fdca93f866e6647be187ac8fb97f271702f63b4cf844a85ff9d1844e9777996c7237835b8bc398ea6f4dbf04349eb900df8668afe5406d45bd8927d6b8bb40af6ab9e758f2722f612ae2009a29e3b80df1cec1477c94e8ddbabe7a38b58f9184ec2bf5062d89c1d1787d3c7f32a0cd0c2d0197bbbf469b7b6f6aab223f6e896bdda5f66e188df789dfddd1f35d7ec67ad897a6864c874dcf1f3a617fdc80ddd839bf07f8582160e082d0d9531bbd134cc4af701f96e4c3a8d5eb9170b68701b2ed433ca67a79236a29c7fe29b0e43946174fd3e1a8f460d685fcbbf48cf69c0aaf511e6f5bea22b5b3f8577bf880b04aa6a274e6093228fa09d00ea0f885004b573788605c773beb90d7235c2f04a385f2b07f1d7335df1a3a10e07cae192cff21ce06dbcf24d1fa954355b27d7799bb574376e92f8b990ed5a789ca6e004595c3ae9934704e4b62221aa9a097b97400ef3aea8da83674c23a57098e441b4ab163d7b5a0598a48e2277268edf14a690570c0747b104cc0a31bffe8d0df67ae0e96fcc3c360f171cc414d03e6787d1122dac0c0fa8aa4c11d94c26022baf465d6dc2d0543cd7e7cf7119ab90fdf1a5a60b961acc6a57d75e270f9ae25a2031a1d79c6b0b01dba86ef7d665dd4a1ca887d15e1b079707b832ed717096137523042e585116850e8b453682f35024ea5cd156bc2fe96f97df4c9cac91c4333d8692965ea8841be5fc0b95428b0b63e5de3b54176a0e4f864b590caff926beed7afb6cf112717efe85c003cef42efa3a153ec347a2261bb512343769793c64f003dc3bc03f5ab03b6703184c4904f2fcd7167237ad3ec53c67ded57086b9ad05f7261cb733351641ca26649d6e6b30d6b325db79f14adf501da42c3bbc0f0658ab6db4d041c003ea9272fe0cb042d6f88687d850faca903de473f556923cc91b91c8becc219b36caa15fc0fa55c9a1663026795ad7471e8a64c37a58bc37e9f70af369cbe67da50674eee5fbd68e0c66f1f371f11726006a925e65a18889d332b2656131c5fd9076805630ca91a66dffddd08ea8c0b5dff9ea7c38dc9af01931c8df6d463cb56b85a5e879aa41c380057252dd8d5fa2f2681f8a6a4e5a9673d3010d0f", 0x1000, 0x7, 0xfffffffffffffffd}, {&(0x7f0000001240)="350282db6f6a2f2c01c50bee1fce8e3dfe63fabf33d52e97e5bde16e74bde139c470f4ad47620e9fedd2ca08a01836598d42018c8aeabeb30539fb21ec48a548aaf73e575124a90b6874336ec773a4384dc2a6a642bce7ae3c2d6fc6f86196e4e680f460e1eb3fd4b9bd7a80cc77a85622db52e3c2c1e441cf75f406949ff09cb7605b9fbc6c74fc1e9e17c40431933a0b561246", 0x94, 0x0, 0x717}, {&(0x7f0000001300)="8f8862ff711298827111a6aee488e4848747db633e2d4e361786567336dff010a545e0126d406ea8dc885aa256cdbc56b45d4a935efdfc8cc7c95c96e46d98e2bed8d3768813a60c42e4cc", 0x4b, 0x0, 0xfffffffffffff85d}, {&(0x7f0000001380)="d61760cf2ca4b21b5ad36b2b9079d96e14ab5e6622a50a5807b033c081b43b8c0a4270131fb2275a35507c62be9d2fc4097e1a068115774b028a0cf0e72985eade604a2b23993f6c7e55a4f4f90e3a509208d1e56e633524f3ab4964962809ee34363cbca19f72630069eee4e202634e61a730729dfbd4ea5c2f202045ef0f20c093cc157c9b53faf1c51b6fffaa7e3753ca761b599ea1af8778", 0x9a, 0x1f, 0x5}, {&(0x7f0000001440), 0x0, 0x1, 0x8}], 0x2)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-ssse3\x00'}, 0x58)

2018/04/06 01:05:19 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_submit(0x0, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:19 executing program 0:
r0 = socket(0x10, 0x2, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r1=>0x0)
capset(&(0x7f0000000080)={0x20080522, r1}, &(0x7f00000000c0)={0x9, 0x401, 0xa7, 0xffff, 0x3, 0x8})
sendmsg$nl_route(r0, &(0x7f00007d0000)={&(0x7f00008ddff4)={0x10}, 0xc, &(0x7f0000000000)={&(0x7f0000000640)=@newlink={0x30, 0x10, 0x421, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x8, 0x1a, [{0x4, 0x2}]}, @IFLA_IF_NETNSID={0x8, 0x2e, 0x4}]}, 0x30}, 0x1}, 0x0)

2018/04/06 01:05:19 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r1 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r1, 0x4, 0xf, &(0x7f00000003c0)=""/171)
socket$netlink(0x10, 0x3, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r2, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
ioctl$DRM_IOCTL_GET_STATS(r3, 0x80f86406, &(0x7f0000000300)=""/143)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r4, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:19 executing program 3:
syz_mount_image$bfs(&(0x7f0000000040)='bfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x8000, 0x0)

2018/04/06 01:05:19 executing program 7:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00009a9000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, &(0x7f0000000000)={0x0, r0})
ioctl$int_out(r1, 0x5462, &(0x7f00000000c0))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000040)="0f060f20dac5330f2293660f3a448a0a0000000066baf80cb81686848aef66bafc0c66b8060066ef660f3837d836f40fc75ce12ec4c18c5eec", 0x39}], 0x1, 0x0, &(0x7f00000001c0), 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DAEMON(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x14004a8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x100, 0x70bd25, 0x25dfdbfd, {0xb}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000001}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x8040)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

2018/04/06 01:05:19 executing program 5:
r0 = socket(0xa, 0x2, 0x88)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x9, 0x1, 0x2, 0x400, 0x8, 0x4, 0xff, 0xfffffffffffffce0, <r1=>0x0}, &(0x7f0000000040)=0x20)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000080)={r1, @in6={{0xa, 0x4e20, 0x9cac, @local={0xfe, 0x80, [], 0xaa}, 0x5}}, 0x6, 0x7, 0x3, 0x100000001}, &(0x7f0000000140)=0x98)
r2 = socket$netlink(0x10, 0x3, 0x4)
connect$inet(r0, &(0x7f0000ffdff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10)
writev(r2, &(0x7f0000644ff0)=[{&(0x7f0000001200)="480000001400257f09004b01fcfc8c560a880000f21759ef783be00600000000000000a2bc560300000000000000200028213ee20600000000ef00ffff5bf1ff00c7e5ed58000000", 0x48}], 0x1)

[  106.369335] binder_alloc: 9569: binder_alloc_buf size -4183844053827190712 failed, no address space
[  106.378903] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  106.387700] binder: 9569:9580 transaction failed 29201/-28, size 40--4183844053827190755 line 2963
2018/04/06 01:05:19 executing program 2:
io_setup(0x20, &(0x7f0000000500)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000200)}])

2018/04/06 01:05:19 executing program 7:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000000c0)={0x1f}, 0xe)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x10000, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000180)={0x2, [0x0, 0x0]}, &(0x7f00000001c0)=0xc)
listen(r0, 0x200000)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000000)=0xfffffffffffffffd, 0x4)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000040)={'syz_tun\x00', {0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}})
socket$bt_cmtp(0x1f, 0x3, 0x5)
ioctl$sock_SIOCGIFCONF(r0, 0x8910, &(0x7f0000000100)=@req={0x28, &(0x7f0000000080)={'vcan0\x00', @ifru_flags=0x2000}})

2018/04/06 01:05:19 executing program 1:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000cadff1)='/dev/sequencer\x00', 0x8002, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000240)="069ff802a597c520a9be0f36c698fa280958078b1d2fc081c9fce7b9256ef460d36a50aa49d523791e593d9cf25b3f930aa8dd1f974d86a4555b523ca8298232af44068077b92d5dd372b448e1e1cc84f2f9f46b7f8752c695791d212da43f17fbb3bafa38fb1d3ebd4c2d8178da2c177a41cdeb8dd601ce1762a9d4bb49c05090193e89dd04684acc1b9007dcd36bf9ab29b2abfb1b0b3a9bff5c0664450f899eda5b5c870a6913338119e8065d3a5b6df01577c381462f152b4c77069dc35f0d448af14e42ea098c1682ab1796d045c4b3c5f7c59cf08929ec018922ec082bfb5b13a53ec3c9b50dd966181ecaf4ea616d72d89266b5e233fd0e0f248fd6bb4f59139e6184af40a2fa2f65a53a83ed0b79501ec59372216966db1d09758fe1612bac83640c55ee75bb0ed8d8219f273facf0eb29f3da7f298a85662d8979052d213e394752ccc12721dbd51631a937d8acd1ee01c501fe4119222050e7708e361a530554ff98c6e9d70919d18727c03d29cc5e4ec9c970183701d1b2636c9edbd1cd5b810816d7e484a833", 0x18c}], 0x1)

2018/04/06 01:05:19 executing program 3:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x100000001, 0x800)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f00000001c0)={'syzkaller1\x00', <r1=>0x0})
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000200)={{{@in=@broadcast, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@dev}, 0x0, @in=@multicast1}}, &(0x7f0000000300)=0xe8)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, [], 0xf}, @in6=@dev={0xfe, 0x80, [], 0x19}, 0x4e23, 0x3, 0x4e21, 0x2, 0x2, 0x80, 0x80, 0x73, r1, r2}, {0x1, 0xfff, 0x6, 0xffff, 0x5, 0x8000, 0xfff}, {0x4, 0x98, 0x6, 0x8}, 0x1000, 0x6e6bbb, 0x2, 0x0, 0x2, 0x3}, {{@in, 0x4d2, 0x33}, 0xa, @in6=@dev={0xfe, 0x80, [], 0x19}, 0x3504, 0x1, 0x2, 0x1, 0x4, 0x0, 0xffffffffffffe542}}, 0xe8)
migrate_pages(0x0, 0xfd, &(0x7f0000000540)=0x80, &(0x7f0000000580)=0x1)

2018/04/06 01:05:19 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x0, 0x0)
timerfd_gettime(r0, &(0x7f00000000c0))
r1 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r1, &(0x7f0000017000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x9}, 0x1c)
set_mempolicy(0x4002, &(0x7f00000001c0)=0xe, 0x6)
sendmsg(r1, &(0x7f0000006fc8)={0x0, 0x0, &(0x7f000000e000), 0x0, &(0x7f0000011000)}, 0xc100)
sendmsg(r1, &(0x7f000001b000)={0x0, 0x0, &(0x7f0000029f90)=[{&(0x7f0000000080)="80", 0x1}], 0x1, &(0x7f000001f000)}, 0x0)

2018/04/06 01:05:19 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x49, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

[  106.605102] binder: undelivered TRANSACTION_ERROR: 29201
[  106.684787] binder_alloc: 9622: binder_alloc_buf size -4183844053827190712 failed, no address space
[  106.694094] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  106.702852] binder: 9622:9623 transaction failed 29201/-28, size 40--4183844053827190755 line 2963
2018/04/06 01:05:19 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x0)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:19 executing program 1:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x3ff, 0x200)
getsockopt$ipx_IPX_TYPE(r1, 0x100, 0x1, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
lseek(r0, 0x0, 0x0)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000000)={{0x2}, {0xfffffffffffffffe, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x8, {0x2}, 'ip6_vti0\x00'})

2018/04/06 01:05:19 executing program 7:
r0 = syz_open_dev$binder(&(0x7f0000e5b000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x8, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)={<r1=>0x0})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000000)={r1})
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x50)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0xfffffffffffffffe)

2018/04/06 01:05:19 executing program 5:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$session_to_parent(0x12)
syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x7124, 0x280440)

2018/04/06 01:05:19 executing program 3:
r0 = socket$bt_cmtp(0x1f, 0x3, 0x5)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000000)=0x81, &(0x7f0000000040)=0x4)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='ns\x00')
ioctl$KVM_SET_XCRS(r1, 0x4188aea7, &(0x7f00000000c0)={0x5, 0x6, [{0x9, 0x0, 0xffffffff80000001}, {0x4aefe599, 0x0, 0x9}, {0xfffffffffffffffe, 0x0, 0x4}, {0x8, 0x0, 0x4942}, {0x864, 0x0, 0x3}]})
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000140)={<r2=>0x0, 0xd, "e7e432d5a9b8da374e0f7fc687"}, &(0x7f0000000180)=0x15)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000001c0)={<r3=>r2, 0x80, 0x8001, 0x7b7, 0x5, 0x1}, &(0x7f0000000200)=0x14)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000240)={0xffffffff, 0x3, 0x0, 0x1, r3}, &(0x7f0000000280)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
sendto$inet(r1, &(0x7f0000000340)="e95060f03600b348e8258904049eb14c1b4ce0b87105f87e4fc439d35b53d9740e007d7d71b4d796a6bfb3f3c512e710e2204bc1a3be0e198443c71424ebe5b5bb89f28e721a877f6a170c95e13e16b67206dc62fb4bcfb4cbd2e67710ad873cf7d073c99b67471aec3bca61df5f48349467ee258e22dda01f761bef8f39f9b9448a2340f217a5e2601ca9aefab93241c3a09d7558256721e1bcf40f91a368d61a4f16753803f5ea503d6c19bd70263e54b405de1b72df11b267289dbd", 0xbd, 0x800, &(0x7f0000000400)={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000440)={r3, 0x8, "653b97d118650479"}, &(0x7f0000000480)=0x10)
shmget$private(0x0, 0x2000, 0x2, &(0x7f0000ffe000/0x2000)=nil)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000500)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x2c, r4, 0x101, 0x70bd28, 0x25dfdbfd, {0xb}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x50af}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xe01}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x20008850)
getsockname(r1, &(0x7f0000000600)=@hci, &(0x7f0000000680)=0x80)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f00000006c0)={r3, 0xf5, "8082141e92e3cb83103d9345c334a7b29dc4d3604c5aa71c8acc5019c3f81efc5de3820e56732c160868dd7e6e3101c463905698138197c860f6d53a369e80a63fd5667b820de84f5a1f85928e8c6ec183e50fdb818851e552555339f69679409036ab7e75e58a1b1c29f2a0c00d89a374fa7fe15acac3609c979191dd75025d91411352eb868329c4992dd25bf276000cf589d33d7e8992ea309dabc21a0c403465b9e36e99d21ad7770b869d9e9f52903bebb28df84401a9b05a5ae681bc1c3c0feeb015f1062b1e6f68e5805a843f2680fc84c81d30f0e2a7dad3872cccb6246e70d80ae592702f73cee858d6e984610a4d55c5"}, &(0x7f00000007c0)=0xfd)
socket$inet6_udp(0xa, 0x2, 0x0)
fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f0000000800))
getsockopt$llc_int(r1, 0x10c, 0x5, &(0x7f0000000840), &(0x7f0000000880)=0x4)
r5 = msgget$private(0x0, 0xa)
stat(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
stat(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000a40)={{{@in6=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@dev}, 0x0, @in6=@local}}, &(0x7f0000000b40)=0xe8)
lstat(&(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
r10 = getpgid(0xffffffffffffffff)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000c40)=<r11=>0x0)
msgctl$IPC_SET(r5, 0x1, &(0x7f0000000c80)={{0x1, r6, r7, r8, r9, 0xb203af0bbef5a4ce, 0x6}, 0x0, 0x3, 0x1, 0x8, 0x7, 0x1eb2651, r10, r11})
fcntl$setpipe(r1, 0x407, 0x401)
getsockopt$inet6_buf(r1, 0x29, 0xcd, &(0x7f0000000d00)=""/168, &(0x7f0000000dc0)=0xa8)
uselib(&(0x7f0000000e00)='./file0\x00')
ioctl$TIOCSCTTY(r1, 0x540e, 0x3)

2018/04/06 01:05:19 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r1 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r1, 0x4, 0xf, &(0x7f00000003c0)=""/171)
socket$netlink(0x10, 0x3, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r2, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00')
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r3, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:19 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x4b, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d000000000000", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:19 executing program 0:
r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x0, 0x40)
setsockopt$RDS_GET_MR(r0, 0x114, 0x2, &(0x7f0000000180)={{&(0x7f0000000080)=""/133, 0x85}, &(0x7f0000000140)}, 0x20)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000440)=@sack_info={<r1=>0x0, 0x6, 0x9}, &(0x7f0000000480)=0xc)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000340)={<r2=>r1, 0x2}, &(0x7f00000004c0)=0x8)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000003c0)={r2, 0x7}, &(0x7f0000000400)=0x8)
r3 = syz_open_dev$tun(&(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={"64596df17c0e4200", 0x4000000000000401})
pread64(r3, &(0x7f0000000000), 0x0, 0x0)
connect$pppoe(r0, &(0x7f0000000300)={0x18, 0x0, {0x1, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 'irlan0\x00'}}, 0x1e)
userfaultfd(0x0)
r4 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x10001, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000240)={<r5=>0x0, 0x0, 0x800}, &(0x7f0000000280)=0x8)
r6 = semget$private(0x0, 0x0, 0x200)
semctl$SEM_STAT(r6, 0x3, 0x12, &(0x7f0000000500)=""/178)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f00000002c0)={r5, 0xffffffff80000000}, 0x8)

[  106.736741] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:19 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x0, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:19 executing program 1:
ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x501371})
bpf$PROG_LOAD(0x5, &(0x7f00006f4fb8)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000003ff6)='syzkaller\x00', 0xea4f, 0x164, &(0x7f000000a000)=""/195}, 0x48)
r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x101, 0x100)
setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000040)=0x806, 0x3)

2018/04/06 01:05:19 executing program 7:
mkdir(&(0x7f000082f000)='./control\x00', 0x0)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
syz_fuseblk_mount(&(0x7f0000000000)='./control\x00', &(0x7f0000000080)='./control/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30)
rename(&(0x7f0000000240)='./control/file0\x00', &(0x7f00000001c0)='./file0\x00')
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r0, 0xc05c5340, &(0x7f00000000c0)={0x3ff, 0x7, 0xc7f4, {0x0, 0x989680}, 0x0, 0x2})
ftruncate(r0, 0x6)
close(r0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r0, &(0x7f0000000140)}, 0x10)

2018/04/06 01:05:19 executing program 5:
r0 = socket$inet(0x2, 0x6, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000003c0)=@broute={'broute\x00', 0x20, 0x3, 0x320, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000440], 0x0, &(0x7f0000000000), &(0x7f0000000440)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x3, 0x0, 0x0, 'nr0\x00', 'gre0\x00', 'rose0\x00', 'dummy0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa8}}, @common=@dnat={'dnat\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2}, 0xfffffffffffffffe}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x2, [{{{0x9, 0x0, 0x0, 'lo\x00', 'bcsf0\x00', '\x00', 'bridge0\x00', @link_local={0x1, 0x80, 0xc2}, [], @random="ce141b258c63", [], 0x70, 0x70, 0xa8}}, @common=@mark={'mark\x00', 0x10, {{0xfffffff0, 0xffffffffffffffff}}}}, {{{0x5, 0x0, 0x88e7, 'ip_vti0\x00', 'ip6tnl0\x00', 'bcsh0\x00', 'sit0\x00', @random="c6224324cf57", [0xff, 0x0, 0xff, 0xff], @empty, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xb0, 0xe0, 0x110, [@devgroup={'devgroup\x00', 0x18, {{0x9, 0x5, 0x1, 0x8, 0x3f}}}]}, [@common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x8}}}]}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x3, 0xfffffffffffffffe}]}, 0x398)
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f00000000c0))
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x2, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000080)=0x1, 0x4)

[  106.821279] binder: 9639:9642 got transaction with invalid data ptr
[  106.847648] binder: 9639:9642 transaction failed 29201/-14, size 40-29 line 2982
2018/04/06 01:05:19 executing program 3:
syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@codepage={'codepage', 0x3d, '855'}, 0x2c}]})
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000000780)="2e2f66696c65302f66696c6530ff", 0x3fffa, 0x0)
accept4$bt_l2cap(r0, &(0x7f0000000080), &(0x7f00000000c0)=0xe, 0x80800)
name_to_handle_at(r0, &(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0)={0x6c, 0x2, "70dbf9bd123ffac0e62cbc2f19204117a4a4b5ed744a5b72ad067bd5d74c134dc5e0919f16d34c9e541ed37dbf7b1eafb5275cf26360f8d79e1625a26cb36ebf9b72bd72f03effd44ef33427a6431d04d0f9ab98fd276224504cbf14d3fae8dc897a7518"}, &(0x7f0000000280), 0x1400)

2018/04/06 01:05:19 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x4b, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d000000000000", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:19 executing program 0:
r0 = syz_open_dev$binder(&(0x7f00000003c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap$binder(&(0x7f0000265000/0x14000)=nil, 0x14000, 0x0, 0x10011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000000000)={0x0, 0x0, <r1=>0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000040)=0x14)
connect$can_bcm(r0, &(0x7f0000000080)={0x1d, r1}, 0x10)
r2 = syz_open_dev$binder(&(0x7f0000005ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000fd0)={0x34, 0x0, &(0x7f000000ff80)=ANY=[@ANYBLOB="11634840000000000000000000000000000000007f00000000000000000000000000000000000000000000000000000000000000"], 0x0, 0x0, &(0x7f0000001000)})

2018/04/06 01:05:19 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r1 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r1, 0x4, 0xf, &(0x7f00000003c0)=""/171)
socket$netlink(0x10, 0x3, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
readlinkat(r2, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r3, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  106.958810] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:20 executing program 1:
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000040)=<r0=>0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000000c0)=0x2)
sched_setaffinity(0x0, 0xfffffffffffffe4c, &(0x7f0000d81ff8)=0x101)
r1 = eventfd(0x80000002)
write$eventfd(r1, &(0x7f0000000080)=0xffffffffffffff90, 0x8)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000000180)=""/176, 0xb0}], 0x1)

[  107.054354] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:05:20 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(0x0, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  107.082315] binder: BINDER_SET_CONTEXT_MGR already set
[  107.086839] binder: 9672:9676 ioctl 40046207 0 returned -16
[  107.120587] binder: 9677:9680 ioctl 40046207 0 returned -16
[  107.154438] binder_alloc: 9672: binder_alloc_buf, no vma
[  107.160086] binder: 9677:9680 transaction failed 29189/-3, size 40-29 line 2963
[  107.199093] binder: undelivered TRANSACTION_ERROR: 29189
[  107.214556] binder: release 9672:9674 transaction 92 out, still active
[  107.221644] binder: undelivered TRANSACTION_COMPLETE
[  107.228210] binder: send failed reply for transaction 92, target dead
2018/04/06 01:05:20 executing program 7:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000001b40)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000001b00)={&(0x7f00000019c0)=@polexpire={0xc0, 0x1b, 0x301, 0x0, 0x0, {{{@in=@loopback=0x7f000001, @in=@multicast1=0xe0000001}, {}, {}, 0x0, 0x6e6bb1, 0x1}}}, 0xc0}, 0x1}, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0xff, 0x2000)
ioctl$VT_DISALLOCATE(r1, 0x5608)

2018/04/06 01:05:20 executing program 5:
r0 = socket(0x10, 0x802, 0x0)
getsockopt(r0, 0x7, 0x101, &(0x7f0000000000)=""/172, &(0x7f00000000c0)=0xac)
sendto$ax25(r0, &(0x7f0000000100)="d4f950d14394bc56780d3ad0925c5e93e5ee870a75b8fe38f5ee926bf81f8b90715e0979441b06a060a519f28f03ac258eb0b960", 0x34, 0x1, &(0x7f0000000140)={0x3, {"15734efa37a675"}, 0x3}, 0x10)
write(r0, &(0x7f0000000240)="220000002100070700be0000090007010a00001e000000000000e30305001380ff45", 0x22)

2018/04/06 01:05:20 executing program 3:
r0 = epoll_create1(0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000))
open_by_handle_at(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="b40000000300000022a1ec0d8474b8b9111b53ea8a37663827e73d64141e061d808c4649e26090f6c1dd5354bd3a0a371125ac9b355ee21d8084254525e2e5e64e1307639534c00271e041a6589da74f769a1cc8879fa466fc067d65c65e2096c7fc091b5dc62456c91ab8d4c4c045380b8b4815e2f7bad58e1bb2b9bca02a330f6e23684dad2c574298d40a2af374f70519a082c46cafbbeadb6ba47087f25bd662fba25739e5e5bf8c62e6df68f3c901c6f82d66ab5d583a6d039df6af953578e0ff55d1314f133396ff5f646b9cfa68268a08d5dcf82d345c0b6193f31e35f8bf544525533d2b9ee95f4795865cc847d1883e642be946b056f8e03610046eff2c2288a184ddca144126b38d4b3396c52f6e22a5c4d8ea516d40d5c59d7b0c024d19c9e1800576a53d67a5b230d8d27d6f1e7993ae5dd435a4261e9a920da0d81b98bf57b3316c032d31c9f11e0af20120c70241299725236ce4d248316a9b68e2238f76ee38add8b6afe88556e21efa7c76ee2eb6219ae656033ab543b87a6ae6c95cd665510043cae3241b0cff3ddac18013bb7231b7f0971003e7318abf7c0dbbc412f0fa82996018a8fb00000000000000000000000000000000"], 0x401fe)
r2 = getpid()
r3 = getpid()
kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r0, &(0x7f0000000200)={r0, r1, 0x7f})
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)

2018/04/06 01:05:20 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x4b, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d000000000000", @ANYPTR=&(0x7f0000c5f000)=ANY=[@ANYBLOB="852a747000000000", @ANYPTR=&(0x7f0000aac000)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:20 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unshare(0x60000000)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x1, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000080)={'nat\x00'}, &(0x7f0000000140)=0x54)

2018/04/06 01:05:20 executing program 1:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x39a, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x5, 0x3, &(0x7f0000346fc8)=ANY=[@ANYBLOB="180000000000000000003f02000000000000000000000000"], &(0x7f00000001c0)='GPL\x00', 0xfffffffffffffffc, 0xfb, &(0x7f0000000080)=""/251}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/autofs\x00', 0x800, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000200)={0x200, 0x10001, 0xaa3f, 0x84, 0xfc, 0x3, 0xffffffffffff41c0}, 0xc)

2018/04/06 01:05:20 executing program 2:
syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r0=>0x0)
io_submit(r0, 0x0, &(0x7f0000000700))

2018/04/06 01:05:20 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r1 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r1, 0x4, 0xf, &(0x7f00000003c0)=""/171)
socket$netlink(0x10, 0x3, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r2, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  108.015645] IPVS: ftp: loaded support on port[0] = 21
[  108.023811] binder: 9712:9714 got transaction with invalid data ptr
2018/04/06 01:05:21 executing program 3:
r0 = socket$packet(0x11, 0x200000000003, 0x300)
ioctl$sock_ifreq(r0, 0x80000089a2, &(0x7f0000000000)={"6272696467653000e7ffffff00", @ifru_settings={0x5, 0x0, @fr_pvc=&(0x7f0000000040)}})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000100)={{{@in=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6}}}, &(0x7f0000000200)=0xe8)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
syz_fuseblk_mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', 0x2, r1, r2, 0x100000000, 0x0, 0x420)

2018/04/06 01:05:21 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000000080), 0xfffffffffffffd90, 0x20020003, &(0x7f0000385ff0)={0x2, 0x20000000004e21, @loopback=0x7f000001}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='reno\x00', 0x5)
recvfrom$inet(r0, &(0x7f0000000040)=""/149, 0xfffffffffffffef3, 0x0, 0x0, 0xfd69)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x100, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000140)={[0x40, 0x7ff, 0xfff, 0x4, 0x3, 0x7, 0x6, 0x8, 0x8, 0x2, 0x5, 0x9, 0x2, 0xfffffffffffffff8, 0xfffffffffffffff8, 0x5], 0x4, 0x80400})
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e23, @multicast1=0xe0000001}, @in={0x2, 0x4e23, @multicast2=0xe0000002}], 0x30)
bind$bt_l2cap(r1, &(0x7f0000000200)={0x1f, 0x4, {0xffffffffffff0001, 0x7ff, 0x8, 0x1200000000, 0x7, 0x4}, 0x2, 0x2f3a}, 0xe)

2018/04/06 01:05:21 executing program 2:
syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r0=>0x0)
io_submit(r0, 0x0, &(0x7f0000000700))

2018/04/06 01:05:21 executing program 7:
r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x101902)
r1 = memfd_create(&(0x7f0000000140)="000000008c00000000000000000000", 0x3)
pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000100)="aa", 0x1}], 0x1, 0x81003)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
fcntl$addseals(r1, 0x409, 0x9)
r2 = socket(0x1b, 0x2, 0x92e)
setsockopt$inet6_MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f00000014c0)={{0xa, 0x4e21, 0x5, @empty, 0x6}, {0xa, 0x4e22, 0x5, @remote={0xfe, 0x80, [], 0xbb}, 0xfff}, 0x1000, [0x3f, 0x80000001, 0xfffffffffffffffd, 0x1, 0x4, 0x3, 0x3, 0xe120]}, 0x5c)
sendfile(r1, r0, &(0x7f0000001480), 0xc0d8)
syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x8, 0x3, &(0x7f0000000080)=[{&(0x7f0000000180)="6404ea46e57c6ced365b875c25f738dc20493d3a93ee1947d951e741db528a240aed9d54a43e8f7610302853959acb0260127a68dee88898a4b523a237a308bed3efbc0db8b27aa92555c9548f8e8a98a4126cffbc999cfe02d27dec03b66b8d2723383b163a9f32b8db31010f17c8bbb6e0f18e83bdb775b1b72d8a5013bf1b16c5dde22734cbc2d273a66592cbb7de5a0b58af75e11f89f4af2b247f11cad5fdb04b75ad8cf02d50b7ee33e06614fd53878b077b2afd6007fc35a17b25ed6c846441e4452e6fdf40fef0f6079311d59b22e9de971fc06014f2660602943ee268", 0xe1, 0x5}, {&(0x7f0000000280)="74d1c85d0cdeaa6db6deb62f89d6f3bb79adde75a1e74440af5a5d2f0ae876cb3c611df3ba2c14c946cbf1053c11a4f13d00c191e281f91646494360ddf1d986deda0bd4e999d8c4e72e460cf1103fd64c66180ade2356f4b3113fe9fc0aa27d06488a09c8506a793c1ed416c02d9add849af86e0dff7b8b08edb6019ac0db1f1bfb5ad49c43e921eb74d8210a7e6a69fff60907a6453615ca5ea86d88cacfd2bc1c9b0a41acc7688122e237203aecd84c0083cd18921f6276b0f0f2bb38601b2f1773664bd5cbe1135142a678aeb4bd7ca837346ff757b6a9dd629c0d3b8b28ce7b52cf75965daf4de9a6a81177b2c4e63309e82261e104b5b967a661e7b10cf5b543c3f4590f3ab317f17a65d87860232171f1150f26d666f16931e63cb48a80d8619dbc942984eb304328616c17bb81d01c86206b79aa1460bf47fd60768af4783b01d0599a238391fe7c0fdbc66248e42ff561500bb1c356963ac1fac6a5f1bdbf63b4699d2fbdff31d14b0c6a930ee6153a837e454cdd41081afc3c998813e0215494053758ab512af19588d923f96de29cafefcd0e2cd9112cc6480ee07a2f1e5c9d41103975dcd8114c7052687772403e41e4b4863c70deefefd3b595fda1cad85ca61db807881cefae54d55e1d01945f6a0240590837897dbdb24ee77658d9394387bf126d89cff11fcaf201d985a9dc20895579c613c688d04543759759da6e7aee18c05fc111171c43063a01a5e067430523e53764636728f2c8a5b0da10a4d17b23232aee7d71ad103915927d0e0318e28296094f71276e90dbf6fb80c1128eb47d4f4537499ddf1d20d69ee7de410465977d8ba0be013d9b663a3310423bd30bbec1907a862011b4b54053cf33614af8aa4c8a1b2f3bb9c2d8a6f52bdad06798478c17ce46442ca02ed788d57103d58d1b7ea2eeb208e36e0fb8fd0441cb3588b4b53d73e5023d061f5b47923afd80f335c44ab4c6d51ceeee58b0027b088eac5df1a410879f1d8ab0392ff610d8d7d83225a6be89b7b08a74f15978d631a254232ccde15894fc271c4ddd7f60807e7a9c897016f757bbef9daf1d758fea89e7f2d69ba84ae7c3bc1e8f761a26f2019a518e704fb3cc507c5e3651740b2c3c0fe73637790adb15dcaf454de80f809c2832cc008d8a8aac38380891e54d83997691d080aff8829f2055c1290468e37470b83308adddab859029168be1abd39a139f4a957d1b24dab5fc895ca501574bf9e224b3faac6c5cc53f3619b56df0f6747d967dce4391a8d07d597711b1fb3be1425cecd61543a5a22a234fc3d6425d6fb19f10a06bc1e4aad1579c2df9a31c4039780bd4ada7fc04ab111906f5ef671d23f3c47c8511e28682fc3fc63cff86d4f83b32ac2b83dcb612c419504aa4dd0f31dd77d0af1e3f89ad6e5f3c14852070635005df0e1fdd0b08967dfbdbfdc18fb41166492744c80e5714225eb4d1ce3d6d2e477a9839bb78521c3040f383981e5358168c3f622125da7c38e6d3762e7d68f06dc1f7c88e64c3259e272253075c3b9f56cf7eaa559f3a128d3ac16d0defef57e34738c8c8e295ec1a0373e3d18d3017f419c4f9ee8bca2abb6b49efd8bdf9d6aef8e44316a25bac646c4ad2d26e1d0c13306b597c96dbd2b327b886d2780b86e6eff5b12183c779d9392440afb93087933674f560c578c90b2e04daa7f4ed3c40cfa2a85c4be50568df68cdafda02caf292f5be5bb244ffe14c6840e8116aae0ef3b83fd4ba2d77271996a497ce600f0978f058240a8e9b998b541f32f98dd3cc29d9938d4f41ab72a1084a0ed525a0c3ebe14b25fd664f29b7f95bf1f654fec62c1f4332b76708169e66437d2c2e113fce19b5c46bb282124118ca5ccb44f916a044efec961734f50e1776ca52a936d1c655f3f0abb1a1a4fea7a1cda3e5acb54e273a99f24f57881d244a5400c68b002d2efc85e6710c0741f6747e221ba067a8e614764dc21c9ec79886fec0f43050b9d4fa20c5e8a99573ece6fb043b1e9a9dbb1792b59f6cb700ab52fd64488b36de7194d27644f17e421c98b068ec383471e2f9858adc04abb6019fee463f82b95bf37c5e59d441aa6937b3c791ffb6c49efe51849be85eb44e3c5eb465a8e87c5184600f5214a589d914d285d92b4ce61fbc95fb4e2ede5e70ceb28ee3989e7337eabe3d5ea7ded86c44248b474d31757092de4fd10e7f561fa6607915ea187a4c3e01cab5b3a7ce539ded17756761be6a52f66cd630ccd25ce5f5d98da8bbcac6be84799a0576700a9438e62da2af15dfe533fff8422f9d80fc683081b54cf6dd92f049f10671b63deef388c22e0d059867e975d702a24cfac58e93d17b322da70a083a50cafa02723ec60367b161f14782625ee3eb86d0b7c6f44237a491ee184710b7ccc82ca6786db841ecbb2bd26fa63a7768625ff5f125ee26e080e051f96bd0854fb5986ff4a6da5de81dee7b9e9f091fb90538aef43c0922e59e12e72ff87be85f6d9b856dd50fd6bfeb8ed77203a6e3d7cbeedead1ac48bb560be835a141d5b7318390d634b75a67c20d86d16e0470922630fbd413af3fe8d113fc36a2fee9094d0efccbe5f8e71e3c4f80c338b13bbf82cdbc165f734bc778571daafc37601fb72c958277b18ee676074e5a3594cd3ba4677187954a20d0bce659af72a0a3066486be796dbee5f84807c791521c5a7b0f91d101d806c20b7d46edc1f4e2b55275914e364c52159d7ca91d37196f79e5285bf091ae80819ad9d8227473b720e10858f857858949828e35ae01653e1020624514acac3c2b90877bc59016b2b20e8746aa1eb66a3114181e888370ee11e476c5460077aa49b51186da84f98bfcf07639bac9bda380e5d0338b0a2478b3187cc249b31bfd2731f4a226c4907d61c27c84930fb46cb2d77ed953065549aa83878c3f00e033abce6ffda3460923fa0de640d78f4f50185fe44d5dec2bcb48979f2853e091d13f41acb414a90939a65d09eb5b5d6377d0de7c46b919645bec52fd9d03a26d90afc8705d4acd06197aa7a991ee45c9ddfea5b3c43d62dd67adb3fe59e8a8df65404499dfbc8b816ec7a5b57c871ae0a97e2881892d92f16ba0285f32c70c95a9faf0293945792f50f92a3c8f6c99e53cf36bc5db3620d7a3b6b503f220f82e089164d74d93772069cd20978da8e38be4c84e7167d55c0ebe002228ac1656679f9758c74ae8f933f4832e8426ec69ece7e0b4cb20ab52ab2f6a3ba8e3352728f1c6fb3eff251f8b3fe57fab4729d09e901be2e4a1d9112837e3f7f87bd3b56e96cabad583f8f9b36d9ea5dd1e8b896e96022dad47a78d36ab1f8a6171202b5fe17e723102b05d73da514f61478f21318f3d2e0a8a2b44d37767230be7d62d09ac3326ea647c6a6b4a132dd69e634859b80861c5f73ea8c186bba0e89575f1e509c6dfc9b00ae061b670eac2fb25de91c6838c841a92e53cbd2e4a637192d68e2c70f67f9f3429ca517b6754f4b54ebe149070f777838b1dec9cad81be16f1e4161da0522f7aa8d18aba1b3bb26b8eb70400e96c9eeef5838ae4ccc2688f70fa5de045955f29da3ec40075c376e262a88d3d13f1d4720258bde9ab7a74c89afa7e82ca9cfda51f19cc006284a14acab062745530dcf08a5d9b5047c4bfe3d61cba20936eba41efc3ea367b3e928a8a1fafaae2d95e1769d7c542156b131ef333a84b13a477cca109339b95c41c3addced0d75ea5cc0ce4c626f2de01bb0a9b2e58b121d0214ecbb24539e3a7aef78a99bc73b2004d6ac1a405cd9aaa159f537bf586685f694d37dccb9491e1b024c5520d59ab1d17ac26abaa4e001316dbb7afd118203098b3ac2ee30a2835cedef65e5f0aed3d28b8a875a6b47904589722df6ddd00de423489a48884364f6003d0dfe2bbc1749f8258107f3ea875246b4af407489ab9292a60544b20aa494973602a687661dec2f21b35eefc6fb88a73780ca37d664d475d916351d8263ae71eadd7edea4895c31e8cb2c0811464b59968c351c75b92d44420e41acbf7c56da37fbad508a1fb4406409dd41c6f2754f8f229a6f8623dc2474b6e6ae3d64c578d0beb146d16445fda77d0736f4478f94353cf95dc164ddaeb9814aba69e153b8ba92b3a4ba5d3a94276f3a63d325f7b54561154675935f9371e3f32abaaa9259efdf97e1323b006f683d2ec45f60301db74a6c07f9abddd751000fce9bf4792480d36ecff12aa6bdd9713860616100bebd8a29185f551b99313e288c48b076790e0eae7cfa3080cfb060050396cdbb561e8da96b275717f7ff40e816a01939b02fd117783dcb54c1e571d8295941bec20019c9b5ee60102ecbc7cb14641547dc9318c9d1474ddc0d26b8df00f59e441d902c3e59e3c68107be0077cdbbcc6c034407cd43b33fa81c9c7abd8e78e6054ee9dcd9b1aae01252e3514ae59dfd609b7917f66bafa46afc4aff958066e5b04e2777a6deefa03f96ee443e0e5f3e5b3c403c633eb0ce33e55392374f36b5e091198635bcdba50158916613a117bd4ea0563f5cc4740a75d531ee3714806bdc828c2a64481c7ab7cb7ffb77e721a123defaa558e1f2556cab23b46f3caeb6a522d6665e81edf43f9279fec5d79adc50796858516438642bc7b3719b0237e9096cb1ce661502f0c4534c7c1a4f21b2d007ab3f63441df9d1da62b9e4c917d187f42a2ce2997c47578f83d3a27bacb52fad27e6097889c1eb9ab6253212a4aa9eb90a89f69ade2b7125a86f402364ec9e822b8e57fb712dbfa688c6f461550e1221b2857b56ef45d14e22e12dc7330c7e3b51906440ce960f3306424110e026a5971b444fccd084194413801c17e415569b2ba6554a674bd127621b4c4f55aa97f2c87558d9f8de1275f4953ef6cb8d8f178cc7d7c0db90e566626ea7da938c0cddc2f1afe2e7502fe98c179d757845e3ac403e7135ad61775e4887326b2fb136591af4021946cf04252d6e6ed81e026f5fb5890b18df27886702b46198fd929195da7e9fc7f897f89caaa79c55adc943f94c48af9950035f2c917b4179af52d0875218465ceffbd023da728780bd90f608c799fcd4c423053100bc3303dcad74ec3751ff69cda45a1cd8deb27bc21b24adc7b906f0ca5efa2186ae72d7f12042bd10d5fa7f538925bee670dd947b8ebe42f2cafdb9224407b6bffa0a8609f1ce7f541b4653a0dec5dafbd157a625280339afe515961aac913ffcf38112b52932e6c76a003911e9529027d9e8081bc1aedcf995b90c18a0faaff0b123b7ddd1db79f4667881a1ede2c9b8ac5345d8f42786f5b95d5f87524d7ae92198035a29940b24e71c61d6ecf766a2869692aa8bed76957e32b3e879b458b764bda48dfe9388e5eb46e7bde08019cd165578554b32e8d5374213d26d6d298be2bb1cc0894bcf24b091cc1307cedf280962621bd331cb2cabfa39b25ca7f4d749af363663b2cc6e261aeac804b67e2fc593cedf2c26dc4589b537cdf96c0e8e73e1e964cc88d57b2ece09e08eb2479ea0fd948ac127eefc7319177825638777cb39f4660283e96fd564790079d38b896175b73c389ff6655e93cf148b787b002de4fb51c4e20ec2a580f4c18bd23aaf3d16e6fe54ac5e751f667267d08fdb571c3b3d162ee3616175eca852e9ee1c911d7856c35b0c2c0959a74718b121e80bfabc346b7d8b43ca45852de3a09660fa06397d18b1c5c0b2793283aca8145a81efd6eb3d417db6ecee582b91faefa8edf65b89311d161f4fbcab2277a347e38774f0e9046129f5", 0x1000, 0x3f}, {&(0x7f0000001280)="4128583462a4368c0d95e63f2e8b6617665b759213522d4bbf2fc44008b681d4634522cd38a5c367567a3ffa11516bb832905d916071c2015be451aecfc59617b52ac98eb2a8c6d41e2bc71e0c40bb44c2df1aade65a487a0743cf091249483ef9ff4cf7855c0a4a836ba9289d05aad447bd655265b025d64765c761736fa7515ab2a8a7177571a9c7c8964a53bcad58e8211508064011bc336f9eb9fb8c8e764c34b0b7ccd571d52b5f2e0eec599fae179ba4824892da614750ac4725dd8c1cba63a0e25c6eb73b29e0dba0da75e093547b18efa74b988c2bb3b3436dff383c336af7f2adeb1e774ca5fa70cc8baae05a11ad395a0d960b86c8", 0xfa}], 0xa0, &(0x7f0000001380)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f77658840c0db1fc0d29e588c4a642c656e6f7370635f64656275672c7265665f7665726966792c636f6d70726573733d7a6c6974e736097d8ee634"])
splice(r1, &(0x7f0000001400), r1, &(0x7f0000001440), 0x1, 0x3)
sendfile(r0, r0, &(0x7f00000ddff8), 0x7)

[  108.063202] binder: 9712:9714 transaction failed 29201/-14, size 40-29 line 2982
2018/04/06 01:05:21 executing program 1:
capset(&(0x7f0000000180)={0x19980330}, &(0x7f00009b3000))
r0 = fanotify_init(0x0, 0x0)
r1 = fcntl$getown(r0, 0x9)
chmod(&(0x7f0000000000)='./file0\x00', 0x112)
r2 = openat$cgroup_ro(r0, &(0x7f0000000040)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000000080)={<r3=>0x0, 0x5, "a39cedb608"}, &(0x7f00000000c0)=0xd)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000100)={r3, 0x6c, "683324972ecb24f7574d67247c21f938be9f96feb9ab8cc9c3d7dce62622ad6d54a4947958451ea139738ccf9cad765caa2b70a9e85c557583292580809927898b503c332904f934a7934891a71e4c852053a28da967c92444f5d14454b182cb1878ff6e61240b949061c404"}, &(0x7f00000001c0)=0x74)
ioprio_set$pid(0x3, r1, 0x8)

2018/04/06 01:05:21 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r1 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r1, 0x4, 0xf, &(0x7f00000003c0)=""/171)
socket$netlink(0x10, 0x3, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r2, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  108.186263] bridge0: port 1(erspan0) entered blocking state
[  108.192132] bridge0: port 1(erspan0) entered disabled state
2018/04/06 01:05:21 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:21 executing program 2:
syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r0=>0x0)
io_submit(r0, 0x0, &(0x7f0000000700))

2018/04/06 01:05:21 executing program 1:
r0 = socket$inet(0x2, 0x3, 0xdc)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000001c0)=@nat={'nat\x00', 0x19, 0x3, 0x520, [0x20000340, 0x0, 0x0, 0x20000570, 0x200005a0], 0x0, &(0x7f0000000100), &(0x7f0000000340)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x5, 0x0, 0x0, 'ifb0\x00', 'vcan0\x00', 'bridge0\x00', 'lo\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0x1d0, 0x1d0, 0x200, [@comment={'comment\x00', 0x100}, @realm={'realm\x00', 0x10}]}}, @common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x9, 0x0, 0x0, 'gre0\x00', 'sit0\x00', '\x00', 'syzkaller1\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], 0x110, 0x110, 0x148, [@helper={'helper\x00', 0x28, {{0x0, 'H.245\x00'}}}, @nfacct={'nfacct\x00', 0x28, {{'syz0\x00'}}}]}}, @arpreply={'arpreply\x00', 0x10}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffc, 0x1, [{{{0xd, 0x0, 0x0, 'vcan0\x00', 'teql0\x00', 'vlan0\x00', 'gretap0\x00', @link_local={0x1, 0x80, 0xc2}, [], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], 0xe8, 0xe8, 0x118, [@statistic={'statistic\x00', 0x18, {{0x0, 0x1, 0x0, 0x0, 0x758}}}, @cluster={'cluster\x00', 0x10, {{0x0, 0x0, 0x0, 0x1}}}]}}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x1}}}}]}]}, 0x598)

[  108.234117] binder: undelivered TRANSACTION_ERROR: 29201
[  108.255504] device erspan0 entered promiscuous mode
2018/04/06 01:05:21 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x52, r0, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x2f, &(0x7f0000000040)="91261a13fddb90586fa80e20904d80ec384e4d5abaa83bfed3687194673aa0642d0f56fe314278fa4c0f2546696fb2643465c841131176475556446423b763d4a6ada364408073f874e82a619bb6b5b1221d73a7aa66fc2f95aa1bcde3ec7e65febed9a02275f2aebf720e140788341d52c75b2474362f4952a6a92e4e8b857f6bee26668cf2863fc3b75688ae63e5a4ea428538e68ea166a9766f281ea07ff3b09767c3980cb66af86ceb", 0xab)
mmap(&(0x7f00002e4000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x28)
name_to_handle_at(r0, &(0x7f00002e4000)='./file0\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="397569199fb4deb7944ac62b13929cfa12a83651ff579a60289d0d068e7eaf73c49a424c54b8763332942cbecfa5883d93307af0b33ff3766719fce8445277f3275ad805974efddb9a2fb0e6736857540fdd7c4a4a22a6a27427c50826000000000000005f44fd90fcafe21687ea1aa39d7cb4deef6695168013035bac93e9fe528ac10dddce430ca0052963ee7246a44bce330d2205"], &(0x7f0000000000), 0x1400)

[  108.319443] bridge0: port 1(erspan0) entered blocking state
[  108.325453] bridge0: port 1(erspan0) entered forwarding state
2018/04/06 01:05:21 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000200)}])

[  108.364731] binder: 9750:9755 got transaction with invalid offsets ptr
[  108.394720] binder: 9750:9755 transaction failed 29201/-14, size 40-29 line 2991
[  108.402706] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  108.417416] x_tables: eb_tables: realm match: used from hooks PREROUTING, but only valid from INPUT/FORWARD/OUTPUT/POSTROUTING
2018/04/06 01:05:21 executing program 7:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000480)={0x0, 0x5}, 0xc)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@mcast2, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000180)=0xe8)
ioprio_get$uid(0x3, r1)
setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000004e00), 0x4)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffff9, 0x8200)
ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000040)={0x10006, 0xd000, 0xfff, 0x20, 0xd4b})

[  108.530663] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:22 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f00000000c0)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x5}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='hugetlbfs\x00', 0x0, &(0x7f0000000340)="a3ce050d6f1a6f500f9faf081f32708b49b8fa6273255b1cf034a1355a4dd87ee9dab776547845c67009daf55c215bc657d4bdced9995339c9656c0354b644fbe8b2557633b91724f2eb4b00182f530928e30c28ce65d66f3ab88f54c5758ad9ea29154cbc20239fc626ed80b5856a9268794bffa7dd1e12162493d57d9289bd05201583b3574883512297e15117104cc52a3a9aa78b23abda223d651bc199658f5cdf2e3563e69ad8b37d462d74d08f8eb28746eba92d1846d290c409f086452f39e27ef8dc484a0b76e37599bfcbbff8d1954d7abdaec3496bc76e895a2c94bdebadec5b1518d36ee85f265c6c9213230c9b26ecc2be9f04dc98faca3d3750e422680989551a6555e905280c4eb44f28fb113f7db30ac8584b4eef85bfab7cadc1d442397b58ffbe43645732b64f3b59077613359e6a90a76547226e4b6180fd5feb59bcd47781712b599c9ca71036dd0cd57ec6f2338d555c10affce767fcf874a3e119efa339f80718493f5aab21dc22036e39f39f0fbf113b33fd38bd4b92aaf2fbd3a06b85bcfa951ef4ea3c3e79c0a1e7164e9a0e1863bf947c21e98202affc03e1a749b982ec8493e784d44c6fbfbbe51393efee20547acb1e0e96d14cba142b9613b6775c97d404c9402ffb3be93850363fca18f6287572ba7ac4409777cc51e8c27744e530ebc2563c5048354359d033321e986dc5b365c5fe26d0cd1ea1f912b60b38d62aecf65ca8331a5725b5b6ec7123851a2d1ddb20d625991438a727c55853d83453ed9191790b7dec5a40bf40dc809782fbd51f18a25a43bf502faf6a76bb2775821193c701c80deeb7eae939a42e3a50acb8055650dfb304e31945983643432c056430e16d73b0b5f2d71607750b946d9a3c739617d995fb949957e77fba0f199a07985458fe141f5078cb9526da34eb29fee9d538e524f1ce37d5a12e738cfa6464d7c4d02a12650fd7ca68b817837211404909715ebf76840c78053633b6150dd4305088a1fe4a97b9bb09b425cd9cef6c529752fd351b506deba77fc21b3b8e0ac789cac68a6bd11174dc0c6e526622960683f0a2e0a414718f3419cdf64bea0ce0da958eb48255658ca23fcf510b67eef5e6e3ed63543aa3ad9335bb2efcfea2b79aec961d6baa8522e5741b9c44fcc277ebbe0ec8689a479bd559b0ee7fe122328cabb57d4f5b771c712915c0030e7ddcd0fe51ac3056c1733f540a842456d4c4530b9f08ae162296f9a2fe9b8f7af4eaef8de92171893511915f74cad7d2f16f29e653329d72a8cff6510f627560bc75e3b5d8fb740ba934a00ca74b6044c59b90e56ec330c64cfdc8d5bcc9e80a1361bf2ccd238608f0f1b90cf10f8b8b5a80a3b5923be179f2456ba545f3c75041d2680ed333a83d938d5c743ae2c8310e603cd39176f6bc388439418ddb7ffa2386e8734dc93a67d4f31b25c5f03eeab67d8b583c11a05ffa84222308ed4ac5b62aef7067da6f9781fc9f59b72be8e06bb73616de294c8c8adaec5e4db25772705c315f2c2e9438fb6de55db800cd30bf19b33c06430bc16b7acef3f11db43247e730b27b839cf05589d27c61eceaef04d9840419a9d1e50dade563da25b24131f49b78a4b441553ee8ee4c7b33ef7c0b8664fa0ad67cb24876ed11f6f6c6adf1091184291283cd211245b27885e487f48476abc3c7b35ef4e3d9cf46f8f818491beb709873a64a0ce4340b18e8ce4d3bf5ce33dc82165e1ff767c5a05faac7fff1977c4a8ed07ad1d9c426b55e8dcfe9962b6623f284200928b337a9250bc71ae39921f882452d92d9b2acce8840e3d2e7571385b2d811323dab33a938027f33bfeeea18b396acd8ffbb56da1dfb1ff507b3906eb27228538ab0c526531b5532020a334bf97aba773259af7989416139fa27f8ea98ffa6acd87953af1e2264374309561cab587d509f949ce93c08c013217dbf67fed8027cf7c9a2ce6c53d8e5ebbc71676de37593a1e2a191d62354f9cce032960f5ec678235c0ae9c030b2f3f74473c37271c34e1dcf9d0076d8e8df7eb4c701796efae9933b5b727c936263c582c857f41d74d23437e3546a4eccdd9d278b794789c9e1058732a7a763c3382a82b8544e0b4b6fb057db8f78319b3729d8ebafe7017949c82bd4882abf4a44cc4c036197fd2d55a9355b830a6ad162abc908e42949912b5aaf6e75b7925444921324360cbbc903eb499d4334c35dffd7748125fa2d89f144a50149a16e3df15d1586c416ef05b6b0feeba8ef8529b56ed69baa41b6b23eb174e78bf98364e8216e74c22400d49ac8fe3f43ed09d8e1c29b4667bc0b520273c39d893402beeb0292e49ad69559fe1c5180cdb64cbf901b019b9ab4fa6e507f003053e94994b12b2c0d602b4759345d80150ab7f0efcba7334bb7cf34dc3e1d10c1bbb4a920cf1030304b9e69c384bc109d475c6c973be8c99b7129d92b21b897110806ac80c17816cb3fba9cc8b1cf52036697246f499c258c8ed00054c15dc24dd2552523a549ad02fd32b4238b8f7ba3596db1b4cebb780fca15f6f2102f797c537b22b4ed4e1c617b8b7355765f66c7574405cd4912c5f0a74c6bdac16bb0eafcedfcc24f9753be0ff674ff63b66a5a60d77057d31cc438794837f82e69e7a811b4b6a00d4e8fce1eef6e488cf15e426fcbdc564c4034f4279a36321246fba777466d3d98d0adb4f9fe69e352bdc99dbb8553f8c69f9300960cffe8e4afe277d4e80c7ec19a4f4d94146f71a0aa2f79b9954b828fd92416a660d1f431aeb02f342d1b2732d5fe50f70f4c857cd2b9fafec375bc424dcf982e23a0e6bb4d5ede099a355282f85a3109559f6dcd045929e82c5ba64da2abacdb9e8115eb0eda3bc3974918668e0fe8ff00944f7191fbc3c4ab3d05a15911ae7b6c2d9eb6c7eaed20eccf15795184cf04e889c9274813cde7a248005114d996a80554545bfe920d6fbb073df8cbca1a3fb297db8b18463f632e8834eb278203a6106fbec78e8af2851f22b524202026d077768da263c46ab27b85184bd65774f867819aa23b60d4fa021f21e960646a01e2643a1d5be33fdb3ba36c140d51d3ae27875a27f7be133f29c34556db2558178612b598e29a8b675912c1ec9836f98e4ac7ad231492ba733dfa34a4fd4ee63ba6346cbc2fedf41d3d06fdeace1b650d02624ff94070422e018261bfd431696fc47d9e030ccd2b955659c56d8493f4e603c4efeccd35ad1331c00dd179b00bd823f7b5726b24e4f3b48614c09adac6b834dcd26c8253b6786dcb0d15d28a5c4de52fb15ac764314a8c830bfd42edf5f9dd14ab81be5a1bd49423097868e0185145cd0624ad02f9a4932b51d91d5859eb400759384e66199489512e7d992a80365b34fb4e4232e36037d4f0719c30eb3bc76986bd1bdf18e5d52f73666838d2ff6bbdf8f90803b818ffd06834ae510bb76cbd26a5ce46e02cd8fef30368cc61c92326ea1092521feab08196621a149ea04f7e401f808bac3f1df91f107c6754e9fd93539f815702854f944674d9f2768171d847b2b7d7653a8a7a9ecd9782156476e6b50dc2de2bc882f9480053d5c8766ead614de684a214a1d41b60bdd128095575659a1c47ee425eb44fe6f590566baa172964239b58110edbb9e9beead1d605b959a4257d517aee2a0d5ae56ab980edcbebfeb8a66ecc7fde06035774f64b984be2afdae843472f3a70ac2415bcb7d25bb815fee8c590eeab92e0e90658597f8f78eb33112bc5d28ef2888e47a5ec63f9eac2383052cf2f4c4d42f56b34d4c49090cfd0e9c7ba2ed5818840fee1d854c018f68b167273203cc934ffc890be4e47483fec0ea90eb50cea1a866b727239e2ed799b85d73f0c66a5b68340e51517dd21a3e4ea3d27c43645f667f05fbb6a97368fff565104a5717da6d944f359e5abf6a295f7b3a1def78fab1f6b313cebd00eadccd51e558bc84f2426abec4e88244644e871ebfb2763c1b396b76073d10398792cd6ba2c3c93584d35dbcbfda016d4595118b895170cc6870524f7d43954b2991468ab53fc4feae28c4fda7dfd8ccff7cce43cc425454c8a974c5af90f8838afe488fc74083c0cea5d2feddfae88ce2439e3db7a16026b2cbab0be8c3651fbfb3eea899991dfa4c512ea958a1c1553b2276a7adf533a4a902feb6512e96f124f29ecbd5bde384eea68595027a65be4c5f984bb069f7216e68d58b3d0c5a88096a505a33260e389834506a1cda6343030ab7ee50e13fdd741e66e7cac7f9d9a3d83fdd01257389dad2e3af0ca7962913e92b86e50d50ea52cf7e4fb5f160b50c4e976238b9fd1faf77780345462d6e1a1ffebc0ced6222a6a39c54c3ccdc844c6d094b008f446743d1beaa05d0624a21ad12e5c0ac18307313fab5c3dd5e7c88b31b7524310b6d95e0a1a886dbbee61757840302e4c45503eb754c5492a5fd9b57b6ef9de9941a5095cbf56af6e742254f7d3ca5b295823027ab39b97f7d8ecf1bf91f4ea56d0ec29168c87c4468ff52078906477c39e398a2fcb6a825607140c599636fabd5a3ea2042637fe5dcb1fed386c33ed954ee472ff241022825f70e3aebf14a9b13152ffede6b2335f3e94b3a8d1cb75c1536c18cbeaf305c791f76961fe4e155b603fcdad1b42403d106c6b274bb8fee7d9c0ddac0f13448b91591d55052b8f8c9e43a4f588a34aa75f4a3dd39285d9978aec8163eaf26e37504f7d26d62acc357cd9adab1edb631aee6c29b10dbc753f393ddc2e7aa60af53cb4a2702233017b3e29e075320442e8cc8a5e83e458313aa062f9c93c57733eca9c2e4b9695bcf69c6a76eaa4a24d6d70a4c126676a20415bf53bc0bc3327b307ee4f2ab10007ee81a558de46b03caecb323e0978270cf61c57f14e0e60c018f9290a8924e361c7ae81c5d90948680e25ffe1f0955b5c400ae4d5ef5f1f4686957a037534e13c2aa23841a1ed04bfab5083aac68a392bac1d5d0cb0ac73e9845b3ad29d316a5c5565187e036075101a1a431fd3dcdda24fa5f06fb8132d2bb0505f9657e4a6963736c32836fc36b9a06f5652a1100bcb01a385d1fda95868f227f6f04276c5e5bd210d318804b898a26781fafc0be53dca0dbec01c27cb5a01b52cf026812013addce76b161e451f6d867b465adf730910206a21c570921a4e399173d4a76ff8033597d979fe91ba49206b9b190b656cde2107a33c37e07015b2367456d7705e67b698102660193a4c5521c07e87bcc18af5b3e4033b838623765763f55cbb38c2d07a620cd67c1caf7a6fa14aba5230a617ec381a9e5273c8e8db7b50e973f49de6134095450e8ebba9e972d73f8f0a944da4b3f53d84fb989842433cbb758ffb984774993770ba78797cb26302a92dfb8eef48496de3cb182f269cb509d79bfc")
mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000001380)='./file0\x00', &(0x7f0000001340)='proc\x00', 0x0, &(0x7f0000000240))
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000002240)={0xffffffff, 0x0, 0x8}, 0xa)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001e40)={&(0x7f0000000040)='./file0/bus\x00', r2}, 0x10)
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000001240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setlease(r0, 0x400, 0x1)
fcntl$getownex(r2, 0x10, &(0x7f00000001c0)={0x0, <r4=>0x0})
ptrace$getenv(0x4201, r4, 0x401, &(0x7f0000000200))
pipe2(&(0x7f0000001300)={<r5=>0xffffffffffffffff}, 0x800)
ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f0000001780)={0x3, 0x0, [{0x0, 0xb793, 0xdcc6, 0x0, 0x2}, {0xf, 0x17a8, 0x57, 0x1, 0x2}, {0xc0000000, 0x9, 0x4, 0x3, 0x8000}]})
mount(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/bus\x00', &(0x7f00000002c0)="7270635f706970656673008c7c647f0399287d03b74f09f3ebb5030000009df9a59c06000000000000f90ef07834c1c4", 0x0, &(0x7f0000000200))
mount(&(0x7f0000000000)='./file0/bus\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x2000, &(0x7f00000002c0))
r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/rfkill\x00', 0x2c0001, 0x0)
ioctl$KVM_GET_PIT2(r6, 0x8070ae9f, &(0x7f00000015c0))
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001480)={0xffffffffffffffff, 0x28, &(0x7f0000001440)={0x0, <r7=>0x0}}, 0x10)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x6d)
ioctl$void(r1, 0x5451)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000014c0)={r7, 0x3, 0x8}, 0xc)
sendmsg(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x1000001bb, &(0x7f0000001640)=[{&(0x7f00000013c0)="2770c34f2aaec7dad781bf206bebf8191e7ca3eb75eababb4720a018bcbb8ee2225dd58c3d", 0x25}], 0x1, &(0x7f0000002a00)=ANY=[], 0x0, 0x20000000}, 0x4000001)
r8 = syz_open_dev$vcsa(&(0x7f0000001280)='/dev/vcsa#\x00', 0x7, 0xc40)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000001400)={<r9=>0x0, 0x13, "afab6c9f1f9aeb4760a740ca323559482fc5b8"}, &(0x7f0000001540)=0x1b)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r8, 0x84, 0x6c, &(0x7f0000001680)={r9, 0xcf, "5c0a54691f9e5fba3379ed9f6611771f595c4486881ced0377363213191c98c47ad2e6f6e9de6d9d3a2beb203065f9ee88e4770dc755f457906584745110c0eb0d5e88f6b07bd730b86bb2587ae41381c2217a1738a9a87a5b085900ffd05d470704ec3bea88398b032aa4e0c11826b031f0a20685afb2f8d147466892ebfd5f0965771098a2f426f4de64af3330e43f49276eb011998b4bd78df60575bb7dbe20fbad691cd83ebc4639f28f0ae85b5ff017272d2d8c93bbd9216427309e572cb150ff66b5fd6792fd33cb23c94a9a"}, &(0x7f0000001580)=0xd7)
recvmsg(0xffffffffffffffff, &(0x7f00000021c0)={&(0x7f0000001fc0)=@sco, 0x80, &(0x7f0000002100)=[{&(0x7f0000002040)=""/180, 0xb4}], 0x1, &(0x7f0000002140)=""/74, 0x4a, 0xa722}, 0x2000)
syncfs(r3)
mkdir(&(0x7f0000001500)='./file1\x00', 0x0)

2018/04/06 01:05:22 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:22 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'aead\x00', 0x0, 0x0, 'ccm(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c50400aeb995298992ea5400c2", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$can_raw(r1, &(0x7f0000477000)={&(0x7f0000000080)={0x1d}, 0x10, &(0x7f0000000240)={&(0x7f00000001c0)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "b5a419fb5df128c83ad9430362a22a5abf1e4123efccc641602c2da3630b58d04766c58b254ff2a965ccb226c8c7355c33306c99adaa0aa59006f8dc9b01b737"}, 0xff89}, 0x1}, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x4081, 0x0)
setsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f0000000180)=0x7c, 0x2)
recvmmsg(r1, &(0x7f0000000740)=[{{&(0x7f00000000c0)=@sco, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000000)=""/94, 0x5e}}, {{&(0x7f0000002f40)=@pptp={0x0, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000003200)=[{&(0x7f0000000640)=""/226, 0xe2}], 0x1, &(0x7f00000007c0)=""/239, 0xef}}], 0x2, 0x0, 0x0)

2018/04/06 01:05:22 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:22 executing program 5:
syz_emit_ethernet(0x3a, &(0x7f0000000100)=ANY=[@ANYBLOB="eabaaaaaaaaaffffffe7af75a57d44625cc9349988997ee00cfc88ff08014500002c0000000be00000069078ac1440bbac1414aa070300000000222cdd6342f23be1d335592def993ab164a73306878bf1cfcd500940b98b77a31ea6fba42991dbd7641dff6cb1b9fdd4", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="d1314746599a007adb9cc9e914907f40a4f480b02b3383c262f5635abe67fdc305ff8f935898d0292422551f8c7782c46c081453a147377be69234"], &(0x7f0000000000))

2018/04/06 01:05:22 executing program 7:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10}, 0xc, &(0x7f0000000240)={&(0x7f0000000000)=@migrate={0xac, 0x21, 0x801, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [], 0xbb}, @in=@dev={0xac, 0x14, 0x14}}}, [@migrate={0x5c, 0x11, [{@in6=@remote={0xfe, 0x80, [], 0xbb}, @in6=@local={0xfe, 0x80, [], 0xaa}}, {@in6, @in=@multicast2=0xe0000002}]}]}, 0xac}, 0x1}, 0x0)
ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000100)={'sit0\x00', 0xffff})
r1 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x2, 0x1)
setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x1, 0x4)
close(r1)

2018/04/06 01:05:22 executing program 0:
r0 = syz_open_dev$mice(&(0x7f0000f87000)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$EVIOCGUNIQ(r0, 0x80404508, &(0x7f0000000040)=""/238)
getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000140)={@local, @rand_addr}, &(0x7f0000000180)=0xc)
r1 = syz_open_dev$evdev(&(0x7f0000057fee)='/dev/input/event#\x00', 0xafd, 0x8000040000001)
syz_kvm_setup_cpu$x86(r0, r0, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000380)=[@textreal={0x8, &(0x7f0000000300)="0f070f9c6da5650f01d1ba610066ed66b80e0000000f23d00f21f86635300000010f23f8baf80c66b8f4e77f8f66efbafc0cb80000ef66b9c10d000066b80000000066ba000000800f302e0f01cf0fc75a0bf0828b9e2581", 0x58}], 0x1, 0x8, &(0x7f00000003c0)=[@vmwrite={0x8, 0x0, 0x7fff, 0x0, 0xffffffffffffff7f, 0x0, 0x3, 0x0, 0x5}], 0x1)
write$evdev(r1, &(0x7f0000000000)=[{{}, 0x2, 0x8, 0x401}, {}], 0x30)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000001c0)={0x7, 0x3, 0x7, 0x7fffffff, [], [], [], 0x6, 0x7, 0x3, 0x5, "8bb780668ac0dc194e2733f4078b505f"})

2018/04/06 01:05:22 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r1 = semget$private(0x0, 0x3, 0x40000000000000c)
semctl$GETZCNT(r1, 0x4, 0xf, &(0x7f00000003c0)=""/171)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r2, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  109.289630] binder: 9788:9790 got transaction with invalid offsets ptr
[  109.301207] hugetlbfs: Bad mount option: "£Î
ooPŸ¯2p‹I¸úbs%[ð4¡5ZMØ~éÚ·vTxEÆp	Úõ\![ÆWÔ½ÎÙ™S9ÉelT¶Dûè²Uv3¹$òëK"
[  109.339572] binder: 9788:9790 transaction failed 29201/-14, size 40-29 line 2991
[  109.428928] hugetlbfs: Bad mount option: "£Î
ooPŸ¯2p‹I¸úbs%[ð4¡5ZMØ~éÚ·vTxEÆp	Úõ\![ÆWÔ½ÎÙ™S9ÉelT¶Dûè²Uv3¹$òëK"
[  109.469870] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:22 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x7, &(0x7f0000115fe0))
fcntl$lock(r1, 0x26, &(0x7f000001d000))
connect$unix(r0, &(0x7f0000000040)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
r2 = dup2(r0, r1)
ioctl$KDDISABIO(r2, 0x4b37)

2018/04/06 01:05:22 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:22 executing program 7:
open(&(0x7f0000000000)='./file0/file0\x00', 0x3fffa, 0x0)
r0 = open(&(0x7f0000000280)='./file0/file0\x00', 0x4001, 0x0)
ftruncate(r0, 0x2)
write(r0, &(0x7f0000000040)="f55fe4524e3fd4f145599d310be6abd853ebadbc6db6cbdc12f390f46b5d6cb2a644ca7edbd9b4862e08288a911a7a879c265c07a61f1ec6ec952687292cb03f3f345487c17b09b5eda4c3ccfa9cff7033261f2a125bff6cea84fe9357403962d30d17d326babb380ca7bffc3bf00a6ebd9d5632428ee8a8454cf53ed793e981cbe23f38d47d8cdb69aa7786df17f6db6b6b101328e30f7e0351b15f86ce491ebbd427f31f6e33eb1bcb8468ff3daae791b6e9101e036ca679ed58941a9c10c7609898f9b4ed70976ba74b1da4c866a2796c6c1376ea0feb6e133d720e811e988e04bcb62b71b6105d150447a5b5c7ebc89f1e95934fe03a2aacfde0b4ae8e0a0a28154adb701fec687f3d8ae508a06ff6772f8e501274e875ad479d126c06f768f6234a12c872539fc1c5eb7a815e8a726bd9fe03f9d35d70b6a3d97a6fb1a11cf0e0f3d47f81b9a2f7d4f7f6a13ada149ca54084ffcabc45ef1dffa9defa082ef4157899def0613aea97ce27f6b3490c6404aeca2c7a85e9019727241ef02fcca45380d087b7af1a55643fd704b02c7ba364fd9bd7fb95ebd970ffc6f4d1fba4720d6ea9f1e7749bd1b1c09874efe91d3bf9b20740ffba4fb4620e1b0c9ef16b0e877749f1691c4d8a9fd05f20585d70064eb86652ecc08af83b2c0752f86a31abc70a04d2cc3389ce79e5e9be487a8349d129a4a57455cf75b74da28458d2", 0x200)

2018/04/06 01:05:22 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
semget$private(0x0, 0x3, 0x40000000000000c)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r1, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:22 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:22 executing program 1:
socketpair$inet(0x1e, 0x5, 0x0, &(0x7f0000001ff8)={<r0=>0x0})
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={<r1=>0x0, 0x362efe57}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={r1, 0x401}, 0x8)
bind$inet(r0, &(0x7f0000f19ff0)={0x1e, 0x0, @loopback=0x7f000001}, 0x10)

2018/04/06 01:05:22 executing program 3:
capset(&(0x7f0000034ff8)={0x20080522}, &(0x7f0000000000))
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=<r0=>0x0)
capset(&(0x7f0000000080)={0x0, r0}, &(0x7f0000000100)={0x9, 0x80000001, 0x3ff, 0xff, 0x8, 0x9})
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_ENTRIES(r1, 0x0, 0x83, &(0x7f0000000200)={'nat\x00', 0x0, 0x0, 0x1000, [], 0x0, &(0x7f0000000180), &(0x7f0000000740)=""/4096}, &(0x7f00000000c0)=0x50)

2018/04/06 01:05:22 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x4)
listen(r0, 0xffffffffffffffff)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000e11ff0)=[{&(0x7f0000299f3e)="580000001400192340834b80040d8c560a067fffffff810000000000000058000b4824ca944f64009400050028925aa8000000000000008000f0fffeffff09000000fff5dd00000010000100000c0900fcff0000040e05a5", 0x58}], 0x1)
ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000001480))
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ppp\x00', 0x1, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000280)={{{@in=@broadcast, @in=@multicast1}}, {{}, 0x0, @in6=@mcast1}}, &(0x7f0000000500)=0xe8)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000001580)=<r3=>0x0)
setuid(0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0x8)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000440)=<r5=>0x0)
sendmsg$nl_xfrm(r4, &(0x7f000000b000)={&(0x7f0000000000)={0x10}, 0x13, &(0x7f0000000080)={&(0x7f0000000f00)=ANY=[@ANYBLOB="000000001800000a25bd7000fcdbdf257f000001000000000000000000000000000000000000000000000000000000004e2100034e2400020a0080803a000000", @ANYRES32=0x0, @ANYRES32=r5, @ANYBLOB="fe800000000000000000000000000018000004d57e000000ffffffff0000000000000000000000000180000000000000ffffff7f000000005b0200000000000000100000000000000100000000000000080000000000000007000000000000000100010000000000030000000000000040000000000000000300000000000000030000000000000009000000050000000800000026bd700002350000020002051000000000000000ee000000000000000000010063726333322d67656e6572696300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e4d27b28de34c97cf638599e2bd5c51afdae08223d173fa01a869a907ac48aaf5bc5982f94a4aece9a5acad231c49440c899794131c57c27ac8f7bfab14427c8806a03c5323399590eae8e5f05b09c6fd21d84b60f55b6031409e5f50c605eb73354783e8c108b78222c0715b76200fe1e473510b7d9ac6402ac0000b3414a028c56d2434dca8a4bc4a93102bb1e90b854512903fb7d331cbe46ea3f500fa4c7fb73da6ad976d901edd04c0761beca9a7eb9ca382f52b6d2335c62c9cac3d1a64b41f8344063266295f69c9cf4"], 0x13c}, 0x1}, 0x0)
pipe2(&(0x7f0000000680)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000b80)={{{@in6=@local, @in6=@dev}}, {{@in6=@local}, 0x0, @in6=@ipv4={[], [], @rand_addr}}}, &(0x7f00000005c0)=0xe8)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000003c0)={0x0, 0xfffffffffffff800, 0x5}, &(0x7f0000000400)=0x10)
ioctl$EVIOCGPHYS(r6, 0x80404507, &(0x7f0000000600)=""/94)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r6, 0x84, 0x77, &(0x7f0000000c80)=ANY=[@ANYRES32], &(0x7f0000000880)=0x1)
sendto$llc(0xffffffffffffffff, &(0x7f0000000800)="9d5185517bd81e5f7b906d3a3f57405404e1382fe5582136569acf8087c19719071d1570b549", 0x26, 0x0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x5}, &(0x7f0000000480)=0x14)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000140)={{0xa, 0x4e21, 0x5, @mcast2={0xff, 0x2, [], 0x1}, 0x9}, {0xa, 0x4e20, 0x6, @local={0xfe, 0x80, [], 0xaa}, 0x7}, 0x9, [0x47a, 0xd842, 0xffffffff, 0x2, 0x2, 0x200, 0x1, 0x5]}, 0x5c)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000a00)={@dev={0xfe, 0x80, [], 0x16}})
getsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, &(0x7f00000004c0), &(0x7f0000000e80)=0x4)
prctl$setptracer(0x59616d61, r3)

[  109.610624] binder: 9825:9827 got transaction with invalid offsets ptr
2018/04/06 01:05:22 executing program 5:
r0 = memfd_create(&(0x7f00000000c0)="70726f63ae6d696d655f74797065776c616e316e6f64657600", 0x6)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4002000003, 0x5011, r0, 0x20000000000)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r0, 0x800442d4, &(0x7f0000000000)=0x1)
finit_module(r0, &(0x7f0000000100)="70726f63ae6d696d655f74797065776c616e316e6f64657600", 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='vcan0\x00', 0x10)

2018/04/06 01:05:22 executing program 7:
r0 = dup(0xffffffffffffff9c)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
unshare(0x400)
pselect6(0x40, &(0x7f0000f33fc0), &(0x7f0000768000), &(0x7f0000000000), &(0x7f0000349000), &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f00000d3f0a)=""/246)
r2 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ptrace$getenv(0x4201, r2, 0x7, &(0x7f0000000040))
ioctl$EVIOCGREP(r1, 0x4004743c, &(0x7f00005c8f52)=""/174)

2018/04/06 01:05:22 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000200)}])

[  109.660976] binder: 9825:9827 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:22 executing program 3:
r0 = memfd_create(&(0x7f0000041000)="6500000005", 0x0)
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000000)={'dummy0\x00', {0x2, 0x4e21, @broadcast=0xffffffff}})
r1 = syz_open_dev$sndseq(&(0x7f0000041ff3)='/dev/snd/seq\x00', 0x0, 0x20002)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000041f74)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000e50)=[{0x0, 0x100000001, 0x0, 0x0, @tick=0x5da36b38, {}, {}, @result}], 0x30)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f00000000c0)={0x32, @tick=0xfffffffffffffffc, 0x0, {}, 0x0, 0x0, 0xffff})

2018/04/06 01:05:22 executing program 0:
perf_event_open(&(0x7f0000220000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080))
ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f00000001c0)={'ipddp0\x00', 0x17a022e3})
mbind(&(0x7f00003b5000/0x800000)=nil, 0x800000, 0x2, &(0x7f0000001ff8)=0x7, 0x0, 0xfffffffffffffffe)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x2000, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000140)={0x1ff, 0x0, &(0x7f00004b9000/0x3000)=nil})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000040))
setsockopt$inet6_MRT6_DEL_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x4e22, 0x8, @empty, 0x1000}, {0xa, 0x4e23, 0x6, @remote={0xfe, 0x80, [], 0xbb}, 0x5}, 0x1, [0xfffffffffffffffb, 0x9, 0x10001, 0x401, 0x3, 0x4, 0x1, 0x800000000000000]}, 0x5c)
msgrcv(0x0, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x3000)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000001180), 0x31e)
ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f0000000200)=""/13)
msgsnd(0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB="65ffb307e5c29bd8"], 0x8, 0x0)

2018/04/06 01:05:22 executing program 1:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = creat(&(0x7f0000002700)='./file0\x00', 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000002740)={0x5, 0x2, 0x9bc6, 0x0, <r2=>0x0}, &(0x7f0000002780)=0x10)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f00000027c0)={r2, 0x80000001}, &(0x7f0000002800)=0x8)
bind$unix(r0, &(0x7f0000003000)=@abs={0x1}, 0x8)
r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x101000)
recvmsg$netrom(r3, &(0x7f00000026c0)={&(0x7f0000000080)=@ax25={0x3, {"fc620d32630ca6"}, 0x200}, 0x10, &(0x7f0000000200)=[{&(0x7f00000000c0)="da6e94964b97226ca475bf72dc21da34851716e38ef1fae34b188cfa47ae6b2502c1289af8dcf12e3b76576c5d601133db5558ae28dc803a4ceb33a5e8410b4b4d6d0f2752eaea92eae8184f6709eef0ea87b23758d95493fd", 0x59}, {&(0x7f0000000140)="a024e65227eca1c9cdca161ad689ac5e4230aa8b6fb960701e5569ac86faa8067ca6bf7a1a6faaa7c0a223fe33f53c63330ed45ccba8a4e463e69f9968c75cb49e77d123e1697c99151cade06866bc785f0030fa50fdcd359884b21147a48c949b2ef8ccb6c07ef308ce9c7532bc5636f21feac020014cef05395961e05be8b2130f4c4d4c3f9113f85cd2282a", 0x8d}], 0x2, &(0x7f0000003080)=ANY=[@ANYBLOB="480000000000000001010000050000006f1f51196c79a2d4e1aac84a235caf1502ba8dcbce7d80ba27626e45356232d7ea3bfce989d9160f99db823f20c8af5cb5b400000000000030000000000000001f010000030000009d205474cd6202fa53541bd5e40701b7d395e421dfe5a02b5300000000000000101000000000000088000000001000006803c462c41ad202d5a3f6b2d876dff72febce96241f53ba5b1038f899ef0e7123f0d1db642ae2490f4f5e29cae1326f5dd68e2d9f542dcfbe04230006c0c538a7820c00e1843106f6184dccbf3c151c92eddc34389f5aae32a6afc31a16e287fcaf4d207d4db51ba39f5adfff4ed6553c76d1e94cb0c3e42fc0ec542dd9300693805a2dfb6317b52a412eaa2448e0aa78965ded56e9dd2de559a4c0676dacf59b2c539ad4d3b52844f2ae23e4a296ffa838395fc408aaa0a54f93dd7a589999a8bb566ab8949db014c893fdcbfa38b69e4bfb517fe697601290e2198ed0c32db5aaa30c0946ac89750a908b9291d311acc0a5e42c27fe1838f13964c47933b58b5420ed26d8f5dead6d0c6a735a33f61d2775a1849f4f571aec8784a3d25a2a10bce515449045557c84aa30d48b1d49e87b5c2f3b755ebe9f67fd87064a1b7f5a907c776eab9f7b3cce2b75eaf153af21bfd17309d0741b8ea850a6a614cf12331f8d001a8ac6474ffc747ad934ec6b345af27eca08bd6e7b14beaf48abd4d0fe43f377a9c7ca338ed7808f782c0d2542f7b46802572ebf590fa5154abdb1a8062c35d4bf79cb47aa7f6fc16d47d612b1148b54cacf23b3f6798b33d5f6ea3b8b3cd3675891bf6b1e98586179ef8b55f0deae765579b59efc03cecc572cdb949f505e0a9ecc33d7f225893eebb6fa3c6aa53c8c820efc0a2ea87ab0dcabfe4cb380a150ad774b5ac84df4f4f18f47b136467b835b6b0d5810845748675ce40c0c2cc15123c3bf180677a13c0f0e7fa5116bf642a1f52e274c949d475029ffebacea75b084574b43c5a01fd01cea6cfb65fbbbd01472e978f05ba9643c3c98bcb3e522968edcd24abf845b281d860bfffe02b5b2206d45225887f40d69e8a60f5c063556a9ad52ccbdda3d88917b1b31a68c7092cbd6978937b2d7864f3d64b4a84ff796ed335e25d7a7dc64515fd94395e3606d731a28feee5a4289d74fcfd2c2fe3408a280eac75250588a81ab4b26b25d2620181b75ee2c0bed863baaf51fd64a0ca9d96c2ee0e02aaef21538d7532bfd3eb4f47bf9183196e5f1ac97ac9568bd3f115f383740fddccb5e5372aaa684ece066585818f0aa5b2a6e4d8b29f06d8db13417f91b2120a3822243a0138357077e4037bb24d1a9e9902f0cd33b3550b577ff884d7ea431dc2030d9233aacab52cea2d883708334ff05e34950a0f74f86e8e2a80a5097e5fdc61cbf6f32b5e32886a735de34ec364609fffa77b01cbbe318f94365c3c1a603b8c99987328e8bb93571cc076bf134bb6144d3adfb75c22304df3d6b51d3576228c177a3ed867479c30166614eecce284e827920720d6223e47bf83a6277fa62d41cbdc3ba042db47dfe115fee65db1100a136557c4969a5d4cfe8e24f04c5ac9a65b248d038168bb30e01082b88ef8540f8b0c6e0dd7f60d2fe2ebfc3a398a057523982aa5daaf4120ae083eb2db9880fa1553dae36e3585438f718c4368903bca45ed8e119cf1b0306aecd981825ee6fd94e1e34b2d3b5121c0c6b9216f732287be6070fa5db8c41fa0e8458ad4dac8dfcdcd770ee2c4da27b1a23de38d028f4f6739102d73ecb09444db662601b3d452d79a47b3fe1a579aa6bf5f63b64d882190e7a1dc287b226baee728d0f56444b08f29872df780069bac9174b3192538b7d2e3fa860717ef3185127e3422f01c764fe105fa06c961051de39ac0d712a516b09841f701018d604e93e5cbaffef703e0463d3170a630b26ab632cac3f1999921d518723d6da38a0a67f6b86b79d33eaa317fc78870e21a0415f2d0330cbea91578a0976c1e0ce461856beb1fdda292ea208556d5cdefdb48aca4b3e7e1213904da064609309796c546c06f0427789f84f54f7b764dbc5dd73ddad7843d3e1841225715fb0126a06970684c3addc23d513939c78631b9ea13245c55689190ae16f877df4da0db3fbd432148893fb9741829c826f64ef00213e69d782049d5f88cd8c27d3475fe5b1668fc79f24f4088fec49b06d78ffb2ae086d17bfec7774242b2d441e3147a3413d399a7f319737d5cecf37f7e75a609b22a1bec940f51e87d430c543c8f33e462f1226e2547a2a4be3b9a1db542812196aac0002bdb7b809c537f15ed040d4d72e17556167a05d6d3f18c74946daba760bf853c3e9df5eab8e919d70f24a0f87028f4cfc2c7e4e63b1c9986c99a55cc6807aceb913d2f6e7f25c0d8221dadd0e147930274f7fb349e6c9eacd0568d9614fa371cc9ddcdd3c401f8c0d4317e9c6e69e669cfe83cb924bf203f1bf821098c65aaa1c64042f5d58bef0476c75257e251d737fde99ba5f1e1dbd604d2f45ab1398699e8c509ff51963b6518b68f5aeeed682fd717377aea6023ffb895a7cf21cf9a6bed24d70ee96fcef8bf9baf9c033601b646b797350fb9b1b716bd4c3bd651b716ba8258eaa67d0a675c3f09eae518402da068522972b5070a7e8429eaa3b254d8abad69338c6007c288e7ae2008cf8bb574608bfaba23716695f39fb9eef7948e8b5f31e8cade77938c839f30b9eef3b82c4b0445cbbed310a07029ceec0ae9dbe267dea57e8d13aa8856faa4505dd35cda88411fb4ac67418e62c00897241257041e811d09b6decc1a83e087fe1bb292869d0c780533d98141c64b82b2614a29668e814231c5469c5d28ec829ef840ca8f78e33d165ad2b4d256a2ab049715bf191f12a0700827e516ac69b99181a88ab151548ef49101b1b2d5046698b9c4fc6d053f889d41861ef0df46113f8a1bd539bf6228481337552a6985b2c06f9b6a47e765ae2d87990f67f1fcf97f079a405663f661147e93f0a65c312dd1829060677660df0235223b807cef3043903c5727ec2658081766df4284029ea6ea3b7a7cebb2debd8e75648b1037b38d78af97a80ecc9ed5be4df609228d515ad5db97b77e237188d8131fafd4649cb00e690f13950c8cd1089ad8ed0978914f105dff284618ed6333c254458bb042fa0c8a38d119f5551e962b6339c62b51478357e1208c87c5512f1ad8a5f2cecbaba7210ce15b64cc6edb4c1036a2e5548a4bd3d207aed75262e72304c2702783f297998aa71453b10d1eb5084ba4328eb3c89e62588f251890ed51e5e3316162c07f1394e499ce5437cd80921711d8d276ea3be2158ca537a42727ae1c8cc1681497a78953e39d6790096d9de25c4cae32f5a17305606348074fe3bca735a7100b49b26787aee14b4f2634dad1283c010fee0c197bfefb1fb7c710267ae22015d4b89072220410c2887f459c21d74c1e05449f5a19f0e9730bd015aa25131d72699af37bf009a796368fe29193d9bf085f14e714bc8cd888fcd8db23b08b398150cac5c26fb440d300e49a6847e5359f3a8e9b15880302b0239639a7e6d8f6e5304b3b742c34c24384344fbb58dfb1aad695831364bff0d3498275d467315745a25d98be6a48be9c0eca28a1679288beb814fead9938216d67dbeacf9c2c3c30aa666b250f65073a5c6a6ea3ac2eb413d40aa88a1365ebf0298e59ddcb039467cac7a4bb5af8c9bb9286dc09f4cf27c5ff2a56c09876940d7fc7ee744a5c15ee2fdb7052c469ef57d908f19681bb9c3fd9d0461f7cb7378e9cc54525aa17397b9b2bb345c8ee173332ef1c3a9ff0a4e0856012e86997b24e4a118ead8e1ed0bb159f84e5be10620de1afd0cbf66630eef50a0b6af250e8b9db58cb630e831a02a88b7c0ef0d2d4d0a053a82da7c329d06b8c4542ae12830e51864925788f98c307da16331454a1d87e718c42da742a41bb0bd2e2f25fb64b2ba743ef9fbd7c71a94fa4a6a8714cc1ebe46b52edefc2a665f05cc104732621cfc11e6e3d27e572cb424dcfb78e9d3003834f1495b77d83c3f2579ba1873a5859674314966afa6fcb051799d588325acb75ae8080b0582ea3aea9ac6a325b2c92c59bae8a2c432a6d98b50dd4fc27912c24c02a288ceac9b6ce4dd8e1f98280453aeee4c7f32e6cbeed752ab93b1b7f4c1d676c4782e9b055d70dd8c26e15cb5a6a9d38b75168b9882ce976dbf6ff4247a7bf6109dacd03a0b7129a462158694dc55c8801ad764c38b7619319d3ac27d000339c9b4a9419e0a4a4f7fdebe29ca7b07a231fc7d8fe890c0e6756ced51b7da7126afcc49dae07a73430340dc7adb8842bb165e7f693ecbe87d2fca9f5eccb0e38e7c94ec5cb9690545123710a399ab7082bee176123613bb2bc85455637066a39665372b71ff15657d5d2ba4ec0c63d3b35ed8c9cbdceff7673c063dabe9c9922abf45805c1055e188c59c65b8bed314a15b1d7f5fa8c4c5d13f528ce59f6cb76f34102eb0b3f5c364e35f6599f7d06f45c5654bd853011e34d3de923deeab3ee9b137c16f27767678890952b350d95fb226fdbfab4880a9258d18c29b842366481f7ef2767e3deed81ed60046f1a362c09bd2fb8fcdf2119e704357931724f6bee339ded401c8ec6de5a415238fd2535dda3c4b63f35a3ea7dd6152f258bb3fb0a23b4a85e5eabf467ff090d2f3cfc54a089dd7fb34d9c9ce240960bb95d9950221796d6fb9df8297a23e553c1359671476ad3516e47029f45340841ba9d42e4bfef07e7dcbfb67e60df0843b7bd5f9fb1e5fc45cefa17996c2a7492bd42528005ba17de57b991e278d376bf0665d088b25960d9bf00a9f4b0fd96983760489427f5848e5bfad90d51971b5a9e2b0539a42b2685a64d7d1bfddcd3365d22bc1b8a13d3d8718787ad94d468418d463dd884f60debd1f78ef14d10c2fff6aaac267bd2b80aae5331a6fc8b2ca8cc7ddde4feae4b0994f098dcb27e14f12083da60448697f96fbb1cfa0be086b5be7c512423d1520aac3d81a9701965b0ae4654817d609d850c06337cbcebfbe0798018fca26b8c7e207b4812c06efe5b54c6fc5d5e7b46d1207a5036e313a90f498eaa1151df9de31fa2ff9b335dd01d33d169230c820eed4212ec0a9d312694f96b1775f477c7f670d8ce2dc52fb423b15edfca9c76739a5d662e57dd69f2224b416e13e5fda0abcb163174ef12c9638a049eb842012f3c704f550b1831f7d022fe7874723f66b7ff87bd9582a6ed5260f8547b8d26d246870ca552fea82b940c9a5de20906b081a770fe0b7e08bf26de1678d9ccdd0bcee120001b4b036c5eed37f4c1e853d8b286eab0459c254976af87e4d12601995638e136e712b8d7a47e278836b6a9442d2981ae6a37e50465a0725afc47afe8547203a51a4a15449abe343186f1595b420d16989c4e3905a432bff4aaf48192e4520f68d9f020635d658af2f61a8e3443b04184473b188cea7198ea9854ffbcee0f9e69dde574b0090a591746d6c1383e22e60d59d0b2504c20bd662199a92016551ccd362cde2cd360bda3805469e626d7e9f310a87365bb7fe491903b8cc49c39b33fbba8c4769aa91075e62315528d7372eeaa3f1073b27d75e328637a273367a6061e649aea950fb0980651796c91409ea6018d733ad8d66f2a63ac10e5084b396376def4b7b58caeaf2b333db6badf8b14c108e19ba3bf35cc1cc77cd234ad5fe801ecb77fe791a4b198fc5c873f93b60d24b3e5ef24c72a43025a8a71c5a4a13f334e903681bbde4adfe2458bca4c0104e23b1d053b456a6abd69a953f9a54ebd95177ae1c2121094e3594f8b27e4eaec1b48052183e14feb378cb277a3fecd4b8027c1de4b56d2cd0e69b6fa691b9137d9e74b355e5f6eda84b7645644446662ba35dc92d9cc49aa089d16275091ad2f9d951b2981aa5d0b01fb908010000000000003a01000006000000a2a05e36fc97fd43f394e630978d1aa7c12338268220294906f8d7beb55b57d2d84fbd7902b70980c25c3cb4e18ceabe3ef8b247cd503ca076ef6737b7f95861a447300514ccca02e7cae4299a85841ba2b66e12c526a270a34863cf300c1cea227aa3e5c2e24c1cc5ae57aa8ca09d0dff6204ebfde930e3c3908fbdcef89fbcf251c5c190b0c1936a2bcad3bfdc704a824b817bcee147cfa4c1c5ff5976be2633a3c4311426bdae4559459ca60e18159f6f1cae4e295c4091bc1fec42fb99fbb6986a1d0c0df9125ad3773753c378ecda1cf04be520b6c6cb0bb81ff2be5f38290f5cbee12b6535aecf2b0f34b70c589b0e4ae900000000e0000000000000001f01000001000000d5325803feeeb58258f6c0ec13be44824b25ae31ca77f62991733d7b981ebf383590a439060358a9dc95e3e3b91d62a83b68580c041d5b4d95be0996afc2f59976fdf8e630bebb40a8f9ee6e13b156abbd4be9d25d8f6535e3857170032f15230019a068eefeda9e8dec54d76b34f4485400db873519c77c2795a05936f1991680c71b82c7fd3acd24a966f17b8606ae998b87cfe134752aa298b91f3a353b3475feb4563a8f4081f1d2541914b1b283f56f3bff377093acc6771113a4883361b9ffe176c12297a16400000000000000d000000000000000000000000200000012c5286844264d07613abcde36d0871b15a3a1c477d71a2e69f04673b5dfd5e5f75421c6ba218721a2bd51d92e62ea44dee1547ef543c15cf34ff8c59eef7d4dfd7f7d3ddb893b5a73ded0c82c715332c11dd75c300aa72fe7f1d07e15ade18107ea9e4a49bed580f2ac1156e2fd48c43aba810d372d476f10bc2fca68c64a96b7ac979ad13d4e0b3d05990754f60af34880d0a183fa1b131cff8aabf0395b269bc0923705d2764ba1af2e3d0c4305ce029391b6db23b9db772c44f53000000010100000000000002900000009000000355b616049dd2a4edf9fa05399e31c400fcb323ea356d7f2a388c4dbf9aa3289e4c0036036ffd42c27db311d4c543642047104b1b1b2879565a4fccba7a5e6283021d656ebf03a5e65a84ec387bbd36ff021c73dab0660815103e9f6eb7069389c1987dfaf6da759a306f91d11cf0b136624c7b0d666799d7e9892073e950fb263ad9eeee9f47b365a9b590b799097af0173ae3656bda348619e17e1d49e283bc2c622a65009a72409a0623350d3f819e9e4b5aab969f2f04732663a61170ddfa0434f97451f943ef9a29ab59b4d1d2a340ef750c4de8aa01cb82512f8c6cb146d598eb51e4ae326ca0060a1c3eae1e268592f5bcd90e648ac5dda06b1ec0471e2c27226ef3a8fa68fc2aec52a79a71d2223c97412a089e899c871fee3ff19ffc5803b366db879d80b43f0b2dad449bf7539976e942a47292c0363663713d15ed7a4cb3aa34bc9085d8027c3c9e1730bd1971252dcf19ed4e9ec772ff8fce67508a9400173e73bd580065924852bf15b0af0339c9161f09dc8df05318ea57cd28b78376c390ac7329c600f542ad63674bac1f9d336f59462f36d618274bdb7e5b762ae6a148d8d2b647642b9a64b7642692bb6691906e87d0901f483f90af4803a8ba20683e7ccdc352514bbb8575ace3b9392475ce30f118bf62218f376d75885a7ecc819f04fddd2ddd5fd6f28d17344554a5f3333f7c5a7d2eafeec0da8b7635b0640b1af8d2e0ce6185c14e91a4be0f27ea1f05701d93d466e465ffcb7f5296029637c669693dce149419f66fa3413e280c6e15df2d5fea60482eae0a7bf0a16e9c6aca16e4df82f96f41d12378a394ed10f30d3dc92d0f2ede62b3d0aa86632f85c30073f7d738a3f1013153df5413be8e3574ad9df5d44e253cfb7b4d61b0e51699b658d1778f9fc5185c5e780448f29e91ec19f2cd7982bb6fa11fe67959017e4c37153f90a4130e83e472da7067ea05971740edf2e4e6d2d291084125cf10b66d6c05f8b83031f0652051d5ba4023c786dfd854a75c72d5251c809bd7cda827b3cd71969ade5029ba98a26d8cc33dd4385bc39b17ceabfaa9c9764933a67fb9b68db57016509053ad2e426929b1806c0aaa4a0d4607221797322c8ba8f3089c4c18496fa7cd7fb09937c26eb0421b1ed420607b34c02f441086b7b678ea1979e10c584bcd65f48c86dcbc20f193a72b65692e91aabd33648e12184194cac75c049bf7a6b547eb7175fd25b2ccc30a70afcb9efd846e58823102c1503767c71559cd122e4234ef6bd271877290fb37ce693e28fba1bdb6034655623be250fcacd34e8c9fdcefe5cf4976d1cd0ffa8e3f3d562453de6827129e524bd3551467f1340ac4a8fe58872f3581b6b8f038f8d9cc7c75d276a8934aeabcfd7a9d3dc6e7582342f21aa851c5728883dc37f76adb871d03a0dd60f6876596070dd3b7a9df1d013e89e28bfa366f512dacdbff1d015a151586102598dfe44c765611e3d1e8aa87681d5fa742edad0cef1044e2177e5a8d19622f19ef0ee806ad5ac55f0e9cade92e4d9902100636ad9debfbdd900cad2088a2b8fc05e34d61583256b207b2366e4c1f601c32f4b31fc6c650ccb4d65184b98b8b2c3c4171417c8848cf5932371924dccb9902727890a6128e5f64353b38ea7218b27d0e09dced88240f8792988013087eab2d07d469ce15d0df61efba1117b99ef9ae48732a2168303f80413fb14e0b9c72693843f2319fe703929d75e1a8ba8d3c8db41ab0df1879d54f8290254dfd62167dbba73934f1b39fdc58d36226106bad63b166827f0d254965a712ac5ca454f07f7a6bd8607765bdbd40f66dff216ec96eccc777a2536bfcb57a7d500dcdb642260e003622309645ab68b872dc1f79d27c77fa3da8c6edfd09db4bdc23b4408f33a9979a642a1df6f336f87184360c350cc9cfbce6d1827b97469a52909f03594fb3119fda81e3e71e025c807b92268223da36efab6fb9595900feaae451490aecc57933b02cca53de3d52a784699ceaed12f920472efca7c955318374b7d81d4f03eac60def1bcb2afd0bc721cdb5a20fab29ecbb62e0982b768ba1b7dcf17a7b2445a8ecee2b3aa0300cdeaed279e4f49a3b05426907be28fc6a881ffaef6c985035a2236013a1a3b8c0c920ffab2819c40119652742b03cafa76ff1f0f0517cbd38484f8ef7b378a30d47002b0c7c031ddca7bbc58bcdaef15bcb06ed89e5e8945e8e30928c64d681e6e3327476599d00bafdb0cf7e6d3d038c0b64f6c7cba7fef07e09e0be48d890f84f7cf1253706994f9e9837e1c7d6104826fb66c1f67b7c2afd59c2d09f7ce15bafe8a0c4ac39340f97e5ec65c5cfb889c49dcb49796fc0e715fff051d0d7b38e081d037b3809c4dc269e794bd8f08c1680e52d6bbce113c0971c42fc8cb47675ba363da3edf09c6532f86491237d616b57e681d9f8a6c2bae0b31c2f957e8d0b453d42f93dcbec75b22125bd847ce75931ab7a7b7c577d3ad117d0b87be3542544fa28ad6c7aa23d232a477fab443c38d3c19f9ac83ffe2ddf2f45f6b4aff6c0bf1990faae99efe759b07fbe8804b8545b529cad75a447000e4792d92e6b14d2f485941a07aa03453da6aa67dbe766b734d0949af4053439efff745f5ac60065b22bd0942b8d1e816f7b3f2a23ffeb3d44e3d1e1a4b16271b0160df5af08cc7e37586a3020c342e3cd50c5bf8609ea41597daef2eaaa396a31c88c22012e882b65e407adc5e16a0e8feceded6bbc138fa1bc6d82bee1916f3050bc704f1ff90daab6e1627876b0c0a7689ebe83c34ec916593996e391122c3fc4ec4bbf25d9e1d6ea0d03fdc2dda266507c6578966d37ffa6864dd5f3452025defb899bb1df8eddab4855589f50ad8200148871c124d7aa0cd245fc7055683b024602aa9850035aa18741aa6359dae9320fde223b3b98788c1b1b65c2df98c447ebba6eb81197032dcc81a20fdf5c52674f50f21ac5ace2ef74f0b257efa5789dba5c0b94a82fd8247bcca4b8165daf0742348c0a6d6067a31c2210e8c556d0fe72e2a2c6fd323d7ff04df4b29e0a3d75a1cba49054878514d25018c511c1145fdd2a9617f0cd73ddf3f88feb65372af146e96f14ba83905cabc345b4e1d808609b26b5fca4630ca2d1a49948213007783274465f5820091188e7dde491ae2a6a393e3b752efea1c71de5c017a0aa122c2aa21b67bfae8fa2338673cea9f3a256a25d4d3c2465550311ce47aadf7bceaf2ad48a27d850640b06f5467c5fe7b9c4fca13cf846df0de7a0b03688d59860afa369800c03a7e9dc7b7ff86d2e4a9df551a54caf4670d5bb8548d7523891b9fa057027560153327da938e92f3ab074332fbb3446301aa71b9cd17b548502dfb01d659047cd8bf177cf43fc92e5f58ce50df6d482cb2c89f89dbabbf0c01f1750acfae76b2b5884da1d65e24bc2ac51d04ec036c973590d193eda0a2c1a5f77cec7b911fccf25ae1868f80dc4255526af4091af6f8a6caf60f0d75054365153378acf26a129f956de947665fbc9e146057dd17d12dd9f786341b9ab10c86f0ee029cf4815b6786c40c9f88ff981d2629e5e3bc093932582874ff977dddd29e080440e0950cbc621b295c0afe91a0fcc7b1f79f473258317556d8f7bf74cf740588380648bb16d28477e944158a5155d4ceb529f59fdda91f6e07932c61f949b0a6ada4bb9d736175c096b3c2c826e70b573a121f6d4eefe8ad2f1c839ccccb098cba18c592dea1779519941c0ccc01515c2b80df05b282d78c969a7567ddf279cc32032001b33b89514038d9b998467030b1bb2f8f23e86415bcf75c1a82503912140db0c6666388219e131e9d182ed321ac34dca2ca74a19d51db02421c46c68d3dc9c1cdfe20fcb9311b015bb074fc62a3d8623d36769472c8938f405f756e7d11271d1aa52b45ab36a7ecce1ecbedc1abfd738e32a56504959e3f530bcc3a987bd407b1733822e5a95ae69b5d58a8bb6fa0abdc3d86903572f18d1291187feef65d95c932e94903d4b641da567618986bf05837a6334462d3ebbe1f2b73187eef6ca4f087d7cc58d6447dcc9c1eb4d57a816601f3c39392a51161b98410dab99fdc90a5748f9f580196e28118681bd3a0899d3383bc1c829981227592d6fb88f52c4019834f4a8e8b1d6d5910bd489320fdf7870f0ff3dddeb55c63d537e6c733261c45c34ac2f8a34eeb0722c68335c55971b171d81d5538545b6eca1430a97bb1b1b461e1f096dd1b0a619aeb96a6fb85f573969eaad765f027034d267fcb11198b17c683186bd0ec4fb9057c7a5a807dbe52ab77be324cd86991c59ab76952cbca65e8142cf48471e094a576c144b372ccad7c6a48305baf9e4bb091d154aedab34a71ab70d89bd1ae2b26f16f5c06c78a6ec0b91d649e85c3c7ca4579b58ced4bc0be6b3fe4ebd384dc465559fb3bf8a6d648b04ccbef54214f6ba522f5b6108d23640eedf09ca3a202b54bc2d158e60ee8d6e9e5784fc00bb2f61df153dae845b306073406c7ae0c74cb67a4b1b1ebcb1dc2a3be5121b77e66a2c163f638db9b6ae984cf8a91a17e824ae08f20d953946a34abf7f21527eab7d22b523d4d8beb4f53e86d36ea5461276f1c705b295ab66337396d87305283e75413b7c9a91b87a9ae1fefea103fa9bf49bd0624fa8295522e9956308741a9ae002a99d4632c07d20a3f8e8e68304425b633985d466a7681c098bc649e2e6d94da8ab17dcf87b3fdda6b04ff0d7440cbce7823794b5c0a4fc0acf4752c1018e9c1061d386b2b120da1956e808423e130990565540c8b53e293b80625b3ff7b7e652370d4822a2690a981edd4d042aa190f6b96f626d6ef7fa81361929562eccaa9f4445fe12ab5331a353ab82fedb041d21fedb92e919b61290fb55c433220ece64a6a07f286ce38e7e3e5941e56db53f58efc94969f841b855697dd779edd8e2e7c16749bf25b0293249a2ffd6af808f9d403f989f7a90220edfef2c6eabf6e0c706b07b80dcaf4fe6ba4668869743ab381c8f8a49eab94a49ca6d7c6a0a396b9a2fccea06ca27ff730848a57a3866cf8c2233d224e3429988d7454e7d9e2b5fdd489d1b2a1d84096f141381650e3cf76cb208f99dae84ee87112ff8403e8d66a7850886a725f57753f78068eb828de6dd971ed25bbe4178a1cf0effe42758da85738b12d751c187d4a2259f07d6564929118f54662becb066ac5a0469df02683579bf1a5c421a0107a670f6c48ad5d7519cddf318f56dc258a92407fb95b71faf0848c3ff25866a7a2c441498ff3de58252e55db7762148e40df218dc42c23044259ebe8b7efefc0a84c4dee05c1429c1b6cb3183ef4114e56f6f2160b52cef2df4c53ba94a99f1f1141d9db0c9dc576417632b5c581955ba21d5551548736de71d3eab023054e550893deb3610b8c1b882d8d701eefec5f87515eddeb0eba18f0b538640d050654eacac1e0d329369d6a0a732513c9485d074c6a93cdb31b09e35251e11cc13d619f3abb1a0bac97f55a6260c71432a915cc70ff473866280907aed51a2c8def5719ab582042672cc040b57e1ba3f7ddb03aafc0885e123fef440fe87cf95f99370b6ad3158669be9fa6d0e64eaf14e14d05ef942085326e639352380b439df772940b166361eaf5765f44901792d5eb1eaec77741c50d5902c8fab18001070c957b15b06437de3c8e9b3880c2d8379702213ae1b0dacf6b37e07b4edece710f46890e25dfc64d24eee0997be455f6d2aed56e850cfcf88410e04969b984fd697941373cac480000000000000010010000060000003e8aa5ece60b7d91f03a0831fdc880cb218211f9b64ec8d5f3088e1bea3e2f0e0f26f453dd91ac9f4135a60972c381f007c7b4016d000000d0000000000000003f01000002000000a2653af12903cc6a932ad99956c7a3cea45feb2c44d0234f56257ccb6e933202f7650049126720f4e48dcef272c5106c2e880a10d3a9c26547480a4a0aeed6fd5cd436ef2f3a59ad078921c50b7e4c4863a048d58178f3f05b271363830959d9ee924caf10720633ab52364007b8f5a62a9feb1abd40143fcd0e775b1c5b4e545e61932a8ddd44e37848116a30a72a5d38458504c0acdd34ab9799d8c98edf3b374715726cd86d3cbb9d757317b814ffda50aa3f3624e01c988baa58620000003de5d870bb8d1bf5db066e6de72b636849bdee677f9921bb56f2b12af733b2b189bc50a165a9dd2956aa10478d4e665b3895d00bbd387aea3d41f6aa9ba581dfb241bebca34cc105afd3022e"], 0x2468}, 0x10002)
setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, &(0x7f0000000300)={@in6={0xa, 0x4e23, 0x1ff, @remote={0xfe, 0x80, [], 0xbb}, 0x3}, {&(0x7f0000000240)=""/88, 0x58}, &(0x7f00000002c0), 0x8}, 0xa0)
r4 = getpgid(0x0)
perf_event_open(&(0x7f0000000400)={0x4, 0x70, 0x100, 0xffffffffffffff00, 0x3, 0x35d25802, 0x0, 0x0, 0x1000, 0x1, 0xb, 0x7700000000, 0x9, 0xffffffff, 0x1f, 0x4a69, 0x1, 0x9, 0x40, 0x3, 0x9, 0x9, 0xffff, 0x3, 0x2, 0x9, 0x100, 0x3, 0x192, 0x8, 0x56b6, 0x6, 0x5, 0x100, 0x4, 0x7f, 0x9f, 0x7fff, 0x0, 0x5, 0x0, @perf_bp={&(0x7f00000003c0), 0xa}, 0x1000, 0x401, 0x511, 0x3, 0x1f, 0xffffffffffff8001, 0x400000}, r4, 0x0, r3, 0x8)
listen(r0, 0x0)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000040))

2018/04/06 01:05:22 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:22 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000005c0)={0x6, 0x7, 0xfffffffffffffff7, 0xfc9f, 0x100, 0x2})
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r1, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  109.794346] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:22 executing program 5:
io_setup(0x7, &(0x7f00000000c0))
r0 = socket$inet6(0xa, 0x2, 0x1)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
setsockopt$netrom_NETROM_T2(r2, 0x103, 0x2, &(0x7f0000000080)=0x4, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c)
sendmmsg(r0, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f00000003c0)}}, {{&(0x7f00000004c0)=@in6={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c, &(0x7f0000000680), 0x3ba, &(0x7f0000002000)=[{0x10, 0x29}], 0x10}}], 0x2, 0x8000)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f0000000100)={{0xa, 0x4e23, 0xfff, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x5}, {0xa, 0x4e22, 0x7ff, @empty, 0x4}, 0x3ff, [0x3f, 0x1ff, 0x6, 0x7, 0x8000, 0x4, 0x9b8d, 0xe800000000000000]}, 0x5c)
recvmsg$netrom(r2, &(0x7f0000000440)={&(0x7f0000000180)=@full={{0x3, {"e8d748740260f7"}, 0x5}, [{"0c29bc65aab122"}, {"ed1c2ce787705f"}, {"8c5447d1da722e"}, {"adf96a2001f801"}, {"a6ad709b1441cd"}, {"e3203f3faf7212"}, {"4d67a4d299f034"}, {"c0359bdfa05626"}]}, 0x48, &(0x7f0000000300)=[{&(0x7f0000000200)="a8d599dfc5e6591a41632deaa434dd9687f653dc9b000615f88ef282fd25fed15d0971a5523b2f582a3d3a227efa7cc34f9aef26649d38079248bac19ea0dc943189f61de789793bf6bc9055fbab42f7ed2841d2b571c14bbeeff5a3b4486d6c3c4a22fea53a8ce7d285581f36fb6cfcf38cc34a0eb8b1b9556e232021459dc9f6cd399a26fa5764c4981f8b410d396445192fcb5deafb13f67f431db85020c36474fe77f852ee69b92a4b84b85cd30e1d75f4b757c3dbc8bea578bcc3916f78fc1f4be8430df41458dcba547559d620ab1030e32192dbd2c3a9407eb168f338710d3fa8f4a532d6187d118d9b81f38789b32a7b3c7874be", 0xf8}], 0x1, &(0x7f0000000340)=[{0xd8, 0x12d, 0x1, "35280598f7a9d5f0aeecddd9b4d2a72baf5d24150f3ec705b02073b070f5db8ee71bbb39f58dc24a46b6f847de50d5b6cd12cd8d2ea644b40d4d1e3bca668f04731c76c12967bbfcca44f7de977eae64ec7f26cda1c6a2e12f6d0754abaa464f677df8a8eb6aa12207e986f667c2a75018cc79481eb05c463726e6a069acc37df3233e609615f4dcbae2769b890745740a159c3eecf3eef76146555a98558a44dee7687da6715ccfa4db387d174807bc99cbdac15f86a927cb3bd05227dfb7e860ed16681c"}], 0xd8, 0x20000000}, 0x2020)

2018/04/06 01:05:22 executing program 2 (fault-call:2 fault-nth:0):
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  109.880230] binder: 9864:9865 got transaction with invalid offsets ptr
2018/04/06 01:05:22 executing program 3:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040))

[  109.949906] binder: 9864:9865 transaction failed 29201/-14, size 40-29 line 2991
[  109.972511] FAULT_INJECTION: forcing a failure.
[  109.972511] name failslab, interval 1, probability 0, space 0, times 1
[  109.983857] CPU: 1 PID: 9878 Comm: syz-executor2 Not tainted 4.16.0+ #2
[  109.990616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  109.999976] Call Trace:
[  110.002583]  dump_stack+0x1b9/0x29f
[  110.006234]  ? arch_local_irq_restore+0x52/0x52
[  110.010916]  ? graph_lock+0x170/0x170
[  110.014732]  ? find_held_lock+0x36/0x1c0
[  110.018816]  should_fail.cold.4+0xa/0x1a
[  110.022895]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  110.028015]  ? graph_lock+0x170/0x170
[  110.031826]  ? find_held_lock+0x36/0x1c0
[  110.035890]  ? find_held_lock+0x36/0x1c0
[  110.039960]  ? check_same_owner+0x320/0x320
[  110.044267]  ? lock_release+0xa10/0xa10
[  110.048245]  ? rcu_note_context_switch+0x710/0x710
[  110.053167]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  110.058178]  should_failslab+0x124/0x180
[  110.062234]  kmem_cache_alloc+0x2af/0x760
[  110.066374]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  110.071899]  ? _copy_from_user+0xdf/0x150
[  110.076041]  do_io_submit+0x3fd/0x18c0
[  110.079924]  ? free_ioctx_users+0x6b0/0x6b0
[  110.084247]  ? __sb_end_write+0xac/0xe0
[  110.088223]  ? ksys_write+0x1a6/0x250
[  110.092025]  ? exit_aio+0x560/0x560
[  110.095645]  SyS_io_submit+0x27/0x30
[  110.099344]  ? SyS_io_submit+0x27/0x30
[  110.103218]  ? SyS_io_destroy+0x520/0x520
[  110.107356]  do_syscall_64+0x29e/0x9d0
[  110.111231]  ? vmalloc_sync_all+0x30/0x30
[  110.115369]  ? _raw_spin_unlock_irq+0x27/0x70
[  110.119852]  ? finish_task_switch+0x1ca/0x820
[  110.124334]  ? syscall_return_slowpath+0x5c0/0x5c0
[  110.129250]  ? syscall_return_slowpath+0x30f/0x5c0
[  110.134172]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  110.139533]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  110.144370]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  110.149544] RIP: 0033:0x4552d9
[  110.152720] RSP: 002b:00007f34adf7ac68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  110.160419] RAX: ffffffffffffffda RBX: 00007f34adf7b6d4 RCX: 00000000004552d9
[  110.167673] RDX: 0000000020000700 RSI: 0000000000000001 RDI: 00007f34adf5a000
[  110.174928] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  110.182182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  110.189439] R13: 000000000000018d R14: 00000000006f55d8 R15: 0000000000000000
[  110.245168] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:23 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x1)
setsockopt$netlink_NETLINK_RX_RING(r0, 0x10e, 0x6, &(0x7f0000000440)={0xfffffffffffffffd, 0x2, 0x7}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x23, &(0x7f0000003000)={{{@in=@multicast2=0xe0000002, @in=@multicast1=0xe0000001}}, {{@in6}, 0x0, @in6=@loopback={0x0, 0x1}}}, 0xe8)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2=0xe0000002}}, {{0x2, 0x0, @broadcast=0xffffffff}}}, 0x108)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000000)=@pppol2tpin6={0x0, 0x0, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @ipv4}}}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000080)=""/198, 0xc6}, {&(0x7f00000002c0)=""/16, 0x10}, {&(0x7f0000000300)=""/62, 0x3e}, {&(0x7f0000000340)=""/2, 0x2}], 0x4, &(0x7f00000003c0), 0x0, 0x7}, 0x40000000)
ioctl$PPPIOCSFLAGS(r1, 0x40047459, &(0x7f00000003c0)=0x480)

2018/04/06 01:05:23 executing program 3:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x202, 0x101)
ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000000040)=0x6)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00006a4ff7)='/dev/kvm\x00', 0x0, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000c40)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000000096da0300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x58)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_GET_XSAVE(r0, 0x9000aea4, &(0x7f0000000d80))
ioctl$KVM_SMI(r3, 0xaeb7)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000000c0)=<r4=>0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000cc0)={[0x3, 0xb73f, 0x4, 0x6, 0x825, 0x2, 0x7, 0x9bd3, 0x5, 0x3, 0x0, 0xfffffffffffffffc, 0x3, 0x5, 0x100, 0x40], 0x6000})
sendmsg$nl_netfilter(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000020}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="280900000a0f04012bbd7000fbdbdf250700000750035900760a095c01758ef2a9a8dab304d62f9c42b282cb0eab32fd030f9f3609ef7ef85f1dbdaaa06ba5bf9b8561069e487cea6b4ef35c83dcd7dd8e45f7bba59c57d2a426df244c346eb64d23379834dce0127a64bbed0355d0b7babdef7aabca6855709ce8f44b396fcacc88429a3c919e96d6d751bc987d2f9b0946fc57d8854f6c221a6b3f021073f794615655a2dcd3dd2b15525b6dee1d1993f20d996f2969710eac8b6e8e884dad8ad37701b697c1429bda9b13632b6c05dd5549974a6fb6e6c11fde3ed4797532a4738f5ee704c309833cde46e8aa038cf7e324185d4f6bf8416f3828976e3adeeb6e03a5f982386d62c6e6ae651ccff46600faf93b0f6673a84e12dc72e73ac3bf4b594734e9b2f5a933f2fbc9a9e0d186339853e56ecce8d5f591e2eab67ff3d035e89ebcaa830b15306bc3f4141cda7bd68e22993f9be8b7a091be375fcd49b2bccb3c2834b8b23e1207ec78625b3100f9aaff13bfdf3526aafda997184148e8b6b710e8ea7a6d753af85939ebb01586cd2fd615a70b591f701a8fb986958e91b1d07380a9c4daeff9f300ab13054f5e4a1034a09b63d0b48278a81a63b0b4d9194da36fce2ddd7da536b85cb125685a17d036f80109558c38a62bd4cee7e6348a4afb35b3c742d44b85cf718b70ac0a282aef08c6de528afdc8490be5efe360b8794ab9f11f7acdd41b918bc77980ba404c6e2de8bc3238b8d726235da82b3e59fa518c8401a77793bc0b2f39786c8024221873727f335624149fd8fac18d81c9ad883db9478f988acb6d23d3ade4cf8ac2486b29b87a05bddf70477e3ce83d495b076030fa7661bc14d4dead4a9703992aa946a5e8bae1a07c388bcd42ab2dca216b12332aba9de0a008c04047d375bb8956202c11bf595fd8332dfff11b22329983e336aeb5124a5f22ec6036d8af98ccde32903c1c2a98e0f0e562d9ae34000300190a4ab53597bb089da8492d79539843c4fe30ee22f3917f39f1967ea283ad53375357a5b63a37c33a3968addc000000438a363e7d4a76b4fb6b1df0d6e37b0f58556e6505b948796d2757a89293425e3bc2551be88291142837150d21be6ecc5f12ff78d88f61fd76d91b074b69163e3c750461015e5c1c82c04d0738b8354a2d86c26b27f3acf26f2706c4aa5991d752de52c330aa311008005400e0000002140107000c003b00ffffffff0000000004018a00e9aaad6d1688a67deacbde8aebf41914402e99d5356755c63f8c04dad22b411a957cfec4072af77a5b7201e3507f1c449829958cf411f0de0dd8c28b00d917de8618d780640d15cfc15b9e2012287ed8a0a2666403aec9922d0604c9feea9ea90c253829183be5e923cb265ffe12b2342d6858ef2a62c68d9a6ade18ae46687ee3c50a39942fe971a211d5d3e726f6125e100444b9aab953938c13ea8ce7a161de41e1efa55501e95cfbad8b57a4d1c25fea78d7d9c34864a0f36ac73daea67f8897131da719aae5000d25181327bf4442985071d31291932bc1f0196763481fb748b0307f74a27499df30e0e63fe5788f2363749974ef4035af70ff2c00000025eea1862a6196551ec44c4e4a4f4bd8c857cd811afb58313f3336084266fad7f3b17502f6995fe2335c3c91f6381399e5d741125f0b2b8c972505ff7ac912c57fdf338a3aa2e3f7130d429823f87889244e5da23616277632558f97f9023f9831adbaae50399d4ce1214c5e1e70974b059c1bc1d363f23d31a2ef51580139e010c5a03c668b8209e2ced7be4be9cf66ad393327d8a990db84ce403fd7639d877da8e942b67fa469c5d838df80c48e43dda8588f1336e54f92dd3a6f3b0f8c3f1d4d7ea2bc0083005400720017ecd52b92d00ed5e7ae1343822e909b5d2cd8071ffdde86a2ec726f91dd5d190180da8d7ab2d5eaf3a2360ecc1cafc0c0d05da6d7d157e859c145b7f940ba76529c73b05f586dd9aaf470dd6818aa00c788bd66103973360a626ecdc6077470cc174081b5f76e3f9f0cd84731a874cd8be29d2751f01b431e3d62964510f6ec45900e002fa1392881c0021c904796be31ce38a6edf8ed46b22a0cc88efcb6c85de277c2427ff78ec2b7b4725a753a18e6e5f54a78fff28c5c21c155ef96cc4ddd7c7dfb8ec5f8bbb9595c6fe2a63c674b5010d5f0467f7e8f086ee45e17aaddca29c6cc23b57234f701c60ba3c82b39ef06abe8e98137ec27e4b7fd8a7a980ebe1671102b1fd8ae948892ad28f119e43c89626973c1fdcf69cff1799f0ec8ad74fec8e39d9afec635af1f78ebf9b1673dfb3a8be60cfe4b7bc32e4957e47b4df07b3de867e75dca2100ffb8ebede48371ea00046be48a44cb61c9fd6415f808310884d25366eb49aeb23f9697d440b0b470f52d1daf9f39d8bafacd626e120dffbea70edf8fe21dd84db9c6ab0a5960e16c5f89036916673b473334c5d18c80a6691d110d3f24ca8ead00707b5c998491569aed444b985f75b4e1f9aa752a04790c1be2ea9f69635978e80e55722cd91f31a5ed6fee0fe9f469e5e5d498f90abe2629e4cb60b054cc02ceaef5e36645889f87a8b0669af11763a4020b49b4a6e84f740441cff6bb7649734affbcf84999e9d4b0b43263c8d2858b8fa062e572a41ff36667944108d0fa639d0b8a1d5757f6d3804d5913e9a40183008495879ea8d272a84d5e9488ed2e55ef4b7017ec8e1680b49246d1ae18af66b8d566bef6d66b34f5e7b8aa7144c2f7c8a6c7b3bf71254ef3869f6498632c7cbce8987bcb2a0946e365e71868549789ad432835ba4bfe191f19e304545249c7a1adaf32cc02d0f19bd50a00b6b1cb8bdfd347993b5ac541f2305462723575f30c2d00977f20fc664547984a7e792faf60509f09f70f85146502a1f2a709ff36a5a726381d8cc290e651705108007400", @ANYRES32=r4, @ANYBLOB="38861ee741016062904bab0c15c1277c39f3d85ee1906a0e8fd3ab78c1f3daf073bb62ea9e72f56f022566e8a441673551e97a0c6908784f1f1f8c58df3474f73074635de011145e3b92121941e131bfbe6fbfa8c6ddea78dd1e40dea7fbbd3df4af4570157ecf88c6df5d059e19a9f4b09b480c43892d77c5409fb8238c8ceec02a4aa56277f77f17e1d2afa657365fa2cf7f50b262aaad42e120a830818a0919e87039dc8e930277ad97e1fbd923a45add531c9c14399113dd300f9b76f56326812673d19c4af070c06f9c13a47edea47524d705d2305c4c88ae0a6804007a000c0093000200000000000000000000"], 0x928}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000180)=0x40000)

2018/04/06 01:05:23 executing program 1:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000000c0)={0x1f}, 0xe)
listen(r0, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0x0)
shmget(0x3, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil)

2018/04/06 01:05:23 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:23 executing program 7:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = dup2(r0, r0)
mmap(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
fcntl$addseals(r0, 0x409, 0x4)
getsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000005ffc), &(0x7f0000000040)=0x1)
ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000000080)={0x4, 0x0, [{}, {}, {}, {}]})

2018/04/06 01:05:23 executing program 5:
r0 = socket(0x10, 0x2, 0x9)
write(r0, &(0x7f0000000000)="1f000000f90300ff00000001000000200700090054000000010000000101308a846a00000000d30a0074dd7e7293e251", 0x30)
readv(r0, &(0x7f0000001480)=[{&(0x7f0000000040)=""/17, 0x11}, {&(0x7f0000000080)=""/205, 0xcd}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/203, 0xcb}, {&(0x7f0000001280)=""/230, 0xe6}, {&(0x7f0000001380)=""/221, 0xdd}], 0x6)

2018/04/06 01:05:23 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r1, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:23 executing program 2 (fault-call:2 fault-nth:1):
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  110.405829] binder: 9897:9898 got transaction with invalid offsets ptr
2018/04/06 01:05:23 executing program 7:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0)
getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f0000000280)=0xfffffffffffffffc, &(0x7f0000000340)=0x4)
r1 = add_key$user(&(0x7f00000001c0)='user\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, &(0x7f0000000240)="f1", 0x1, 0xffffffffffffffff)
r2 = add_key$user(&(0x7f0000001240)='user\x00', &(0x7f0000001280)={0x73, 0x79, 0x7a}, &(0x7f00000012c0)="37f556c7fe60b0551c3cb79f27a725acdb8ab3cf3a064a31b23e6acbfb018b47c7e41d954cbb44bcb972e052f86fccaa8af4b945d8482ed3b9b52d537554c47f506ad1330db9352dd82e35e3a90589da8f97c0863fcba9da0b17528fdc9baf6108ecf815a06d95e2c47d918b54f5fc96cb24fec69c6ff09f3d443e28e174bf386b9f0e103bfa66726a5d3accddeb9c3b792cdc25cb1c9eed90e9c244bc6c914d27806e07fcdcd790fbe433bbd1e3f6e0c6b04ad39435bda9677488180c00be02f5fb5a2edbc123a01c95df8cbdbe2bd6ba102d22e0e25ae02ff54e8322644bdecefdac632e57b8e2a4a0bad67e2c5156b3805dd75458f1eddd7718b99f27095c7c7e368f485b78f1d0f7247fb101654712586c044b1c78a682af0c0cbbb600362b8cc40fec7ba97fb683c792f8bec82241fac28519533423dfc3d4539a6e99a733ca9a28c1a34d1c3ee9d031e929c48f95d0609b72934d1350184191ccb7d5c3efb13300d4591a8db677c44cefaf93a0b79d34d9e6c5b3c038b565b490307da8f27d051d427fa23e6bbd0fc108401ac3e355fe174daa23cef86ebc6297b1b4cd2300dbec0f00dac51adcbff77002c8f72b0b6d8276a1c96744874fffc8fd5fb96512193581ac952f4e3c20c9374b441523a87e23e68dfc4de6b4ee091b28fe25600893fd3501a80fdc742b76746ae2841f21626c8877d71b4123395e744335a1a877c343a9e4ba7bdec67422a19748609f754a9432cad28180bb15ee52ace067fc94330a908bb06f44f70c19e7bd044e5b7ce414d17bd416278952c736ea8c430ca72cc815fb95c46f4b1b03f80aeb68627f4dfc91ff0cd978bb9c92019009fb84eb975ffc23e86a4f07b76839f164b14da3816d071f8bcccb2142bf4e7bf65a85d43280942a826c3319075d235cdb089dabc2de6570525cf499108416ccbf6b2eb5890bd182d8fbfd2d526568218c4364e4871bb8b9dbe6dd6d6b9b922064d0e323210ef00b838de4d512a3f5c4942bdd64d8b6a5724bd3748c65013df684afb531b8ba1d4dff67ab2181ccf5b86477523c2e5f19d3ee38f89eb8e7e305b809058e285f496008d3ff74df0b426a24fc51f24a5778678d21ef67de81235f9a3d5cfaa32655566bee175f48d3ad7d829b7829b614ecea6be065927b2e7d329cd34b07e0136c8a5d78b6e160d0f387403fc46a7f812007e8733b8704bb2a026767e7980e96580af1ddd09c3b4d9367d71b53f0efe37b74ca6b195c13721f3a278f3e11b26de9b09e425092b33a7e169d3855475a4bd4c84e6130076da2ccbd040fd237d38382b38d9045c5cafaaddb5c543b8e51fb9f1e9629133ebe1e1d3ee47cf597e55c75d246925da1ba5b4b26c01b6e18fc07d4a4ccbc424a89a2d4726d86a8e3821a3547b0b790844e6d4157b96705b3490565411bf7d56784187da98588782e293d60f4990915b89629e9acfce31473119f0012c74d5a4e74a708a1248a0e6b28cb040d97dc5e0f3015cc6774bde6db1d89b352a352a3056964fbaba3e2a30c26ec1595fa48549009ef995fb7bbf4ae74688b44a59e9cf03fd4142929e8b687ad2865da82c739b0aaa553736206dd312c41612a8b7298e68b8df974cfd3b087fb806e2be40e632575fa302388830c222683e8bdc7c5cba25ae9250a5aaadf821070476a8dbead4c0a65acb825668f203465838e8c054ce257cc8ab7d6e040d2ed4d1f8888e630cba7f80f82ef311f7705ec7b009e11b3a06108d6428045efa0999132561000d54aa8adffb07b0a326ac1e88b87a3a550a108653a01c2e71d8fbf1a883e3c182528cdec3909edea6d0049e1f63bda7676805428494d7de006368102ab84a0ac226cf2696c9dcc01eee621cd3e4fe00b69c3116d0c511729ef9f953bd6b3b94e7324d15e1c6023f61fd16b40c003cef3e60c77edf55168bd4a1d0dbdc99417a4127bfb813f38257bdb00df2590f3fc722e1831cd04edb0bf0180578297cd19a2d1e1b9380b7c0f47fd679be86bda0b4aa1df54f22dccf6d48bec36930e46367da62b724e71654a1f145e0331772fddc946b207356714200cff9eb78c6f746b5da2872feb3362d32ad130b668c1e9f4a242433dc73237112e43d2e4ef9d1943eea466dbdf1f747ad68d4aec6d5a81b8410842ec746a03bf4d4206ee439b1818e96a1b9cb6409656fd766e8b5e381f675057e446eb2a1e86e382525cbeb33dce371830dc9f4e0a68ebf8033d55a67840e3f6ac0fc7dbd92475e571005715ee07718fb83153c5c6b91cdd38a5fb7cf2aa8fb6f73d4e08a2e89b24480fcb345a0ce3ac7d366199f1347d305bbc0ecf91e171f38622042364c233e603cce33327cf5a825f2dfe3479aa979a1e090ad43b1fbca73b45b5e3af5fb3532354b17d662360daaacfed52e588eb82ff55c1d7b3e4d26de60087779a4e00a7c187680cfaf61679f0585aa8ca1bfd3d2bdf19b7fbe604432d152960023683b2ccb02494a6f757c7b83e6debbaba1d506956cdad64de0e91fe5000e9791e5a589ebb33d8e73f658d13a8992d906a4f6e766b71d2281e64cbc2e7276d177696d063bbaae7c105971bffdc566d1a4fa55a883ed8bf524f81d87938b3e2cf50588b92956facb678152d9e5a0f7757e356dfa6598cdeb9935713981d6b5587aed6ac9c532d39b90bd0b783e47758f68c559b6d2a06070fd0836400a67fae17d23bb3b15e68926f3d04dee6f08fa1f066b11908d10a331432391e94cc3a4f4ca29a362f5ae0bd8d8993e1799a611506a57e84bf6414b44c590a6c5297c43fbaa2d20890bc1e55ee57f74d696840bf9c16290186e7175c086d252eaabd5c4759891c7d95ae77e6d19db8e5fc6621a66f4a33ea4eb41cffa0f098371cab6b3ae18e450a", 0x801, 0xfffffffffffffffb)
r3 = add_key(&(0x7f0000000040)='rxrpc_s\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000000c0)="cb8e056b5844710e072351f4fa3fa6aa444f5d6c6c262627d52df1db2e4e957020809bb281bf510845f6184ea2f93cdf795c434b504730d9b2a3660837e166ac5eb85ca3c3d1c217052cb87b54b9a3e240aecf2dac3af7871b32bc770a897ed56e7627745d729fd10899d079ae788a6be21144b82ab6f28c1c1f608ef3a56178244f121002804f3fbeb43e829ec2521fc8ae462b9e92a55fe4be65c22f7d0290b80af02de315f0565c55129ba302c3c440578ce1b1f3ef9356bafe358e37d9f384635e44bccddc611886a5be", 0xcc, 0xfffffffffffffff8)
r4 = add_key$user(&(0x7f00000002c0)='user\x00', &(0x7f0000002300)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000300)="81492224", 0x8433233611e896ef, r3)
keyctl$get_security(0x11, r1, &(0x7f0000000380)=""/17, 0x11)
keyctl$dh_compute(0x17, &(0x7f0000003340)={r1, r2, r4}, &(0x7f0000003380)=""/26, 0x1a, &(0x7f0000003440)={&(0x7f00000033c0)={'crct10dif-pclmul\x00'}, &(0x7f0000003400)})

2018/04/06 01:05:23 executing program 5:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2)
read(r0, &(0x7f00000000c0)=""/115, 0x73)
ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000040)=0x9)
r1 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x400000)
read(r1, &(0x7f0000005000), 0x0)

2018/04/06 01:05:23 executing program 1:
r0 = syz_fuseblk_mount(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='comm\x00')
getsockopt$llc_int(r1, 0x10c, 0x9, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r2 = syz_fuseblk_mount(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
dup2(r0, r2)

2018/04/06 01:05:23 executing program 0:
r0 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'sit0\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0x402})
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0xffffffff, @hyper}, 0xfffffefa)
r1 = syz_open_dev$tun(&(0x7f00000002c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000180)={0x20000000000002ac, &(0x7f0000000140)})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102})
syz_open_dev$tun(&(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x22080)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000300)={{{@in=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@loopback}, 0x0, @in=@multicast2}}, &(0x7f0000000040)=0xe8)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000080)=r2)

[  110.464328] binder: 9897:9898 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:23 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:23 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:23 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r1, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  110.609660] binder: undelivered TRANSACTION_ERROR: 29201
[  110.649667] binder: 9938:9939 got transaction with invalid offsets ptr
2018/04/06 01:05:23 executing program 1:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
rmdir(&(0x7f0000000080)='./file0\x00')

2018/04/06 01:05:23 executing program 7:
r0 = syz_open_dev$binder(&(0x7f0000008ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0xa0)
ioctl$KVM_GET_XSAVE(r1, 0x9000aea4, &(0x7f0000000480))
seccomp(0x1, 0x0, &(0x7f0000e8c000)={0x1, &(0x7f0000000000)=[{}]})

[  110.666750] binder: 9938:9939 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:23 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1300, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:23 executing program 3:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x4ab, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abcfff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x4000, 0x0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f00000000c0)={<r2=>0x0, 0x9}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140)={r2, 0x6}, &(0x7f0000000180)=0x8)
syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xddf000)=nil, 0xddf000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x0, 0x0)
close(r0)

2018/04/06 01:05:23 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

[  110.732012] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:23 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000000040)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00004ca000)={&(0x7f0000690000)=ANY=[@ANYBLOB="1400000001010100010000000000000000000000"], 0x14}, 0x1}, 0x0)

[  110.820856] binder: 9957:9959 got transaction with invalid offsets ptr
2018/04/06 01:05:23 executing program 1:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f000045fff8)={0x0, <r1=>0x0})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xca9000)=nil, 0xca9000, 0x5, 0x10, 0xffffffffffffffff, 0x0)
ptrace(0x4207, r1)
ptrace$getenv(0x4201, r1, 0x7fff, &(0x7f0000000000))

2018/04/06 01:05:23 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000265ff7)='/dev/sg#\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000180)={<r1=>0x0, 0x88, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x40, @ipv4={[], [0xff, 0xff], @rand_addr=0x8}, 0x10001}, @in={0x2, 0x4e23, @multicast2=0xe0000002}, @in6={0xa, 0x4e20, 0x7, @mcast1={0xff, 0x1, [], 0x1}, 0x5}, @in={0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}, @in={0x2, 0x4e21, @multicast2=0xe0000002}, @in={0x2, 0x4e22, @broadcast=0xffffffff}, @in={0x2, 0x4e21, @broadcast=0xffffffff}]}, &(0x7f00000001c0)=0x10)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000200)={r1, 0x3}, &(0x7f0000000240)=0x8)
socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl(r0, 0x227e, &(0x7f00000000c0))
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000040)=[{0xb, 0x9}, {0x4, 0x2}], 0x2)

2018/04/06 01:05:23 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x4, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:23 executing program 7:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x400000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x48, 0x0, &(0x7f00000000c0)=[@register_looper={0x630b}, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000080)}}], 0x48, 0x0, &(0x7f0000000140)="cfa4e34a16225a2fcfe0e17283a6204dd219e519b34b8f961b2d4c2b1f9740866d2ed92997d3cfdacd4d90798bb26ae4ec6d1102999d6ce03313184c14f0167858e909a51d55684a"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000449fd0)={0x4, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='(c\x00\x00'], 0x0, 0x0, &(0x7f0000000040)})

[  110.882152] binder: 9957:9959 transaction failed 29201/-14, size 40-29 line 2991
[  111.027151] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:24 executing program 5:
r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x100000000, 0x0)
ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x39)
r1 = syz_open_dev$sndctrl(&(0x7f0000425000)='/dev/snd/controlC#\x00', 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000140)=""/233)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$LOOP_GET_STATUS64(0xffffffffffffffff, 0x4c05, &(0x7f0000000040))

2018/04/06 01:05:24 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r1, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:24 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:24 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0xff, 0x20500)
ioctl$sock_ipx_SIOCAIPXITFCRT(r1, 0x89e0, &(0x7f0000000080)=0x5)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x20100, 0x0)
sendmsg$nl_netfilter(r0, &(0x7f0000498000)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00008b7ff0)={&(0x7f0000000540)={0x1c, 0x1, 0x2, 0x403, 0x0, 0x0, {}, [@nested={0x8, 0x7, [@generic="e0"]}]}, 0x1c}, 0x1}, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000000c0)={[{0x80000000, 0xf75, 0xfffffffffffff7a9, 0x6, 0x7fffffff, 0x6e2b8428, 0x6, 0x83, 0x400, 0xeb51, 0x4084, 0x17}, {0x2, 0x7860, 0xffff, 0x9, 0x100000001, 0x1, 0x5, 0x8000, 0xbb, 0x0, 0x9, 0x0, 0x1890}, {0x0, 0x8, 0x0, 0x1, 0xfffffffffffffffa, 0x1, 0xf682, 0xcdc, 0x400, 0x0, 0x634, 0xd7, 0x5}], 0x7})

2018/04/06 01:05:24 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x7, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:24 executing program 7:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x5, @remote={0xfe, 0x80, [], 0xbb}, 0x1}, 0x1c)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000360000)={0x0, 0x0, &(0x7f000035d000)={&(0x7f000033c000)={0x2, 0xd, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2}}]}, 0x28}, 0x1}, 0x0)

2018/04/06 01:05:24 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r1, 0x81785501, &(0x7f0000000040)=""/129)
write$binfmt_misc(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a31c75b9cf00a9fa7ef04f7174d819e3cf0111aee31c30cc939410d3a21d459eb3b87edbaae3efb8e2dbccd1d5989a342cbcd4a4e8bbace20a2a052ebbb83235c86bb15f2c26bfed30e04de93be5a276b4b0e69d07a3e79151699dce135904c49d7a3cf8c8e1dcb874a8f4abc9021ffa839c8c2ecc2a30ef24474497cee953cf8eff6c50bebc570d796a6068ea2247baf7286dc3933251f0e1aefd1a9a8da61a0409474a028b9eab01d73607205dffda52d837d668d7535d9bb23a3faf8ae9b6c119e7a5315033d13d8e476a26c5ed74be372c24f"], 0x88)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000100)={0x0, 0x10, [0x9, 0x100000000, 0xffffffff, 0x8]})
syz_emit_ethernet(0x0, &(0x7f0000000000)=ANY=[], 0x0)
fchmodat(r0, &(0x7f0000000140)='./file0\x00', 0x122)
setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000180)=0xffffffffffffff68, 0x4)

2018/04/06 01:05:24 executing program 3:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x9, 0x32, 0xffffffffffffffff, 0x800)
r0 = userfaultfd(0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_extract_tcp_res$synack(&(0x7f0000000080), 0x1, 0x0)
r2 = syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x2, 0x40400)
ioctl$EVIOCSABS2F(r2, 0x401845ef, &(0x7f00000006c0)={0xdb70, 0x0, 0x6, 0xff, 0x7, 0xfffffffffffffffd})
socket$alg(0x26, 0x5, 0x0)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000240))
openat$dsp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp\x00', 0xfffffffffffffffd, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(0xffffffffffffffff, 0x111, 0x2, 0x1, 0x4)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001fe8)={0xaa})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1})
syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
fgetxattr(r1, &(0x7f0000000540)=@known='system.sockprotoname\x00', &(0x7f0000000580)=""/221, 0xdd)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000100)='memory.high\x00', 0x2, 0x0)
write$cgroup_type(r4, &(0x7f0000000000)='Phreaded\x00', 0x1)
socketpair$inet6(0xa, 0x800, 0x1, &(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, &(0x7f0000000280)=0x4)
ioctl$sock_ifreq(r5, 0x89b3, &(0x7f00000004c0)={'eql\x00', @ifru_hwaddr=@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x11}})
lseek(r0, 0x0, 0x7)
getpeername$inet6(r2, &(0x7f0000000700)={0x0, 0x0, 0x0, @local}, &(0x7f0000000740)=0x1c)
getsockopt$inet_dccp_buf(0xffffffffffffffff, 0x21, 0x80, &(0x7f00000000c0)=""/151, &(0x7f0000000180)=0x97)
close(r0)

[  111.642661] binder: 10001:10003 got transaction with invalid offsets ptr
[  111.644531] netlink: 'syz-executor1': attribute type 7 has an invalid length.
[  111.669710] binder: 10001:10003 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:24 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000)='/dev/ptmx\x00', 0x1000002, 0x0)
perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x9, &(0x7f0000ac0f68)={0xffffffffffff19f8, @in6={{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}}}, 0x98)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000040)={<r3=>0x0, 0x4}, &(0x7f0000000280)=0x8)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f00000002c0)={r3, 0x7e, "eb5704862fe36ac4602ca8f8350ebfc07cac8b28353b7529982f3417b1747a2e328d9ac9a6f65430ceec02bc96fdf201c9e48053543fa0438a06e8e004484353e2fd2ac0838c9ce7996452e22c0b88b590affabede82bf4204355e5fbbece80f9d4357f43345e686a7a94000f40a75555dd173af866f33ac96a78f8f3b58"}, &(0x7f0000000380)=0x86)
sendto(r1, &(0x7f0000000280), 0x0, 0x4, &(0x7f00000001c0)=@ethernet={0x306, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x80)
ioctl$TCXONC(r0, 0x540a, 0x80000001)
ioctl$TCXONC(r0, 0x540a, 0x2)
ioctl$TCXONC(r0, 0x540a, 0x1)
ioctl$TIOCSCTTY(r1, 0x540e, 0x6)
r4 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x4, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffff9c, 0x84, 0x1d, &(0x7f0000000100)={0x2, [0x0, 0x0]}, &(0x7f0000000140)=0xc)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000180)=@sack_info={0x0, 0x8, 0x1}, 0xc)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = dup3(r7, r6, 0x0)
ioctl$KVM_GET_LAPIC(r8, 0x8400ae8e, &(0x7f0000001280)={"a004aea3b372cfdcbb693652c686565fde2899ef748a52f790923a3392f915e1bfc804f67af9748a78917dba254f7887c965307fe1be7414af7de1e467b68887f98f65e678e8b3bf67b5b66ca0d6e9f4f37d0df136ce275a1e44f7a135f568ed03eb2af39a3a28e262f3f0c892579ac7525536aee01e44b61039e73678fd2f67c1e883f5b78e2a3bdd99ed04c5611d6a9b42f5c3497805b8ee0ca686e98c8b69e040560164fefaffa24620b18bbc58d85e25d59e78514860ef85f5a504b8f337467e98dc42fe360e7664a498d176a1981b7aedace0b074228bfd7510a4a2563592717281cf965adc6d7a038712b8d68886c8ea38acb4ff8bfabe4ace2c59d651ea17ea6d856243d71b6cd8de16fc82c1299bb53ea2c17df582f2e27fde6723794ccb81b2217bf2b3ccdc8ab1f07662ad29a26915fa6f3175a1117368bc831bae146414e911162972a0abcfdcb9e47f1cb1e70645cba8959083a983c1917d9bcdaf136b5a99b3b27601346115c27cb5794229783bc70b3e2e4c864cc205e0b2fd79abfe42ab6daf71e8bb5476ee55b49a13b54bcbf8f2b3f3102437e693fd202768bda62e6e56bc775f2aeab2ff2870d427ef868375dc2e9671f0fd33061a30292a68bcfab3e6017dcdf8aa39b27ca62918a7b07b69cd356378b0ae01f211b6589fb8e349a59ff657d3c4a82c10d3cfdd62305c3f54fc1f90c640cf45dec0191a51de10be70d0ac49b24dc02fbad93597975672f56d47b12d3e8c7fec5dd72ea9e8ab2181ea8afd0b76ada85913848dbf149cf614c7ded480fc7b0bff1f49fac30dcbd71c8772138c61b6577a6f4c3bbbb3a461277f34964d0f84d4c02399ad1f205f8ab9b79a8451f9b9fb4a48e7dd79f64803dfe5ebab42093c68f40fd75d75424620f3343c96b6bfca4172117d687c62a92bdf0120815eefca9fbb2d77dcae2a789cc4b3abb21ba9c691d7bd7cf214a576afdcfd96b1dabb56cb1fa8671574c051e320bd9ebe918961b98f8ba1e2837e60179d18f89c11b7b42f2236e1e467119c9c6709930812fc65b574620f7b519b957c2dc2aa58e464794a91b99b3caf1eb931c13d4efbc1d6e6f25a0237997740277d880fb8309bcfa8f2c4e7ad107c153033b5f4a4562891e2245163fe6f4a23d55801325fad8908ecbe4cfb69ba2030871dc6aa22ba41faff021db7f5d2808cf70484d086fd0e4aac8483d3459e25d39d11e789c30cb1bae862eabda65ad6bbd59d2c7a35900643dc39dab26b612a4578fa245bd79e771e93ed586a71848717ab5c1a6266b137c83332fef52d2b7ce076923df52b92220abfa659a0ad938d9630bd686c493b35c52d872255594aa12810d04890af0cb30f1d6b8d9c5ee1579d388daa2bfbcc0b17d623bf703d9e5b2f7ca3c20ac86985cd0b2b1e77eb7cf71d5d67945abd871837334c49718336e4"})
semctl$SEM_STAT(0x0, 0x1, 0x12, &(0x7f0000000000)=""/25)

2018/04/06 01:05:24 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x8)
r1 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x1000, 0x0)
setitimer(0x1, &(0x7f0000000100), &(0x7f0000000140))
ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f00000000c0)={0x5, 0x5000})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'teql0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000003c0)=@ipmr_getroute={0x14, 0x1a, 0x307, 0x70bd2d, 0x25dfdbfb, {0x80}, ["", "", "", "", ""]}, 0xfffffffffffffe8f}, 0x1}, 0x0)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000180)={{0x2, 0x4e24, @broadcast=0xffffffff}, {0x0, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x38, {0x2, 0x4e23}, 'lo\x00'})

2018/04/06 01:05:24 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x8, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  111.751346] netlink: 'syz-executor1': attribute type 7 has an invalid length.
[  111.815735] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:24 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000fe9ff6)='/dev/ptmx\x00', 0x0, 0x0)
r1 = epoll_create(0x800)
r2 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x400, 0x20)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000080)={<r3=>0x0, @in={{0x2, 0x4e24}}, 0x9, 0x7}, &(0x7f0000000140)=0x90)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000180)={r3, 0x900}, 0x8)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040))
r4 = syz_open_pts(r0, 0xa002)
dup3(r1, r0, 0x0)
getpeername$ipx(r2, &(0x7f0000000000), &(0x7f0000000200)=0x10)
close(r4)

2018/04/06 01:05:24 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:24 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:24 executing program 3:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
mmap(&(0x7f0000000000/0xd25000)=nil, 0xd25000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r1 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x2, 0x10202)
ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f00000002c0)=@ioapic)

2018/04/06 01:05:24 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000800000000002000000e0000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000caa0dd99ff00000000000000000c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x8c)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x6, <r1=>r0, 0x1})
ioctl$EVIOCSABS0(r1, 0x401845c0, &(0x7f0000000040)={0x7, 0x0, 0x80, 0xf40, 0x1})
personality(0x414000e)

2018/04/06 01:05:24 executing program 0:
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open$dir(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
getdents(r0, &(0x7f00000013c0)=""/4096, 0x18)
getdents(r0, &(0x7f0000000140)=""/231, 0xe7)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x501000, 0x0)
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r1, 0x800455d1, &(0x7f0000000240)=""/73)

2018/04/06 01:05:24 executing program 7:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1003, 0x1)
bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x1, 0x2, 0x1000000000000, 0x800000, 0x0, "6cb782e4ad88b89d1fd309169f44812107130ee55db70510420aaa96759ecbc36eb9bb12b6124793608dd0e7316d1d4f4dbac39806e4ac714b7ecefa8a934a", 0xb}, 0x60)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$rdma_cm(0xffffffffffffff9c, &(0x7f0000001340)=@create_id={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000001300)={<r2=>0xffffffff}, 0x111, 0x8}}, 0x20)
write$rdma_cm(r1, &(0x7f0000001380)=@reject={0x9, 0x108, 0xfa00, {r2, 0x47, "0b55d9", "84e8552f0fe7f34ce731ff810c752d819ee4446e4c85c96f63759eb6c97c8b892e37bdd083e2fbe843659d2e580e9794532136cebb74a0dec91552a03756193120eb1f4d553db9c54ef4ee6e3563bceaa7138fc56721f1b749d3b0d4a84ffeb1ce920847071eb1c40816cfe9ff69933efcb16924c965f3f2d3b74e4f8d3e491c68faca096148c0c7830041ef39e0c19f565d3f5030f5fabd53f172851ce799e32d7d750e20b53f42cf5e7b82631b93df709e4857dee281a437daa9e2a87a6a515bac2ce649f72ce35443c089d17b3b6e1e87ca469a5a761c24c31f295955ace009761e96ed33ba73507e6cea98e0ec0494d39c1ae525cfbeca4796dc51ba277a"}}, 0x110)
socket$inet_smc(0x2b, 0x1, 0x0)

2018/04/06 01:05:24 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x20000200, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:25 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x100000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  111.975948] binder: 10045:10047 got transaction with invalid offsets ptr
[  111.998233] binder: 10045:10047 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:25 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:25 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
pipe2(&(0x7f0000e3eff8)={0x0, <r2=>0x0}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
dup3(r3, r2, 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000000080)={0x1, 0x31, 0x2, 0x7, 0x1})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

2018/04/06 01:05:25 executing program 7:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f00000004c0), &(0x7f0000000500)=0x2)
ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000040)={'erspan0\x00', @ifru_names='ip6gre0\x00'})
r1 = accept4(r0, 0x0, &(0x7f0000000000), 0x80800)
getsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000080)={@multicast2, @broadcast, @local}, &(0x7f00000000c0)=0xc)
fchdir(r0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000100)=0x8, 0x4)

2018/04/06 01:05:25 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:25 executing program 5:
mkdir(&(0x7f00008e9ff8)='./file0\x00', 0x0)
mount(&(0x7f0000b29ff8)='./file0\x00', &(0x7f00008f8ff8)='./file0\x00', &(0x7f000067f000)='mqueue\x00', 0x0, 0x0)
r0 = open$dir(&(0x7f000001bff4)='./file0\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000000000)=""/4096, 0x1000)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001000)='/dev/mixer\x00', 0x202000, 0x0)
clock_gettime(0x0, &(0x7f0000001040)={<r2=>0x0, <r3=>0x0})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0x402c5342, &(0x7f0000001080)={0x351bc07e, 0x7, 0x80000000, {r2, r3+30000000}, 0x2, 0xfffffffffffffffa})
openat$audio(0xffffffffffffff9c, &(0x7f00000b5000)='/dev/audio\x00', 0x41, 0x0)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getdents(r0, &(0x7f0000000180), 0xffffffffffffff80)

[  112.099972] binder: undelivered TRANSACTION_ERROR: 29201
[  112.179785] binder: 10080:10081 got transaction with invalid offsets ptr
[  112.215279] binder: 10080:10081 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:25 executing program 5:
syz_emit_ethernet(0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="0180c20000020000000000008137ffff005e0911ffffffff000000000000000400000000a63a088a2417ff5e7d52e02d62ca40afff37703dfa389ca1a01fa2f2f1e21ccfc8c2911bf7327765f384162d6211b788c33ee52f7283057d52d82ac4b388366b135db7ae7c182025e03dc4e1f42a81713d9b4dfe255ec7f575fc22b1c5f8bc25df20ff95e8c98084b77329795f862ec443c581c72aceea69e951237a61fcb461cf8011804b2370522a2219df6d5b52734e1c8bf1a55bde58592b34821f5f7de6b142c67ea522c1d4c8e20f9d0d3a8947e3e5fd4055686d290fef00000000000000000000000000"], &(0x7f0000000080)={0x0, 0x4, [0xeed, 0x30c, 0xd92, 0xca2]})
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0x7, 0x4, 0x10001, 0x10001}, 0x2c)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhost-vsock\x00', 0x2, 0x0)
io_setup(0x4, &(0x7f0000000200))
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10)

2018/04/06 01:05:25 executing program 7:
r0 = gettid()
capget(&(0x7f00000008c0)={0x19980330, r0}, &(0x7f0000000900))
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

2018/04/06 01:05:25 executing program 6:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:25 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:25 executing program 1:
syz_emit_ethernet(0x46, &(0x7f0000000180)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @link_local={0x1, 0x80, 0xc2}, [], {@ipv6={0x86dd, {0x0, 0x6, "d978ea", 0x10, 0x3c, 0x0, @local={0xfe, 0x80, [], 0xaa}, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, {[], @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0952c8", 0x0, "79f777"}}}}}}}, &(0x7f0000000580))
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000040)={0x6, 0x7c7, 0x78d, 0x101, 0x6, 0x0, 0x4, 0x7, 0xfff, 0x20})

2018/04/06 01:05:25 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/autofs\x00', 0x80000, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r1, 0x111, 0x2, 0x1, 0x4)
unlink(&(0x7f0000000040)='./file0\x00')
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
ioctl$LOOP_SET_CAPACITY(r1, 0x4c07)
listen(r2, 0xaaf4)
connect$inet6(r0, &(0x7f00001cd000)={0xa, 0x4e22, 0x0, @ipv4={[], [0xff, 0xff]}, 0x1}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000080)=0x2, 0x4)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000100)=[0x0, 0x0, 0x0], 0x3})
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000140)=<r3=>0x0)
sched_setscheduler(r3, 0x3, &(0x7f0000000180)=0x9)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x9, {0x7, 0x8, 0xad0, 0x1, 0x4, 0x20}, 0x101, 0x5}, 0xe)
fchdir(0xffffffffffffffff)
setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000040)={0x0, 0x5}, 0xc)
r4 = creat(&(0x7f0000001840)='./file0\x00', 0xffffffffffffffff)
inotify_init1(0x0)
ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0xe7)
write$cgroup_pid(r4, &(0x7f0000000100)=ANY=[], 0x1023c)
mq_open(&(0x7f0000000240)='/dev/autofs\x00', 0x800, 0x2, &(0x7f0000000280)={0xfffffffffffffffc, 0x0, 0x2, 0x100, 0x5, 0x101, 0x7, 0x8})
ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f0000000480)=ANY=[@ANYBLOB="4b6323d4c5"])
ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000000200)={0x80000000})
gettid()
mknod(&(0x7f0000000440)='./file0\x00', 0x0, 0x1)
setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f00000000c0)=0x1, 0x4)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000780)=ANY=[@ANYBLOB="00000000000000000a004e2400000000ff010000000000000000000000a156885205566c9705c5000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000eeff08000000000000000021000000000000000000000000000000040000000000000000000000050000000a00000004010000fe800000000000000000000000000017000400f40a000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000aba955427d6dda72ddc62c8787199400000000000000f65d0000000000000000000000000000000000000000000000000000000000000000000000001c8d985cdfaa8c7216b8a4a3183d653787c006f6d1c70dbccec9c4db26d6429794ffc70f4daa5e0405f40f091a341677db7c52cb4b6338ddc0eed4d3468928343a9ad3640c0bac9efac4c1cd9c7913ddc0ae86e25bbe425ae6f114e3a2c4589de7d1577b7da37a43906dd076c0faef84d5cc39ee91fda52a52f3f9858ae6380821e023fc9968685e9d2b0035d95996d0bfd836cb76ab315686a66b4bf41be6fd6c3ea2329e1a4daa897014faf549797720f7bcf7f7e5740cce2b036154246fcf800cca2f38c03a1d9d199a8ed2f1912c624ca39b31737949b3b4eec95a8dd4bec6cca60f1456fab1eba94141cba75aa6cd2c1120432dd29591f1abcbf8d04eebcbcaa6b9d0b3f0b79409df5b4679f7085c99afffc57a5a59dc98d67c0240a438d159ce13"], 0x1)

2018/04/06 01:05:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00006a4ff7)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pipe2(&(0x7f0000e3eff8)={0x0, <r2=>0x0}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
dup3(r3, r2, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae9c, &(0x7f0000000040)={0x1, 0x0, [{}]})

2018/04/06 01:05:25 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x8000000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  112.309201] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:25 executing program 7:
timer_create(0x0, &(0x7f0000cd0000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f00004b1fe0)={{0x0, 0x1c9c380}, {0x0, 0x9}}, &(0x7f0000040000))
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000080))
ftruncate(r0, 0x7fff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000f40000)='/dev/ptmx\x00', 0x200000000101002, 0x0)
sendfile(r1, r0, &(0x7f0000b4bff8), 0x100000002)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x3)
r2 = getpgid(0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x6)
tkill(r2, 0x1000000000016)

[  112.383142] binder: 10098:10104 got transaction with invalid offsets ptr
[  112.438676] binder: 10098:10104 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:25 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x20020, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:25 executing program 1:
r0 = syz_open_dev$sndmidi(&(0x7f00000000c0)='/dev/snd/midiC#D#\x00', 0xd5c, 0x4000)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000100)={<r1=>0x0, 0x5}, &(0x7f0000000140)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={<r2=>r1, 0x3c, &(0x7f0000000180)=[@in={0x2, 0x4e23, @broadcast=0xffffffff}, @in={0x2, 0x4e24, @multicast1=0xe0000001}, @in6={0xa, 0x4e21, 0x0, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x618}]}, &(0x7f0000000200)=0x10)
setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x10)
r3 = socket(0x11, 0x4000000000080003, 0x0)
setsockopt(r3, 0x107, 0x5, &(0x7f0000000040)="7c482b9078bf14627073a8ad95696f46877c0d2c8ce23c923f8b0e9bebf2ca7ec8ade9e05beec5059324e07ae669fd70c5b06bc67f247a0f9fd6eba1d6dd67461ec59d379ab62e909a07a647973d", 0x4e)
getsockopt$inet_sctp_SCTP_STATUS(r3, 0x84, 0xe, &(0x7f0000000240)={r2, 0x7, 0x3ff, 0x6, 0x5aea2985, 0x3f, 0x80000001, 0x800, {r2, @in6={{0xa, 0x4e23, 0xffffffff, @remote={0xfe, 0x80, [], 0xbb}, 0xfffffffffffffff8}}, 0xbdd, 0x5, 0x2, 0x1, 0x800}}, &(0x7f0000000300)=0xb0)
setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000a22000), 0x4)
setsockopt$inet_mreq(r3, 0x0, 0x24, &(0x7f0000000000)={@rand_addr=0xbc, @local={0xac, 0x14, 0x14, 0xaa}}, 0x8)

2018/04/06 01:05:25 executing program 6:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:25 executing program 0:
socketpair(0x8000000000001e, 0x1, 0x0, &(0x7f000000dff8)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$sndseq(r1, &(0x7f000082cf40), 0x2082cf40)
recvmmsg(r0, &(0x7f0000005040)=[{{&(0x7f0000000100)=@sco, 0x80, &(0x7f0000000280)=[{&(0x7f0000000180)=""/253, 0xfd}], 0x1, &(0x7f00000002c0)=""/80, 0x50}}], 0x1, 0x0, &(0x7f0000005280)={0x77359400})
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000040)='fou\x00')
sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r2, 0x300, 0x70bd2c, 0x25dfdbfc, {0x2}, [@FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_TYPE={0x8, 0x4, 0x2}, @FOU_ATTR_TYPE={0x8, 0x4, 0x2}]}, 0x34}, 0x1}, 0x0)
inotify_add_watch(r1, &(0x7f0000000380)='./file0\x00', 0x40)
close(r0)

2018/04/06 01:05:25 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prctl$setname(0xf, &(0x7f0000000200)='broute\x00')
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000001080)=@broute={'broute\x00', 0x20, 0x2, 0x3a8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000c00], 0x0, &(0x7f0000000bc0), &(0x7f0000000c00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b0000000000000000006263736830000000000000000000000073797a5f74756e000000000000000000726f7365300000000000000000000000697036746e6c30000000000000000000ffffffffffff000000000000de501b28aebc00000000000000007000000070000000c000000049444c4554494d4552000000000000000000000000000000000000000000000028000000000000000104000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff01000000190000000000000000006e72300000000000000000000000000073797a6b616c6c65723100000000000065727370616e3000000000000000000067726574617030000000000000000000aaaaaaaaaa00000000ff00000180c20000000000000000000000d80100000802000058020000636f6e6e627974657300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000434f4e4e5345434d41524b000000000005000000000000000000000000000000080000000000000001000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a30000000000000000000000000000000000000000000000000000000000000000000004000"]}, 0x420)
getsockopt$inet_int(r0, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = syz_open_dev$sg(&(0x7f0000000240)='/dev/sg#\x00', 0x7, 0x100)
ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f0000000280)={0x10001, 0x75, 0x7, 0x5})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f00000002c0)={<r2=>r0})
ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000000300)={0x0, 0x5, 0x100, &(0x7f0000000080)})
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000380)={{0x3b, @loopback=0x7f000001, 0x4e24, 0x0, 'sh\x00', 0x4, 0x8b36, 0x66}, {@empty, 0x4e21, 0x0, 0x0, 0x2, 0x9}}, 0x44)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000100)={<r3=>0x0, 0x4, 0x6, [0x5, 0x1, 0xbe, 0x4, 0x8001, 0x861]}, &(0x7f0000000140)=0x14)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000180)={r3}, &(0x7f00000001c0)=0x8)
ioctl$sock_ipx_SIOCIPXCFGDATA(r1, 0x89e2, &(0x7f0000000340))
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000000c0)=0xa, 0x4)

2018/04/06 01:05:25 executing program 7:
r0 = syz_open_procfs(0x0, &(0x7f0000c02fca)="6e732f6d6e7400c552c5ba9e2c33e308163dd83bbbef1a23efb866ab2c1b66c09db90000000000000006f4d0e9ae0e19c79a35b158ae")
setns(r0, 0x0)
setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f0000000000)={{0xa, 0x4e21, 0x4, @empty, 0x8}, {0xa, 0x4e24, 0x6, @empty, 0x2}, 0x4, [0x2, 0x1f, 0xffff, 0x8, 0x555, 0x0, 0x9, 0x1]}, 0x5c)
splice(r0, &(0x7f0000000080), r0, &(0x7f00000000c0), 0x7fff, 0x1)

2018/04/06 01:05:25 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:25 executing program 3:
unshare(0x8000400)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fcbff7)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000100))
ioctl$PIO_FONTX(r2, 0x4b6c, &(0x7f0000000000)="4d24df3dd0244ae74936cbcba7c8b6b0bc0005d9c3847155c6bef1478bbcd71ce1b63a24c3899e22ec2965")
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="670fc72b0f00581066b81db400000f23c00f21f8663502000a000f23f80f001bbaf80c66b8f86beb8666efbafc0cb0d4eed12b2e0fc72b0fc72d3e650f01ca8fe968024d1f", 0x45}], 0x1, 0x0, &(0x7f0000000000), 0x0)

[  112.535176] binder: undelivered TRANSACTION_ERROR: 29201
[  112.602615] binder: 10131:10132 got transaction with invalid offsets ptr
2018/04/06 01:05:25 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x4000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:25 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:25 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x78, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f000030efee)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c81, 0x0)
r1 = open(&(0x7f0000000500)='./file0\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c80, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x3, 0x0, 0x3}, &(0x7f0000000380)=0x14)
recvfrom$ax25(0xffffffffffffffff, &(0x7f0000000440)=""/100, 0x64, 0x0, &(0x7f00000004c0)={0x3, {"6b66c1c95d3a78"}}, 0x10)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x0, @loopback=0x7f000001, 0x4e21, 0x0, 'ovf\x00', 0x20, 0x800, 0x24}, 0x2c)

2018/04/06 01:05:25 executing program 6:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  112.655380] binder: 10131:10132 transaction failed 29201/-14, size 40-29 line 2991
[  112.673340] xt_connbytes: cannot load conntrack support for proto=7
[  112.679947] xt_connbytes: Forcing CT accounting to be enabled
2018/04/06 01:05:25 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

[  112.737670] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:25 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:25 executing program 3:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f000030efee)='/dev/loop-control\x00', 0x0, 0x0)
signalfd4(r0, &(0x7f0000000140), 0x8, 0x0)

2018/04/06 01:05:25 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x1000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  112.806783] xt_connbytes: cannot load conntrack support for proto=7
[  112.857199] binder: 10175:10177 got transaction with invalid offsets ptr
2018/04/06 01:05:25 executing program 5:
pipe(&(0x7f0000006c80)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe2(&(0x7f0000f61000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c)
r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000001f80))
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000021c0))
lstat(&(0x7f0000002200)='./file0\x00', &(0x7f0000002240))
gettid()
fstat(0xffffffffffffffff, &(0x7f0000003b80))
fcntl$getownex(r3, 0x10, &(0x7f0000005140))
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000005180)={{{@in6=@ipv4={[], [], @local}, @in6=@dev}}, {{@in6=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000005280)=0xe8)
getgid()
getgid()
getpgid(0x0)
getgroups(0x3, &(0x7f00000057c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff])
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000005800))
lstat(&(0x7f0000005840)='./file0\x00', &(0x7f0000005880))
getgroups(0x1, &(0x7f0000005900)=[0x0])
getegid()
stat(&(0x7f0000006000)='./file0\x00', &(0x7f0000006040))
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000006400))
stat(&(0x7f0000006580)='./file0\x00', &(0x7f00000065c0))
getegid()
getpgrp(0xffffffffffffffff)
fstat(0xffffffffffffffff, &(0x7f0000006740))
getgroups(0x1, &(0x7f0000006940)=[0x0])
tee(r1, r0, 0x1, 0x0)

2018/04/06 01:05:25 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f0000079fee)='/dev/input/event#\x00', 0x0, 0x1)
write$evdev(r0, &(0x7f0000057fa0)=[{{0x100000}, 0x0, 0x100000001}, {}], 0x30)
ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f0000000000)=""/48)

2018/04/06 01:05:25 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  112.922890] binder: 10175:10177 transaction failed 29201/-14, size 40-29 line 2991
[  113.008338] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:26 executing program 3:
r0 = socket(0x18, 0x0, 0x200000000001)
connect(r0, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x2, {0xa}}}, 0x32)
setsockopt(r0, 0x400000000000111, 0x1, &(0x7f0000000080)="4f4610cf", 0x4)

2018/04/06 01:05:26 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:26 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x4, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:26 executing program 0:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0xa202, 0x0)
write$sndseq(r0, &(0x7f0000789fd0)=[{0x0, 0x0, 0x0, 0x0, @tick, {0x4}, {}, @raw8={"7a88d654f95067fe68d2359f"}}], 0x30)

2018/04/06 01:05:26 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:26 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, &(0x7f0000925fe4)={0xa, 0x4e23}, 0x1c)
listen(r0, 0x8ed)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
connect$inet(r1, &(0x7f0000000400)={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10)

2018/04/06 01:05:26 executing program 6:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:26 executing program 5:
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000240)=@nat={'nat\x00', 0x19, 0x3, 0x970, [0x200019c0, 0x0, 0x0, 0x200019f0, 0x20002398], 0x0, &(0x7f0000000040), &(0x7f00000019c0)=[{}, {0x0, '\x00', 0x0, 0x0, 0x1, [{{{0x0, 0x0, 0x0, 'vlan0\x00', 'ifb0\x00', 'ip6gre0\x00', 'eql\x00', @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], @empty, [], 0x8b0, 0x8b0, 0x8e0, [@among={'among\x00', 0x81c, {{0x0, 0x0, 0x0, {}, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd]}}}}]}}, @snat={'snat\x00', 0xc, {{@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}}}}]}, {0x0, '\x00', 0x1}]}, 0x9f8)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0)
write$sndseq(r0, &(0x7f00000003c0)=[{}], 0xffffff1a)

2018/04/06 01:05:26 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x400000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  113.462225] binder: 10204:10214 got transaction with invalid offsets ptr
[  113.483916] binder: 10204:10214 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:26 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, &(0x7f0000f6f000), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)

2018/04/06 01:05:26 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:26 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
mmap$binder(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x3c, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='\x00c@@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f0000000000)=ANY=[@ANYBLOB="1500000000000000a40e54c391a6343dca452607d867eacad50a55474ff0c8bf74278f5592ebea473234deb73aecb755e888725c4c195bcd52bcbe5c83168d787da190afe0f2cf2e00c4fb80ede45befb9b69ccff3c0caa5694d459b1853324da9f4d7458d136beda5aba6d7dc4ddac203"]], 0x0, 0x0, &(0x7f0000000200)})

2018/04/06 01:05:26 executing program 6:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:26 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:26 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:26 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  113.575785] binder: undelivered TRANSACTION_ERROR: 29201
[  113.611770] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
2018/04/06 01:05:26 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:26 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x2002000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  113.676532] binder: 10231:10237 got transaction with invalid offsets ptr
[  113.695581] binder: BINDER_SET_CONTEXT_MGR already set
[  113.704867] binder: 10231:10237 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:26 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:26 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:26 executing program 6:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:26 executing program 5:
syz_emit_ethernet(0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd60eab88600442b0000000000000000000000ffff00000000fe8000000000000000000000000000aa0420880b0000800000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000"], 0x0)

[  113.751221] binder: 10234:10242 ioctl 40046207 0 returned -16
[  113.765786] binder: 10234:10242 got transaction with invalid offsets ptr
[  113.776660] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:26 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  113.806351] binder: 10234:10242 transaction failed 29201/-14, size 64-8 line 2991
2018/04/06 01:05:26 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:26 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x4000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:26 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  113.867130] binder: 10260:10261 got transaction with invalid offsets ptr
[  113.878805] binder: BINDER_SET_CONTEXT_MGR already set
[  113.900551] binder: 10234:10242 ioctl 40046207 0 returned -16
[  113.905974] binder: 10260:10261 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:26 executing program 7:
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  114.013135] binder: undelivered TRANSACTION_ERROR: 29201
[  114.027351] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:27 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
mmap$binder(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x3c, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='\x00c@@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f0000000000)=ANY=[@ANYBLOB="1500000000000000a40e54c391a6343dca452607d867eacad50a55474ff0c8bf74278f5592ebea473234deb73aecb755e888725c4c195bcd52bcbe5c83168d787da190afe0f2cf2e00c4fb80ede45befb9b69ccff3c0caa5694d459b1853324da9f4d7458d136beda5aba6d7dc4ddac203"]], 0x0, 0x0, &(0x7f0000000200)})

2018/04/06 01:05:27 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x0, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:27 executing program 5:
r0 = socket(0x200000000000010, 0x2, 0x9)
write(r0, &(0x7f0000000100)="1f000000f90300ff14001ae7071a250007160900040000000100000001f9f66d9a0000000000bbffff74dd677293e2515a7ccc47d4e9295f974f35ae04bcfc3e8c9fbd6ed988", 0x46)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000880)=<r1=>0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000008c0)={<r2=>0x0}, &(0x7f0000000900)=0xc)
r3 = syz_open_procfs(r2, &(0x7f0000000b80)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f02ae0000000000000035331ce39c5a350bbdbcb5da327c2bd96cb50339a5b10811da0c8d1576c7876563e7cc215fba8c14af2670e4b7f0ad5b002876251218846091cf145ec061f5b99352a37704d265e9f209859fefa8cbded6b11e42491923071587272fb5e13c447d10909f0eabe2703de0c5caefe604bd25fdc27ea7d6a339213e527d0b9037dc5f761bc90000d8fb847b7607c7872cbe67f8541ccaf30579eea403c9c9231b612705fe444fb05a11c7705afc3f8086a4d2248ca4bc44cad07ab9be215c9fca312de6bf8c810b11db08d3e535")
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000040)={0x4, {0x2, 0x0, @dev={0xac, 0x14, 0x14}}, {0x2, 0x4e23, @loopback=0x7f000001}, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x19}}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='syzkaller1\x00', 0x0, 0x0, 0x81})
epoll_wait(r3, &(0x7f0000000200)=[{}, {}], 0x2, 0x10000)
fcntl$setstatus(r3, 0x4, 0x6000)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000600)={0x0, {0x2}, {0x2, 0x4e21, @rand_addr}, {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x200, 0x5, 0x0, 0x7, 0x2, &(0x7f00000005c0)='erspan0\x00', 0x0, 0x5})
ioctl$sock_FIOSETOWN(r3, 0x8901, &(0x7f0000000e40)=r1)
pread64(r3, &(0x7f0000003c00)=""/4096, 0x1000, 0x1)
r4 = accept4(r3, &(0x7f0000000a80)=@alg, &(0x7f0000000440)=0x80, 0x800)
r5 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
fchdir(r0)
add_key$user(&(0x7f0000000940)='user\x00', &(0x7f0000000980)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000009c0)="8633dd4ac7cc39d52cbe16981c1ca7f708ba02b5b6523177aee0707e6e1465390d25a996d71de5b715cefc1b2a49e8ecd4925d8ddb1ad1051abf0ecc6dbdc44518896f71a0bbe2bfbf2dd6dc1d44bef72b4c4816a3677636bfb8e6e22bec3d0aa4362b5cb90bb44d95ae330b93e62e7c65de433cf093094779d7c390a8", 0x7d, r5)
sendto(r4, &(0x7f0000000cc0)="0a94c4f12bbeceaa0825815b5bdfafce048372330d5536422e73ef54b52a78dd04b2e8326ef68e5f40eca1ab5b8e5741302296f3edb82743d2528f68a6d8e4e1395d421755c9f62f6eb67d9360b785a75a85ec12272a752609403fcc7104237bbedbb0597644abd9c52df7827d81d81fba8ed996f12d8e35cd3a0dcde8171bd6aae44e3b228c2a52352a535820e4e07f39c01c4d79e348c0ff39b6e2889906f4b1a3e02931aa3af4f0a7eebf926bb30e01a643460b2737419b3b094a064db64929a7fe94e85d635de4239bf7b62e4a", 0xcf, 0x40801, &(0x7f0000000dc0)=@sco={0x1f, {0x4, 0x0, 0x1, 0x5d9, 0x58c, 0x3}}, 0x80)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f00000003c0)={0x5, 0x8201, 0x0, 0x3}, &(0x7f0000000400)=0x10)

2018/04/06 01:05:27 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:27 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x20020, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:27 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:27 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  114.139341] binder: 10288:10296 got transaction with invalid offsets ptr
[  114.161277] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:05:27 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:27 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:27 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x0, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:27 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x2002000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  114.182245] binder: 10288:10296 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:27 executing program 5:
mkdir(&(0x7f0000cb3ff8)='./file0\x00', 0x0)
chroot(&(0x7f0000000040)='./file0\x00')
mount(&(0x7f00005b9ff8)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sockfs\x00', 0x1000, 0x0)
chdir(&(0x7f0000cd2ff8)='./file0\x00')
symlink(&(0x7f0000ed6ffe)='..', &(0x7f0000000040)='../file0\x00')
open(&(0x7f0000000540)='./file0\x00', 0x0, 0x0)

[  114.223136] binder: 10293:10298 ioctl 40046207 0 returned -16
2018/04/06 01:05:27 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x44, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  114.300923] binder: 10293:10298 got transaction with invalid offsets ptr
[  114.323858] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:27 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x400000000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  114.350853] binder: 10293:10298 transaction failed 29201/-14, size 64-8 line 2991
[  114.387988] binder: 10321:10322 got transaction with invalid offsets ptr
[  114.435371] binder: 10321:10322 transaction failed 29201/-14, size 40-29 line 2991
[  114.448511] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:27 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
mmap$binder(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x3c, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='\x00c@@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f0000000000)=ANY=[@ANYBLOB="1500000000000000a40e54c391a6343dca452607d867eacad50a55474ff0c8bf74278f5592ebea473234deb73aecb755e888725c4c195bcd52bcbe5c83168d787da190afe0f2cf2e00c4fb80ede45befb9b69ccff3c0caa5694d459b1853324da9f4d7458d136beda5aba6d7dc4ddac203"]], 0x0, 0x0, &(0x7f0000000200)})

2018/04/06 01:05:27 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:27 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:27 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x8000000000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:27 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x0, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:27 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:27 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:27 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000640)={&(0x7f0000000540)={0x10}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)=@getlink={0x20, 0x12, 0x321}, 0x20}, 0x1}, 0x0)

[  114.484260] binder: undelivered TRANSACTION_ERROR: 29201
[  114.557481] binder: BINDER_SET_CONTEXT_MGR already set
[  114.564947] binder: 10339:10347 got transaction with invalid offsets ptr
2018/04/06 01:05:27 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:27 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:27 executing program 5:

2018/04/06 01:05:27 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x100000000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  114.599884] binder: 10340:10342 ioctl 40046207 0 returned -16
[  114.608666] binder: 10339:10347 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:27 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  114.641906] binder: 10340:10342 got transaction with invalid offsets ptr
[  114.681276] binder: 10340:10342 transaction failed 29201/-14, size 64-8 line 2991
2018/04/06 01:05:27 executing program 5:

2018/04/06 01:05:27 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:27 executing program 1:
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  114.695235] binder: undelivered TRANSACTION_ERROR: 29201
[  114.773422] binder: 10369:10370 got transaction with invalid offsets ptr
[  114.808361] binder: undelivered TRANSACTION_ERROR: 29201
[  114.823977] binder: 10369:10370 transaction failed 29201/-14, size 40-29 line 2991
[  114.879541] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:28 executing program 3:

2018/04/06 01:05:28 executing program 5:

2018/04/06 01:05:28 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:28 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x1000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:28 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:28 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:28 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:28 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  115.406178] binder: 10380:10381 got transaction with invalid offsets ptr
[  115.461589] binder: 10380:10381 transaction failed 29201/-14, size 40-29 line 2991
[  115.527996] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:29 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x13f}, 0x2c)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0xffffffffffffff11, &(0x7f00001a7f05)=""/251}, 0x18)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10)
socketpair$inet_udp(0x72b000, 0x6, 0x705000, &(0x7f0000000080))

2018/04/06 01:05:29 executing program 5:

2018/04/06 01:05:29 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(0xffffffffffffffff, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:29 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:29 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:29 executing program 4:

2018/04/06 01:05:29 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:29 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:29 executing program 4:
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000001080)=@fragment, 0x8)
sendto$inet6(r0, &(0x7f0000000a40), 0x9162, 0x0, &(0x7f0000000a00)={0xa, 0x4e22, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c)

2018/04/06 01:05:29 executing program 5:

2018/04/06 01:05:29 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:29 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x20000200, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:29 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:29 executing program 5:

2018/04/06 01:05:29 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:29 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(0xffffffffffffffff, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:30 executing program 4:

2018/04/06 01:05:30 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:30 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

2018/04/06 01:05:30 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x2002000000000, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:30 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300), 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:30 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(0xffffffffffffffff, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:30 executing program 5:

2018/04/06 01:05:30 executing program 3:

2018/04/06 01:05:30 executing program 5:

2018/04/06 01:05:30 executing program 4:

2018/04/06 01:05:30 executing program 3:

2018/04/06 01:05:30 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300), 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:30 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x8000000000000000, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:30 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x0, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:30 executing program 5:

2018/04/06 01:05:30 executing program 6:

2018/04/06 01:05:30 executing program 4:

2018/04/06 01:05:30 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

2018/04/06 01:05:30 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300), 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:30 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x0, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:30 executing program 3:

2018/04/06 01:05:30 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x1000000, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:30 executing program 5:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x42, 0x0)
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f0000000100)={0x0, {0x2, 0x0, @dev={0xac, 0x14, 0x14}}, {0x2, 0x0, @broadcast=0xffffffff}, {0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)='bridge0\x00', 0x3ff})
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f79805854fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a6621f51a480e2f3aac78a8db2c0be10f25d1fea68bbb27cf59ce6768143c7da0a5277c17be7e03ff2cd97a72d0351a82cb32b931716cad42bf9e3ec64b5fb82d5ab6bbd2d014549e66a84f9c795681f0a1df8b9edf3ce14950237ec78ece828761d8bc9245639704915d7d5d5625e9cd9707fd187d962a37d82094a688f609709697282397e835b7b1e416f488d1e93e9dd87c96a1fdfc37bdb13612dd5aa126c16417a8f366042350e9485d00b192449c56657ad3ea028ff1eb384742822414bbe5218eb51fe1b23ce8ff59358aec9153efa611c57ea26daf7533d6c3a4")
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000600)={0x0, 0xfffffffffffffff8, 0x0, 0x7}, &(0x7f0000000640)=0x10)
sendfile(r0, r1, &(0x7f0000000040), 0x100000000081)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu\x00', 0x200002, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0)
splice(r3, &(0x7f0000000300), r2, &(0x7f00000003c0), 0x812, 0x8)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000240), 0x4)
rmdir(&(0x7f0000000080)='./file0\x00')
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000140)={@multicast2=0xe0000002, @loopback=0x7f000001}, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000000)={'lo\x00'})
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000340)={0x0, @multicast1=0xe0000001, 0x0, 0x0, 'dh\x00'}, 0x2c)

2018/04/06 01:05:30 executing program 4:
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @local={0xac, 0x223, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14, 0x2b}}, @udp={0x0, 0x0, 0x8}}}}}, &(0x7f00000000c0))
accept$inet6(0xffffffffffffff9c, &(0x7f0000000000)={0x0, 0x0, 0x0, @ipv4={[], [], @loopback}}, &(0x7f0000000040)=0x1c)

2018/04/06 01:05:30 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:30 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x4, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:30 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

2018/04/06 01:05:30 executing program 6:
r0 = socket(0x18, 0x0, 0x200000000001)
connect(r0, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x2, {0xa}}}, 0x32)
setsockopt(r0, 0x400000000000111, 0x1, &(0x7f0000000080)="4f4610cf", 0x4)
sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x14, 0x0, 0x0, 0x0, 0x0, {0x7}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:30 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x0, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:30 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='net/anycast6\x00')
preadv(r0, &(0x7f00005e9000)=[{&(0x7f00000000c0)=""/182, 0xb6}], 0x1000000000000011, 0x100)

2018/04/06 01:05:30 executing program 4:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f79805854fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a6621f51a480e2f3aac78a8db2c0be10f25d1fea68bbb27cf59ce6768143c7da0a5277c17be7e03ff2cd97a72d0351a82cb32b931716cad42bf9e3ec64b5fb82d5ab6bbd2d014549e66a84f9c795681f0a1df8b9edf3ce14950237ec78ece828761d8bc9245639704915d7d5d5625e9cd9707fd187d962a37d82094a688f609709697282397e835b7b1e416f488d1e93e9dd87c96a1fdfc37bdb13612dd5aa126c16417a8f366042350e9485d00b192449c56657ad3ea028ff1eb384742822414bbe5218eb51fe1b23ce8ff59358aec9153efa611c57ea26daf7533d6c3a4")
sendfile(0xffffffffffffffff, r1, &(0x7f0000000040), 0x100000000081)
dup3(r1, r0, 0x0)

2018/04/06 01:05:30 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:30 executing program 5:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x42, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f79805854fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a6621f51a480e2f3aac78a8db2c0be10f25d1fea68bbb27cf59ce6768143c7da0a5277c17be7e03ff2cd97a72d0351a82cb32b931716cad42bf9e3ec64b5fb82d5ab6bbd2d014549e66a84f9c795681f0a1df8b9edf3ce14950237ec78ece828761d8bc9245639704915d7d5d5625e9cd9707fd187d962a37d82094a688f609709697282397e835b7b1e416f488d1e93e9dd87c96a1fdfc37bdb13612dd5aa126c16417a8f366042350e9485d00b192449c56657ad3ea028ff1eb384742822414bbe5218eb51fe1b23ce8ff59358aec9153efa611c57ea26daf7533d6c3a4")
sendfile(0xffffffffffffffff, r1, &(0x7f0000000040), 0x100000000081)
dup3(r1, r0, 0x80000)

2018/04/06 01:05:30 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x0, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:30 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x100000000000000, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:30 executing program 6:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f000039c000)=0x400000000000001, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f00000b2000)=0xffffffffffffffff, 0x4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='vcan0\x00', 0x10)
sendto$inet(r0, &(0x7f0000000280), 0x0, 0x800000020000000, &(0x7f0000000140)={0x2, 0x0, @loopback=0x7f000001}, 0x10)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000080)=0x3, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0x0, 0x800000000000852b, 0xffff}, 0x14)
writev(r0, &(0x7f0000818ff0)=[{&(0x7f0000000000)="0b9a95785f11e0e7b6f4de7afeabc7fc7700481d21aa090ef74dd23f6917aa54cc", 0x21}], 0x1)

2018/04/06 01:05:30 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:30 executing program 3 (fault-call:3 fault-nth:0):
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:30 executing program 4 (fault-call:2 fault-nth:0):
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:30 executing program 5:
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f0000000080)=0x7, 0x4)
r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0xfffffffffffffff9, 0x103001)
readlinkat(r1, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=""/188, 0xbc)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10)
listen(r0, 0x0)
syz_emit_ethernet(0x230, &(0x7f0000007000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}, @multicast1=0xe0000001}, @tcp={{0x0, 0x4e20, 0x42424242, 0x42424242, 0x0, 0x0, 0x5}}}}}}, 0x0)

[  117.899332] FAULT_INJECTION: forcing a failure.
[  117.899332] name failslab, interval 1, probability 0, space 0, times 0
[  117.911071] CPU: 0 PID: 10545 Comm: syz-executor4 Not tainted 4.16.0+ #2
[  117.917940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  117.927311] Call Trace:
[  117.929933]  dump_stack+0x1b9/0x29f
[  117.933595]  ? arch_local_irq_restore+0x52/0x52
[  117.938348]  should_fail.cold.4+0xa/0x1a
[  117.942437]  ? print_usage_bug+0xc0/0xc0
2018/04/06 01:05:30 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x400000000000000, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  117.946535]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  117.951669]  ? memset+0x31/0x40
[  117.954984]  ? graph_lock+0x170/0x170
[  117.958816]  ? __lock_acquire+0x7f5/0x5130
[  117.963090]  ? find_held_lock+0x36/0x1c0
[  117.967191]  ? __lock_is_held+0xb5/0x140
[  117.971315]  ? check_same_owner+0x320/0x320
[  117.975671]  ? rcu_note_context_switch+0x710/0x710
[  117.980645]  should_failslab+0x124/0x180
[  117.984737]  __kmalloc_track_caller+0x2c4/0x760
[  117.989949]  ? zap_class+0x720/0x720
[  117.993699]  ? perf_trace_lock+0x900/0x900
[  117.997953]  ? __do_proc_dointvec+0x7b7/0xed0
[  118.002457]  memdup_user_nul+0x2d/0x130
[  118.006436]  __do_proc_dointvec+0x7b7/0xed0
[  118.010778]  ? proc_douintvec_minmax+0x260/0x260
[  118.015533]  ? find_held_lock+0x36/0x1c0
[  118.019611]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  118.025142]  ? cap_capable+0x1f9/0x260
[  118.029043]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  118.034577]  ? security_capable_noaudit+0x9d/0xd0
[  118.039425]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  118.044960]  ? ns_capable_common+0x13f/0x170
[  118.049371]  ? register_net_sysctl+0x30/0x30
[  118.053784]  proc_dointvec+0x58/0x70
[  118.057496]  ? do_proc_douintvec_conv+0x130/0x130
[  118.062346]  proc_sys_call_handler+0x209/0x300
[  118.066926]  ? __do_proc_dointvec+0xed0/0xed0
[  118.071424]  ? proc_sys_poll+0x500/0x500
[  118.075482]  ? proc_fail_nth_write+0x96/0x1f0
[  118.079991]  proc_sys_write+0x33/0x40
[  118.083796]  __vfs_write+0x10b/0x880
[  118.087508]  ? proc_sys_call_handler+0x300/0x300
[  118.092353]  ? kernel_read+0x120/0x120
[  118.096246]  ? __lock_is_held+0xb5/0x140
[  118.100322]  ? rcu_read_lock_sched_held+0x108/0x120
[  118.105336]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  118.110874]  ? __sb_start_write+0x17f/0x300
[  118.115196]  vfs_write+0x1f8/0x560
[  118.118738]  ksys_write+0xf9/0x250
[  118.122292]  ? SyS_read+0x30/0x30
[  118.125740]  ? mm_fault_error+0x380/0x380
[  118.129899]  SyS_write+0x24/0x30
[  118.133260]  ? ksys_write+0x250/0x250
[  118.137055]  do_syscall_64+0x29e/0x9d0
[  118.140941]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  118.145807]  ? syscall_return_slowpath+0x5c0/0x5c0
[  118.150732]  ? syscall_return_slowpath+0x30f/0x5c0
[  118.155667]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  118.161044]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  118.165894]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  118.171078] RIP: 0033:0x4552d9
[  118.174269] RSP: 002b:00007f25a2327c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  118.181983] RAX: ffffffffffffffda RBX: 00007f25a23286d4 RCX: 00000000004552d9
[  118.189269] RDX: 0000000000000048 RSI: 0000000020000180 RDI: 0000000000000014
2018/04/06 01:05:31 executing program 1 (fault-call:2 fault-nth:0):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  118.196534] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  118.203797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  118.211074] R13: 00000000000006bd R14: 00000000006fd258 R15: 0000000000000000
[  118.237467] FAULT_INJECTION: forcing a failure.
[  118.237467] name failslab, interval 1, probability 0, space 0, times 0
[  118.249075] CPU: 0 PID: 10555 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  118.256021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  118.265388] Call Trace:
[  118.268005]  dump_stack+0x1b9/0x29f
[  118.271653]  ? arch_local_irq_restore+0x52/0x52
[  118.276347]  ? perf_trace_lock+0x900/0x900
[  118.280589]  should_fail.cold.4+0xa/0x1a
[  118.284655]  ? perf_trace_lock_acquire+0xe3/0x980
[  118.289575]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  118.294668]  ? perf_trace_lock+0x900/0x900
[  118.298897]  ? print_usage_bug+0xc0/0xc0
[  118.302951]  ? lock_downgrade+0x8e0/0x8e0
[  118.308739]  ? debug_check_no_locks_freed+0x310/0x310
[  118.313938]  ? lock_acquire+0x1dc/0x520
[  118.317910]  ? sctp_get_port_local+0x3d7/0x1540
[  118.322571]  ? lock_release+0xa10/0xa10
[  118.326537]  should_failslab+0x124/0x180
[  118.330609]  kmem_cache_alloc+0x47/0x760
[  118.334659]  ? kasan_check_write+0x14/0x20
[  118.338882]  ? do_raw_spin_lock+0xc1/0x200
[  118.343111]  sctp_get_port_local+0xb1e/0x1540
[  118.347599]  ? sctp_set_owner_w+0x530/0x530
[  118.351917]  ? print_usage_bug+0xc0/0xc0
[  118.355978]  ? find_held_lock+0x36/0x1c0
[  118.360039]  ? lock_acquire+0x1dc/0x520
[  118.364008]  ? inet_autobind+0x1f/0x1a0
[  118.367995]  sctp_get_port+0x12b/0x1b0
[  118.371876]  ? sctp_get_port_local+0x1540/0x1540
[  118.376622]  ? trace_hardirqs_on+0xd/0x10
[  118.380758]  ? __local_bh_enable_ip+0x161/0x230
[  118.385423]  inet_autobind+0xbd/0x1a0
[  118.389214]  inet_sendmsg+0x4c3/0x690
[  118.393001]  ? ___might_sleep+0x2d0/0x320
[  118.397143]  ? ipip_gro_receive+0x100/0x100
[  118.401458]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  118.406989]  ? security_socket_sendmsg+0x9b/0xd0
[  118.411732]  ? ipip_gro_receive+0x100/0x100
[  118.416049]  sock_sendmsg+0xd5/0x120
[  118.419761]  __sys_sendto+0x3d7/0x670
[  118.423554]  ? SyS_getpeername+0x30/0x30
[  118.427605]  ? wait_for_completion+0x870/0x870
[  118.432176]  ? __lock_is_held+0xb5/0x140
[  118.436237]  ? __sb_end_write+0xac/0xe0
[  118.440200]  ? fput+0x130/0x1a0
[  118.443464]  ? ksys_write+0x1a6/0x250
[  118.447252]  ? SyS_read+0x30/0x30
[  118.450688]  ? mm_fault_error+0x380/0x380
[  118.454826]  SyS_sendto+0x40/0x60
[  118.458266]  ? __sys_sendto+0x670/0x670
[  118.462226]  do_syscall_64+0x29e/0x9d0
[  118.466097]  ? vmalloc_sync_all+0x30/0x30
[  118.470231]  ? _raw_spin_unlock_irq+0x27/0x70
[  118.474716]  ? finish_task_switch+0x1ca/0x820
[  118.479198]  ? syscall_return_slowpath+0x5c0/0x5c0
[  118.484113]  ? syscall_return_slowpath+0x30f/0x5c0
[  118.489034]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  118.494647]  ? trace_hardirqs_off_thunk+0x1a/0x1c
2018/04/06 01:05:31 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:31 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x0, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:31 executing program 5:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
pwrite64(r0, &(0x7f0000000240)="052b3794f8f53431400f7a6580b3b672a3d61f734a6f8ddb9fdc9337cecc043997fd004442098e55e8ccfd48db8784edbffccebb0d3783c27f68507cc4d2928fc075ba04531af92a6ddb6ab4037adc8cd64ee4ea0bf15ad3356a6a6070742b6c9e185cf126927aacaf904491e7a6ffa86fafc7dc7e6266274dc9d627f94fceebdafe084652746bc47c77f6047c989f421534f171c43517dc8463", 0x9a, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000002b00)=""/246)
clock_gettime(0x0, &(0x7f00000000c0))
r2 = perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)='S\x00\x00\x00')
getsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000100)={@mcast2}, &(0x7f0000000340)=0x14)
socket$inet6(0xa, 0x1, 0x2)
ioctl$EVIOCGREP(r1, 0x40047451, &(0x7f0000000000)=""/174)
sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000380)=@l2={0x1f, 0x8001, {0x7, 0x100000001, 0xfffffffffffeffff, 0x40, 0xec95, 0x4}, 0x1f, 0xfffffffffffffffd}, 0x80, &(0x7f00000014c0)=[{&(0x7f0000000400)}, {&(0x7f0000000440)="78dbd0ac48b369d2e1a2dcf2726b9843f6bd9d3d67b46241c676fe6160c02c8cefe1767189655a42f404afe50e5193c31770b7b791a3f3280d9514d958f285629c2dd117711d79de6678f67562a2ecbb7528b7163ea53afd0a3eabaf32f2dc2f4ca3bd92fb4a7b5ac28ff64d05da2083a289950a1ab026e2718bf842e0f82fd8ee6d39d6917198b604d345852cbd86043867cec152cbb9c239cff45bd03940c8883cb50dd135e0fa767f55904e3d4bda790d5ca7c5fc7a1290a0802484f534c337637b1ddcca972c40a1f1c65e9ad7c7ccc419cd2a3933d0d50f5a863424ee1f20289700036f5540e8a716497a8cd3732ed1f774ad43fa48e371d44c2e6d8583db0ea322e2211669e958e9ef6e36263d438f976d63194c93204f2ba9e3f62948cd5fb8118e4c7e735dba088d751a623bf8e7f6da70509f788bf03e079861415750b275e3ef259ce95d3ed62454bd7338190ed1a837e468e86c4218d2099971b9bfafc0b41682e8438b602777ac7acd64b33962ba61b758b2de850f5e9d819ff21631490bc41f0340db9cf8d3ac95fbaab47a4487bb7b7c8a11d709afef8c2dfa30a406e61d43f24c3ce67f859f6221e6c831ac64d4adb342609dcc1f6676379ba864e75aaf0b4eee7e551cf81b8972cd637a78b00e4e8fcd431d25541e5ad03892d1a51e5a691464772c59139e5bf080cc3e087128f394b3a67c3c25b33b6a5ba44d1460605ddf02a0309c5ba69893f7a2800e207f1b36f9ef15e02c886a94f31a04ffad354f6d051eeca265b89af98c1b199c7c68efce55be02f77e0386145ab2d108192e5d9c4695ffc705662107a2a9377662852c35e1ddd13ca124101eeb13e9bb195ca1b6498b48348b3ea2dd68765dec286979c3aeba8ac18838d807bd4629abeb1fbbf94cb78d6a1eb03145b763cee9dbaeb74811d6f07551c632f897d88692b5a5345ae303074d6b52dc47a323e7bb448b5841fd8be795b1777c916e8986c4a8ae4f0876d157ead2f987fada243e6e020ad5eec07a7697fdf04b61603a9d510921a70493a088a25212a45f099f6193f8ea142c4d336c872a4cdf2479bd814bdaa708ed0a32fb0c8a63fe15e46800f4da5dda7070a221552151da5ccb5b1d9debea1747769be0dc3ec6603161b833d12ae6692042147873d78aa7b919b5b21a9febbd2fb6fdd44b720bd6f9422ba946b65d29a67fb7694cf672eba5e2b04c5959839c951e39c7c1abd74b4d617bab571f33a834d798b7f2188267ebaac72e6e7b74e7ec2169c31836a29a13ffa53c041b3cbf33853df595037ff2889669d9b1d8014ba1a650ac14ca0e396a11a6a92eca990d1dc6251bd95705c4950753e49cd1c7739bcd5db25f422c45e045a7ec41255f0602e7fbe0b68854997a100c6e4933220e15ca5c72494492ecf516db7e240c859e31166baa3891de409f90aea647b03bdc616834b2f1278d6ec6edab6ae61f885a4b4ea7ff1a73009a99be48505aa3e5acc9eec5be1a71aac3a7bf46d4cdac397ae48b94c135fb999798c4335d512c94face976f6e8b12337b278658be2443937f71d63239faffad76329d90400aa7143c2b47b054c5f28e06e34762bf6cd974ba9585341af44a156c3e67657a598c6ea1ae52c33b1dabb27bf406c463aad66a433daa2360421bbdb6f4c6d1ad563379d806c98405fbfc24879431cee03b3605362c7e788d4d39da2d247efb61c38a6b4f56a80f5aa717fae22d0b643f0c054a8a2256581f3a971a3303266f52d860e15953b97566fe66b99a50dddff549f8eb6a1febbad2c30f778b83cd9c6e33c941e081341db9168b6d26e3c27869ead3097ddaec50ca6469a31fdc50736f12956f91d01ca692d214fafb75bdfdb7536579d46c43645dbc0bbc0c24e25c97deef533e0d85133613479ff9a03825c6553b40c0480204f699d8f157f4e507a399cb4b808aa3d13fc45dfec35a9b9e841a678284acce68067616cdead13e6400aa57f1bc3131661158baaa47cdf69a37a440f68fe3c3cb3613a7526c95a9b9de0396949afa3b7f6fd24df2b7f8206f1764b45d1f58be32d1fb6ee7c969457e2839bfd39b54664639382584278e9f2a5280f633a027ef5f0172297fe58df439d3ba80ed37ac8b197056dc322d32a863736e151f15de91af0a697e594230bab690cd4a448c106f98cf9dd249e19c2977cb38cdd75ea6a650f7101c4f032e37a7143ab247a54b389fb00c90af8364843db495729c7278cbfd5c1b26ae740c812c47ea75738e9ec9b6aea24ff7b222006181a4648d8454782f4bc8f1873e894ede6d779118a2297db5f51d2646b7449f4feec3212597cf32a3ecb2c5f89781a2ebf82800144c72728d827721da75aa171232ace4d1d547c5f29b0cf252430c0054ec64383bc4265232564846227af2ed67dd21961605712c75796f80c4255589607abe78f089670812f7c38a74cb11cc04eb01ae7a692089803a844e91c38ff41a83dfef97e2f3eb2b7dac25a473ec5158e4a925c42be1d0ec5b8c139326f40356b9a7e7ed26de6296ab068e05ed73fe9af2c7d280700b88fde60877006d5f978b3a56a31d2e06b601f70f0bff7c0e9276b31a853c69fba357d94726c3b2aad3d7161576cbef2ced31fcc3d4c1fe51eb767540d5df937a599c7abe19da7a80be6e954be5440fb9723246d736186b0102b7c940800ff38e7948195ec0462308b80f618332b2f6b375c57501acc06e557f593f5da1d48090d7cf498d332dff5807aef0220022df5b5afb05e3acecf27b31c6a927a5f984c62b49cb2e3a9d165ffa9000a86d17a0a9436c39d76d431ec0f30d7ae241fc9d57cf0e880d9175450976ccaf43f36aab9a869ad8f52f965eba292cbfc3d57e7ba5be213e24ff91391da5305b7b3dc0be666140bfa97eca8c46631bba6d040745e411349119ee586f33f226d3b19a6dd5d651c2360b8d9f8f0d8aea0b308a43441d66b873208ff08c714865313407bce9f51514adb67954f65b0d47452b358ca981dbf89b7a1c16f1b8087b44c08462f0031328394d07fa76a4f789a7622243ebb6096a4262263946a2a816f27b87255a2b2d2a54a90d44aaa7456ca4d31fa42ac2b1d2e09caf21ccef81c644b4d130734a4685719885e650ffb9895254b08477588ba6c4f76beb7541599e3d3b404722017b2066f275f2e2b6aee85322ce04e6d34c2f1effd005c5c1abeb367af68d6f10e45286a9e8061f5d1ca9799315c8b1718c22a7cb4772a25f0f1590f8fe9aa5ced7156a84467a8426848351f2914231ebdcdaaf3f6da31f15a7ded9335e8d6e4ef608f81c8eb9693b38dd28812b038e5e568b46859d512e84280dc9fac86c362f49e36498c402dcdec92c0f57f8329eb9e271a0c14aa048f9b2c7ef2d185b6b0c1787fe29800a8af052fb431740f46d7900f931b14d755a0e2f31e04a7f504aa1b7007a4d61a347d9195c3077b8f121fe8207717b6dc0ef7e7f5b811b9f0fd018f3ad96b45dad72b865f7061a9465abcce6c1438a72ff660e6e4ed43799bf3dea8ad17dfa0fd7ed78f823dfbe4a34d59c49957f273899fa9ac5106c86d5c5b85c98c230cbc03e5a441aeb49d84f771d46df2de0bad7e75e270b0dcb79b6f4240c6d920554b739edd425b93d36f18361d018a344a5225dd97fb6852bbf0932eb745716b21d828c64132322c11a30fce53e5d7f168991d3c3df08e7211cecd79d14f92f80761bfb0c58b0e7d19f794411f4518708642afe1f820e25a84c17b699fffaa11b1f8bd6e7ac156c34f3345e3f7c40a9a0ed82ef3d7c1726acdd8416cbbe3b3604bf50dc82e4f93b626a8ec46eb0592a20093eed148f3e4b903834a1e6361230beebd0631bfdc6c487b7a74890ac108f27b2cb4f667b33aab78b7c8568bef5200e4a85e9a45d9815b1f77b84754655cd33a4335679968eea9e66e4a55f03c69e3e8c6ce3413f076ae48c2bff87692f785edfec8d2ddc0b5f9f1b09c2c164cc50c565a027e618b05e627bfe2d4dafb33189713f2d7a477263f47e7d1484ddf07f95b997051488680aa8fac4f00538a476158222474d10ff5a9db7a89f0cc990e329ff90b030df88817a36e49d482a37a1fbc8e8bd5a1b6d41e0d03a1e13e909bc0b4fdeaf24a40560173a8f49a275daa9e088c3abeb8f8beea09381a3ac368538c52ea7eb2a755a40a8d8e11375214a82bba1107f60abf2c3362bd6c4f3b794bec3e50c1bccdebc4ea2896bd25bc9a7b2f1088c195dcec4b5f2a0121354a8330fb9a7bc5640b97677c1f87fe9fe69b726d15cbfdff7d48f78603147c5252d47cf1b95477a2f93f2bf62575805a3e20a3719ac4d5c62c09b8985839cfb187b16c52dbc8d5f4593d412793480b48ea8250fdb3865063655678596fb3b3b18d880302b99482ca5736b52213fb253b0ce7270a7cd53919fda99d4907dbf7c4d9efad541d5c07d8c68fb4932ec2fc5e6ebf7709d00e6efd83ced53fa312b09aab5bc3df5b201d69180d4ab77d1539bee2b8c4d612eacb82edb2a311f216c7bbef98b8cc7631527bf0fb14c09d08f66e109b59cc156026acb325d7b5c94b07f286f51cbf8d79d1cd71193c462af6fe8b9453e9c22ede32c9dda04659aba4004d2556ac2d27dde73c6723bf9a927fe518f9551d4fc3b97fad357e02354460f4aa8399fbce5223942c4f010f1e3eef5b5757f5768d959835c0a6ede83f796f93f3cb613c823ea0f6959288522402dcb2ca8280a3e78f80cf4db793d8c9df5b9e97283c8345a60210a64cf6a187c117fb1826da5b4d55eefc1c3345e0ab805e41256766cb1fc13b194d1a7447e60bb7d47e57c1659b52e62ee5a97c79a643baef02ab23cbcd63d28cd07889b4fcff85f79b85de646ae34e07c1e04e3c929f4e5d878dfaa2107f933c14196e5d22ce31172b36270a10fe9aa6337be694e04b2709b3072edde9b5207334a53b4d8b24132f8a95f104c93e195f838445273949cce83d1c3014aeb019c08d0a33a1c9f2a04e27aadff4b4b9529ca025161db8d2acaab8715cd1603a426c1702d9788fc3659846cf2bc5b5ef6a19aeeb6b3461cb9b3e96d0a3d1b4de5754f3ac7bc810c62695408e46904d1af036d371ede77c3534020d5dc37c3e6354e4cae52f0fe851ddfb7522aaa9a911a4019def347ca49c3d6a5dec93dc1491cd91f55b6f4c161100b88f561ae865d4a7013546d31ca01fcb795c2fc424316438ea8812ea941cfe5f03d9950c218f53b445e226e0d324b0b347751398e12e0f66186f089560508dc4896a6eb4f51ef5a8bd39bdb6a764fec5f5e10ae38b177cf6737cb32079b3a3377568727e28adf8241df6f38a7af09dd4adcae669c06ff95b726780cf0ca45e838bdaf5e11637898b9cae3fbd45a3d0ca5c2db0639c6af61bce8d9b49e6bab1c91abb53db18f6d050ff2f4cea9f41dadb581f4bebeb532fb1378ab817a16f68ca16c2eaba76008311113293e2c563b4c673ca972a73b82af23cadf7218879ec1a5d0b526b034fe7d3021a38e764544946787f1f1e690bcca5d040aeee52bb93f794c253631161bcc78e48d3339eb575a50473e082ad2716db3c93bda9071f7cd2960bdcc3aba3c22376921bfbb473688ce62c162841c791645a92d8d878a43cbbcb7e4f7ee6371d0b825ba4e930f0becee9e0c139d4c65a0ef5c7ae059cb32cc3345db2707ede0d9bec1ce93cd6bd7e924a208c4e4b9c8084f48670b8777a86856033a95ad4a3ae011d52b5cd519be2bc0b19d597f195cac59fb61c9cd003d4e7f58254ca748b05ac4f3a64302", 0x1000}, {&(0x7f0000001440)="1cb8c11da21c4de174395a45a8a65c3550a55fe1050a5196c7f44bbdfe", 0x1d}, {&(0x7f0000001480)="b3c50f733030f69362a539e2b6645a", 0xf}], 0x4, &(0x7f0000001500)=[{0x58, 0x11c, 0x0, "4da5b2696c2ce5833db4d8253fa04f3b17727b9e19d47aad4d44865d654bbbbe3501e46c28e65763517ffc901cb3ac49b5454ec1ae582ba70dfb8175daeae81951"}, {0xa0, 0x6, 0x800, "6ee6bb11bd40641540208d6bfc1636b92f249c7557d14d1a719a8122b8377f4bef0ddbae0ff4201674e400bb9afb96d5b344caabaa5bc8e961f5421e6a1d306e823ff078d49c50c726bdf2cadcd9f50d6672b7753dd282dde0a83cc8a88e409c66015f8262def607c1679cedab6f74e77ff5d6cb3f1dec9dad90065dfe1e1817918f25addf3cd5957240"}, {0x1010, 0x119, 0x8001, "7d0b0ae64eee6d58adc839f7ec82bed141936e2b1b701ddd8abe97d826020ae8226f6d548c9454dabaacf9c24315226a9712aab9e717346ff930351f301f0d923863804099d611cc36d42c8e86d95692fec359b10da345f2d9a0f092b5fd58cbd2e290aba53fba5d00a1f0156a09a326ec298e9f20ac1274315602d4cc9d311273fbb9e194be3a1382a01010c76796d0b338d304f8307d41149a674e705eb3ec2a8d0b684a9fef1e5a1da229f2491fc17cd9a63f68d8a3feabbf0b251f2ae82077e755ef3ab694ff3eff819e3e94c59f2a2b195ef9c22150f2926dcae5a5ce7b3a3911106344fad5309771e91fe389b70e4adef8d6d95f23f319b626f9377b04ccbaf6041e6bbbb41a640019918367ea74c846eaf8241aca2ec68765b89d1f18515bef1a8517d1e6aa8bfce6577e28568f6b20c7187f3b97dc5dca157a0532c486e4f31ff2425ddc15566585c59000129d8af94834e59310c14588f19ef90986889125ffeaf059aa4ca52130c097e60189c5b33c25cb5bfcaaa653598296ee2763a002b4dec1fc4e8ca4d1a0eda017df5fb8821646df7af84884857d38adbef92232346420abdcc7f65ae928fdc88a5afa260f804335880970aee2db17f18514519ec931ae4e93b4bceb2320653fb7531c8d1e0f1f5f5309570f4d9b0fd915e75762ab654e069dd05fe7b3843fc9a68a1535d0e7c3a80ea57f8b5f5b4b1425a7222b7b4d7a16c9d8f8906a7e4db72946e0a6af036a912331f2ede6ddf939bf2f920209e250f9839d2c0cbd8e26203a0cc4c0cfd79a7aee9d26c8779a93e7858554ae843758a8a5e97619325f88bbee33f182b316729cd44a35c690e5b21a567e1da7704837a23d40d8fb3d74745dcb4b1af7bd416f08cde468e47e4833cb800971f7193fd07aa616a8a468976ea40086390e5aeacc1230f67ec1c402c0fb335042e0f81cec57acb0cd75120b568f3fbdbd7be34207669db668e7ec9f2656945d3d8ad1b5bffe9289aa61c34de4bb17723ee03de9dec0c2c50bbec0f0bd96512b4fd66eb2cd5972d5aa68201403a5aac81f2b67a495cc47b16ac73623e2f2b6d017209d1a87b3c669c322b551a56bd6a280c86be3251d15759803b589a835d7a02d3695eabaff906231738b2571bed8ea5bac6102a57149762f99d6a234f49b7446d6d1331b94501e3498b1977d1d9f93d033a75b10b8cb99032d402c9603bfbbeee886d2822e50eeaf35df21681a04cb476492686d526c6b076060f51294761ca60912435940ef786f65cbd5c65b22107591be32bf0c12827372bae39ca168876a2d2e4d2c2aef464ce3478a93c10ed0da3c292d0180676df55566b0056016c84fe37ace326110ea5b8a18ad370c581d22f1c6f7801bfa3d2ffdbb45e3d3e27b1340941caadb0f4f6add5fae90d575b1e3d2ecb5924751bb592fe558c2c29fccfb548f885072933e0b53f033ec6d4db0f627a1e1500fbc3717a6fdcd422a80274049fa1931b9d2d161bc241ac96089f42e4c45b5490e08e8717e0f9afe87a5304d0711b0084241a95de21e166bda7fb1a917bd95db293ad0aa94f4fdaca3c4c1bf4c802271da91c3296dab8de3c049a0619debf163a55f42db9613d85b284a97cd5047e262f0ef9878c4ef86164ca13add76e1acbe47dd1640e7ff5fbd4ce176bef9c917da65f5889ca5d1429e8ad55a091d43a0e90074240cdcc9faa4ea3f2c784b8460d03fc0406832cada0ed0ac30bf0d25ead7004679cfd9d24b78b716c9153c3097712731a2e198952ae9e4591c896e2b612edbd18d112ee01faac425b892dceed90d3ef81f306c3b3ce7027f5c48de9696efed28fc25f8f3168a81ca8b3ac8dc61dfe2986699dbf3e1895a9dbe087e33d8daf47edd9022ace2b11b8bd9ca9cfe130fbce3b3509193123fa94fc55cb5aba67c50f4ac709406000821ab97d247324548a293fef25fe59969824644892a2fa540865029c7def754c2ba6077d6f687a6f0f40791b566bc85963313a6432f52ec54ac671f324e66247bb1c1e711aea9fc400e6611aef27f7d7c5cdfb1aa6654dad0a6fef8b6dcd168465d45c34290f0c5cf3aee245aebfe3214a9b587900bb4f1b23cabc8a1c828dc6e84ed533ad1507e2ac679b5df9aaf99a69ac78b5bd46ef0a383a9a4159c7b31cb526cc349b7bc578b1e211e7158b973e0b895fff4bb0af05975abed74971d419cfecacf3fc3adc9f800d884863da52a23e29eed7c00bf5d7cd91fc8645421d7b46bd5b1ff9d9adeb3e943e9baefd03db727cc6fabb752905b60773de336ea56d5de754a19eb3efb19108f000060c7f36e55d2a2be7328825404d9aba4ef2d28c4e9aa878e8444605f1258b2e5ebf9c1b54caf8ec41cacd1b4f9dc790fc500bb0c3b6461ad54df5b2e9656c5015064d2fffa626bffcf4384267bde10a5a3f02b21401e9ffd2a88c6b4616a2766626ab52890fea7612e81536a2f7ccaba6dc4595a5f4083d7d7ee16e2a2d5238d914f3e290fbfcac91b7d0ec508dcb99ddff96de58711858524ec4955980c4649e7de19bca1ad75e18d58a55800432efa3a535e5d20e40d4a791bda2f1ab614203f712b12482e8adc65ad84ca3e7aa75e58891de139acb429ac973184ad7c0160f97e0abc0d885f1f2afec9b9847655189b0e7a01dcdf5f4b9a905fcf537fa8aa1e72d258543bbd29b0822de9420cb5f8f377527438e10c6a9bd40864ed6b738698d0b68261a7b205c25c1f55def0e8d491cdaadc4125792bc22fbb8d98ac2d0ba3d840645b00c01659fb5bac2243c75908516df4aa9134b331148c26b979d0708b3c59ae6785a8ca2dd0c84d058a31065eb72c708907d59ee9d5714872c0323077f25a8d6d0583b22ac342c34ac10772f4b6cbf0eaf7d0797217be1d2c1a8bac1c5d76cac539bbebd9febcef5491c3231b5024770265ef06d15228e047249d19f96c680713a77519fe6bce16dbe257dd491be0afff9b695b2ce3d74b43f459420df12fb8a8c50788989d3bb52e51929ddb2b4a5d28d0d117db8189e7dba2e8add10eee3396dcd41a558aead47b41f43fc75f0fd023247b80d7797a2ec2c692f39d1d9a3413255d0d2af950e284b5d0c7a77084225813a650a0a00f0898c7abd7a5ce84d2a9b0d0307d538b1c05d68f63f5f9ad1fd9a61aac5454146b3c22432821fcbfc3c64d50a8dcb4699000641ebf9db4004259ee142c0f8e2fdaa5b7701c001f6c791f18ccf14aba896a25ebd0f83132ff96f2cfb2d89186f1d91a0fc258d7c6b5c55356f69fbcf73e39fb3cbf2e9d487eb6e86437e674a0b31e597cf7258dd178b476a9c61e8725bd575d11df0bde52c7c748967f4c07154e70ecfe6fe92d8745f06eca6584d93ba9e028fd91393c7ad7b7ca2e4a2c74e2f3d3c1759b797cf5e7ec0a9eb25e7081d98a2a099d23012f6c0f18a4274d3630ba048a8f6233b1f27158ffad00e02e5c43b9a86a24eb7cbbfed4e0c74f0aa55c7efe5e8516c946b22c92aab733d14e695a947feddf46e620cf61b208fb6ac1dd22df9cad80aed6c752015b97cfca2e823e5677f11a379f7371f7a4d3b8eb7ce41856fc73eab690543762ea0cf3d6882ee30ecb8e8c01eaabfcad9e98438e210548211752f673d072965b97b2e50bd3ec33141ce169cbaa44bb6057870928b3481ef7b3ccad4b6bf6f6e63c902e64b63cedb9a98b8356ddba4102bc4b47b0f3f96d2f17904256fe38e035cccc48a9104ad99831f471639ff87730e83f43d89c9758d5fab3a9ae96b2449cf1851a242b31d147658498b7c9a06dea51faa483b1986220afc723979069377fb68dbd26b8044795e7e26dab4f92a271f368082dc305a787ad02ac32ddac74a79ae850e7a7e011ac50f023f1f5901055637cce0f52d8503637679bb054d553663d862251f5abb19d2090ed470de5987525d617a744a9b0001d0ae4b8553aa7841d01e0e2e5cdc69d0ccc3b922715768f76915c947798377cd5766631d06f7da55d6fc9c1e2ac224ef8a6b6eb6d7d926f01b15f3a60e8586f3660098ac76a0881ada730e5dc1cd91f5bd18c4bff6c3950d450bc3ef3e617937019a783754933601a883c916b7d63931be8887488fdcfd2047fa4da2f0123f3a8f44c482a54beca86dfde00cfdad15412bae246f715692c00286c8ec4df4f2bc45daa25884255e39318192ca86ff0bf328fd302ea57307f1535dac43b0774339457cc9a329482113b58ece2686de6cf843f3be9acb4633ed5e415c4ca9ab4d222eb6a9fe7dc7c1af415da3e912c627a40d58b9ce0c1e46c0b65d35882afb03c2d82c49e3a7f3d972326b745038863586a42f66174530f884c6c0b863e63cc25232296814453a72046a962aafdd12db66ab5bd4c51a0d02fad59da8a9f058cbefc78548db3bf7fed06d17c8dbd9e3fd0605197a9fd3962ac546593adcaf573d69346881c9f37cf245cc826456cd6f4e221fd1a922e71f7d2f95e175e97b49f7be5115b58e71f586685ea8b78c6621640d411bff78de5b4155290079248eed18420bf054d3deefba5bd2f8d22cab298f8b647b387dfca44122fdbc90c25169f084f74e5d13aca8dfd4b5edfea0e149fa62705bb6b92aac56a507e318979c042e0832eeed19cf15055c4ef0940f59ce21957baa3334055c7ce1599988cd7f34d1242646d1b0617409af9c88b8c5dc945981f9b2d1430ddf131ff2c537b4baa0f105b1774d30de8fba9709d54b36650101c1546148b1254a90b9c15b8b5834d08651e05661221a5060eb5d0abcf3651a3ac4fe9c062724c35a4c41e78c0376d9f5cdb450aece4a5bd7fad3548797b90937fa2ced9af3115c645b5b85c9edea352ca59872eea01ab175541c220fa0bb90297219cfdc8d5798e5a17e424ec601fd24ca0de9b8761956762bd8375e4af220e2d55ac0a05ba773ecff67a6d8009e24509115eca29d1132a5e9b6c6c348a89a9baf0d7e96ecf099d917df0380eec3208489a744ee6c050754b492f7e00634a14549a6574e5e7051e517d307dce1f44c7a67702e02c7596395ae72ec541fbc7b280a116665772379756d0d48dc693d2fcd9f0eb3560a9b3ef2c8aec0ebbe8317a9350960021887126d08e85611e4e1a23320880e6fc688f6f9d20775349e1e6c8483ba9a246d30511117389292d7fe68dd02f1488fae2b0e458cb7b647b499ac60a9ed1a67e40f32d0aecb9bb87dc47b6b6a239501e03d9360def1763596f0b5abc7f16d3808bd1dbc5af1b4dbfff9778ff0f7629b0885467952b9372e18b9fef339e388899c0c442bbc751303fda22f8a174dec8a93c899c9a981dbfda57fec467062cf1f99ac8e524bdb2ca04e829048fcb4b30d08d2870227b0968ff710272dc5a5a6cdccb7566c8db51c1c7ef35cf3514a0b3b2d3e2abdc810b524881b83d7eee2a89c0f6baa96835b03bea579acf02f486e8a022ff34e3b5afbe9cdb337823dfab57c80b6e1d3fabbb75887c2a12fdc23f689c12d8c6eac098c657ba30347aecabb327512f5d8536b9032a3c2ff80baca8c4a95e13a00bdaff1686f6c47fac6b5d28b8d8d3e2e4851ef6b02658ab212113a5b4663c9d9ea8406d22d7ec63ccfdb7c46272ace4d222a7cce6a7787178c2e528f52692e091955aeb8310a244c7e8cfd89cfdbdf92bb4a454aa4f2afcca78a8256c3e7e44f0f10fcaabd06da29b704d8dfabf02cf5153f4bb9e7da9c81dee3516f2a5b21d26e6ddadd5beebc0262bc81406491c828707a0f5c81e444f13bbf6e2ce7233d7244b513670eafd6325e11ea56d2a12b2a156ef8c"}, {0x58, 0x29, 0xfffffffffffff976, "d4a2e4c5740054bfd9def5b7aabf91b2d3eebeaacee37b13982e91171980ba676f2abcd9d3917fac6337254fa2312a441b3d66e69c82d7ab7dcdd729be8b8a45b3fcfaff"}, {0x80, 0x1ff, 0x2, "71df68c6a958f39e6f98a1bdd26cc7006dd093dadfe2a1ecfbb822342d258d0c2c24095fbb3cfa1e6b4ce4b32df1e24a054a76f1aecd70c0ac22652cfbfb37a3541bbf886a699e7373db71caba4de116c4a719209d4416359b9b1f2666606c8930a9ac97a6f2872345d4"}, {0xc8, 0x109, 0x0, "4e2ba9d7654834c2b5a2c48077cc42339cac6c36ead09c55799c5ab0b2ad1b798280680e77ed4c438fa392b4ef9f757c911093e39fd703aac8e2f7c6ac4abf16c9e35aef2ec87aceb1ee23b845d5f79fa7cdef7890200b0aae83df1ae10dbb3bed30ad41c0d56e040a5d8d804996b931f1ac0fa2c6934c17e9f8314e0dab506e86e79ed900c5d6068dcde367f4c0f5efe6529ac1f1a4200ab4213714d81f219e04a1ddd1177e1aef69c8408907ab28461b560af49fae"}, {0x100, 0x11a, 0x7ff, "71750b17000b055c4f6780be4ea12dddc57c6d54e70e8a0f9c437e5331467f2fe84aded00429a28e30c59be39ec946f6ef3756ae41d48da2fe0a317017ce6e93565321fc9923de3cb9c83265369df6a31b50282e5cb8db34a4120d272eb6ad4eb1fed29f74f2765954dc67517023d2ab65d8f09672b0ce22d6a4e0af4027627d357e102590a487e5c618003f7ab4468d230d1cfd91c056a140df2cb3a47565b8af9ebce81f10f8a061a2e9adb0040c74fc557bcc50d27d9164a495e8efa1dcaa72c7a8b1f284140be3ef639adccab0ae6028de7e2a6161effcabc963dab55b53ee81cb8215c15ee0c8c7ab"}, {0x60, 0x104, 0x5b52, "fbf176d5e520efe889a103e5606f62783030930a2ad1fe9bc31df2d8ef29c990e7941b7cb94d931d8d5e9e81541fee807a0d23e619db9f72cd58e3808ed6956a8e9d962fbd7dace8e3"}], 0x1408, 0x4040000}, 0x0)
sendto(r1, &(0x7f0000002980)="86be12a856e56a6664c7738d5b58b313d8f82dccb099204bc124da436a2f405870198480710e68e8e0007410bdd9113aab064e8d46e71ae9a17a53d19020797cf58481b68ea55e1ef36c41dfb23384d7180d22605050e19ca27f3b1261bb6aa9520fbe6230316c1aebeaa1bf5bf3643180041a1179ff35bf4949ca527ad47cdab72eaf7964c025a0dc28a2ac2f19841a34d2a3680aa7a4d4e30f8cd53099a179c2d582e7fb10f514462f53b3b70a94039391aba7c7912f91ae1cee1acf59a1b086", 0xc1, 0x800, &(0x7f0000002a80)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x4e22, @multicast2=0xe0000002}, 0x3, 0x3, 0x1}}, 0x80)

[  118.499480]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  118.504651] RIP: 0033:0x4552d9
[  118.507823] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  118.515518] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  118.522772] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  118.530027] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  118.537280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  118.544532] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000000
[  118.582468] FAULT_INJECTION: forcing a failure.
[  118.582468] name failslab, interval 1, probability 0, space 0, times 0
[  118.593814] CPU: 1 PID: 10551 Comm: syz-executor3 Not tainted 4.16.0+ #2
[  118.600665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  118.610029] Call Trace:
[  118.612624]  dump_stack+0x1b9/0x29f
[  118.616258]  ? arch_local_irq_restore+0x52/0x52
[  118.620929]  ? perf_trace_lock_acquire+0xe3/0x980
[  118.625796]  should_fail.cold.4+0xa/0x1a
[  118.629858]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  118.634956]  ? perf_trace_lock+0x900/0x900
[  118.639188]  ? graph_lock+0x170/0x170
[  118.642987]  ? find_held_lock+0x36/0x1c0
[  118.647067]  ? check_same_owner+0x320/0x320
[  118.651381]  ? rcu_note_context_switch+0x710/0x710
[  118.656306]  should_failslab+0x124/0x180
[  118.660364]  kmem_cache_alloc_trace+0x2cb/0x780
[  118.665031]  ? do_raw_spin_lock+0xc1/0x200
[  118.669952]  ? _raw_spin_unlock+0x22/0x30
[  118.674096]  binder_transaction+0x144e/0x7930
[  118.678598]  ? print_usage_bug+0xc0/0xc0
[  118.682654]  ? __lock_acquire+0x7f5/0x5130
[  118.686888]  ? check_noncircular+0x20/0x20
[  118.691127]  ? binder_transaction_buffer_release+0x9b0/0x9b0
[  118.697005]  ? print_usage_bug+0xc0/0xc0
[  118.701069]  ? check_noncircular+0x20/0x20
[  118.705291]  ? debug_check_no_locks_freed+0x310/0x310
[  118.710504]  ? __lock_acquire+0x7f5/0x5130
[  118.714730]  ? __lock_acquire+0x7f5/0x5130
[  118.718955]  ? perf_trace_lock_acquire+0xe3/0x980
[  118.723795]  ? debug_check_no_locks_freed+0x310/0x310
[  118.728989]  ? debug_check_no_locks_freed+0x310/0x310
[  118.734170]  ? print_usage_bug+0xc0/0xc0
[  118.738231]  ? print_usage_bug+0xc0/0xc0
[  118.742281]  ? graph_lock+0x170/0x170
[  118.746075]  ? perf_trace_lock_acquire+0xe3/0x980
[  118.751274]  ? perf_trace_lock+0x900/0x900
[  118.755506]  ? graph_lock+0x170/0x170
[  118.759295]  ? __lock_acquire+0x7f5/0x5130
[  118.763522]  ? graph_lock+0x170/0x170
[  118.767324]  ? find_held_lock+0x36/0x1c0
[  118.771386]  ? lock_downgrade+0x8e0/0x8e0
[  118.775529]  ? lock_release+0xa10/0xa10
[  118.779498]  ? lock_release+0xa10/0xa10
[  118.783466]  ? __might_sleep+0x95/0x190
[  118.787441]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  118.792983]  ? _copy_from_user+0xdf/0x150
[  118.797129]  binder_thread_write+0xdbb/0x2c40
[  118.801631]  ? binder_transaction+0x7930/0x7930
[  118.806289]  ? __lock_acquire+0x7f5/0x5130
[  118.810517]  ? reacquire_held_locks+0xbc/0x3e0
[  118.815090]  ? alloc_set_pte+0x1077/0x16a0
[  118.819321]  ? perf_trace_lock_acquire+0xe3/0x980
[  118.824153]  ? debug_check_no_locks_freed+0x310/0x310
[  118.829333]  ? print_usage_bug+0xc0/0xc0
[  118.833392]  ? perf_trace_lock+0x900/0x900
[  118.837640]  ? graph_lock+0x170/0x170
[  118.841455]  ? debug_check_no_locks_freed+0x310/0x310
[  118.846639]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  118.851822]  ? perf_trace_lock_acquire+0xe3/0x980
[  118.856660]  ? find_held_lock+0x36/0x1c0
[  118.860722]  ? lock_downgrade+0x8e0/0x8e0
[  118.864863]  ? lock_release+0xa10/0xa10
[  118.868849]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  118.874377]  ? _copy_from_user+0xdf/0x150
[  118.878524]  binder_ioctl_write_read.isra.41+0x2be/0xaf0
[  118.883970]  ? binder_thread_write+0x2c40/0x2c40
[  118.888809]  ? kasan_check_write+0x14/0x20
[  118.893040]  ? do_raw_spin_lock+0xc1/0x200
[  118.897272]  ? _raw_spin_unlock+0x22/0x30
[  118.901497]  ? _binder_inner_proc_unlock+0x43/0x50
[  118.906421]  ? binder_get_thread+0x1ae/0x860
[  118.911697]  ? binder_open+0x930/0x930
[  118.915580]  ? check_same_owner+0x320/0x320
[  118.919897]  ? _parse_integer+0x190/0x190
[  118.924055]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  118.929332]  binder_ioctl+0xcbe/0x13fd
[  118.933215]  ? binder_ioctl_write_read.isra.41+0xaf0/0xaf0
[  118.938835]  ? lock_downgrade+0x8e0/0x8e0
[  118.943064]  ? kasan_check_read+0x11/0x20
[  118.947200]  ? rcu_is_watching+0x85/0x140
[  118.951355]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  118.956543]  ? __fget+0x40c/0x650
[  118.959990]  ? match_held_lock+0x851/0x8b0
[  118.964219]  ? expand_files.part.8+0x9a0/0x9a0
[  118.968789]  ? kasan_check_write+0x14/0x20
[  118.973018]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  118.977962]  ? wait_for_completion+0x870/0x870
[  118.982534]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  118.987885]  ? binder_ioctl_write_read.isra.41+0xaf0/0xaf0
[  118.993499]  do_vfs_ioctl+0x1cf/0x1650
[  118.997381]  ? ioctl_preallocate+0x2e0/0x2e0
[  119.001781]  ? fget_raw+0x20/0x20
[  119.005227]  ? __sb_end_write+0xac/0xe0
[  119.009195]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  119.014720]  ? fput+0x130/0x1a0
[  119.018000]  ? ksys_write+0x1a6/0x250
[  119.021802]  ? security_file_ioctl+0x9b/0xd0
[  119.026203]  ksys_ioctl+0xa9/0xd0
[  119.029649]  SyS_ioctl+0x24/0x30
[  119.033008]  ? ksys_ioctl+0xd0/0xd0
[  119.036632]  do_syscall_64+0x29e/0x9d0
[  119.040506]  ? vmalloc_sync_all+0x30/0x30
[  119.044643]  ? kasan_check_write+0x14/0x20
[  119.048870]  ? syscall_return_slowpath+0x5c0/0x5c0
[  119.053806]  ? syscall_return_slowpath+0x30f/0x5c0
[  119.058756]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  119.064122]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  119.068964]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  119.074141] RIP: 0033:0x4552d9
[  119.077318] RSP: 002b:00007f8443a50c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  119.085022] RAX: ffffffffffffffda RBX: 00007f8443a516d4 RCX: 00000000004552d9
[  119.092284] RDX: 0000000020008fd0 RSI: 00000000c0306201 RDI: 0000000000000013
[  119.099540] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  119.106797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  119.114055] R13: 000000000000019b R14: 00000000006f5728 R15: 0000000000000000
[  119.121962] binder: 10546:10551 transaction failed 29201/-12, size 40-29 line 2904
2018/04/06 01:05:32 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x20020, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:32 executing program 4 (fault-call:2 fault-nth:1):
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:32 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:32 executing program 6:
socketpair$unix(0x1, 0x400000000002, 0x0, &(0x7f0000634000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r0, &(0x7f0000000080)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000180), 0x492492492492510, 0x0)
connect$unix(r0, &(0x7f00003de000)=@file={0x1, './file0\x00'}, 0xa)
close(r0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100)=<r2=>0x0)
fcntl$lock(r1, 0x0, &(0x7f0000000140)={0x0, 0x3, 0xffffffffffffffff, 0x80, r2})

2018/04/06 01:05:32 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x0, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:32 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x2000000000001b, &(0x7f0000000200)=""/217, &(0x7f00008eb000)=0xd9)

2018/04/06 01:05:32 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:32 executing program 1 (fault-call:2 fault-nth:1):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  119.279598] binder: undelivered TRANSACTION_ERROR: 29201
[  119.336308] FAULT_INJECTION: forcing a failure.
[  119.336308] name failslab, interval 1, probability 0, space 0, times 0
[  119.347669] CPU: 1 PID: 10589 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  119.354524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  119.360949] binder: 10579:10593 got transaction with invalid offsets ptr
[  119.363877] Call Trace:
[  119.363903]  dump_stack+0x1b9/0x29f
[  119.363925]  ? arch_local_irq_restore+0x52/0x52
[  119.363950]  should_fail.cold.4+0xa/0x1a
[  119.363972]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  119.390882]  ? lock_downgrade+0x8e0/0x8e0
[  119.395035]  ? mark_held_locks+0xc9/0x160
[  119.399174]  ? __local_bh_enable_ip+0x161/0x230
[  119.403836]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  119.408844]  ? sctp_get_port_local+0xece/0x1540
[  119.413500]  ? trace_hardirqs_on+0xd/0x10
[  119.417640]  ? __local_bh_enable_ip+0x161/0x230
[  119.422393]  ? sctp_get_port_local+0xee4/0x1540
[  119.427054]  ? rt_mutex_enqueue+0x12d/0x290
[  119.431375]  should_failslab+0x124/0x180
[  119.435430]  kmem_cache_alloc_trace+0x4b/0x780
[  119.440002]  ? graph_lock+0x170/0x170
[  119.443796]  ? print_usage_bug+0xc0/0xc0
[  119.447853]  sctp_add_bind_addr+0xf9/0x4a0
[  119.452080]  ? sctp_bind_addr_free+0x20/0x20
[  119.456491]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  119.462018]  ? sctp_v6_available+0x12b/0x300
[  119.466420]  ? sctp_inet6_bind_verify+0xb2/0x500
[  119.471166]  sctp_do_bind+0x30d/0x5f0
[  119.474965]  sctp_autobind+0x16d/0x1f0
[  119.478841]  ? sctp_do_bind+0x5f0/0x5f0
[  119.482809]  ? sctp_endpoint_is_peeled_off+0xf1/0x130
[  119.487989]  sctp_sendmsg_new_asoc+0xbf2/0x10a0
[  119.492649]  ? sctp_sendmsg+0x125e/0x1d70
[  119.496792]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  119.502233]  ? __local_bh_enable_ip+0x161/0x230
[  119.506894]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  119.511900]  ? lock_sock_nested+0x9f/0x120
[  119.516123]  ? trace_hardirqs_on+0xd/0x10
[  119.520266]  ? __local_bh_enable_ip+0x161/0x230
[  119.524922]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  119.530445]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  119.535624]  sctp_sendmsg+0x1888/0x1d70
[  119.539583]  ? do_raw_spin_unlock+0x9e/0x2e0
[  119.543982]  ? sctp_id2assoc+0x3e0/0x3e0
[  119.548042]  ? _raw_spin_unlock_bh+0x30/0x40
[  119.552439]  ? __release_sock+0x3a0/0x3a0
[  119.556587]  inet_sendmsg+0x19f/0x690
[  119.560375]  ? ___might_sleep+0x2d0/0x320
[  119.564511]  ? ipip_gro_receive+0x100/0x100
[  119.568832]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  119.574380]  ? security_socket_sendmsg+0x9b/0xd0
[  119.579126]  ? ipip_gro_receive+0x100/0x100
[  119.583452]  sock_sendmsg+0xd5/0x120
[  119.587161]  __sys_sendto+0x3d7/0x670
[  119.590958]  ? SyS_getpeername+0x30/0x30
[  119.595019]  ? wait_for_completion+0x870/0x870
[  119.599598]  ? __lock_is_held+0xb5/0x140
[  119.603662]  ? __sb_end_write+0xac/0xe0
[  119.607628]  ? fput+0x130/0x1a0
[  119.610900]  ? ksys_write+0x1a6/0x250
[  119.615298]  ? SyS_read+0x30/0x30
[  119.618738]  ? mm_fault_error+0x380/0x380
[  119.622878]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  119.627712]  SyS_sendto+0x40/0x60
[  119.631153]  ? __sys_sendto+0x670/0x670
[  119.635114]  do_syscall_64+0x29e/0x9d0
[  119.638986]  ? vmalloc_sync_all+0x30/0x30
[  119.643123]  ? kasan_check_write+0x14/0x20
[  119.647352]  ? syscall_return_slowpath+0x5c0/0x5c0
[  119.652272]  ? syscall_return_slowpath+0x30f/0x5c0
[  119.657196]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  119.662549]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  119.667384]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  119.672559] RIP: 0033:0x4552d9
[  119.675732] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
2018/04/06 01:05:32 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x4000000, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:32 executing program 5:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f000035d000)={&(0x7f0000000140)=ANY=[@ANYBLOB="020d000006000000000000000000000004000700000000000a0000000000000000000000000008000000000000000000"], 0x30}, 0x1}, 0x0)

[  119.683428] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  119.690683] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  119.697938] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  119.705546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  119.712806] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000001
[  119.730286] binder: 10579:10593 transaction failed 29201/-14, size 40-29 line 2991
2018/04/06 01:05:32 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)=0x3)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2018/04/06 01:05:32 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306256, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:32 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x20000200, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  119.807128] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:32 executing program 5:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x140)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000080000000000000000000000000000009000100030000007802000000000000feffffffffffffff00000000ffffffacdc010000ffffffffffffffffa8010000ffff"], 0x1)
r1 = socket$packet(0x11, 0x1000000000000003, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f00000001c0)=0x6, 0x4)
getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000000)=""/143, &(0x7f00000000c0)=0x8f)
sendto$inet6(r1, &(0x7f00000000c0), 0x246, 0x0, &(0x7f0000005fe4)={0xa, 0x0, 0x100000002, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="e12e8602ddd1f3db801470ff08000000030060b35a39dc7d6b3d5a6e5bf701ba42f3b86d292eaa4d49adf926346d86bac5f9608547dd705f53739ff7abe52939021cab8333eb0884f269c2fba386349bf9a7287ad04aa33ba15956cee09ee46484a0e976"], &(0x7f0000000180)=0x10)
sendto$inet6(r0, &(0x7f0000000280)="bf5ed7d5d9b4946994561fca04a80f0abd40125539f81fda6da11311e80fabfd3afc11428b78877f9ba2a515278719ea9b85819bd194c8c9db460af8448436aedca1508e805370798965e25d7a3d6439b1a29661792083b503774c0db33abaa0f6a1e8430fb19124dd662c3a73184737671d2b33dcc826b20930e4f057d0419cbeeaae40e2a8f6f74ba2402116f2e5ea384860b775b98adf443086d9093ad23defeabdd268eb3ded8164c14124edf94154c51fe6902bff7c707eafc7746efb", 0xbf, 0x40000, &(0x7f0000000140)={0xa, 0x4e24, 0xffff, @empty, 0x8}, 0x1c)

2018/04/06 01:05:32 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)=0x3)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2018/04/06 01:05:32 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  119.887140] binder: 10606:10607 ioctl c0306256 20008fd0 returned -22
[  119.907368] skbuff: bad partial csum: csum=0/65535 len=572
[  119.922938] binder: BINDER_SET_CONTEXT_MGR already set
[  119.927231] skbuff: bad partial csum: csum=0/65535 len=572
2018/04/06 01:05:32 executing program 1 (fault-call:2 fault-nth:2):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:32 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:32 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)=0x3)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2018/04/06 01:05:32 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163}, 0x14}, 0x1}, 0x0)

[  119.961258] binder: 10606:10618 ioctl 40046207 0 returned -16
[  120.034182] FAULT_INJECTION: forcing a failure.
[  120.034182] name failslab, interval 1, probability 0, space 0, times 0
[  120.045507] CPU: 0 PID: 10628 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  120.052348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  120.061693] Call Trace:
[  120.064279]  dump_stack+0x1b9/0x29f
[  120.067902]  ? arch_local_irq_restore+0x52/0x52
[  120.072560]  ? __kernel_text_address+0xd/0x40
[  120.077049]  ? unwind_get_return_address+0x61/0xa0
[  120.081976]  should_fail.cold.4+0xa/0x1a
[  120.086038]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  120.091133]  ? save_stack+0xa9/0xd0
[  120.094756]  ? graph_lock+0x170/0x170
[  120.098719]  ? sctp_add_bind_addr+0xf9/0x4a0
[  120.103115]  ? sctp_do_bind+0x30d/0x5f0
[  120.107087]  ? sctp_autobind+0x16d/0x1f0
[  120.111136]  ? sctp_sendmsg_new_asoc+0xbf2/0x10a0
[  120.115963]  ? sctp_sendmsg+0x1888/0x1d70
[  120.120102]  ? inet_sendmsg+0x19f/0x690
[  120.124072]  ? find_held_lock+0x36/0x1c0
[  120.128129]  ? __lock_is_held+0xb5/0x140
[  120.132193]  ? check_same_owner+0x320/0x320
[  120.136596]  ? rcu_note_context_switch+0x710/0x710
[  120.141537]  should_failslab+0x124/0x180
[  120.145592]  kmem_cache_alloc_trace+0x2cb/0x780
[  120.150254]  ? sctp_add_bind_addr+0xf9/0x4a0
[  120.154659]  ? rcu_read_lock_sched_held+0x108/0x120
[  120.159669]  ? kmem_cache_alloc_trace+0x616/0x780
[  120.164506]  sctp_association_new+0x123/0x21e0
[  120.169099]  ? memcpy+0x45/0x50
[  120.172373]  ? sctp_add_bind_addr+0x3a6/0x4a0
[  120.176863]  ? sctp_trans_elect_best+0x3d0/0x3d0
[  120.181613]  ? sctp_bind_addr_free+0x20/0x20
[  120.186277]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  120.191807]  ? sctp_v6_available+0x12b/0x300
[  120.196210]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  120.201737]  ? sctp_v6_to_sk_saddr+0xef/0x250
[  120.206223]  ? sctp_do_bind+0x3e5/0x5f0
[  120.210210]  ? sctp_autobind+0x16d/0x1f0
[  120.214301]  ? sctp_do_bind+0x5f0/0x5f0
[  120.218276]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  120.223993]  ? sctp_v6_scope+0x56/0x60
[  120.227875]  sctp_sendmsg_new_asoc+0x2fa/0x10a0
[  120.232530]  ? sctp_sendmsg+0x125e/0x1d70
[  120.236671]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  120.242295]  ? __local_bh_enable_ip+0x161/0x230
[  120.246956]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  120.251972]  ? lock_sock_nested+0x9f/0x120
[  120.256210]  ? trace_hardirqs_on+0xd/0x10
[  120.260348]  ? __local_bh_enable_ip+0x161/0x230
[  120.265011]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  120.270542]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  120.275725]  sctp_sendmsg+0x1888/0x1d70
[  120.279689]  ? do_raw_spin_unlock+0x9e/0x2e0
[  120.284094]  ? sctp_id2assoc+0x3e0/0x3e0
[  120.288152]  ? _raw_spin_unlock_bh+0x30/0x40
[  120.292550]  ? __release_sock+0x3a0/0x3a0
[  120.296703]  inet_sendmsg+0x19f/0x690
[  120.301107]  ? ___might_sleep+0x2d0/0x320
[  120.305259]  ? ipip_gro_receive+0x100/0x100
[  120.309584]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  120.315110]  ? security_socket_sendmsg+0x9b/0xd0
[  120.319854]  ? ipip_gro_receive+0x100/0x100
[  120.324270]  sock_sendmsg+0xd5/0x120
[  120.327978]  __sys_sendto+0x3d7/0x670
[  120.331780]  ? SyS_getpeername+0x30/0x30
[  120.335851]  ? wait_for_completion+0x870/0x870
[  120.340425]  ? __lock_is_held+0xb5/0x140
[  120.344490]  ? __sb_end_write+0xac/0xe0
[  120.348556]  ? fput+0x130/0x1a0
[  120.351827]  ? ksys_write+0x1a6/0x250
[  120.355627]  ? SyS_read+0x30/0x30
[  120.359116]  ? mm_fault_error+0x380/0x380
[  120.363257]  SyS_sendto+0x40/0x60
[  120.366698]  ? __sys_sendto+0x670/0x670
[  120.370662]  do_syscall_64+0x29e/0x9d0
[  120.374539]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  120.379380]  ? syscall_return_slowpath+0x5c0/0x5c0
[  120.384298]  ? syscall_return_slowpath+0x30f/0x5c0
[  120.389223]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  120.394577]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  120.399415]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  120.404593] RIP: 0033:0x4552d9
[  120.407773] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  120.415471] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  120.422727] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  120.429982] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  120.437325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  120.444582] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000002
2018/04/06 01:05:33 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306209, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:33 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:33 executing program 5:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0x0, 0x8007, 0xffffffff80000001, 0x100000001, <r2=>0x0}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000140)=@assoc_value={r2, 0x5}, 0x8)
setsockopt$RDS_RECVERR(r1, 0x114, 0x5, &(0x7f0000000080), 0x4)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000001400090100000000000000000a000000", @ANYRES32=r4, @ANYBLOB="14004100fe800000d18641a8edaf2a6f2c5a73210a8fcafa85d67034a5bc8f2c20000000"], 0x2c}, 0x1}, 0x0)

2018/04/06 01:05:33 executing program 6:
r0 = socket(0x2, 0xfffffffffffffffe, 0x80)
listen(r0, 0x0)
r1 = accept4$ax25(r0, &(0x7f0000000000), &(0x7f0000000080)=0xffffffffffffffd7, 0x0)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000100)=0x2, 0x4)
tee(r1, r0, 0x9, 0x0)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000140)={{0xa, 0x4e21, 0x10001, @local={0xfe, 0x80, [], 0xaa}, 0x40}, {0xa, 0x4e21, 0xb, @mcast1={0xff, 0x1, [], 0x1}, 0x9}, 0x6, [0x200, 0x0, 0x200000d6a, 0x100, 0xe4, 0x10001, 0x8, 0x6]}, 0x5c)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0), 0x371)
ioctl$sock_proto_private(r0, 0x89ea, &(0x7f0000000040)="5debadf91750b48bdb58d33709d70a8bc7de27918d0ac3c0aa817467af7486525460c676f114c17e0f9ba11150db9f09d7c357")

2018/04/06 01:05:33 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:33 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:33 executing program 1 (fault-call:2 fault-nth:3):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:33 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x2d, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  120.626063] FAULT_INJECTION: forcing a failure.
[  120.626063] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  120.637956] CPU: 0 PID: 10642 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  120.644809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  120.654172] Call Trace:
[  120.656784]  dump_stack+0x1b9/0x29f
[  120.660432]  ? arch_local_irq_restore+0x52/0x52
[  120.665127]  should_fail.cold.4+0xa/0x1a
[  120.669207]  ? fault_create_debugfs_attr+0x1f0/0x1f0
2018/04/06 01:05:33 executing program 6:
r0 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r1=>0x0]}, &(0x7f000095dffc)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000000)={r1}, 0x8)

[  120.674334]  ? debug_check_no_locks_freed+0x310/0x310
[  120.679537]  ? rcu_is_watching+0x85/0x140
[  120.679727] binder: 10645:10652 ioctl c0306209 20008fd0 returned -22
[  120.683709]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  120.683736]  ? print_usage_bug+0xc0/0xc0
[  120.683775]  ? perf_trace_lock+0xd6/0x900
[  120.683795]  ? perf_trace_lock_acquire+0xe3/0x980
[  120.708515]  ? __kernel_text_address+0xd/0x40
[  120.713035]  ? zap_class+0x720/0x720
[  120.716775]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  120.722326]  ? should_fail+0x21b/0xbcd
[  120.724552] binder: BINDER_SET_CONTEXT_MGR already set
[  120.728768]  __alloc_pages_nodemask+0x34e/0xd70
[  120.728788]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  120.728813]  ? __alloc_pages_slowpath+0x2dc0/0x2dc0
[  120.748751]  ? find_held_lock+0x36/0x1c0
[  120.752810]  ? __lock_is_held+0xb5/0x140
[  120.756879]  ? check_same_owner+0x320/0x320
[  120.761202]  cache_grow_begin+0x72/0x6c0
[  120.765347]  kmem_cache_alloc_trace+0x6a5/0x780
[  120.770008]  ? sctp_add_bind_addr+0xf9/0x4a0
[  120.774415]  ? rcu_read_lock_sched_held+0x108/0x120
[  120.779420]  ? kmem_cache_alloc_trace+0x616/0x780
[  120.784256]  sctp_association_new+0x123/0x21e0
[  120.788838]  ? memcpy+0x45/0x50
[  120.792113]  ? sctp_add_bind_addr+0x3a6/0x4a0
[  120.796597]  ? sctp_trans_elect_best+0x3d0/0x3d0
[  120.801342]  ? sctp_bind_addr_free+0x20/0x20
[  120.805755]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  120.811281]  ? sctp_v6_available+0x12b/0x300
[  120.815685]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  120.821210]  ? sctp_v6_to_sk_saddr+0xef/0x250
[  120.825706]  ? sctp_do_bind+0x3e5/0x5f0
[  120.829688]  ? sctp_autobind+0x16d/0x1f0
[  120.833745]  ? sctp_do_bind+0x5f0/0x5f0
[  120.837710]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  120.842898]  ? sctp_v6_scope+0x56/0x60
[  120.846786]  sctp_sendmsg_new_asoc+0x2fa/0x10a0
[  120.851448]  ? sctp_sendmsg+0x125e/0x1d70
[  120.855591]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  120.861078]  ? __local_bh_enable_ip+0x161/0x230
[  120.865758]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  120.870769]  ? lock_sock_nested+0x9f/0x120
[  120.874991]  ? trace_hardirqs_on+0xd/0x10
[  120.879132]  ? __local_bh_enable_ip+0x161/0x230
[  120.883790]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  120.889317]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  120.894496]  sctp_sendmsg+0x1888/0x1d70
[  120.898462]  ? do_raw_spin_unlock+0x9e/0x2e0
[  120.902865]  ? sctp_id2assoc+0x3e0/0x3e0
[  120.906922]  ? _raw_spin_unlock_bh+0x30/0x40
[  120.911330]  ? __release_sock+0x3a0/0x3a0
[  120.915484]  inet_sendmsg+0x19f/0x690
[  120.919275]  ? ___might_sleep+0x2d0/0x320
[  120.923418]  ? ipip_gro_receive+0x100/0x100
[  120.927739]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  120.933263]  ? security_socket_sendmsg+0x9b/0xd0
[  120.938012]  ? ipip_gro_receive+0x100/0x100
[  120.942332]  sock_sendmsg+0xd5/0x120
[  120.946042]  __sys_sendto+0x3d7/0x670
[  120.949836]  ? SyS_getpeername+0x30/0x30
[  120.953890]  ? wait_for_completion+0x870/0x870
[  120.958484]  ? __sb_end_write+0xac/0xe0
[  120.962451]  ? fput+0x130/0x1a0
[  120.965724]  ? ksys_write+0x1a6/0x250
[  120.969518]  ? SyS_read+0x30/0x30
[  120.972961]  ? mm_fault_error+0x380/0x380
[  120.977118]  SyS_sendto+0x40/0x60
[  120.980562]  ? __sys_sendto+0x670/0x670
[  120.984530]  do_syscall_64+0x29e/0x9d0
[  120.988403]  ? vmalloc_sync_all+0x30/0x30
[  120.992543]  ? finish_task_switch+0x1ca/0x820
[  120.997034]  ? syscall_return_slowpath+0x5c0/0x5c0
[  121.001955]  ? syscall_return_slowpath+0x30f/0x5c0
[  121.006881]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  121.012238]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  121.017086]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  121.022274] RIP: 0033:0x4552d9
[  121.025451] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  121.033154] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  121.040416] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  121.047671] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  121.054936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  121.062427] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000003
2018/04/06 01:05:34 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x4, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:34 executing program 1 (fault-call:2 fault-nth:4):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  121.103888] binder: 10645:10654 ioctl 40046207 0 returned -16
[  121.124276] binder: 10645:10652 ioctl c0306209 20008fd0 returned -22
2018/04/06 01:05:34 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5460, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  121.207712] FAULT_INJECTION: forcing a failure.
[  121.207712] name failslab, interval 1, probability 0, space 0, times 0
[  121.219066] CPU: 1 PID: 10672 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  121.225914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  121.235287] Call Trace:
[  121.237890]  dump_stack+0x1b9/0x29f
[  121.241600]  ? arch_local_irq_restore+0x52/0x52
[  121.246264]  should_fail.cold.4+0xa/0x1a
[  121.250320]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  121.255411]  ? trace_hardirqs_on+0xd/0x10
[  121.259552]  ? graph_lock+0x170/0x170
[  121.263347]  ? find_held_lock+0x36/0x1c0
[  121.267403]  ? __lock_is_held+0xb5/0x140
[  121.271477]  ? check_same_owner+0x320/0x320
[  121.275794]  ? rcu_note_context_switch+0x710/0x710
[  121.280712]  ? sctp_outq_init+0x2e6/0x410
[  121.284848]  ? _warn_unseeded_randomness+0xbd/0x200
[  121.289860]  should_failslab+0x124/0x180
[  121.293927]  __kmalloc+0x2c8/0x760
[  121.297456]  ? mark_held_locks+0xc9/0x160
[  121.301593]  ? sctp_stream_alloc_out+0x33/0x1b0
[  121.306251]  sctp_stream_alloc_out+0x33/0x1b0
[  121.310915]  sctp_stream_init+0xf5/0x3b0
[  121.314969]  sctp_association_new+0x1305/0x21e0
[  121.319630]  ? sctp_trans_elect_best+0x3d0/0x3d0
[  121.324375]  ? sctp_bind_addr_free+0x20/0x20
[  121.328776]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  121.334301]  ? sctp_v6_available+0x12b/0x300
[  121.338701]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  121.344223]  ? sctp_v6_to_sk_saddr+0xef/0x250
[  121.348707]  ? sctp_do_bind+0x3e5/0x5f0
[  121.352672]  ? sctp_autobind+0x16d/0x1f0
[  121.356746]  ? sctp_do_bind+0x5f0/0x5f0
[  121.360720]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  121.365900]  ? sctp_v6_scope+0x56/0x60
[  121.369797]  sctp_sendmsg_new_asoc+0x2fa/0x10a0
[  121.374452]  ? sctp_sendmsg+0x125e/0x1d70
[  121.378603]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  121.384048]  ? __local_bh_enable_ip+0x161/0x230
[  121.388706]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  121.393711]  ? lock_sock_nested+0x9f/0x120
[  121.397936]  ? trace_hardirqs_on+0xd/0x10
[  121.402244]  ? __local_bh_enable_ip+0x161/0x230
[  121.406899]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  121.412423]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  121.417599]  sctp_sendmsg+0x1888/0x1d70
[  121.421558]  ? do_raw_spin_unlock+0x9e/0x2e0
[  121.425955]  ? sctp_id2assoc+0x3e0/0x3e0
[  121.430011]  ? _raw_spin_unlock_bh+0x30/0x40
[  121.434410]  ? __release_sock+0x3a0/0x3a0
[  121.438553]  inet_sendmsg+0x19f/0x690
[  121.442343]  ? ___might_sleep+0x2d0/0x320
[  121.446476]  ? ipip_gro_receive+0x100/0x100
[  121.450786]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  121.456317]  ? security_socket_sendmsg+0x9b/0xd0
[  121.461058]  ? ipip_gro_receive+0x100/0x100
[  121.465368]  sock_sendmsg+0xd5/0x120
[  121.469070]  __sys_sendto+0x3d7/0x670
[  121.472860]  ? SyS_getpeername+0x30/0x30
[  121.476913]  ? wait_for_completion+0x870/0x870
[  121.481491]  ? __lock_is_held+0xb5/0x140
[  121.485553]  ? __sb_end_write+0xac/0xe0
[  121.489516]  ? fput+0x130/0x1a0
[  121.492780]  ? ksys_write+0x1a6/0x250
[  121.496569]  ? SyS_read+0x30/0x30
[  121.500010]  ? mm_fault_error+0x380/0x380
[  121.504158]  SyS_sendto+0x40/0x60
[  121.507600]  ? __sys_sendto+0x670/0x670
[  121.511562]  do_syscall_64+0x29e/0x9d0
[  121.515433]  ? vmalloc_sync_all+0x30/0x30
[  121.519566]  ? _raw_spin_unlock_irq+0x27/0x70
[  121.524047]  ? finish_task_switch+0x1ca/0x820
[  121.528528]  ? syscall_return_slowpath+0x5c0/0x5c0
[  121.533445]  ? syscall_return_slowpath+0x30f/0x5c0
[  121.538364]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  121.543717]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  121.548549]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  121.553726] RIP: 0033:0x4552d9
2018/04/06 01:05:34 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1300, 0x0, r0, &(0x7f0000000200)}])

[  121.556900] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  121.564597] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  121.571852] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  121.579107] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  121.586360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  121.593876] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000004
2018/04/06 01:05:34 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:34 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:34 executing program 6:
r0 = socket$inet(0x2, 0x4008000000000001, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10)
sendto$inet(r0, &(0x7f0000000ac0), 0x0, 0x20000802, &(0x7f0000000a80)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000080), 0x4)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x200b40, 0x0)
ioctl$KVM_SMI(r1, 0xaeb7)
r2 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000280)='tunl0\x00', 0x10)
write$binfmt_elf64(r2, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78)
sendto$inet(r0, &(0x7f00000003c0), 0x105, 0x0, &(0x7f00000002c0)={0x2, 0x0, @rand_addr}, 0x10)

2018/04/06 01:05:34 executing program 1 (fault-call:2 fault-nth:5):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:34 executing program 5:
r0 = socket(0x11, 0x3, 0x293fb526)
r1 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x2)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x4003})
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'ifb0\x00', 0xa201})
fchmod(r1, 0x1)
write$tun(r1, &(0x7f0000000000)={@pi, @hdr={0x3, 0x3, 0x0, 0x6}, @arp=@ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @rand_addr}}, 0x2a)

[  121.720879] FAULT_INJECTION: forcing a failure.
[  121.720879] name failslab, interval 1, probability 0, space 0, times 0
[  121.732477] CPU: 0 PID: 10690 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  121.739314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  121.748667] Call Trace:
[  121.751260]  dump_stack+0x1b9/0x29f
[  121.754884]  ? arch_local_irq_restore+0x52/0x52
[  121.759548]  should_fail.cold.4+0xa/0x1a
[  121.763595]  ? perf_trace_lock+0xd6/0x900
[  121.767742]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  121.772839]  ? zap_class+0x720/0x720
[  121.776545]  ? print_usage_bug+0xc0/0xc0
[  121.780592]  ? graph_lock+0x170/0x170
[  121.784392]  ? print_usage_bug+0xc0/0xc0
[  121.788451]  ? find_held_lock+0x36/0x1c0
[  121.792505]  ? lock_downgrade+0x8e0/0x8e0
[  121.796656]  should_failslab+0x124/0x180
[  121.800709]  kmem_cache_alloc_trace+0x4b/0x780
[  121.805301]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  121.810526]  sctp_add_bind_addr+0xf9/0x4a0
[  121.814757]  ? sctp_bind_addr_free+0x20/0x20
[  121.819154]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  121.824334]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  121.829880]  ? sctp_v4_scope+0x19b/0x1c0
[  121.833928]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  121.840251]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  121.845261]  sctp_copy_local_addr_list+0x499/0x690
[  121.850185]  ? sctp_defaults_init+0xe50/0xe50
[  121.854671]  ? get_random_bytes+0x34/0x40
[  121.858804]  ? sctp_association_new+0x135/0x21e0
[  121.863558]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  121.868740]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  121.874270]  sctp_copy_one_addr+0x5d/0x170
[  121.878490]  ? sctp_copy_one_addr+0x5d/0x170
[  121.882889]  sctp_bind_addr_copy+0x16b/0x45b
[  121.887292]  ? sctp_copy_one_addr+0x170/0x170
[  121.891773]  ? sctp_autobind+0x16d/0x1f0
[  121.895819]  ? zap_class+0x720/0x720
[  121.899521]  ? sctp_do_bind+0x5f0/0x5f0
[  121.903484]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  121.909024]  ? sctp_v6_scope+0x56/0x60
[  121.912899]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  121.917550]  ? sctp_sendmsg+0x125e/0x1d70
[  121.921687]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  121.927128]  ? __local_bh_enable_ip+0x161/0x230
[  121.931788]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  121.936792]  ? lock_sock_nested+0x9f/0x120
[  121.941015]  ? trace_hardirqs_on+0xd/0x10
[  121.945157]  ? __local_bh_enable_ip+0x161/0x230
[  121.949813]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  121.955334]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  121.960510]  sctp_sendmsg+0x1888/0x1d70
[  121.964471]  ? do_raw_spin_unlock+0x9e/0x2e0
[  121.968873]  ? sctp_id2assoc+0x3e0/0x3e0
[  121.972926]  ? _raw_spin_unlock_bh+0x30/0x40
[  121.977324]  ? __release_sock+0x3a0/0x3a0
[  121.981469]  inet_sendmsg+0x19f/0x690
[  121.985258]  ? ___might_sleep+0x2d0/0x320
[  121.989401]  ? ipip_gro_receive+0x100/0x100
[  121.993708]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  121.999326]  ? security_socket_sendmsg+0x9b/0xd0
[  122.004090]  ? ipip_gro_receive+0x100/0x100
[  122.008400]  sock_sendmsg+0xd5/0x120
[  122.012102]  __sys_sendto+0x3d7/0x670
[  122.015893]  ? SyS_getpeername+0x30/0x30
[  122.019943]  ? wait_for_completion+0x870/0x870
[  122.024528]  ? __sb_end_write+0xac/0xe0
[  122.028490]  ? fput+0x130/0x1a0
[  122.031766]  ? ksys_write+0x1a6/0x250
[  122.035563]  ? SyS_read+0x30/0x30
[  122.039004]  ? mm_fault_error+0x380/0x380
[  122.043143]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  122.047972]  SyS_sendto+0x40/0x60
[  122.051422]  ? __sys_sendto+0x670/0x670
[  122.055472]  do_syscall_64+0x29e/0x9d0
[  122.059347]  ? vmalloc_sync_all+0x30/0x30
[  122.063484]  ? _raw_spin_unlock_irq+0x27/0x70
[  122.067975]  ? finish_task_switch+0x1ca/0x820
[  122.072459]  ? syscall_return_slowpath+0x5c0/0x5c0
[  122.077378]  ? syscall_return_slowpath+0x30f/0x5c0
[  122.082299]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  122.087650]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  122.092483]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  122.097657] RIP: 0033:0x4552d9
[  122.100831] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  122.108526] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  122.115782] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  122.123034] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  122.130287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  122.137540] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000005
[  122.183780] binder: BINDER_SET_CONTEXT_MGR already set
[  122.208244] binder: 10677:10682 ioctl 40046207 0 returned -16
2018/04/06 01:05:35 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa02, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:35 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x8000000000000000, r0, &(0x7f0000000200)}])

2018/04/06 01:05:35 executing program 7 (fault-call:2 fault-nth:0):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:35 executing program 6:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = openat$cgroup(0xffffffffffffff9c, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000100)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x100, 0x21)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000180)={[], 0x1, 0x8, 0xa2, 0x0, 0x5, 0x3002, 0x0, [], 0x200})
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
setsockopt$inet_int(r3, 0x0, 0xbf, &(0x7f00000000c0)=0xffffffffffffffb9, 0xd0)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000340)=@assoc_value={<r4=>0x0, 0x800}, &(0x7f0000000380)=0x8)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f00000003c0)={r4, 0x10000, 0x20, 0x8001, 0x8db}, &(0x7f0000000400)=0x18)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000140)=[@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x8}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200), 0x0)

2018/04/06 01:05:35 executing program 1 (fault-call:2 fault-nth:6):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:35 executing program 5:
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='selinuxfs\x00', 0x1000, &(0x7f0000000100))
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x2)
mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000001340)="6df920696e6955798aeccd5f3127f497528d16c1290415cab0d16e87cff43f0cbee60d87244525214b3cef400166bdc96b8e4c178c882f18c5468c313136f410a3e8bead6db07fad082e32da2d5b293369a17ee5721da9eb9eeea5e7d32453c9256aec953f9809d905d911fcabc685977cdd091a48b573ec8c6e1f6f5b9d6ebfdfb224c9d43bf0c667d10de01258bfac6d8b363422a34e3dbe421c4dee96135a81c248989c23d3d91fe0ed0a29317be09b5e661fe5dd44086585d94295384838fc914fcf122c61e6c836613915f3f7e6695fc8183bc5de452372cdd32a9612f006cec0ad1134a104467bb398a06f500c37b1ce08ce99", 0x2010020, &(0x7f0000000240))

2018/04/06 01:05:35 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:35 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5452, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  122.316620] FAULT_INJECTION: forcing a failure.
[  122.316620] name failslab, interval 1, probability 0, space 0, times 0
[  122.327965] CPU: 0 PID: 10706 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  122.334825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  122.344188] Call Trace:
[  122.346795]  dump_stack+0x1b9/0x29f
[  122.350440]  ? arch_local_irq_restore+0x52/0x52
[  122.355106]  ? __save_stack_trace+0x7e/0xd0
[  122.359446]  should_fail.cold.4+0xa/0x1a
[  122.363528]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  122.368624]  ? kasan_kmalloc+0xc4/0xe0
[  122.372502]  ? kmem_cache_alloc_trace+0x152/0x780
[  122.377335]  ? sctp_add_bind_addr+0xf9/0x4a0
[  122.381731]  ? sctp_copy_local_addr_list+0x499/0x690
[  122.386822]  ? sctp_copy_one_addr+0x5d/0x170
[  122.391219]  ? sctp_bind_addr_copy+0x16b/0x45b
[  122.395792]  ? sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  122.401490]  ? sctp_sendmsg+0x1888/0x1d70
[  122.405625]  ? inet_sendmsg+0x19f/0x690
[  122.409595]  ? sock_sendmsg+0xd5/0x120
[  122.413470]  ? __sys_sendto+0x3d7/0x670
[  122.417434]  ? SyS_sendto+0x40/0x60
[  122.421052]  ? do_syscall_64+0x29e/0x9d0
[  122.425105]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  122.430460]  ? graph_lock+0x170/0x170
[  122.434255]  ? print_usage_bug+0xc0/0xc0
[  122.438320]  ? graph_lock+0x170/0x170
[  122.442112]  ? find_held_lock+0x36/0x1c0
[  122.446173]  ? lock_downgrade+0x8e0/0x8e0
[  122.450316]  should_failslab+0x124/0x180
[  122.454377]  kmem_cache_alloc_trace+0x4b/0x780
[  122.458952]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  122.464128]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  122.469654]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  122.473974]  sctp_add_bind_addr+0xf9/0x4a0
[  122.478200]  ? sctp_bind_addr_free+0x20/0x20
[  122.482601]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  122.487782]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  122.492960]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  122.497972]  sctp_copy_local_addr_list+0x499/0x690
[  122.502896]  ? sctp_defaults_init+0xe50/0xe50
[  122.507381]  ? get_random_bytes+0x34/0x40
[  122.511518]  ? sctp_association_new+0x135/0x21e0
[  122.516270]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  122.521447]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  122.526986]  sctp_copy_one_addr+0x5d/0x170
[  122.531213]  ? sctp_copy_one_addr+0x5d/0x170
[  122.535615]  sctp_bind_addr_copy+0x16b/0x45b
[  122.540019]  ? sctp_copy_one_addr+0x170/0x170
[  122.544504]  ? sctp_autobind+0x16d/0x1f0
[  122.548557]  ? sctp_do_bind+0x5f0/0x5f0
[  122.552530]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  122.558055]  ? sctp_v6_scope+0x56/0x60
[  122.561935]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  122.566589]  ? sctp_sendmsg+0x125e/0x1d70
[  122.570730]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  122.576178]  ? __local_bh_enable_ip+0x161/0x230
[  122.580837]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  122.585839]  ? lock_sock_nested+0x9f/0x120
[  122.590060]  ? trace_hardirqs_on+0xd/0x10
[  122.594194]  ? __local_bh_enable_ip+0x161/0x230
[  122.598937]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  122.604460]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  122.609638]  sctp_sendmsg+0x1888/0x1d70
[  122.613598]  ? do_raw_spin_unlock+0x9e/0x2e0
[  122.617997]  ? sctp_id2assoc+0x3e0/0x3e0
[  122.622056]  ? _raw_spin_unlock_bh+0x30/0x40
[  122.626456]  ? __release_sock+0x3a0/0x3a0
[  122.630606]  inet_sendmsg+0x19f/0x690
[  122.634393]  ? ___might_sleep+0x2d0/0x320
[  122.638531]  ? ipip_gro_receive+0x100/0x100
[  122.642843]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  122.648365]  ? security_socket_sendmsg+0x9b/0xd0
[  122.653106]  ? ipip_gro_receive+0x100/0x100
[  122.657426]  sock_sendmsg+0xd5/0x120
[  122.661130]  __sys_sendto+0x3d7/0x670
[  122.664923]  ? SyS_getpeername+0x30/0x30
[  122.668987]  ? wait_for_completion+0x870/0x870
[  122.673567]  ? __lock_is_held+0xb5/0x140
[  122.677629]  ? __sb_end_write+0xac/0xe0
[  122.681595]  ? fput+0x130/0x1a0
[  122.684863]  ? ksys_write+0x1a6/0x250
[  122.688655]  ? SyS_read+0x30/0x30
[  122.692104]  ? mm_fault_error+0x380/0x380
[  122.696242]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  122.701088]  SyS_sendto+0x40/0x60
[  122.704529]  ? __sys_sendto+0x670/0x670
[  122.708503]  do_syscall_64+0x29e/0x9d0
[  122.712375]  ? vmalloc_sync_all+0x30/0x30
[  122.716511]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  122.721341]  ? syscall_return_slowpath+0x5c0/0x5c0
[  122.726259]  ? syscall_return_slowpath+0x30f/0x5c0
[  122.731182]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  122.736542]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  122.741383]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  122.746560] RIP: 0033:0x4552d9
[  122.749734] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  122.757430] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  122.764684] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  122.771945] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  122.779197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  122.786462] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000006
2018/04/06 01:05:35 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x400000000000000, r0, &(0x7f0000000200)}])

2018/04/06 01:05:35 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:35 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x4020940d, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  122.893610] binder: BINDER_SET_CONTEXT_MGR already set
[  122.900623] binder: 10712:10722 ioctl 40046207 0 returned -16
[  122.926702] EXT4-fs (sda1): re-mounted. Opts: 
2018/04/06 01:05:36 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc020660b, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:36 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x100000000000000, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:36 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x100000000000000, r0, &(0x7f0000000200)}])

2018/04/06 01:05:36 executing program 1 (fault-call:2 fault-nth:7):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:36 executing program 5:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000280)={<r1=>0x0, 0x3, 0x10}, &(0x7f00000002c0)=0xc)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000340)={r1, @in={{0x2, 0x4e22, @broadcast=0xffffffff}}}, 0x84)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000400)=ANY=[@ANYBLOB="736563757269747954936c8bb49337000000eeffffff00780000007ce035d1947e8dc0ca38dbb4f3f19e865d3ed9222f437651b57780ce7dd644b422df669d70a466f667b07c4ed4ccb6cd4242092b0fe8c201cc90cc7b2c2bb700c1b2cce6fadeab842f299ebe9319a7f0f9bb22c7461a044784bb090f3d5eeaee5810000000000000000000000000000000000000000000002005d32ce530d014cf46ca93e35e49e266da1713f258dbfdb949aa45c75ebfd3593b75d20fe73c8a2316c347e705a212bb69d1d1f1733ae25369391ad09e2b56e4a4aec9bb45b7e74620528a1f96e9b085f1616bbaba8c75660c593cd1bfd285bf6f4c476fd0c5d7811099775c1bc0ed90e8ec58e6fd2718328a775db2875a00be86affbf2a1d8e32c78a52c0cd64ef96e9592525ef41356a6c8cf075a84600497f7aa01d1c0b929703848a3574823e35703a6aad3efdaafb195bf8e05d189ccabf57e9e082377048e0d21eab458188e981a2dad2ac7d6b38cf7d653059c62248705420bdf5f0ea163bf8165db0998a73be47e124969f3f4383a930e69e3285ae7602c66bc149085855f17f60ae30a427bdd13c94b9037bc9e"], &(0x7f0000000240)=0x9c)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000040)={<r2=>0x0, 0x92}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000000c0)={r2, 0x7, 0xa2, "c2d7b12cc2801905385b518d7067cf1b47f8086dd8d33752a877f35eb6327d0f5846730995b6422a174c5d1ff180ad263b7cb01c73d018e99fdf5a7fa04a6f5db2d420799285693b8f961fd794bdf3a5da4161c895856ab806e1dd0d940e680d2ac57880d7aca3f23b483c4c73e4c668185c1f57d97978ce2501fc11442c44a5ec12f7f2f559ec2a739c11ae25c132dfe91abce60ea7a06d078a35a2921d3cef57c2"}, 0xaa)

2018/04/06 01:05:36 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x12}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:36 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000000)=0x3)
r1 = dup2(r0, r0)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

2018/04/06 01:05:36 executing program 6:
r0 = eventfd2(0x9, 0x80001)
fstatfs(r0, &(0x7f0000000000)=""/225)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x200, 0x0)
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r1, 0x800455d1, &(0x7f0000000140)=""/162)
r2 = socket(0x4, 0x2, 0x100)
renameat2(r1, &(0x7f0000000200)='./file0\x00', r1, &(0x7f0000000240)='./file0\x00', 0x2)
getrandom(&(0x7f0000000280)=""/152, 0x98, 0x1)
ioctl$sock_inet_SIOCDARP(r2, 0x8953, &(0x7f0000000340)={{0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x0, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x20, {0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, 'ipddp0\x00'})
r3 = getpgid(0x0)
r4 = perf_event_open(&(0x7f0000000400)={0x3, 0x70, 0x7346, 0x7, 0x6, 0xc97, 0x0, 0x9, 0x4001, 0x6, 0xfff, 0x401, 0xc470, 0x800, 0xffffffffffff7fff, 0x7, 0x3ff, 0x9000000000, 0x4, 0x0, 0x8001, 0xd8, 0x8000, 0x7, 0x3ff, 0x1, 0x4, 0x4, 0x9, 0x101, 0x3, 0x4, 0x5, 0x7, 0x1, 0x0, 0x2, 0x3d, 0x0, 0x3, 0x3, @perf_bp={&(0x7f00000003c0)}, 0x40, 0x7, 0x0, 0x0, 0x100, 0xdd9, 0x3}, r3, 0xa, r1, 0x0)
r5 = socket(0xa, 0x80004, 0xc0)
setsockopt$IP_VS_SO_SET_DEL(r5, 0x0, 0x484, &(0x7f0000000480)={0x72, @dev={0xac, 0x14, 0x14, 0x12}, 0x4e22, 0x2, 'sed\x00', 0x4, 0x1f, 0x47}, 0x2c)
getpeername$netrom(r5, &(0x7f00000004c0)=@full, &(0x7f0000000540)=0x48)
ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000000580)={{0x16001, 0x3000, 0x0, 0x1, 0x4, 0x100, 0x7ff, 0x5, 0x5, 0x6, 0x4, 0x101}, {0xd000, 0x0, 0x0, 0x6, 0xdf2b, 0xa1ca, 0x6, 0x2, 0xfffffffffffffffa, 0x3f, 0xd6, 0xfffffffffffffff9}, {0x0, 0x106000, 0x9, 0x10000, 0x6, 0x8490, 0x3f, 0x6, 0x8, 0xfffffffffffffff9, 0x3, 0x10000}, {0x6000, 0xf000, 0x0, 0x401, 0x4, 0x2000, 0x0, 0x8000, 0x9, 0xfff, 0x2, 0x5}, {0x2000, 0x0, 0x0, 0x7, 0x5, 0x8, 0x4, 0x7, 0x2, 0x9, 0x44f, 0x834}, {0x3000, 0x7001, 0x3, 0x8, 0x1e46, 0x686, 0x32c754ce, 0xf37, 0x0, 0x9, 0x6, 0x636f55f}, {0x5003, 0xf004, 0xb, 0x0, 0x400, 0x2, 0x1, 0x7f, 0x5, 0x2, 0x401}, {0x0, 0x10000, 0x19, 0x7, 0x400, 0x50, 0x1, 0x3, 0x2a23, 0x1, 0x9, 0x4}, {0x10d000, 0x3000}, {0x5000, 0x1}, 0x10, 0x0, 0x5000, 0x400000, 0x2, 0x8401, 0xd002, [0x0, 0x4a5356e3, 0x101, 0xfff]})
ioctl$KVM_NMI(r1, 0xae9a)
symlinkat(&(0x7f00000006c0)='./file0\x00', r1, &(0x7f0000000700)='./file0\x00')
ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000000740))
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000880)={'vlan0\x00', &(0x7f0000000840)=@ethtool_channels={0x3d, 0x0, 0x8, 0x0, 0x80000001, 0x1f, 0x3, 0x8000, 0xffffffffffffffa4}})
r6 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
ptrace$setregset(0x4205, r3, 0x2, &(0x7f00000009c0)={&(0x7f0000000900)="d9b4a7c409e2918b73125e05a6d86d5dabb92ba162d3bf9037193a24ee85dde592ca330b1322a9078eadf44614e0c01dd9ac309957131ee5a5613ac14adfb4446606bfbb2ad92ccd047dc0faa6fc5e40c3ee5d892d088321c1ad1820f409c7b0ab6d5b518c3a1fc14d364c19121a6e47fc98381075c9a80d9e09e19be09ee1feeb910a35218ded4cd791237fd35a76291b43fd28884c55f8701acc131122b9442e69fb229365", 0xa6})
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000a00)=0x7, 0x4)
ioctl$KVM_GET_SREGS(r1, 0x8138ae83, &(0x7f0000000a40))
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r2, 0x28, 0x6, &(0x7f0000000b80)={0x77359400}, 0x10)
r7 = openat$cgroup_ro(r6, &(0x7f0000000bc0)='memory.current\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000cc0)={r2, &(0x7f0000000c00)="f64039eef67ee55f917c583474151491db9972afdef5d83ee3f57e705a552d25a9a28f05385d5effb9e88567c64733bf082f7f06836def2c1061d1a9053f98cfe57072d4f5316290cb99a9061def6ccbfcf36edcc463a1d7", &(0x7f0000000c80)=""/50}, 0x18)
fcntl$F_GET_RW_HINT(r4, 0x40b, &(0x7f0000000d00))
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f0000000d80)={{0x3, 0x7, 0x7, 0xdc34, "94c95b41c7c722fc4e73469c91b314adb9b24c75ff305613605fe4b95ef51de87d5b4c0e39a67c71d90a6b58", 0x8}, 0x0, 0x0, 0x4, r3, 0xffffffff, 0xfffffffffffffffb, "365d796d303b3931958a7f77b7383782e05b951382eb92df9d49b820cc37848b2e4dc07d48b79eead2fba4997a4e243d4a13b8a89aa37a74ca884285595f0277", &(0x7f0000000d40)='ipddp0\x00', 0x7, [], [0x7, 0x0, 0x2, 0x1]})
pipe2(&(0x7f0000000ec0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x4800)
getsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000f40)={{{@in6=@ipv4={[], [], @multicast2}, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in6}, 0x0, @in6=@mcast2}}, &(0x7f0000001040)=0xe8)
r11 = getuid()
getsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000001340)={{{@in6=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in=@remote}}}, &(0x7f0000001440)=0xe8)
lstat(&(0x7f0000001980)='./file0\x00', &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
getresuid(&(0x7f0000003280), &(0x7f00000032c0)=<r14=>0x0, &(0x7f0000003300))
getsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000003940)={{{@in=@multicast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}}, {{@in=@broadcast}, 0x0, @in=@remote}}, &(0x7f0000003a40)=0xe8)
fstat(r2, &(0x7f0000003a80)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0})
r17 = getuid()
fstat(r9, &(0x7f0000003b00)={0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000003b80)={0x0, <r19=>0x0}, &(0x7f0000003bc0)=0xc)
r20 = getegid()
sendmsg$netlink(r7, &(0x7f0000003cc0)={&(0x7f0000000f00)=@proc={0x10, 0x0, 0x25dfdbfe, 0x40000}, 0xc, &(0x7f00000038c0)=[{&(0x7f0000001080)={0x290, 0x31, 0x0, 0x70bd2b, 0x25dfdbfd, "", [@typed={0x8, 0x9, @uid=r10}, @typed={0x8, 0x56, @u32=0x10}, @typed={0x18, 0x3, @str='/dev/vga_arbiter\x00'}, @typed={0x8, 0x7a, @uid=r11}, @generic="0308a674c47a7bcfca1816b2602d1e4cddab9b544b0dc6a93d71ccf86506c503bcfdcb27346ff92c8076e0f0a434dbac522e56528234e0e7a78de616ba9779866ecffa6eaf81cae72a18aebe81c8dad68d6dca2d5f5f47a22ff5081d3187c625b661c9e7121ec3bfbd72f2118edb52cf1d44dc735c73595949cca04a9267e7933f08e979980236625e79c47731a183e782453c2b237c213b84795318d8154857179a2161c67da1fd00aed79f9bf13b00022deec870ae0f6d1c69746ec41496", @generic="5fd5bda4c58e5c061fe98d1b87512d95375dbe3f3ee195dc6bab20af634c574946747619f2c57b1597451267ee264e95808515dcd9adefb4c2df334cf0c4ca372ae13d90dc181dd514e47a9757db3a431b417e0ccfd9c9cb7a5d7285e214115c534184c05f545a9cf2eafa72a4770f570c0513e69ef7c04ad222b86c56d8fac675f3e335498ea05ad95c16ebed8ce6cdb4b4cda59fb26485", @generic="28454cb098d822afa296f9b3fd82e2152fc603f63798daa07bb0dc16800ea3cb798069067abd49a398ac8aeed34b1701cb9e6a749b9dfcfb83941500a732e44469250e16cf06ba74da1a0c0d801ded92273a86a12b52c9fb69f716c888f05df9faf4b3c96467a8dd9b8fe0ebd297d40be291b2007cc234bb80fedc21f952f683dd03b65f74f583a65800a63379ce555b6d87cbeb47bf98d888c08c0e1710b3771d1225d4dd1738169e99b1a4054462607c38ad892e45f0b2f3ad004188f1d5169e9e437008fc222101a2f15cee8464788b1d232b06cbe9c65a0f658ace06559a88f154872298f4ad5e458620f67701220f6b910f6e27416c"]}, 0x290}, {&(0x7f0000001480)={0xec, 0x3c, 0x800, 0x70bd28, 0x25dfdbfc, "", [@generic="6a7ff6e7e9db328301c25ecd499aa73153f771b2d7a726d3985ccc3f7d847f5418d4ea05af7b510d3a6e0a4c7ec66abf2eaf66b3ad1f40b37ce0fd651abb7c4a01159e4f74594df1e76b1365e8be28b589bb997f384cca11f7a5d7c31b36f4d8ac8b1c293bf376d1baeaf65a37f2e35c56e671849807c586fb9b9f18ffc79484208691a66ba3c59f650da885167a86c13be6b7aba5b21e1553c2a587e6250cb51b18730877f6d9b646e80302947882090661717ef19df0cbd8a765ba6160e337cec899a514dbd7746d727a4202b8208a7a2214", @typed={0x8, 0x7e, @uid=r12}]}, 0xec}, {&(0x7f0000001580)={0x3f4, 0x1d, 0x100, 0x70bd26, 0x25dfdbfc, "", [@nested={0x3e4, 0x27, [@generic="92677c25192a1e2d7f21990e4fb075c61220aff23100f19c0838daee22d8f21d78cf45936c5edbf26bf04b5503ac08b0b4304883f8b37f3a5d43288045b3e0999b3f36975f65f8b8b5d08bb5ef7b5bc8c1e2acf8a31ef4da5eeb6c58e7f2decb07e40488cab5edbd16db56015614f31ad4a1053d7324cea52a66cab7d6a4ef0e914e4a2b43b0a59965e879ba6b82237506f888b2ec7feb08a8da32091dbf839254a3035957f45cf5534f40ce2a0b13610617b19c1df4129ba7c2bc2c0a53cac3452ea28bd68c36cfae821d0040bd4d6a38af397f45352785c05d640f2a01598049b422ef5960397f", @generic="30d2f0c127ef7f2cb9a9513567f1578c4a3353ccf4f4557576b1047a4be2d965730275d0f96eb25ef3263c398abf8f8fc150bc0bf1ef8285cf3bac1e9c8c9dc61c6850216686434a7d5857755015623b3979332254831fb03e6be18eb2bd5e06874d8f4e88caee37a84a370c1f8b4e2d57f56cffdb1dd9b797fe539946e7995977a565b8488b36936a3c78d42d7192bb536770cf7065d5b7a38de87d1b9712d2dd1cbe6218c41a0ae4aa7bfd70aa5d8d517e86b8174eb384a4dc287261d963c4296354b166eeaa8974ddeffc217b4febdfe62ad3a7e6279d43438898d73a0ccf64b221cd5084801559367b3f55", @generic="c28827e3591f53c8ad87bc2c013b07466711be7adb895016936e4bfd2a4bee1052ea3450a55fbe47c65ebe2d0cdc5eca078c360bec7f6f77898f6e8e298bcbe10d21d3fcdc", @typed={0x2c, 0x1a, @binary="22057e8bed06cf6a1c7f1781c04d94dced4e44a4bb882228a324a1d694adc8ab5fc3ecfbf47b"}, @generic="6fe1f5986ccff90177e1f0461350d269648c40255c7d086a3312fbcccbe897efefa27ec2877b4f97833018d0c900c9186b401dbde7be006f2084a0ad59af570d22da5fc0921891fd57fe58fab26a49a334b24035127ccdda4e79fafbab28c3d102d04c45bbac1b4120b84bf332542acbad12fdd15142f4da44a749ec651167112ec23e05c3a608a22f5e9fceac580adc14a43d5dbdb045ab9dea52a706b42c72c4d5db6e1063279550ce7f8daa6d88ca40517a8bbc3b5efd9657bc105a64bb7059d4cf988b", @typed={0x8, 0x81, @fd=r1}, @generic="22cb6e3d348c6728da69c6f9116a2598f3e080a24e33addd602fa49b95816ef020859e153ec3d07432745e0b16f962dfe11c7754b741706a2d1faa1051bb5a0b6e45cafae6934e3a3a8d0cf3241ccfe6ac39135c2394809b0695b68b7c3f44dfefcc70fd0973624e22573f6880a359f660f223c4a4a350ebc491e6bfe0396547e0a7e08522ec8fa3fca156c2c0016e8d07e9ccb56c53b292a97b5d17ea69a6bd6112d48aabefde5d6ecdfff91fa4b825b8b2c44aa97d008ff2f9e42dc5d511e3e0646bbaf379aab257d4074d"]}]}, 0x3f4}, {&(0x7f0000001a40)={0x16a4, 0x35, 0x202, 0x70bd2a, 0x25dfdbfe, "", [@generic="bca1666ba36532a57c7e5a539eed544894e09ffd3ef628a77ed1307c31c8541b213ff16c5449afc85c885414b09695c73518b08daab25a5b2c9f49414bab2dcfe68491c1db55d64474fc0a97d2f0a16ae774c46a6c182864d327b9f9f99cadd39b1d9d682c4141a628902882d8addd19b4aee5ae0dce3e91e7119b4f062215cd0c3c8dd9bcdd1bb5a2c5fc8576c67be13f155022a2c0b50fbf981f6b1b8900c7b478a53540e21fc1756900e0766506e202e55deb96721ddfb0381e9a2a986aff95acf1210cf89505a27cb8de2787383f16dc8b772528d348ea56d6b0e7ff1cbf8c86672974debc6912ee2b", @generic="08ba8df415487d158677bde749fe0fb3df7021e3f44cb4b6d8914732ab5e2c530a96e88df2a85f7eaad9ee69e46cbab01c178799a44506e02587474c7d89860edcf9597ffca2b100e6991a048e0941225b6ba2a42813b43f0328dab949b6c916ec7e4a7141cc1fd8eb2e0084576f52434a763a7f0099c5c3127980f622060fbfdaea8045e9bf339b7e76328fb803eb9fa7ee83da46d98e8d718dc495eefb7fabbeaa4f7a2dae5e5af25a78723a2ef9d4d192dba2f4323e19146c512f034d8bc69a52820f83137a0bdc0655c4a33a6d82592affd2cc0924a9ce407330d42530e024e63fda8ce1ee7df59f7805cadb3666efb9e270d3ec6948ec78", @typed={0xf8, 0x87, @binary="cd48d15563df56a19128b552bdc9bbfc821d3149caf2ca707af3796dcbcadac7a0565f8841848025901a2b2c4c293aa1b2ab5b23c85357eff8d6659fdde2ec987c85aa719b1901f1ffd45d8e5b9bfc242f38d9afc3d237f05171e6e0f6f9a4423c9dcb8c3b43a1e3bcd1144d02a820b0dce532517e68ad5ad8f65da78cde57d97d3e8fed6b904ab17253cf64dbfb2a72b13d08e263dbff87a4699a8166dc073368f08ce9e99d2c0dd63aa7ac7aa42fe03b0803359e6756830a0c1f9b3fb8069f0c614a677ee8940a29fde9399a36701f78b054bcb204967d467ce74b9b0ed8e480dad8633ab6510f80da4845ae3023ccb348"}, @generic="9764748a41a1b2472fce339275ac1f58ac110ca65e25429474759d270e2af017d9485682078dbb34c0af19e7188f4f297b2a", @nested={0xc8, 0x7a, [@generic="4ef48de4003904b7a1636c6306c619d8d32f6cb3aa2da0e0d6825f696854c2f16367dbad072c05fbcf6649e990116cac4d602681ba80ef6025c55018dd998ff053a31e82754c41e8251fe4eb3612593c63dc2b6cd191c693a679be1478fb1e831fb575b2dcc83af962ac5e347b2614623def7c7ee08e90e58bf5ec098030471d2f8f12c35676c49f50942bc51670ad5be1ee639febaef25d50691179380738d1245ce0fedeb61039bdc3231a7b", @typed={0x14, 0x8f, @str='.\\securitylo\x00'}]}, @nested={0x129c, 0xd, [@generic="b163aa0a9ea38415724423d1c366d18fc08ca9db145a3225bf951783f9b1a21906f76c9dec90ef8ae6e633927b230bc25e8f9dacff0f3b85b0caab3a02add72a449306e9cb143b1e911d4ed4d9b28321c0a758eeedc9e2ad957f585b359c9347c746324f9854ba4d8d2f05e5122e9ef61852f1f1347468cef08f2bdf7eefee7894289ea806666d1571491f8ce9beb55f2b30825cca672c32835baaadf581c9f5bace", @generic="9d9887be475a58ab5eee1101c2b36f31ff76c682ef904cbccd12aa6bd2b3a71248d8ed533d4b75f355e0ad605711fac4a44f04dc486853b645c8bf8fed2bb05009df9d98bf4d8c2c97e88eafae326c38b81bb3826b4152510f4af850e71d0d217ab2ac00ab1fdee7597e474118ba2d15abc21f552b4bc2dd24b1380da920b30511446bbff50537fca9055ecb0b8de9e368783b25f4bf181355fb6ffd14e0ac2cda578134e0ed78ee4a6de15cdcf87a740cb6ed66c0ec82664f5ea27a6cb865954cee254209f5f58343c6845ea18f88d1a0e276814ede1ecd2bbeed1f947ddbfcd9004c3a5006f7c82b3de3057828d7acbe08d181d54fe5a6c291e4cbdedbb0fcaa3eaf92edc3fe6fe7e530d167d5a3a9d66dffd1a7d76cc557ac4e38827c345e92243c179acc2adbac21b6c8ed4800e9fb6df8d23e735ecf2fb8bcd8cc28a2c0574ac8c2f1c0647239657d3442c9f4eb496c8bfbcd3b74a18fd5d70a2e8ec0fd1e43109f8bec71996e3fd90a143d94d1c1cb47d8c5c28f8c423b6dabe004692072fc2b31cf6452faaf490d190c87d6c43ecf088fda715f16a8f5d891b0a0dc6a1584077544ddded722bd455ffc5f20b72d605e71328b3ef200ed1f4507e7971ef82229318991b0e838de1f2e2347cdbfc771aeba5a8defa6255dcd7bca3f7b19c12ac95cb5e15a41d9ee1c7dbc407cea385eb017e68b09a5a05581770c62f4ece7dc99eed0a9299729e4518c24cdc87ade57d32fea48f99a022eac7603b76ef86323fa2ed68dea9b644ec5a12a74b0a8c76014cc42794a19ca25b5df66954e675711df41f1ca5d1d858ee4ed5b29f20aed89ce246d9eb5e53b2e1f4baae6a59183d12ad35626e6d390a0d69abe9dc0c073e5c5ff30d7a83eac19aaacbebc50dcaaaf1e84243bb5e56def9bc4bddbc80d7077d9739a221a98c36ed9fb44bdd8e0a4db67c7dc679df6fe36a586c41dd89585c80673b6962eed221a0e2c7d09819b6ada610a9011729871482f38ff35fc43e01877557c4b6fd49971ecc94fd74cdf033230a3c0918998ac8329d908b422e391fc50be1bcef4b03d48eb305d696d5642b99291045e7a541281b25d7086d601a2d54259da521078f6cb5ebd458a621468039add24e0cb3d61868c4e068b890edad9a5480df45a165a526e591e05718aa8139b65d339427656ae2b2e073e420d702892b490d6701fae695ac3c80c259d489d1bbbe76b0d9cca6bff87214d8f7cfe82a3d1abc3ec3e80dfd95916f2fc52e4b0fc60cc5bb3556063e197f4bfa64c4aa2815cf8830be49e29c868ec5f9b2058393aca33fe9553fd40a21bc438a8224c30d7350351082ccbd641d315851af7d89668915f272f9d2dfb25236a11db4367b1b227cc209db5d3def4103c69556f3f0b4947b9cf461e1ea78af951259c8bae0bc10b141fa8318e8415da79e51f38679971949cf9a5166e83a8e8907e209ab7a12bc51d43517a4231c7b94407a4ce23cb06cbeb8a3a485716fa820512492a8516bef46a1387f09a2f01578d81a54a39a4365b2a6835330476cf2a999bf0a9e8582a81f1dddee3ccd8253790fc2a2ae90916635dba6e9a0300f67e90918604f41ccc0604e1060fca77e2033e8f45f2a0f9b1795f965e508d458003cec79ac3b3f97d3fda17747d7a1542482d4327fd5e29e3732755a0907383172491df6a89a9265da768e9e4d0821c8c4d016aca2bf476042e5bea2498cda271ff70d5468edc9e9699680866dcb6d7a8e4e0bbee85f28536d76382060ba56fa2b1eb0576c5e6187fe469d467098df8a2cfb62906406616d39e72b216a768330bdaf7527aa4016e0c272bcbe7c7317caf25f1111a8b7418abbcd690dbc2c37269c6ee414a85e69b2183165b5fd4ba44df495a52f14d5cb6ba7f85f4ac3374c308090bb0653647896251291e18737cefa72d9306f232627bea2fe06b32f1657e3695be67fdcdff2b63f1b56d32646562be3b09f3a5ef088ef9f1e6cf1e679557c5e98fc79e20cc4642bf6dbaacb8a2fb9f9f093f5143d64e5e50791c8dcb2ca6444a866f509725f0dd744998754ffacd46df30b77cb226c5e245127586af3c82a3ad9b91e7c9ae9748aff14729a477a6fb87f26d282a3ed8fe62f41c5dc63f986f9ca48608382874e22e5a6e67a4356dd78f118726cfff20e2b3e3ff28644a301367085f4b52713e4bd7f07adee17ea90621601249533b69ff6b4f5b6814c357a01a37cd54813d273f78dc7445aea0b882a63044b0899030e2da525d797e7b453e306ff6dda0591ec1cf9e2e263bb88a9d81ef2ae8cdcfb81efe4acf3586f624d737abb4a1a9d38d40077231e575222c387a9d6335219806f74f7bf0b68a7a60e4c44d521d2b06c68264056dc0b89697af526a3412d7c403a26c27a3eeb02f7126383bf9e83a9b01d04f2e570059a351ddd546b09a39a03c543b2eb732794ff04cd770b7bc71cff3cbe626198550271f85e23ce18488c26010a8455098b6eaf8aac94f8c30dc24bc18d8796899d8dc81e09ce0cb8466620be70a84fbfeda274c91696f7b11cff65cc74b9cc7cfab81d67d15d2d38a40c9756da7c11413ac83efa977f7a6a025f1d1036874b5371fec6c3b80d62653470773fea2fbe37fea1d436a6daca70a97a210144cafba6707761e14f55a753744b62cbd3481b4d58e6ec46495d369cfe93bdce049ca32976603a64ac949c54015c17f4916974df4a9e78cf327bce7e81cbcba890eaadbc570cf5aaa3e173fa07ae2c0450858b2a1357c9fa1ba02d06a59612754cb8a40166aa0d69eba3f2d2c4bb68630b0ba604965d7d9e79b3c437d9a65042d09a9611c98db0e2b55ca16a7c400c9e4b2b645801ba8ec0814aada0150cf041f7e62f2093ab28998b408a1cf062a830d91f50733c57e20cb670c3062a957408031a2f94af9a86e2bc221ec2e3795d8a2dac022770c2d258319a6ba9c39d712255fefebb98b527f779be420d1dffef034f784d27c76b75b08df07de5f7bbbe9a259116288b458f5d27bf5d27609b884c3f74bd71fb1378a851d54a6c8a8830103adae6096533875e5c4a71dbc0a533b482fa432465bbda3c082969e477d3d01f8268adcfc95626932236b6d71794d9f95dc6b245940b60d8a1935f4dff998a48fe4377fed59bf1a2090e5eb9d3a127f269f9bbfc60d8e780e4a6fe1d700d9f68da3e2a0d56b910f5484fe726416a05c53a8fa5feb97f9bfd279a8e842ad8b832de91f76fd17b2573f7348bcb2c6537170472250a239acd8c2d3aef1db6b08fad23be9f560d7175cf61117a76a03e6ab7baee9d57299e9f4459c7add5dfd2a61bfc9f346739e2bb207c0fa2a425f99e8ba6ab087a1a483fd48c62814fcf59b16c9ae601eaa58f898f8e9aa8b45c187a3f42655103caf00e95e41f706a26c6680cf60bf1b82a087b59f58f0dee6911ef0a9c5c1c10c1a43e2eddc6b4742aedc56a4bce4db5233c7f82496a8eae54ef03ca4f30a0ac71ad8ccd7dfca7604148962ec4496d22bcf5fca02e48f6c39952655d811990c0d5b1d24aff4f9b4d5d916f2c8f0d13326c9b3d9415810aff69980230d24f0d64abcf88437116ce78f21d12a6afe84bfd0baf1a3fee9b84962256ed18c869bc0ac7ab653124243b31614eea83dfb8739bb42104b930201da3d91f138ab8d9c325b37b0fef833559541cf0813b5240f056e4ea8144a0fb321a15dc70f14750e74611c8b33c7b19bfb7b1163b9661c5cb9c2542d1bb15167f81b2678a8a7bfb594e42979c3ff05190d359d0107d497209f09e51e2cac802d253d3845095b90833727b0c60ace46128c18bda3434f98b07b4c5e99ba7ed2fc3c27419e104d288e60520a8ed0d82b750865a1389296b55692be1f0faa47ccb24080bd994d5a371cb5836259e5e8568a5715bc972a028771306046d102e95611b6bf28145e216d23188ee36d745bd8f6572c349a794a9801ec6bac262ba7a27ede60ddc16607d622ddff86c87cbc33de9843fbc9feb5c305891a6b94d7e3f72de0ee28931447d8bb4e4649bb1f9602e3d8db16887edb8d2e729eec470583f6a6baace12c5bbcaf84fb9c670d7a8ef3f7f6ce2de1f4f934ec0c8b1474caa6106e4dc2cf83d401886dfff36f2df0ef5f43436423214be490b5156bfb866fd517ac84111b487db5bd6c9239f2da63c9265d8b23689a04d24ed7f6d55263cdcbc87154ebb2a55eaeff20521fd05ce280a6e7f832c25768bead4739b94aa287b983b6bbcaed442cb9ebc59342be096eec3ed254ade63d68ad1a539f560b18f93dd83570e833ad41f0c4487d4aa328bedf549e54649b7eb81a0648754b55dc910b04c2dca61c703e6d54a2c8064478fd0a721983f2e93fadaa9da84dac5f51ca604ba0172d6951a20f4fcf13e4379043cbddac02b9041a5c05190be117f922fc77a6b1da715b3a95a3cc64792f96717f16efdd35dc7d0c965a406e54b68d0a0c63463c5a1b3cfe6d7b95f498864267860de9c48562b077c0d089c1284204bbc0f2f03980d4555cccd980c3104d1cfa7ea32baded53192efea1c5c3dbe1e10724737c47ffe9ea78ae7ae0c3381361862b7f66c4ed664f6c0c7a0bb9e3a74dec0d34e89f021faa6bff2873412b62320da18dd290eb58ccf419c3d98ace7860eab5ee1a64108cf3f098f930517a4f1c16e6404f654d2e8c77fcdaa04095dce35da690dc90c69503abcce1a9679a7fda25b5bc800c287ddeaf07f4c3e660e716eec0cabdb299408b369ae5c6532cb006443921eba2b5d4c5945329817f3059b63a799add936b2bce633bca28319ac5846d7ed56dfedd0e0cd4842ea4b9d02555c2192194cd3e139de3136c7c1d6edb7e09c73f42de7f55e43bb430801e0f041a194b7e3acab2adf6c4bf998bd70872fd2351c3d6c915975cd4385a08f261fd95217d7449e65acf8075ebad25c05f42ee5b95186b72162ccadf71e266ec4f4c872c2d3beeb386bcea246d95e80aad52d43ddb6c772b032641f64f90dd88ad27e8a2e3b93956a107a149aad6306cc3c152c4b3dc4ca5877927f8c2e7d02727cdb3eae1afb2a45100d4ea25fcfaf3606638c5de4d77d5c389ed6b697a28e220e52261de38723bd615c20a69f2b956291ff185dbff9c1160807ef4e4b43866a938c8008111565c8be98206841872ffc9d382741acd3932f707a9877e41129e7cefa2157882984aa4fa7f4b41d9d16cc0149e53cc8b3b18c027534a8eb115c9cacd2c496a12e05a0ce9a6874a0300940347945de5282b3d84b7c752cad8a56dee0195fa9af874b03b70d2f27704be8121f76e14376d527fc2d7dc16cf2b1b7a76ed4cfabfdc54c58d532a385a06d7fe7291b40e3916ff73153634aaf4f656114cb10e9530cba6f8ff58830ed0d053edd5c92267460e6627aabb369fea70990c4da5c8773730244b8e71f1d572a3aa093a8853de6a47739f0aa06ce06530b6de9aad5245f9c6ec7af46df4ed93ddbc544553f3c3eeb1c95e94a20adbce427c88cf890aa673f563ad9e537016ee1405b2b5c64eae40d077a48b17617ee0255808dbac312805f65effc7fab2766827a9ad1e561557d2f98fc0c782aa863f05c03254d6035f1d893dd4584c5eed3055044279d111666b56b5962ed27dfab0cc8231edb9810df8c3bc9668531a031df3093f32736f13d008f652bf474557211cbe8ea776b98736cc3b909260bbef834b498a55f5f7143a02bbd41b728edf68db25e6028daaff8c73e1b2210bfbf44380cd5e834ad45f580694bb905c2dbb68d8c2b4ea6beaa0dc8ff4c0f72a30", @typed={0x8, 0x5c, @uid=r13}, @generic="58fbf95cf4c5d9754d3b63316feb2db271f1efa13664447d71", @generic="2ef6d67d28086a6535ecb5b1ffaf4049224dbe83bf9aeb26c54b32fdbe3c2d7f68b0305ef274c8a45f01877bdb18b96e147210767ccb2189b5661cf09109c99240b8f48f453566d68a8d1378f95ce951455bde5fb99b9e54d64042a268bbae7a42d19378c1b24080b0d9011322cb4c046f2d9cdb32f5b49e12da9945", @typed={0x4, 0x8d}, @typed={0x8, 0x13, @ipv4=@multicast2=0xe0000002}, @generic="e4fbb8e5ab4aa099141457823e62261a5cc8bdc2f9d9e2696f282d97eb9028b7b16669e95ec5cde9edbc6019446e57ccb7d02c624fa5c02659e4ac597f220d2e0fb798d341ff4d688aa7e79b37c13be469308ea391ab6a8fd7028a0ad0ed9719cc1130919fb9cfcc5f88143f041cf9586a", @typed={0x8, 0x7, @fd=r0}, @generic="d7254b0bfce6129985eea70b295d189bbdd5a8c876b5d3471a77d1917f69104067b831b9b366c15a6cd663f7c08f7da2fafaace54f1d8504a7a558a3c909e0655c56f5812b735ceccfd3c3663af1c5ed2f57a81b7174c9f01163ef663d58e12fb9276c2aa7f9369832923a32bdaf518842c0eeddb0dd442b5be126291a1df6c5d38df025dd55a5a5e71050453d4817d3db9fa4db8ee569e8a9b8dcb18b9a3bbcaaa5659a5de1afa5e353e54e19b984ec7bb8d728202fcf2d14774d1e761772b970c17eb4005b66e0b5ef48bfa11754c3c54a96f2"]}, @typed={0x4, 0x6}, @nested={0x10, 0x22, [@typed={0xc, 0x68, @u64=0x101}]}, @typed={0xc, 0x7a, @u64=0x80000001}]}, 0x16a4}, {&(0x7f0000003100)={0x14c, 0x40, 0x238, 0x70bd27, 0x25dfdbfd, "", [@typed={0x14, 0x50, @ipv6=@mcast1={0xff, 0x1, [], 0x1}}, @typed={0x1c, 0x3c, @str='vboxnet1securityself\x00'}, @typed={0x8, 0x68, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}, @typed={0x8, 0xf, @u32=0x3}, @generic="4f04d8b80b9d5a68ab953f2599bb6b460faf5e5cbb72156d79d4cab870f09639bba0168cffa4ab0a3dcce9da7622b18404a0acee9a13885a75435a5256d0b6fd606b6b1d313b733dd0cc70b19fcd0f4b81164899ec2c931d32ab4a5d57f4b9b7c37dcae96bb5abf9ea634afd574625edf326d4447887c39e635e5fab4a62da40d68d1fbf76479cf66463f6b8a3717ac5321512df35d67cf152cc28598cfc1757f529da5e3f5e9d1ba1d265bc31a226404ca0db913d1b1f550a8872fc2cf570a8ac0d92c27126135ae6e26d682c280a57eb7a4084fb7f13e8ba83147ba82a266ee86549ba9bbd3a28d7f0ca9c49ff125041652061e9a6d3ccba"]}, 0x14c}, {&(0x7f0000003340)={0x18, 0x18, 0x0, 0x70bd2c, 0x25dfdbfb, "", [@typed={0x8, 0x94, @uid=r14}]}, 0x18}, {&(0x7f0000003380)={0x4e8, 0x20, 0x10, 0x70bd29, 0x25dfdbfd, "", [@typed={0x64, 0x3d, @binary="50d2a975126b2d643cf718abd66642debb4805483db5d6de2089fa3b9c201499eaa6e407627a7e86db882852fdeb0cfe436c118d905a9e3e083aee90b34b84f9b23eaa59b104469ccafd549953165e1917632c98bac3f8aa29f548895c2a2ccf"}, @typed={0x14, 0x60, @ipv6=@mcast2={0xff, 0x2, [], 0x1}}, @nested={0x254, 0x43, [@generic="a17b52980ba5e26ca3c517658ea90de1755746f8623167b964462da12605f62257aff74e91c8839177784408129de635b0761343663e831c1c09683f4063f3b410a8c03b044d106f9bfa1e1aba20ee903335d444f5c281b3e4eb84cb4f06957714713a15de4923b6e5c53f15e0fb357bc83c1b97e952760e8dd84edf8b752163656a17620eee7f10c67694e61d57eca645f2f9a6ec1910cd3908dd46d07b17c3", @generic="d3161c75f13c1703785eab2eaaa8d8f9ebd1d6dcb5af76a689b26cb84a70b5ff4b0381f0adaa31072516eacfe2995b91be47b0abf064cf6fe6cdefd4130d7c9c21a99e977461b150592cd7f5a3f4874d3d4314eea9992cb30621ab0271281ddeac3d85750204dad8046c304143004cc5b4734c7b6f8b623c5e02840e70d72dfbb87328647ccb447c041d1757c34ab13bf4", @typed={0xc, 0x0, @u64=0x4}, @typed={0x28, 0x80, @str="2147504c6d696d655f7479706576626f786e65743147504c5e5b6e6f646576fc00"}, @generic="38c0188b901a643b4c328800a061fc4f09d3264565851aa93994db2fefc1f4b2573084ca6886f44a54f897ab5e823a8218257f5c4f7d68c72b8a30639029f925929cf31297edebeaef3ae8985a033c8e6e135564c2aef0df0fb5f0fa900c8693baccec978502d25a84d9b7b591126726ce9cec416522b1801011fcc20d458152fa53110b25277288eb7c53bc67f98d0e03b5152defc2e95d57add8507e341580a032ddf9506fdc974a83b96f1567685e0b6e4a7eeedc7900f8452ead36bbee624920d86e2cc74eced2417be0f8dc36c715c181b8933b981e92b802f4bd4c6a", @generic="5e400184403846d7208474"]}, @nested={0x1e0, 0x7, [@generic="e218c4f9ef3bf57c284495c42db506124220090c09d65b18c883deab2dbedea90144a87399363e839c59a9ec592d56b0e5972f0258a60b402c8ba38b425ac49491c9783c5a70a959b53094722a49de6e1ce85c7900ba09b0644daccc350da620add770e438c3e9dc917f599743551e42c8496f97fcb41e3256afe810c1d994a02d4a782fbf1274e1df3b0b0ecb90dd4a04a05416fc69bdf7729cf93e", @typed={0x8, 0x36, @fd=r0}, @typed={0x18, 0x4c, @str='/dev/qat_adf_ctl\x00'}, @generic="eaa293f89b735d87f82eeb763b7d532eed07a50fad242aace8a9fe1c1d89dd375c2d540b4e70ec6646a32d3051090dbcb9b60905d07eac0d3c", @typed={0x24, 0x34, @binary="adc1c5ae49dbfa5d78c409a388375bbd2d192cd7fea5ff1e76c67efdabcdaa"}, @typed={0xc, 0x1b, @u64=0x8}, @generic="ca03784494ec6b4a7fbae74ea1d8f0d9f0440e1393e4514d5e2c1b8e97c623324d01424f383b77c5f2fd0fa5516140a7f6172ce2c0d845d2d602ec3bb1c1d394407eb2e8186795a6c00ed3bfed0cea2f41179a02d1d7314d328a3e22ef2c38e89bdca43265b9703ffeaf84fa48e592d0315ca3d33a55c141db2e9979a8985dd08f6088e32dc9e675146ffc6dc64d9213209d17baa4752a08ed5a7d9ba14e25822796cbf5f7", @typed={0x4, 0x1c}, @typed={0xc, 0x9, @u64=0x6}]}, @typed={0x8, 0x39, @pid=r3}, @typed={0x14, 0x4a, @ipv6}, @generic="489b1e84ebfb450c4968b8f161c6"]}, 0x4e8}, {&(0x7f0000003880)={0x30, 0x3c, 0x102, 0x70bd29, 0x25dfdbfe, "", [@nested={0xc, 0x23, [@generic="cc24a201ac3731"]}, @typed={0x14, 0x15, @ipv6=@remote={0xfe, 0x80, [], 0xbb}}]}, 0x30}], 0x8, &(0x7f0000003c00)=[@cred={0x20, 0x1, 0x2, r3, r15, r16}, @rights={0x28, 0x1, 0x1, [r0, r9, r7, r5, r1, r8]}, @cred={0x20, 0x1, 0x2, r3, r17, r18}, @cred={0x20, 0x1, 0x2, r3, r19, r20}], 0x88, 0x4}, 0x40801)

[  123.088850] binder: BINDER_SET_CONTEXT_MGR already set
[  123.106126] binder: 10734:10739 ioctl 40046207 0 returned -16
[  123.157882] FAULT_INJECTION: forcing a failure.
[  123.157882] name failslab, interval 1, probability 0, space 0, times 0
[  123.169280] CPU: 0 PID: 10750 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  123.176126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  123.185488] Call Trace:
[  123.188101]  dump_stack+0x1b9/0x29f
[  123.191755]  ? arch_local_irq_restore+0x52/0x52
[  123.196440]  ? __save_stack_trace+0x7e/0xd0
[  123.200788]  should_fail.cold.4+0xa/0x1a
2018/04/06 01:05:36 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x2, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  123.204869]  ? perf_trace_lock+0xd6/0x900
[  123.206889] binder: BINDER_SET_CONTEXT_MGR already set
[  123.209029]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  123.209083]  ? zap_class+0x720/0x720
[  123.209103]  ? sctp_sendmsg+0x1888/0x1d70
[  123.209123]  ? sock_sendmsg+0xd5/0x120
[  123.214622] binder: 10758:10759 ioctl 40046207 0 returned -16
[  123.219488]  ? __sys_sendto+0x3d7/0x670
[  123.219505]  ? SyS_sendto+0x40/0x60
[  123.219529]  ? do_syscall_64+0x29e/0x9d0
[  123.219549]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  123.219569]  ? graph_lock+0x170/0x170
2018/04/06 01:05:36 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000000)=0x3)
r1 = dup2(r0, r0)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  123.219594]  ? print_usage_bug+0xc0/0xc0
[  123.261981]  ? perf_trace_lock_acquire+0xe3/0x980
[  123.266838]  ? graph_lock+0x170/0x170
[  123.270750]  ? find_held_lock+0x36/0x1c0
[  123.274836]  ? lock_downgrade+0x8e0/0x8e0
[  123.279000]  should_failslab+0x124/0x180
[  123.283077]  kmem_cache_alloc_trace+0x4b/0x780
[  123.287674]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  123.292873]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  123.298422]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  123.302760]  sctp_add_bind_addr+0xf9/0x4a0
2018/04/06 01:05:36 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000000)=0x3)
r1 = dup2(r0, r0)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  123.307009]  ? sctp_bind_addr_free+0x20/0x20
[  123.311427]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  123.316633]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  123.321840]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  123.326875]  sctp_copy_local_addr_list+0x499/0x690
[  123.331821]  ? sctp_defaults_init+0xe50/0xe50
[  123.336328]  ? get_random_bytes+0x34/0x40
[  123.340488]  ? sctp_association_new+0x135/0x21e0
[  123.342425] binder: BINDER_SET_CONTEXT_MGR already set
[  123.345267]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  123.345288]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  123.345313]  sctp_copy_one_addr+0x5d/0x170
[  123.345331]  ? sctp_copy_one_addr+0x5d/0x170
[  123.345350]  sctp_bind_addr_copy+0x16b/0x45b
[  123.345370]  ? sctp_copy_one_addr+0x170/0x170
[  123.362535] binder: 10761:10765 ioctl 40046207 0 returned -16
[  123.365588]  ? sctp_autobind+0x16d/0x1f0
[  123.365608]  ? sctp_do_bind+0x5f0/0x5f0
[  123.365631]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  123.365649]  ? sctp_v6_scope+0x56/0x60
[  123.365669]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  123.365681]  ? sctp_sendmsg+0x125e/0x1d70
[  123.365702]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  123.416581]  ? __local_bh_enable_ip+0x161/0x230
[  123.421268]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  123.426296]  ? lock_sock_nested+0x9f/0x120
[  123.430546]  ? trace_hardirqs_on+0xd/0x10
[  123.434706]  ? __local_bh_enable_ip+0x161/0x230
[  123.439394]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  123.444943]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  123.450146]  sctp_sendmsg+0x1888/0x1d70
[  123.454149]  ? do_raw_spin_unlock+0x9e/0x2e0
[  123.458568]  ? sctp_id2assoc+0x3e0/0x3e0
[  123.462627]  ? _raw_spin_unlock_bh+0x30/0x40
[  123.467036]  ? __release_sock+0x3a0/0x3a0
[  123.471192]  inet_sendmsg+0x19f/0x690
[  123.474985]  ? ___might_sleep+0x2d0/0x320
[  123.479127]  ? ipip_gro_receive+0x100/0x100
[  123.483456]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  123.488983]  ? security_socket_sendmsg+0x9b/0xd0
[  123.493739]  ? ipip_gro_receive+0x100/0x100
[  123.498054]  sock_sendmsg+0xd5/0x120
[  123.501771]  __sys_sendto+0x3d7/0x670
[  123.505565]  ? SyS_getpeername+0x30/0x30
[  123.509618]  ? wait_for_completion+0x870/0x870
[  123.514213]  ? __sb_end_write+0xac/0xe0
[  123.518180]  ? fput+0x130/0x1a0
[  123.521447]  ? ksys_write+0x1a6/0x250
[  123.525241]  ? SyS_read+0x30/0x30
[  123.528682]  ? mm_fault_error+0x380/0x380
[  123.532828]  SyS_sendto+0x40/0x60
[  123.536274]  ? __sys_sendto+0x670/0x670
[  123.540243]  do_syscall_64+0x29e/0x9d0
[  123.544118]  ? vmalloc_sync_all+0x30/0x30
[  123.548256]  ? _raw_spin_unlock_irq+0x27/0x70
[  123.552741]  ? finish_task_switch+0x1ca/0x820
[  123.557225]  ? syscall_return_slowpath+0x5c0/0x5c0
[  123.562143]  ? syscall_return_slowpath+0x30f/0x5c0
[  123.567067]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  123.572500]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  123.577338]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  123.582518] RIP: 0033:0x4552d9
[  123.585705] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  123.593402] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  123.600657] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  123.608028] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  123.615285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  123.622549] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000007
2018/04/06 01:05:37 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000000)=0x3)
r2 = dup2(r1, r1)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2018/04/06 01:05:37 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40046207, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:37 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x9}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:37 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x200000000000000, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:37 executing program 1 (fault-call:2 fault-nth:8):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:37 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x2002000000000, r0, &(0x7f0000000200)}])

2018/04/06 01:05:37 executing program 5:
socketpair$inet(0x1e, 0xa, 0x8a, &(0x7f0000001ff8)={<r0=>0x0})
timer_create(0x0, &(0x7f0000001780)={0x0, 0x8, 0x5, @tid=0xffffffffffffffff}, &(0x7f0000001800)=<r1=>0x0)
timer_getoverrun(r1)
sendmmsg(r0, &(0x7f0000001740)=[{{&(0x7f0000000000)=@nfc={0x27, 0x1, 0x0, 0x7}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000080)="6cc66ee5fe010da4493ae53389b176631e9d691665be97b66142a15cfb387392bfbf398efaaa084dcffa00866a2fa2682c0a7aef76b2c3e322f5e152a65049066ccca488b783cb03132012282cef0a9ae7d7182b194a0c6e371fbfe52f18974cde9f3982e3fd951ba538b721d9ed871c700e15652550777a7c82a5bb55f553bce87b", 0x82}, {&(0x7f0000000140)="c372b2624f5b80feb457c49b91e0b5130ecfaac421ac6624ff8877c5b1dc54669547a69eca", 0x25}, {&(0x7f0000000180)="082a6ba109898f9b691edec1aa6fbdeb2531b15914fc4f44ccf6dd9abbd955ee8428576798c7732ff9ffede6cac153d3794211ace86dc55c5956e1c57796fe26a6231449903b2ddd21a02375575292bbeac9b6f55668edb2092dcc5aef8a0bb646730738fa165025b8c865dba4b83b93c03042fa21a8e5fc5477befa0d89712adde61e4f36daa6", 0x87}], 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="b000000000000000ad00000009000000db83fca8a6465b5672acde3b983aec709c918c628d393c752c6fcedb9e9e93fb64d6b997eab1d9b958b5a7f084bdb12930c33bbafa7074e681748b35de390c77fe7a23957065e4d727766f247e9f816ef9e8f452d11f310745b4ad4f94545a4dfd2d5fbc27fd4dc453325164feedce90d14a11e1eb5e3f48775f8346f740720ef851ad73f36cc588959973c93d20cb69cb6c112af37d8c9c2800000000000000b0000000000000000c01000000000000ebeb34870c0ed17e1a6c62115c3f5912359c10e54db8197d33604a2d295654709a3c7e8460a4da325c2b6326ad3507a0d1e0a741685f69586d33102dd4349eb72be1aa3e277cd2af9b46d53c0e56c46d391cb9f3ab38af15e1ea4ca807613d8de0806f59f6d14540761d997b2df010a9ac3554fb61b87cf8223e748a6a6fdd62ff71618f46e1bf675402644f14f619023fd0fca9498f1b9b5703ebbd3043e8efb0000000000000000f010000020000000edc74a309f5130c2229c8fa1d57c2cbcee888dac58d7c0a55ea351b65c7d67c835ef435d5458ad67109bbfc72f2379417841a6f718393c5e9f35bedb0160400e5c88f7f0667129943e43f05183f2e1e3373875147ef37ed6630eeeb8341a99212f4b966e656fffa0432d12f7ee53e6bea8821f036679b31578bec8236053b8ab6cf32dfe40c045a5d460a14981e825d1580c23157e49ed784db2339bf46f25b080100000000000000000000000000003d25831488e7e9f6c489c993739ab823cfad3c880e61f2979c6a6b012193ce4e24d8fc61e74f708458fd5cb5622056504288ae68b17cc364862e88b73ac66beb99fafa1432a74a369ffefe9447bba357198cc535e9090d661e8eb4d86c6ab852e077e9af7b5ea7b8f7a0b19b5967799b75d858effcb73f841967281bb547cb16a4ea4166740f7ec3cbef6c2f3caf2b6271a36276f44540b5deaa2b7e043ad074cf78e5f5de2d5cc709a29cd7787e1a0bb5743dbdcda0a16c70459ac0561f6e75a399d3d5fded60f2e6c6a37dfc47c8850481e3e42c3a7b5a6b011852fa709f034b057dfd7cfdc4c8848c57ff7120e5dca40000000000000078000000000000000000000008b600002104e4e49d0121783d9a0de8fe1aaceda6f6705792e525e4264309f925d979c152d1a1020e87b637b7470737a6ea858238a88181035f87948478242ade03f7ca7fc0a9afbbbf9686b0621bb10f32f661433d9b3540d05141fe0ea3d91bb887f3f3536d000000000010100000000000008f010000c80300005794822ba84fb861a3d50697ba1ff6949816cd7a66261ce718d88aaafc288a7ef8eca5b6890698c50bc069d9863f46fdc9a74d34248828a5db75e1237dfc86f0438b8503baa1ffd0feb5a8faa14714280d36088bb5287c32fec1a415405489db6b704f585ce296c72c5179ef0502c5f7f6b877fbb155ebcbef95dd3cedcc8cb362aa9ee2458c44ceeb9ff0425560ebf4e3b5809016b0cf931d7b6e3e4b520d88258d30131632a48164e7f81fdebed5745696fdd0ad0616797095573105add408a73e993d856a972b133b0147cc8c4c409f0460750856b6cf08c8b587d2eeb97ff0a117272bf3ad7502d5f0ca1a5381631e49c8b73a37c2986d6c8e524017c201a9828572d08807b55f0031b7ffb161d590b87cd29c2da70600000026ee0b627e4201c8493ecaac4a6fd0135116e7c284790d1f4c01c0a597c4a007247cdd58d2c2fe9157418ba7b759b3e14bdbd0ddfddaf306e4ab7398a082990f0f743dbced81fc32bfcb3a42e35b1977ece057f9741cd2e55ed720ad85335c8d291a6874685a6dadbc3c663395f76e9a180c629b05995789cb3e0c95e66bc3176e5d61166032a18220318321142eded18dacc1f6a75bfa8b1d7308186a24e1e33fe763c357573bc2384b07721892c38fc7d008f9da85a4bb96024dee248213ad222da831d3a2fca68af35485fa51e0e418a9d7d29d1df1c39065c60195731d82dd7011c4d8f5036faddd7e40bbbe47e54fa512b8c50f3038bd2a17903f5c4985b3efa832e2d9ef4011571451d294c14f02a6aeb5123901974ef9a0e65e5aa2c674945382f7c4495f614a10647eb27c28fa18d04a534ad4dc82c38c80a6c77de54488d96334925d1eaf3363d43c758831ca2f6ad155034f7799e6e7215abce5c473146ad5f161c2886f646fe5b9459d35136960653d0fa8a1d245650b0e0bd89117149352df901f5b446c3edc949c13beb9b5728a23973a2d3849aeb61fd5d3f412e2369d6217aa53e8ff09d044bb9ed0e942ac5bba0fce37748d36d362ad6fff7d935dbc5b8523860022461cdac373560382189d1489228cbd3bc2e8a375bf1f306bb660f72b4d05dac20a47657d6c3c609c46851b6ff3d31db4f4f7b0501578eafc791a6004a96dbe27c142a47b5e9152403be8d1e73a6448680ee35a9b494822f15f2da5b45129c342a616e9334a6ce1c815b7a0418d009a980da8d1eb40ce6812dbd1f3d6d047ad0bcb41e0a6f835e4f5e9aff3ec0e2fbadcdb199295adae1fd591e81456cc98b5649332912bcf36da5bd7ef4eff810f8a2f0a07a9594dc1b2f1c233273ba100e35eec1c65c2ec246de7f1902dd2970406b705de5e2eab2332f772600c1fcafaf8738b9111394dbfd56adcabb934fd092a08ad8f04a049c7eb52b615b627bc8b73dac0cccad047870cdf2f6256b20fefc50cb82d879edbe1b3649879cfb60c43bd415cd61681474dcbf1625dbcf2b76b79e3db756b4661ac24c45f9ddd56322b1f25270c8974e0dd48f3f5549f04bf3f6f0c16e5c5b72880befa710f8bce8dc4589ced08343a7f62f2fac3fd4a9778e18e89433c8906b628ddf28deeaca4b03bde18d9c86618d090747acba0e0240e8d71c49b0a9d2a2cac248d27cc88e32d1f87cf2daeae54e5b055cd8ba32216ee1b91564af18d33f144ca2edecfb4985ee2599a9389b9268148da823b157dfc1823c36fde92e3e3a731ac464b25238af146386a8c4254e65f75539cc9c8645b9763e1e094e64ef6fdc1d4403fce0c7bbd6c6e9aee66d5a1d65d314bb7f4255ec98ed0d8e6cfd8a2625f9c9f320ef3750e535c04e84cc99b5d959726efbb100ae4448c6cf77cace9755930028ec4756645a06b82b31f300a174beed11f1aadac8ea6b955f889baf9735d71a5b051dac38bbf62b628f1a9380d2b03d7978698ad5a4bff1a85907df459afcda85bbb28989c52a398d1a8baf64316c52478a85da077cdf0d3108a197c90bb8ded952ba58991cdb533073f85fcbb7eed6076f9b3c348768795b38749f79d08a1b4fb3058733fb25d386c3425d7a0d30de0e57f114298f97a67426574faf5ea5ab5532feb4e43c52e8eb0bf38dc188c2796f63f1232baac2214841fd702957e4be585dd1f30f34cc7741225111d2dd81dab2f8ecd8e8a479c78a198c02263884ef37edf2fc65eacecbcf54b92c4c6cf468d3060e18a7a140b61e2477a75be8f8c0a87fbdbdb04dcb718fd08b5faa84ac40cad48f8727070a91812b7c07ad2029da5e6d5416a3701817922c2590181803da0080703e9b351cc1ae3b090841ac1909b50673da5f1188c5cf19b12c54225a1300517addf0315357e0d3def1ba267db25c255ff8fcb96f217df99fef959d9af8342343064c901d9cc18ccf7ae7d7a785f7001c74187a113759ee8c2c8598f0365b246c7d054cd3ca175f63bdb007ec59ace9223c27d77115430a97d458a696425563453fadcb589c9994ee965893d1a4e627e234052427b50c23273bcb2ea4cd689a7f30e4c85a212669f590362f706fb7be3262c70e4e130015bbe426b3d0a8908fcdb47ea221ccb4fd82f3af6731592b353ead3d0b27f97a3372edaea122c56d3eb57723ee5bc4cfe4cffb2bb7c8a04dabac4b5dfde0b977fe85896d7034e54990c340bf907da6749fa65bc601d1f70affb7d113d0f55b466ac4bee19b2e87f57617121ea7e8483d89e85871f72272ff47b7ef3806f98e89e3e4707669138fb3f70018d3684eceba099937257ca7f60d41df8bb242bb802bec10404da805110e508af218c87bb98061bdc1c7827375e20dade6422f8660d4a2fec7ef2c5a33e432b329b8f6d4a21de49250d011857f951fbbee5c791e890091f4ba5e3769d904816426cb6dad82fd80b2910c5549f4807e11a33c0a9be0e478b77f9d76fd8ec7b8d26bf25eb4c24957655b42cc5f25eb8f44b1f0d18b0cd8a88b547c71d090cd1c686a580f3c603b77b39c35836f7b133f21b4abf065acf72106a2c8ad828ba92a8484ffd7c57ad30400abb1f25f6cd34c9d393b8e5c4cfb3dbbf2c8ba7ab50d09086f726487138fce1220a7da6bc6f7b333c75fea296828c8d982dd2e37fd578ededee642988aba05fb8190a04361fd180da388fb7fe0faefa9b15f2946b8767d806ac0cf0459bb24f461fc56b1ca17823aea03a19e3ad3318e11f4219573d75cebae2795877744a394b8ee6ceea659342bbfe3282852abbdc437ee7b09b992e815f87e7a15e015d00cdc81f5cd50d911057ca0dc94f76179ad4839fc8b9518ecfb16f01fc4b3305826777779c0aa67e9f4fa436373f7ccd12bbe01d91eb49920cee27d496e24a1b74ed3e84e16c6c8af507d8e8fc4488352a38ebaea50d8058270167d06219c06fcb14cc2491d4a49eb9d4b834deac5908ee8276f929aeffca1011bdb5d4b113a8e216b69fa1395fa4bb6457a9a5e0156f2abb0d1caafc905ad2a67b5bbbee95ce8b4053aa5de75a8f3ca3cdcd6fc00893f9f6901c5858d02c058cd33f6a1f480913b6fb3312041a83e4e943bb62a5ac48fe3d60d1adeb7303e944981ebe9cbc4bb89f009169494cb8f3c23a51124115b39141b1201fc929d595d0f2831e6e25c34f4e9a4966116fb6273c83b39fa31dc36205a748716cbb164032e451c8615592f3b74cabd726da2c6d33d367670a9563f1005a3d1bdb4dd2b13bdf1281581dc5f220bcf8748a3c4451f1b6b8bd27ec69661ad0b52271b582cd61bdb2c02b1c935e3bfd404ded1461735ac1118e71604ce7c5eb3cfc7d4f31c479faa4800241cf5ea3ae3beb8867f3152f1ed666a13c9c5e2addd3a8ad0b262a61e44a70a89790a8ee1343145b3083761d6581b58a61a638b7cb2cd3177a02d78ca049241df1489eb415b513268d99ff9844b9043ad324c94041a3df62d4ab09dc108c2c9aa18d6a09bb068e1c66a73f5f433ab540284ae3e672e3113ec139a6e22663dabde1756caa4bb6563e9aaab0ce60aa822d1c205e64412fb5ed7847bdd44974f83a566c0981ca136413e4dfc4e16cfd3576956d7312f96502149ba9e64fac2cdfdc54cfae80e72827806f908eb06d6197ab14fa0971076d930eb9bda4d8d85717be85ed362e3a2d8b3002c5da976e87013642b767e2dac5f99f7be312e25bbe5dc276e2b35e3d8847a2fcef8068b031e3fcd0548a3fc03f27351a74e13c04b5b8b0bdb18a9caebe401538002d0249e08ff9dec1c8949cb95194b45784deedc79b76fa2dba05dc5c0078b634d78fc07ff67d26dfcb14ae3f6412f09daabc4d196a17e3b63a7fdfe3dc3e07900f6086b66c4109cc48772665021e76394dbbbbfe294b0fb48a3791cfcb6bcefedc73af9624e250da6bfcc7a40f266a9f37830dcac9ca372fd75a975334cf715d31018fab19a58255aa695278fed816ce245d002a9af1c14d0d73a463af4fcc8f6b21a1be6df48fe61060a006f15156046180338cd0bd6e6349a3bb6e7e03c5e1fa288c77fb3481e7f2de77ab99474743f7bfe937e857c8356fb48db1ecd3cbe817e64ac3c8f22567e30e9c58639475ad2a5f7a318a01c2c275473835ca63796b6597f5c2dca41924cb5b52d130f5970561ebb4090bab8c3dfdc6d4eaa666f627b146ef7b38fbc2e1f2a542d8da50aa7badd2344181384d858379509ac7cc0505cdc993b4bba7b441e018538890e86531f1f4abf65f03d2b2ba5cbb3ac133a1ed56b23c70898af1476b566464e7456da58a7cbdd4b3152aee8f80b1daca9cc06a387b3d12059def017019fd76b6097b7b3a428dbc45ba32ed5e656fe094647f562e6797b56bc33ba5348057b5a27188727192857b7b4e6afb915c16f7448bfc07d2c22ab5baecddcdc88ad3705bf74a83b5439c85b251a18b68bcf1dbbe7e260c2464bd1ead7ec53c48681a90c6887db238c312299f1dc1d4e8ca36c4d9d225035d97c112dc9efccb347db5cc4384211d443eef0c80619150530688dd0133ba729cd072b6404d63f41fd78cce89224a09090c044c3dafdd7640302d897bd6402be45d03173e518cd7c443b977cfe240e742d27e4b6478583ede8fd7939dc8e893343ad43aef3dc59b4656150ccf758a25cb437ad7e783b7ab4d48b264dd9e7945354bfbb351daf5f5023dc016ecbb3a6b278595a729e8542a814ffcdab5bd998adcc0f8fafe4f867a6585cb72fe0b9ecc11e965c0017a77c6ddc54f2221706f64e62128a95dcc29d5f85801251eaf2b338ae08df480f11cb4285fdd0740cd557c8445efb52a35a74bf4ba34efb3d44d4a69248e57106fcbd2afedccc9df9217e8d3da82801e2f03d23588d0271530d78784912391cf4b02456ff0eb34cf09661b45d1b6ea410249842ecab122244876b23185075b0d0883d2a9ac8978a2550b61f054d0cd3f6316c184dc88911ef1846a8b5e8f8e190014011ffc7884db484ea67f37945bf07e9d249a3061078835cd4a7fe843dfe67c7ac2611b41bc72c59c3c6bbabfb3d3a964aa518f208db587192617698c7deb9e5f786f52d787e2f2c10834ba3a504fde2a3442d4d88cc21bef8a7f87b657fdd10140d720bf8ca6a0f8f47f4e59ee4af2c2e31c412a37678f16fae0a4f5dcbf88bab956a933cbc2de1963aec8f2929270f38cce25d69410bb488fbe1202356f5c2206b1649bc954322a7bb100dafa1a4c15005307a36f3b6705897a5855fecf882a952e4b8015b31137a949af47de7ead19cacf4361472b1a8c1b5fe256683ce38db14020a670a04a549a16eea4b5dad244cb3bc33d4f001f084425027d6feb0138ff8bbaa0616344f4e2024c100100000000000001000000190500006692e46e4415bc82cef02a220e623a43a86a1af29f832d4a719a9aedeacbdfbccea6487007fd62b120a5da7e199c64f5b2fd841b81cacf787623bc28caa76923d903dab2059ec9a71d09c419687655aaaf23c453c2a694c36c4897ed2d8e0230c6c338fa264172029d0f2bcfa607d5e1d44b45dc5746b6b47ebcf716c02087fc4a41e944701c7be69a74dbcaff8c52a9462450b60c0184f6d7878b7cd799d5f3ff3c6417c1db749212f2c5a329c4dfaacbebaaa302b3caf85d22ee30719ec5de44c28ad6a3c8cf9a61412aad4ba114819711614f97809de32e816c75105a45ee95bebea546b424a6a5f4b8088d1ce21808db1ea7839c9eefd36d875ce2000000"], 0x14b0, 0x40}, 0x4}], 0x1, 0x4)
sendmmsg(r0, &(0x7f0000001c00)=[{{0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000000c0)}}, {{&(0x7f0000001b00)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}}, 0x80, &(0x7f0000001bc0), 0x1e5, &(0x7f0000003000)}}], 0x2, 0x0)
r2 = syz_open_dev$dmmidi(&(0x7f0000001dc0)='/dev/dmmidi#\x00', 0x800, 0x20007f)
sendmsg$unix(r2, &(0x7f0000001d80)={&(0x7f0000001880)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000001900)="a51bdd49b457c2a84133c5ac070e0ad28637afa84a097d3acee87e8abe050bcd36752f33efda9153f5a5ac909f7fc13b84b1b4cc21fc337dde42f38a7d683538c326306700425b5c5d115523638407ddc0e9e0e6073f658d706947be999f610039a6f8fb5c77c883e7a1823474a65224c98402b9087296c8c9e41428bb045cedd1f92a7f9bb034b3528a788eba029568a4b7471d624de57e004b0cc894d7287fd17c58de847466ac292f43c1798829489978fe5f22c5737b82cb628acd7fd6af972df86ae9f1b5a2554aaec77e84ca79ea58f6d948885b34538d0f20ab8c60f394a920ba4ea4895c2245b5a286f510aa0b7c876db8e8c15141ec8c", 0xfb}, {&(0x7f0000001a00)="9c28bb5c39e916d97607c6ec4bdf3101c15f6718aedff6b12aac6c5765f8196eada3cd3ecfce9cd5d90bad00922078b0ff780e6b45a0", 0x36}, {&(0x7f0000001c80)="f7b0722841eb89e8e63676b941a8ca8c418330c7202b38fa9ae41bd23702fa678d9405a381610c2f6409feb547755dbda115588caccd5e7f7413f3132c6b9b252057734fd34c263627714a82ec72322ba637750c8b6febcc83d4f74f1323d8ca3cc5b64a63ebc8253ba079972623bd2ebc92d313be0ab20f48fbce25c635606ba0567fb4044deb441527181b06005b42d957ae46fb3f89690d37050ad467627382b723bb02ae4820049bd07fe714d31e7b340c2a2d7d316e58181110aff04520dbc5747ae141cee0cd568a1db0feea7def75aab17f48a0b1d068", 0xda}, {&(0x7f0000001a40)="f25a1ec27e65bf8f44864e3ff8dec633cfe80518a2d6cf618571004c17d0b3530b33a746752daa1a32111926a9ea4fba5ae5ec5c3586", 0x36}, {&(0x7f0000001a80)="14f6bde22bcc4ca4a75077682f54cb35461b4ecdb9958936af80b7512935d539692e681b39378f3564efbf663adbe3400b368c648b414a6843605b76b7744d19fc63eba6f863f6fc36b9942e5e2416b70015ec5302bb971e7f7b241a269922c7a0874f4c2d186063770c2afd934a033d5a7da352704935741dc291", 0x7b}], 0x5, 0x0, 0x0, 0x1}, 0x800)
inotify_add_watch(r2, &(0x7f00000017c0)='./file0\x00', 0x1000000)
setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r2, 0x111, 0x3, 0xfffffffffffffff8, 0x4)

2018/04/06 01:05:37 executing program 6:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0)
r1 = socket(0x3, 0x6, 0x100000001)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000200)=0xc)
setreuid(r2, r2)
connect(r1, &(0x7f0000000180)=@nfc={0x27, 0x1, 0x1, 0x6}, 0x80)
preadv(r0, &(0x7f0000000340)=[{&(0x7f0000000040)=""/62, 0x3e}, {&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f0000000080)=""/46, 0xfffffffffffffec6}, {&(0x7f00000000c0)=""/31, 0xfffffff7}, {&(0x7f0000000240)=""/89, 0x59}, {&(0x7f0000000100)=""/4, 0x4}, {&(0x7f00000002c0)=""/83, 0x53}], 0x7, 0x0)
ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000000a000000010000800200000009000000040000000008000000080000000000000000040000000000"])

2018/04/06 01:05:37 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x15}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:37 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000000)=0x3)
r2 = dup2(r1, r1)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2018/04/06 01:05:37 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x4000000, r0, &(0x7f0000000200)}])

[  124.214893] binder: BINDER_SET_CONTEXT_MGR already set
[  124.223788] FAULT_INJECTION: forcing a failure.
[  124.223788] name failslab, interval 1, probability 0, space 0, times 0
[  124.235161] CPU: 1 PID: 10791 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  124.242013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  124.248156] binder: 10789:10806 ioctl 40046207 20008fd0 returned -16
[  124.251363] Call Trace:
[  124.251390]  dump_stack+0x1b9/0x29f
[  124.251411]  ? arch_local_irq_restore+0x52/0x52
[  124.251426]  ? __save_stack_trace+0x7e/0xd0
[  124.251448]  should_fail.cold.4+0xa/0x1a
[  124.251468]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  124.265886] binder: BINDER_SET_CONTEXT_MGR already set
[  124.268804]  ? kasan_kmalloc+0xc4/0xe0
[  124.268825]  ? kmem_cache_alloc_trace+0x152/0x780
[  124.268843]  ? sctp_add_bind_addr+0xf9/0x4a0
[  124.268861]  ? sctp_copy_local_addr_list+0x499/0x690
[  124.268878]  ? sctp_copy_one_addr+0x5d/0x170
[  124.273333] binder: 10789:10810 ioctl 40046207 0 returned -16
[  124.277238]  ? sctp_bind_addr_copy+0x16b/0x45b
[  124.277254]  ? sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  124.277268]  ? sctp_sendmsg+0x1888/0x1d70
[  124.277286]  ? inet_sendmsg+0x19f/0x690
[  124.277304]  ? sock_sendmsg+0xd5/0x120
[  124.277320]  ? __sys_sendto+0x3d7/0x670
[  124.277338]  ? SyS_sendto+0x40/0x60
[  124.345921]  ? do_syscall_64+0x29e/0x9d0
[  124.349996]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  124.355369]  ? graph_lock+0x170/0x170
[  124.359186]  ? print_usage_bug+0xc0/0xc0
[  124.363255]  ? graph_lock+0x170/0x170
[  124.367058]  ? find_held_lock+0x36/0x1c0
[  124.371114]  ? lock_downgrade+0x8e0/0x8e0
[  124.375264]  should_failslab+0x124/0x180
[  124.379335]  kmem_cache_alloc_trace+0x4b/0x780
[  124.383917]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  124.389094]  ? __sanitizer_cov_trace_cmp2+0x18/0x20
[  124.394108]  sctp_add_bind_addr+0xf9/0x4a0
[  124.398334]  ? sctp_bind_addr_free+0x20/0x20
[  124.402731]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  124.407911]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  124.413435]  ? sctp_v4_scope+0x19b/0x1c0
[  124.417482]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  124.422659]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  124.427663]  sctp_copy_local_addr_list+0x499/0x690
[  124.432583]  ? sctp_defaults_init+0xe50/0xe50
[  124.437759]  ? get_random_bytes+0x34/0x40
[  124.441894]  ? sctp_association_new+0x135/0x21e0
[  124.446643]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  124.451821]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  124.457349]  sctp_copy_one_addr+0x5d/0x170
[  124.461571]  ? sctp_copy_one_addr+0x5d/0x170
[  124.465968]  sctp_bind_addr_copy+0x16b/0x45b
[  124.470364]  ? sctp_copy_one_addr+0x170/0x170
[  124.474855]  ? sctp_autobind+0x16d/0x1f0
[  124.478903]  ? sctp_do_bind+0x5f0/0x5f0
[  124.482866]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  124.488391]  ? sctp_v6_scope+0x56/0x60
[  124.492274]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  124.496924]  ? sctp_sendmsg+0x125e/0x1d70
[  124.501080]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  124.506516]  ? __local_bh_enable_ip+0x161/0x230
[  124.511173]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  124.516173]  ? lock_sock_nested+0x9f/0x120
[  124.520389]  ? trace_hardirqs_on+0xd/0x10
[  124.524521]  ? __local_bh_enable_ip+0x161/0x230
[  124.529173]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  124.534694]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  124.539868]  sctp_sendmsg+0x1888/0x1d70
[  124.543919]  ? do_raw_spin_unlock+0x9e/0x2e0
[  124.548317]  ? sctp_id2assoc+0x3e0/0x3e0
[  124.552367]  ? _raw_spin_unlock_bh+0x30/0x40
[  124.556769]  ? __release_sock+0x3a0/0x3a0
[  124.560914]  inet_sendmsg+0x19f/0x690
[  124.564700]  ? ___might_sleep+0x2d0/0x320
[  124.568859]  ? ipip_gro_receive+0x100/0x100
[  124.573168]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  124.578691]  ? security_socket_sendmsg+0x9b/0xd0
[  124.583431]  ? ipip_gro_receive+0x100/0x100
[  124.587740]  sock_sendmsg+0xd5/0x120
[  124.591457]  __sys_sendto+0x3d7/0x670
[  124.595246]  ? SyS_getpeername+0x30/0x30
[  124.599295]  ? wait_for_completion+0x870/0x870
[  124.603864]  ? __lock_is_held+0xb5/0x140
[  124.607924]  ? __sb_end_write+0xac/0xe0
[  124.611889]  ? fput+0x130/0x1a0
[  124.615154]  ? ksys_write+0x1a6/0x250
[  124.618947]  ? SyS_read+0x30/0x30
[  124.622384]  ? mm_fault_error+0x380/0x380
[  124.626521]  SyS_sendto+0x40/0x60
[  124.629957]  ? __sys_sendto+0x670/0x670
[  124.633917]  do_syscall_64+0x29e/0x9d0
[  124.637786]  ? vmalloc_sync_all+0x30/0x30
[  124.641927]  ? _raw_spin_unlock_irq+0x27/0x70
[  124.646405]  ? finish_task_switch+0x1ca/0x820
[  124.650887]  ? syscall_return_slowpath+0x5c0/0x5c0
[  124.655801]  ? syscall_return_slowpath+0x30f/0x5c0
[  124.660717]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  124.666068]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  124.671529]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  124.676703] RIP: 0033:0x4552d9
[  124.679879] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  124.687586] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  124.694842] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  124.702096] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  124.709347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
2018/04/06 01:05:37 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
socketpair$inet6(0xa, 0x800, 0x9, &(0x7f0000000040))
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r1=>0x0}, &(0x7f0000000180)=0xfffffffffffffda8)
setuid(r1)

2018/04/06 01:05:37 executing program 6:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_DEASSIGN_DEV_IRQ(r2, 0x4040ae75, &(0x7f0000000080)={0x7, 0x3, 0x5, 0x1})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000000)="c7c604000000660f38823bf30f011fb9730200000f32360f07b9d80a00000f3265660f2ed10f090f0092ffffffffc1b28f00000001", 0x35}], 0x1, 0xe8414d58d2b3f0ec, &(0x7f00000000c0), 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000280)={0x80000a0003})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:37 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x1000000, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:37 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5421, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  124.716598] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000008
2018/04/06 01:05:37 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x1000000, r0, &(0x7f0000000200)}])

2018/04/06 01:05:37 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000000)=0x3)
r2 = dup2(r1, r1)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2018/04/06 01:05:37 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x20000310}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:37 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x2000000, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:37 executing program 5:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x22000, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x1, {0x2, 0x4e21, @multicast1=0xe0000001}, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}, {0x2, 0x4e24, @broadcast=0xffffffff}, 0x280, 0x168, 0x2, 0x1, 0x0, &(0x7f0000000040)='bcsh0\x00', 0x3, 0x0, 0xa90})
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000068f50)={{0x80}, "706f7274310000000000000000000000000000000000001000", 0xc7, 0x80003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff})
openat$sequencer2(0xffffffffffffff9c, &(0x7f00004d1ff0)='/dev/sequencer2\x00', 0x1, 0x0)

2018/04/06 01:05:37 executing program 1 (fault-call:2 fault-nth:9):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  124.902252] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:05:37 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  124.956834] binder: 10833:10834 ioctl 40046207 0 returned -16
[  125.073929] FAULT_INJECTION: forcing a failure.
[  125.073929] name failslab, interval 1, probability 0, space 0, times 0
[  125.085458] CPU: 0 PID: 10855 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  125.092403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  125.101756] Call Trace:
[  125.104342]  dump_stack+0x1b9/0x29f
[  125.107959]  ? arch_local_irq_restore+0x52/0x52
[  125.112622]  ? __save_stack_trace+0x7e/0xd0
[  125.116935]  should_fail.cold.4+0xa/0x1a
[  125.120982]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  125.126069]  ? kasan_kmalloc+0xc4/0xe0
[  125.129942]  ? kmem_cache_alloc_trace+0x152/0x780
[  125.134771]  ? sctp_add_bind_addr+0xf9/0x4a0
[  125.139164]  ? sctp_copy_local_addr_list+0x499/0x690
[  125.144251]  ? sctp_copy_one_addr+0x5d/0x170
[  125.148642]  ? sctp_bind_addr_copy+0x16b/0x45b
[  125.153210]  ? sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  125.158906]  ? sctp_sendmsg+0x1888/0x1d70
[  125.163036]  ? inet_sendmsg+0x19f/0x690
[  125.166995]  ? sock_sendmsg+0xd5/0x120
[  125.170891]  ? __sys_sendto+0x3d7/0x670
[  125.174854]  ? SyS_sendto+0x40/0x60
[  125.178480]  ? do_syscall_64+0x29e/0x9d0
[  125.182553]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  125.187905]  ? graph_lock+0x170/0x170
[  125.191694]  ? print_usage_bug+0xc0/0xc0
[  125.195765]  ? graph_lock+0x170/0x170
[  125.199555]  ? find_held_lock+0x36/0x1c0
[  125.203611]  ? lock_downgrade+0x8e0/0x8e0
[  125.207755]  should_failslab+0x124/0x180
[  125.211811]  kmem_cache_alloc_trace+0x4b/0x780
[  125.216408]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  125.221603]  ? __sanitizer_cov_trace_cmp2+0x18/0x20
[  125.226612]  sctp_add_bind_addr+0xf9/0x4a0
[  125.230838]  ? sctp_bind_addr_free+0x20/0x20
[  125.235235]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  125.240412]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  125.245936]  ? sctp_v4_scope+0x19b/0x1c0
[  125.249981]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  125.255158]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  125.260163]  sctp_copy_local_addr_list+0x499/0x690
[  125.265079]  ? sctp_defaults_init+0xe50/0xe50
[  125.269559]  ? get_random_bytes+0x34/0x40
[  125.273689]  ? sctp_association_new+0x135/0x21e0
[  125.278436]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  125.283613]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  125.289157]  sctp_copy_one_addr+0x5d/0x170
[  125.293378]  ? sctp_copy_one_addr+0x5d/0x170
[  125.297782]  sctp_bind_addr_copy+0x16b/0x45b
[  125.302190]  ? sctp_copy_one_addr+0x170/0x170
[  125.306668]  ? sctp_autobind+0x16d/0x1f0
[  125.310715]  ? sctp_do_bind+0x5f0/0x5f0
[  125.314677]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  125.320210]  ? sctp_v6_scope+0x56/0x60
[  125.324081]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  125.328734]  ? sctp_sendmsg+0x125e/0x1d70
[  125.332868]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  125.338305]  ? __local_bh_enable_ip+0x161/0x230
[  125.342977]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  125.347981]  ? lock_sock_nested+0x9f/0x120
[  125.352201]  ? trace_hardirqs_on+0xd/0x10
[  125.356338]  ? __local_bh_enable_ip+0x161/0x230
[  125.360990]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  125.366513]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  125.371689]  sctp_sendmsg+0x1888/0x1d70
[  125.375647]  ? do_raw_spin_unlock+0x9e/0x2e0
[  125.380042]  ? sctp_id2assoc+0x3e0/0x3e0
[  125.384090]  ? _raw_spin_unlock_bh+0x30/0x40
[  125.388487]  ? __release_sock+0x3a0/0x3a0
[  125.392635]  inet_sendmsg+0x19f/0x690
[  125.396424]  ? ___might_sleep+0x2d0/0x320
[  125.400569]  ? ipip_gro_receive+0x100/0x100
[  125.405605]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  125.411132]  ? security_socket_sendmsg+0x9b/0xd0
[  125.415876]  ? ipip_gro_receive+0x100/0x100
[  125.420185]  sock_sendmsg+0xd5/0x120
[  125.423890]  __sys_sendto+0x3d7/0x670
[  125.427679]  ? SyS_getpeername+0x30/0x30
[  125.431728]  ? wait_for_completion+0x870/0x870
[  125.436301]  ? __lock_is_held+0xb5/0x140
[  125.440370]  ? __sb_end_write+0xac/0xe0
[  125.444333]  ? fput+0x130/0x1a0
[  125.447599]  ? ksys_write+0x1a6/0x250
[  125.451386]  ? SyS_read+0x30/0x30
[  125.454835]  ? mm_fault_error+0x380/0x380
[  125.458973]  SyS_sendto+0x40/0x60
[  125.462411]  ? __sys_sendto+0x670/0x670
[  125.466376]  do_syscall_64+0x29e/0x9d0
[  125.470247]  ? vmalloc_sync_all+0x30/0x30
[  125.474389]  ? _raw_spin_unlock_irq+0x27/0x70
[  125.478875]  ? finish_task_switch+0x1ca/0x820
[  125.483410]  ? syscall_return_slowpath+0x5c0/0x5c0
[  125.488330]  ? syscall_return_slowpath+0x30f/0x5c0
[  125.493248]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  125.498597]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  125.503429]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  125.508602] RIP: 0033:0x4552d9
[  125.511775] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
2018/04/06 01:05:38 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x20020, r0, &(0x7f0000000200)}])

2018/04/06 01:05:38 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x2, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:38 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x6202000000000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:38 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306204, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:38 executing program 5:
io_setup(0xba, &(0x7f0000000000)=<r0=>0x0)
r1 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x1, 0x80)
ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f00000000c0)={0x2, 0x0, [{}, {}]})
r2 = socket(0x2, 0x803, 0xff)
connect$inet(r2, &(0x7f0000000100)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)
shutdown(r2, 0x1)
io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000100), 0x2b4}])

2018/04/06 01:05:38 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:38 executing program 1 (fault-call:2 fault-nth:10):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:38 executing program 6:
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x2, 0x630, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200008c0], 0x0, &(0x7f0000000000), &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff02000000030000000000000088f76e72300000000000000000000000000062637368300000000000000000000000726f73653000000000000000000000007663616e300000000000000000000000aaaaaaaaaaaaffff0000fdff1686fb0c91a6ff00ff0000ff0000d00000005002000080020000636f6e6e6c6162656c000000000000000000000000000000000000000000000008000000000000008703fffc00000000766c616e00000000000000000000000000000000000000000000000000000000080000000000000000000300dada02025345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000000000073797374656d5f753a6f626a6563745f723a696e6574645f657865635f743a73300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000049444c4554494d455200000000000000000000000000000000000000000000002800000000000000d700000073797a3000000000000000000000000000000000000000000000000005000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000003000000000000000900000002000000897c6c6f000000000000000000000000000069726c616e3000000000000000000000626f6e64300000000000000000000000697036746e6c300000000000000000000180c200000fff00ffffffffaaaaaaaaaaaaffffff00ffff0000f0020000f0020000200300006c696d69740000000000000000000000000000000000000000000000000000002000000000000000ff0f0000335a00000900000000000000018000003900000001800000000000006270660000000000000000000000000000000000000000000000000000000000100200000000000021000000fdff1f02a1be893d9e0c010301800000018001002000000008000501090000000500ffff04000000010002fdfcffffff0200020026060000ffff780038ffffff04000706090000007e5e0000001000000080091b400000000000ff03010000800000800300000000050002ffffffff7f00000801e6000000001001850400000000027909070000000400ff040fffffff8600e70407000000a8005f06010000007f000200030d000001000107030000000600ff1f080000000900010904000000bc0107960600000020000908050000000000ff0000000800330e020600000000010007ff5de200003a00f713040000000900030948090000ffff09010500000001000500feffffff01000000ffff000000000500010000808100ff96050000000900460109000000080007010600000008000507f48f0000b316cc040200000003001f004d5d0000080001e7d7bbae3794c05844442fce4201ab050000070000f809000000020007d20600000001000a02f2ffffff28080302050000000700030006000000050003030002000006000007000200000700ff090000001001000806810000000100ff08060000000100f808702c0000010004fc0900000007000301ff07000001000007060000002e0d000400000000020003052000000000800600000000800500010704000000ff0302da0700000000007fff0100000004002ef9e0ffffff0180758b0300000000000000880600000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000ffffffff00000000"]}, 0x6b5)
getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, &(0x7f0000000740), &(0x7f0000000780)=0x8)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000000c0)='bcsh0\x00', 0x10)

[  125.519556] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  125.526807] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  125.534060] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  125.541322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  125.548574] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000009
[  125.666266] FAULT_INJECTION: forcing a failure.
[  125.666266] name failslab, interval 1, probability 0, space 0, times 0
[  125.677569] CPU: 0 PID: 10883 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  125.684418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  125.693775] Call Trace:
[  125.694589] binder: 10867:10884 ioctl c0306204 20008fd0 returned -22
[  125.696404]  dump_stack+0x1b9/0x29f
[  125.696424]  ? arch_local_irq_restore+0x52/0x52
[  125.696445]  ? __save_stack_trace+0x7e/0xd0
[  125.715532]  should_fail.cold.4+0xa/0x1a
[  125.719607]  ? perf_trace_lock+0xd6/0x900
[  125.723782]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  125.728896]  ? zap_class+0x720/0x720
[  125.732605]  ? sctp_sendmsg+0x1888/0x1d70
[  125.736750]  ? sock_sendmsg+0xd5/0x120
[  125.740628]  ? __sys_sendto+0x3d7/0x670
[  125.744591]  ? SyS_sendto+0x40/0x60
[  125.748223]  ? do_syscall_64+0x29e/0x9d0
[  125.752277]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  125.757636]  ? graph_lock+0x170/0x170
[  125.761433]  ? print_usage_bug+0xc0/0xc0
[  125.765485]  ? perf_trace_lock_acquire+0xe3/0x980
[  125.770329]  ? graph_lock+0x170/0x170
[  125.774131]  ? find_held_lock+0x36/0x1c0
[  125.778198]  ? lock_downgrade+0x8e0/0x8e0
[  125.782370]  should_failslab+0x124/0x180
[  125.786445]  kmem_cache_alloc_trace+0x4b/0x780
[  125.791384]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  125.796575]  ? __sanitizer_cov_trace_cmp2+0x18/0x20
[  125.801594]  sctp_add_bind_addr+0xf9/0x4a0
[  125.805826]  ? sctp_bind_addr_free+0x20/0x20
[  125.810229]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  125.815409]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  125.820938]  ? sctp_v4_scope+0x19b/0x1c0
[  125.824992]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  125.830177]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  125.835188]  sctp_copy_local_addr_list+0x499/0x690
[  125.841016]  ? sctp_defaults_init+0xe50/0xe50
[  125.845507]  ? get_random_bytes+0x34/0x40
[  125.849667]  ? sctp_association_new+0x135/0x21e0
[  125.854426]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  125.859608]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  125.865143]  sctp_copy_one_addr+0x5d/0x170
[  125.869371]  ? sctp_copy_one_addr+0x5d/0x170
[  125.873777]  sctp_bind_addr_copy+0x16b/0x45b
[  125.878181]  ? sctp_copy_one_addr+0x170/0x170
[  125.882668]  ? sctp_autobind+0x16d/0x1f0
[  125.886721]  ? sctp_do_bind+0x5f0/0x5f0
[  125.890689]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  125.896220]  ? sctp_v6_scope+0x56/0x60
[  125.900109]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  125.904767]  ? sctp_sendmsg+0x125e/0x1d70
[  125.908914]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  125.914359]  ? __local_bh_enable_ip+0x161/0x230
[  125.919025]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  125.924039]  ? lock_sock_nested+0x9f/0x120
[  125.928259]  ? trace_hardirqs_on+0xd/0x10
[  125.932403]  ? __local_bh_enable_ip+0x161/0x230
[  125.937063]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  125.942587]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  125.947780]  sctp_sendmsg+0x1888/0x1d70
[  125.951747]  ? do_raw_spin_unlock+0x9e/0x2e0
[  125.956153]  ? sctp_id2assoc+0x3e0/0x3e0
[  125.960227]  ? _raw_spin_unlock_bh+0x30/0x40
[  125.964642]  ? __release_sock+0x3a0/0x3a0
[  125.968798]  inet_sendmsg+0x19f/0x690
[  125.972592]  ? ___might_sleep+0x2d0/0x320
[  125.976736]  ? ipip_gro_receive+0x100/0x100
[  125.981053]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  125.986581]  ? security_socket_sendmsg+0x9b/0xd0
[  125.991344]  ? ipip_gro_receive+0x100/0x100
[  125.995660]  sock_sendmsg+0xd5/0x120
[  125.999384]  __sys_sendto+0x3d7/0x670
[  126.003185]  ? SyS_getpeername+0x30/0x30
[  126.007243]  ? wait_for_completion+0x870/0x870
[  126.011847]  ? __sb_end_write+0xac/0xe0
[  126.015836]  ? fput+0x130/0x1a0
[  126.019111]  ? ksys_write+0x1a6/0x250
[  126.022905]  ? SyS_read+0x30/0x30
[  126.026369]  ? mm_fault_error+0x380/0x380
[  126.030515]  SyS_sendto+0x40/0x60
[  126.033978]  ? __sys_sendto+0x670/0x670
[  126.037943]  do_syscall_64+0x29e/0x9d0
[  126.041829]  ? vmalloc_sync_all+0x30/0x30
[  126.045965]  ? _raw_spin_unlock_irq+0x27/0x70
[  126.050455]  ? finish_task_switch+0x1ca/0x820
[  126.054944]  ? syscall_return_slowpath+0x5c0/0x5c0
[  126.059870]  ? syscall_return_slowpath+0x30f/0x5c0
[  126.064800]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  126.070161]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  126.075004]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  126.080187] RIP: 0033:0x4552d9
[  126.083366] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  126.091069] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  126.098327] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  126.105588] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
2018/04/06 01:05:38 executing program 5:
mkdir(&(0x7f0000f4eff8)='./file0\x00', 0x0)
mount(&(0x7f0000000040)='./file0/control/file0\x00', &(0x7f000000aff8)='./file0\x00', &(0x7f0000000080)='tmpfs\x00', 0x0, &(0x7f000001c000))
mkdir(&(0x7f0000024ff0)='./file0/control\x00', 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@ipv4={[], [], @multicast2}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000000200)=0xe8)
syz_fuseblk_mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0/control/file0\x00', 0x0, r0, 0x0, 0x0, 0x0, 0x2)

2018/04/06 01:05:39 executing program 6:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f00000000c0)=0x7, 0xffbf)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x112, 0x4)
sendto$inet6(r0, &(0x7f0000000480), 0x0, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x100000002, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c)
recvmsg(r0, &(0x7f0000001740)={&(0x7f0000000040)=@pppol2tpv3in6={0x0, 0x0, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @local}}}, 0x3a, &(0x7f0000001680)}, 0x2000)
connect$unix(r1, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e22}, 0x6e)

2018/04/06 01:05:39 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:39 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x20000200, r0, &(0x7f0000000200)}])

[  126.112845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  126.120105] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000000a
[  126.156526] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:05:39 executing program 1 (fault-call:2 fault-nth:11):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:39 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:39 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0045878, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  126.196322] binder: 10867:10887 ioctl 40046207 0 returned -16
2018/04/06 01:05:39 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x4, r0, &(0x7f0000000200)}])

2018/04/06 01:05:39 executing program 5:
futex(&(0x7f000000cffc)=0x4000000004, 0x80000000000b, 0x4, &(0x7f0000000000)={0x77359400, 0x1}, &(0x7f000001d000), 0x0)
r0 = socket(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f00003ef000)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000e49000)=0x4, 0x4)
sendmsg(r0, &(0x7f0000eeefc8)={&(0x7f0000fef000)=@in6={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f0000437000), 0x0, &(0x7f000056cda0)=[{0x28, 0x29, 0x2, "1d1a2d4ba2f2fffffffffffffffd060000"}], 0x28}, 0x0)
futex(&(0x7f000000cffc), 0x4, 0x0, &(0x7f000000d000), &(0x7f0000048000), 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x10400, 0x0)
getsockname$netrom(r1, &(0x7f0000000140)=@full, &(0x7f00000001c0)=0x48)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x200, 0x0)
sendto$ax25(r2, &(0x7f0000000080)="33b3d70cf362ea055a0464fdb0c2c9f9150f063cf2f1a9e7d07e2231f6037751fb069eb1f3b49c7223588c8ad4a291cfc7c69b", 0x33, 0x0, &(0x7f00000000c0)={0x3, {"dbf0b133fdc8ac"}, 0x10000}, 0x10)

[  126.321218] FAULT_INJECTION: forcing a failure.
[  126.321218] name failslab, interval 1, probability 0, space 0, times 0
[  126.332532] CPU: 0 PID: 10907 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  126.339386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  126.348748] Call Trace:
[  126.351332]  dump_stack+0x1b9/0x29f
[  126.354950]  ? arch_local_irq_restore+0x52/0x52
[  126.359607]  ? __save_stack_trace+0x7e/0xd0
[  126.363921]  should_fail.cold.4+0xa/0x1a
[  126.367972]  ? perf_trace_lock+0xd6/0x900
[  126.372106]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  126.377571]  ? zap_class+0x720/0x720
[  126.381276]  ? sctp_copy_local_addr_list+0x499/0x690
[  126.386399]  ? sctp_bind_addr_copy+0x16b/0x45b
[  126.390968]  ? sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  126.396690]  ? sctp_sendmsg+0x1888/0x1d70
[  126.400824]  ? inet_sendmsg+0x19f/0x690
[  126.404786]  ? sock_sendmsg+0xd5/0x120
[  126.408661]  ? __sys_sendto+0x3d7/0x670
[  126.412620]  ? SyS_sendto+0x40/0x60
[  126.416241]  ? do_syscall_64+0x29e/0x9d0
[  126.420294]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  126.425647]  ? graph_lock+0x170/0x170
[  126.429449]  ? print_usage_bug+0xc0/0xc0
[  126.433506]  ? graph_lock+0x170/0x170
[  126.437299]  ? find_held_lock+0x36/0x1c0
[  126.441356]  ? lock_downgrade+0x8e0/0x8e0
[  126.445511]  should_failslab+0x124/0x180
[  126.449566]  kmem_cache_alloc_trace+0x4b/0x780
[  126.454138]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  126.459665]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  126.465194]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  126.469507]  sctp_add_bind_addr+0xf9/0x4a0
[  126.473732]  ? sctp_bind_addr_free+0x20/0x20
[  126.478128]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  126.483304]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  126.488482]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  126.493491]  sctp_copy_local_addr_list+0x499/0x690
[  126.498413]  ? sctp_defaults_init+0xe50/0xe50
[  126.502895]  ? get_random_bytes+0x34/0x40
[  126.507030]  ? sctp_association_new+0x135/0x21e0
[  126.511780]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  126.516956]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  126.522483]  sctp_copy_one_addr+0x5d/0x170
[  126.526704]  ? sctp_copy_one_addr+0x5d/0x170
[  126.531101]  sctp_bind_addr_copy+0x16b/0x45b
[  126.535497]  ? sctp_copy_one_addr+0x170/0x170
[  126.539975]  ? sctp_autobind+0x16d/0x1f0
[  126.544025]  ? zap_class+0x720/0x720
[  126.547728]  ? sctp_do_bind+0x5f0/0x5f0
[  126.551696]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  126.557223]  ? sctp_v6_scope+0x56/0x60
[  126.561096]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  126.565748]  ? sctp_sendmsg+0x125e/0x1d70
[  126.569887]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  126.575324]  ? __local_bh_enable_ip+0x161/0x230
[  126.579983]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  126.584998]  ? lock_sock_nested+0x9f/0x120
[  126.589226]  ? trace_hardirqs_on+0xd/0x10
[  126.593360]  ? __local_bh_enable_ip+0x161/0x230
[  126.598020]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  126.603548]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  126.608821]  sctp_sendmsg+0x1888/0x1d70
[  126.612787]  ? do_raw_spin_unlock+0x9e/0x2e0
[  126.617183]  ? sctp_id2assoc+0x3e0/0x3e0
[  126.621250]  ? _raw_spin_unlock_bh+0x30/0x40
[  126.625656]  ? __release_sock+0x3a0/0x3a0
[  126.629798]  inet_sendmsg+0x19f/0x690
[  126.633584]  ? ___might_sleep+0x2d0/0x320
[  126.637809]  ? ipip_gro_receive+0x100/0x100
[  126.642119]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  126.647642]  ? security_socket_sendmsg+0x9b/0xd0
[  126.652388]  ? ipip_gro_receive+0x100/0x100
[  126.656697]  sock_sendmsg+0xd5/0x120
[  126.660408]  __sys_sendto+0x3d7/0x670
[  126.664201]  ? SyS_getpeername+0x30/0x30
[  126.668266]  ? wait_for_completion+0x870/0x870
[  126.672866]  ? __sb_end_write+0xac/0xe0
[  126.676835]  ? fput+0x130/0x1a0
[  126.680105]  ? ksys_write+0x1a6/0x250
[  126.683982]  ? SyS_read+0x30/0x30
[  126.687422]  ? mm_fault_error+0x380/0x380
[  126.691564]  SyS_sendto+0x40/0x60
[  126.695006]  ? __sys_sendto+0x670/0x670
[  126.698977]  do_syscall_64+0x29e/0x9d0
[  126.702849]  ? vmalloc_sync_all+0x30/0x30
[  126.706988]  ? _raw_spin_unlock_irq+0x27/0x70
[  126.711476]  ? finish_task_switch+0x1ca/0x820
[  126.715960]  ? syscall_return_slowpath+0x5c0/0x5c0
[  126.720882]  ? syscall_return_slowpath+0x30f/0x5c0
[  126.725822]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  126.731178]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  126.736025]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  126.741207] RIP: 0033:0x4552d9
[  126.744382] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  126.752077] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  126.759343] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
2018/04/06 01:05:39 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x2, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:39 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x400300}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:39 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  126.766597] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  126.773853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  126.781108] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000000b
2018/04/06 01:05:39 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x4}])

2018/04/06 01:05:39 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x100000000000000, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  126.879336] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:05:39 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x6202}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  126.906447] binder: 10905:10912 ioctl 40046207 0 returned -16
2018/04/06 01:05:40 executing program 6:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000307ff7)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
unshare(0x200)
r2 = eventfd2(0x0, 0x0)
socketpair$ax25(0x3, 0x7, 0xc7, &(0x7f0000000080))
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x0, &(0x7f000002d000), 0x0, r2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x0, &(0x7f000002d000), 0x0, r2, 0x4})
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x3e, &(0x7f0000000100)="9f4ccd43955e5b3861f9134c850f612b690f061e7f7a89d392852e8d15d2a60efafdb56ff8fadc63743d05451a38fcebaa3b273a0cba71485c7674b8cf7e17e0f551df5802dd58379e477ec3f33107d8af48546df3fa5dcdf7f817fd841f1485c13a883f", 0x64)

2018/04/06 01:05:40 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x100000000000000}])

2018/04/06 01:05:40 executing program 1 (fault-call:2 fault-nth:12):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:40 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5451, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:40 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:40 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x200000000000000, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:40 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = dup(r0)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000000)=0x2, 0x4)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f00000000c0)={0x3, 0x0, [{0xa, 0x0, 0x0, 0x1}, {0x1}, {0x7}]})

2018/04/06 01:05:40 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xfffffffc}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:40 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xfffffff0}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  127.890207] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:05:40 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:40 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x1000000, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:40 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x1000000}])

[  127.928568] binder: 10947:10958 ioctl 40046207 0 returned -16
[  128.012085] FAULT_INJECTION: forcing a failure.
[  128.012085] name failslab, interval 1, probability 0, space 0, times 0
[  128.023478] CPU: 0 PID: 10975 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  128.030329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  128.039696] Call Trace:
[  128.042306]  dump_stack+0x1b9/0x29f
[  128.045955]  ? arch_local_irq_restore+0x52/0x52
[  128.050644]  ? __save_stack_trace+0x7e/0xd0
[  128.054993]  should_fail.cold.4+0xa/0x1a
[  128.059084]  ? perf_trace_lock+0xd6/0x900
[  128.063251]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  128.068372]  ? zap_class+0x720/0x720
[  128.072138]  ? sctp_sendmsg+0x1888/0x1d70
[  128.076310]  ? sock_sendmsg+0xd5/0x120
[  128.080215]  ? __sys_sendto+0x3d7/0x670
[  128.084207]  ? SyS_sendto+0x40/0x60
[  128.087850]  ? do_syscall_64+0x29e/0x9d0
[  128.091931]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  128.097309]  ? graph_lock+0x170/0x170
[  128.101129]  ? print_usage_bug+0xc0/0xc0
[  128.105204]  ? perf_trace_lock_acquire+0xe3/0x980
[  128.110063]  ? graph_lock+0x170/0x170
[  128.113888]  ? find_held_lock+0x36/0x1c0
[  128.118773]  ? lock_downgrade+0x8e0/0x8e0
[  128.122943]  should_failslab+0x124/0x180
[  128.127023]  kmem_cache_alloc_trace+0x4b/0x780
[  128.131629]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  128.136840]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  128.142394]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  128.146746]  sctp_add_bind_addr+0xf9/0x4a0
[  128.151099]  ? sctp_bind_addr_free+0x20/0x20
[  128.155522]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  128.160733]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  128.165938]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  128.170975]  sctp_copy_local_addr_list+0x499/0x690
[  128.175930]  ? sctp_defaults_init+0xe50/0xe50
[  128.180442]  ? get_random_bytes+0x34/0x40
[  128.184611]  ? sctp_association_new+0x135/0x21e0
[  128.189397]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  128.194617]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  128.200174]  sctp_copy_one_addr+0x5d/0x170
[  128.204420]  ? sctp_copy_one_addr+0x5d/0x170
[  128.208860]  sctp_bind_addr_copy+0x16b/0x45b
[  128.213285]  ? sctp_copy_one_addr+0x170/0x170
[  128.217792]  ? sctp_autobind+0x16d/0x1f0
[  128.221872]  ? sctp_do_bind+0x5f0/0x5f0
[  128.225868]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  128.231415]  ? sctp_v6_scope+0x56/0x60
[  128.235435]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  128.240108]  ? sctp_sendmsg+0x125e/0x1d70
[  128.244255]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  128.249715]  ? __local_bh_enable_ip+0x161/0x230
[  128.254381]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  128.259386]  ? lock_sock_nested+0x9f/0x120
[  128.263609]  ? trace_hardirqs_on+0xd/0x10
[  128.267745]  ? __local_bh_enable_ip+0x161/0x230
[  128.272402]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  128.277926]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  128.283108]  sctp_sendmsg+0x1888/0x1d70
[  128.287078]  ? do_raw_spin_unlock+0x9e/0x2e0
[  128.291483]  ? sctp_id2assoc+0x3e0/0x3e0
[  128.295543]  ? _raw_spin_unlock_bh+0x30/0x40
[  128.299947]  ? __release_sock+0x3a0/0x3a0
[  128.304100]  inet_sendmsg+0x19f/0x690
[  128.307889]  ? ___might_sleep+0x2d0/0x320
[  128.312036]  ? ipip_gro_receive+0x100/0x100
[  128.316356]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  128.321881]  ? security_socket_sendmsg+0x9b/0xd0
[  128.326624]  ? ipip_gro_receive+0x100/0x100
[  128.330952]  sock_sendmsg+0xd5/0x120
[  128.334659]  __sys_sendto+0x3d7/0x670
[  128.338454]  ? SyS_getpeername+0x30/0x30
[  128.342517]  ? wait_for_completion+0x870/0x870
[  128.347113]  ? __sb_end_write+0xac/0xe0
[  128.351081]  ? fput+0x130/0x1a0
[  128.354349]  ? ksys_write+0x1a6/0x250
[  128.358140]  ? SyS_read+0x30/0x30
[  128.361580]  ? mm_fault_error+0x380/0x380
[  128.365731]  SyS_sendto+0x40/0x60
[  128.369172]  ? __sys_sendto+0x670/0x670
[  128.373138]  do_syscall_64+0x29e/0x9d0
[  128.377013]  ? vmalloc_sync_all+0x30/0x30
[  128.381160]  ? _raw_spin_unlock_irq+0x27/0x70
[  128.385643]  ? finish_task_switch+0x1ca/0x820
[  128.390127]  ? syscall_return_slowpath+0x5c0/0x5c0
[  128.395056]  ? syscall_return_slowpath+0x30f/0x5c0
[  128.399978]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  128.405338]  ? trace_hardirqs_off_thunk+0x1a/0x1c
2018/04/06 01:05:41 executing program 5:
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff})
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_RM_MAP(r1, 0x4028641b, &(0x7f0000000380)={&(0x7f0000ffc000/0x3000)=nil, 0xe800000000000000, 0x1, 0x24, &(0x7f0000ffd000/0x3000)=nil, 0x3})
sync_file_range(r0, 0x1, 0x3, 0x4)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
r3 = add_key(&(0x7f0000000240)='big_key\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$restrict_keyring(0x1d, r3, &(0x7f00000002c0)='id_legacy\x00', 0x0)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff})
setsockopt$RDS_GET_MR_FOR_DEST(r4, 0x114, 0x7, &(0x7f0000000180)={@vsock={0x28, 0x0, 0xffffffff, @reserved=0x1}, {&(0x7f00000000c0)=""/118, 0x76}, &(0x7f0000000140), 0x8}, 0xa0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b9fdc)={0x2, 0xf092, 0xe238, 0x0, 0x3, 0x0, 0x200000, 0x0, 0x2, 0x5, 0x7})
r5 = syz_open_pts(r2, 0x0)
dup3(r5, r2, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f0000000040)=0x8)

2018/04/06 01:05:41 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:41 executing program 5:
r0 = socket(0x11, 0x802, 0x0)
r1 = syz_open_dev$tun(&(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'ifb0\x00', 0x3b03})
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={'ifb0\x00', {0x2, 0x0, @dev={0xac, 0x14, 0x14}}})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f000001a000))
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x2})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000080)={'syzkaller0\x00', {0x2, 0x0, @dev={0xac, 0x14, 0x14}}})
dup3(0xffffffffffffffff, r3, 0x0)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
getsockname$netlink(r4, &(0x7f0000000100), &(0x7f00000001c0)=0xc)

2018/04/06 01:05:41 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  128.410176]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  128.415352] RIP: 0033:0x4552d9
[  128.418532] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  128.426239] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  128.433493] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  128.440749] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  128.448006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  128.455273] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000000c
2018/04/06 01:05:41 executing program 1 (fault-call:2 fault-nth:13):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:41 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x2000000, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:41 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:41 executing program 6:
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$llc(r0, &(0x7f0000000040)={0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10)
recvfrom(r0, &(0x7f0000000080)=""/126, 0x7e, 0x0, &(0x7f0000000100)=@nfc_llcp={0x27, 0x0, 0x1, 0x7, 0x80000001, 0x4, "e36779aa717eac02e9d91a56643363bea4242feedca10341094314d86c61b1f478eb12e8c7e0f81806e83eecc317f69e3f59bc2346cb018c436f295b83fea5", 0x90c}, 0x80)

2018/04/06 01:05:41 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc018620b, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:41 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x100000000000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:41 executing program 5:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000000)={0x1f}, 0x8)
listen(r0, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x8, 0x40a000)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000080)=0xfd1f, 0x4)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r1, 0x114, 0xa, &(0x7f0000000200)={0x3, "f46a52"}, 0x4)
getsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000100)={@rand_addr, @empty, <r2=>0x0}, &(0x7f0000000140)=0xc)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={@mcast2={0xff, 0x2, [], 0x1}, @dev={0xfe, 0x80, [], 0x1a}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x8, 0x10001, 0x500, 0xce07ae7, 0x30004, r2})
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000040), 0x2)

2018/04/06 01:05:41 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x20020}])

[  128.629712] FAULT_INJECTION: forcing a failure.
[  128.629712] name failslab, interval 1, probability 0, space 0, times 0
[  128.641084] CPU: 0 PID: 11006 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  128.647936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  128.657308] Call Trace:
[  128.659918]  dump_stack+0x1b9/0x29f
[  128.663568]  ? arch_local_irq_restore+0x52/0x52
[  128.668256]  ? __save_stack_trace+0x7e/0xd0
[  128.672597]  should_fail.cold.4+0xa/0x1a
[  128.676661]  ? perf_trace_lock+0xd6/0x900
[  128.680813]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  128.686008]  ? zap_class+0x720/0x720
[  128.689746]  ? sctp_sendmsg+0x1888/0x1d70
[  128.693885]  ? sock_sendmsg+0xd5/0x120
[  128.697760]  ? __sys_sendto+0x3d7/0x670
[  128.701725]  ? SyS_sendto+0x40/0x60
[  128.705339]  ? do_syscall_64+0x29e/0x9d0
[  128.709390]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  128.714745]  ? graph_lock+0x170/0x170
[  128.718540]  ? print_usage_bug+0xc0/0xc0
[  128.722589]  ? perf_trace_lock_acquire+0xe3/0x980
[  128.727432]  ? graph_lock+0x170/0x170
[  128.731228]  ? find_held_lock+0x36/0x1c0
[  128.735298]  ? lock_downgrade+0x8e0/0x8e0
[  128.739438]  should_failslab+0x124/0x180
[  128.743492]  kmem_cache_alloc_trace+0x4b/0x780
[  128.748069]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  128.753247]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  128.759121]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  128.763434]  sctp_add_bind_addr+0xf9/0x4a0
[  128.767660]  ? sctp_bind_addr_free+0x20/0x20
[  128.772055]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  128.777234]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  128.782434]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  128.787460]  sctp_copy_local_addr_list+0x499/0x690
[  128.792383]  ? sctp_defaults_init+0xe50/0xe50
[  128.796954]  ? get_random_bytes+0x34/0x40
[  128.801091]  ? sctp_association_new+0x135/0x21e0
[  128.805842]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  128.811032]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  128.816561]  sctp_copy_one_addr+0x5d/0x170
[  128.820783]  ? sctp_copy_one_addr+0x5d/0x170
[  128.825183]  sctp_bind_addr_copy+0x16b/0x45b
[  128.829582]  ? sctp_copy_one_addr+0x170/0x170
[  128.834064]  ? sctp_autobind+0x16d/0x1f0
[  128.838113]  ? sctp_do_bind+0x5f0/0x5f0
[  128.842078]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  128.847602]  ? sctp_v6_scope+0x56/0x60
[  128.851478]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  128.856132]  ? sctp_sendmsg+0x125e/0x1d70
[  128.860280]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  128.865719]  ? __local_bh_enable_ip+0x161/0x230
[  128.870378]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  128.875381]  ? lock_sock_nested+0x9f/0x120
[  128.879602]  ? trace_hardirqs_on+0xd/0x10
[  128.883734]  ? __local_bh_enable_ip+0x161/0x230
[  128.888389]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  128.893911]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  128.899108]  sctp_sendmsg+0x1888/0x1d70
[  128.903071]  ? do_raw_spin_unlock+0x9e/0x2e0
[  128.907492]  ? sctp_id2assoc+0x3e0/0x3e0
[  128.911548]  ? _raw_spin_unlock_bh+0x30/0x40
[  128.915948]  ? __release_sock+0x3a0/0x3a0
[  128.920096]  inet_sendmsg+0x19f/0x690
[  128.923887]  ? ___might_sleep+0x2d0/0x320
[  128.928029]  ? ipip_gro_receive+0x100/0x100
[  128.932343]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  128.937878]  ? security_socket_sendmsg+0x9b/0xd0
[  128.942621]  ? ipip_gro_receive+0x100/0x100
[  128.946942]  sock_sendmsg+0xd5/0x120
[  128.950646]  __sys_sendto+0x3d7/0x670
[  128.954437]  ? SyS_getpeername+0x30/0x30
[  128.958661]  ? wait_for_completion+0x870/0x870
[  128.963250]  ? __sb_end_write+0xac/0xe0
[  128.967216]  ? fput+0x130/0x1a0
[  128.970484]  ? ksys_write+0x1a6/0x250
[  128.974274]  ? SyS_read+0x30/0x30
[  128.977714]  ? mm_fault_error+0x380/0x380
[  128.981855]  SyS_sendto+0x40/0x60
[  128.985294]  ? __sys_sendto+0x670/0x670
[  128.989257]  do_syscall_64+0x29e/0x9d0
[  128.993138]  ? vmalloc_sync_all+0x30/0x30
[  128.997273]  ? _raw_spin_unlock_irq+0x27/0x70
[  129.001753]  ? finish_task_switch+0x1ca/0x820
[  129.006236]  ? syscall_return_slowpath+0x5c0/0x5c0
[  129.011154]  ? syscall_return_slowpath+0x30f/0x5c0
[  129.016074]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  129.021441]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  129.026276]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  129.031448] RIP: 0033:0x4552d9
[  129.034623] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  129.042316] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  129.049573] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  129.057867] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  129.065119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  129.073069] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000000d
2018/04/06 01:05:42 executing program 5:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x55, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x0, 0x300)
write(0xffffffffffffffff, &(0x7f0000cc8000), 0x0)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000000180)={{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, {0xa, 0x0, 0x9, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, 0x6}, 0x0, [0x7fffffff, 0x1000, 0x0, 0x0, 0x0, 0x8001]}, 0x5c)
sendto$ax25(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0)
recvfrom$inet6(0xffffffffffffffff, &(0x7f0000000040)=""/102, 0x66, 0x0, 0x0, 0x0)
r2 = memfd_create(&(0x7f0000001380)='bdev#cgroup@\x00', 0x0)
r3 = syz_open_dev$sndseq(&(0x7f0000042000)='/dev/snd/seq\x00', 0x0, 0x8000000000102)
socket$can_bcm(0x1d, 0x2, 0x2)
r4 = dup2(r3, r2)
getsockopt$inet_sctp_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000240)=@assoc_id=<r5=>0x0, &(0x7f0000000280)=0x4)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, &(0x7f0000000380)={r5, 0x43, "68e4c8af9d4a9959c07a38141df02ca2dfc959b80afa246e42b681d473240aeb39ba6e6d32d80254bf023e368874e2dcc82229ec0996a310d7c3731191f142061e0ddc"}, &(0x7f00000002c0)=0x4b)
recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000580)=""/177, 0xb1}], 0x1, 0x0, 0x0, 0x4}, 0x10040)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x1, 0x0, 0x0, "71756575651966e0ca00000000000000000000000000000b00e3001b0000000000000004eb070000000001000000000000000000006d5624f5ea12a00bb20300", 0x10000000})
inotify_init1(0x80000)
write$binfmt_elf32(r0, &(0x7f0000000640)=ANY=[@ANYBLOB="7f454c46fffe9506000002080000000003003f00000000005c030000380000003b030000020000000200200002000400ff0f3573000000000000000000000000800000000100000000feffffc50000000200000000021000c9f8238ff953e1d8117d97f8caf090f208105d9926770db5ca816c661d6d9790876039c90aeb2ebaa25e53a5af9ef2a31bee999194650618d30f86de5cd8bc72e1969c868670be8c028d41498adf354eb73df67652a4a15cf304f82a4e951fd5eed406e8373fbce47421ed90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c8bf9900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x1c4)
write$sndseq(r3, &(0x7f00000000c0), 0x24b)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000200)={0x84, @remote={0xac, 0x14, 0x14, 0xbb}, 0x4e22, 0x3, 'lblcr\x00', 0x4, 0x9, 0x15}, 0x2c)

2018/04/06 01:05:42 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x20000200}])

2018/04/06 01:05:42 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x2, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:42 executing program 6:
r0 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0xffffffffffffffff, 0xfffe)
mmap(&(0x7f000035d000/0x4000)=nil, 0x4000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000200)={0x6, 0xd4})
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc1205531, &(0x7f000035dffc))
statx(r0, &(0x7f0000000080)='./file0\x00', 0x4000, 0xa, &(0x7f00000000c0))
ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000040))

[  129.126897] binder: BINDER_SET_CONTEXT_MGR already set
[  129.145647] binder: 11003:11021 ioctl 40046207 0 returned -16
2018/04/06 01:05:42 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xffffff7f}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:42 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306225, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:42 executing program 6:
r0 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0xffffffffffffffff, 0xfffe)
mmap(&(0x7f000035d000/0x4000)=nil, 0x4000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000200)={0x6, 0xd4})
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc1205531, &(0x7f000035dffc))
statx(r0, &(0x7f0000000080)='./file0\x00', 0x4000, 0xa, &(0x7f00000000c0))
ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000040))

2018/04/06 01:05:42 executing program 1 (fault-call:2 fault-nth:14):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:42 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x400000000000000}])

2018/04/06 01:05:42 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x1000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  129.383609] binder: 11038:11048 ioctl c0306225 20008fd0 returned -22
[  129.449934] FAULT_INJECTION: forcing a failure.
[  129.449934] name failslab, interval 1, probability 0, space 0, times 0
[  129.461242] CPU: 1 PID: 11049 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  129.468087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  129.477452] Call Trace:
[  129.480058]  dump_stack+0x1b9/0x29f
[  129.483696]  ? arch_local_irq_restore+0x52/0x52
[  129.488355]  ? __save_stack_trace+0x7e/0xd0
[  129.492672]  should_fail.cold.4+0xa/0x1a
[  129.496724]  ? perf_trace_lock+0xd6/0x900
[  129.500865]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  129.505960]  ? zap_class+0x720/0x720
[  129.509667]  ? sctp_copy_local_addr_list+0x499/0x690
[  129.514761]  ? sctp_bind_addr_copy+0x16b/0x45b
[  129.519330]  ? sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  129.525033]  ? sctp_sendmsg+0x1888/0x1d70
[  129.529169]  ? inet_sendmsg+0x19f/0x690
[  129.533130]  ? sock_sendmsg+0xd5/0x120
[  129.537009]  ? __sys_sendto+0x3d7/0x670
[  129.540982]  ? SyS_sendto+0x40/0x60
[  129.544597]  ? do_syscall_64+0x29e/0x9d0
[  129.548649]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  129.554004]  ? graph_lock+0x170/0x170
[  129.557811]  ? print_usage_bug+0xc0/0xc0
[  129.561883]  ? graph_lock+0x170/0x170
[  129.565849]  ? find_held_lock+0x36/0x1c0
[  129.569906]  ? lock_downgrade+0x8e0/0x8e0
[  129.574055]  should_failslab+0x124/0x180
[  129.578107]  kmem_cache_alloc_trace+0x4b/0x780
[  129.582684]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  129.587863]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  129.593390]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  129.597708]  sctp_add_bind_addr+0xf9/0x4a0
[  129.601934]  ? sctp_bind_addr_free+0x20/0x20
[  129.606331]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  129.611514]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  129.616692]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  129.621702]  sctp_copy_local_addr_list+0x499/0x690
[  129.626628]  ? sctp_defaults_init+0xe50/0xe50
[  129.631110]  ? get_random_bytes+0x34/0x40
[  129.635249]  ? sctp_association_new+0x135/0x21e0
[  129.640002]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  129.645192]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  129.650722]  sctp_copy_one_addr+0x5d/0x170
[  129.654945]  ? sctp_copy_one_addr+0x5d/0x170
[  129.659344]  sctp_bind_addr_copy+0x16b/0x45b
[  129.663744]  ? sctp_copy_one_addr+0x170/0x170
[  129.668229]  ? sctp_autobind+0x16d/0x1f0
[  129.672276]  ? zap_class+0x720/0x720
[  129.675981]  ? sctp_do_bind+0x5f0/0x5f0
[  129.679957]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  129.685496]  ? sctp_v6_scope+0x56/0x60
[  129.689461]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  129.694118]  ? sctp_sendmsg+0x125e/0x1d70
[  129.698261]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  129.703702]  ? __local_bh_enable_ip+0x161/0x230
[  129.708359]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  129.713363]  ? lock_sock_nested+0x9f/0x120
[  129.717584]  ? trace_hardirqs_on+0xd/0x10
[  129.721717]  ? __local_bh_enable_ip+0x161/0x230
[  129.726373]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  129.731895]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  129.737076]  sctp_sendmsg+0x1888/0x1d70
[  129.741042]  ? do_raw_spin_unlock+0x9e/0x2e0
[  129.745445]  ? sctp_id2assoc+0x3e0/0x3e0
[  129.749497]  ? _raw_spin_unlock_bh+0x30/0x40
[  129.753895]  ? __release_sock+0x3a0/0x3a0
[  129.758051]  inet_sendmsg+0x19f/0x690
[  129.761836]  ? ___might_sleep+0x2d0/0x320
[  129.766069]  ? ipip_gro_receive+0x100/0x100
[  129.770396]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  129.775935]  ? security_socket_sendmsg+0x9b/0xd0
[  129.780677]  ? ipip_gro_receive+0x100/0x100
[  129.784989]  sock_sendmsg+0xd5/0x120
[  129.788695]  __sys_sendto+0x3d7/0x670
[  129.792486]  ? SyS_getpeername+0x30/0x30
[  129.796538]  ? wait_for_completion+0x870/0x870
[  129.801131]  ? __sb_end_write+0xac/0xe0
[  129.805096]  ? fput+0x130/0x1a0
[  129.808363]  ? ksys_write+0x1a6/0x250
[  129.812154]  ? SyS_read+0x30/0x30
[  129.815594]  ? mm_fault_error+0x380/0x380
[  129.819742]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  129.824591]  SyS_sendto+0x40/0x60
[  129.828039]  ? __sys_sendto+0x670/0x670
[  129.832004]  do_syscall_64+0x29e/0x9d0
[  129.835900]  ? vmalloc_sync_all+0x30/0x30
[  129.840046]  ? _raw_spin_unlock_irq+0x27/0x70
[  129.844531]  ? finish_task_switch+0x1ca/0x820
[  129.849020]  ? syscall_return_slowpath+0x5c0/0x5c0
[  129.853943]  ? syscall_return_slowpath+0x30f/0x5c0
[  129.858865]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  129.864221]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  129.869062]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  129.874239] RIP: 0033:0x4552d9
[  129.877416] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  129.885114] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  129.892371] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
2018/04/06 01:05:42 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:42 executing program 5:
r0 = syz_open_dev$usbmon(&(0x7f0000bf5ff3)='/dev/usbmon#\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000215fc0)=[{&(0x7f000087ef6a)=""/1, 0x1}], 0x1, 0x0)
preadv(r0, &(0x7f0000a19fd0)=[{&(0x7f00002ac000)=""/106, 0x6a}], 0x1, 0x0)
timer_create(0x0, &(0x7f00000001c0)={0x0, 0x12}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
getpid()
getpgid(0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000200))
r1 = fcntl$getown(r0, 0x9)
r2 = getpgid(r1)
socketpair$inet6_sctp(0xa, 0x0, 0x84, &(0x7f0000000140))
stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080))
tkill(r2, 0x15)
ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000100))

2018/04/06 01:05:42 executing program 6:
mmap(&(0x7f0000600000/0x4000)=nil, 0x4000, 0x0, 0x44031, 0xffffffffffffffff, 0x0)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000100)={{0x800, 0x0, 0x0, 0x3, "d321715270ff53d6f92fa2a29af73c2d833309cf55d4ea61ded125d443ee68469c4801f8abbe6fb681cb1542", 0x7}, 0x8, [0x99, 0x100, 0x7d8, 0x200, 0x8, 0x4, 0x4, 0x8, 0x6daa, 0x5, 0xe7, 0xd47, 0x0, 0x8, 0x3, 0x4f80, 0xc, 0x9, 0x1, 0xbec, 0x5f3, 0x5c5, 0x4, 0x1, 0x4, 0x3980000000, 0x7, 0x4, 0xffffffff00000000, 0x9, 0x3f, 0x80000000, 0x6, 0x0, 0x4, 0x3ff, 0x8, 0x2, 0x4, 0x1ff, 0x8, 0x40, 0x4, 0x10000, 0x1000, 0x8001, 0x3f, 0x8, 0x2, 0xffff, 0x401, 0x8000, 0x3, 0x8, 0x461e, 0x0, 0x1f, 0x4, 0x7fffffff, 0x5, 0x2, 0xfff, 0xfffffffffffffffd, 0x1bbc, 0x6, 0x10000, 0x3, 0x2f, 0x0, 0x1, 0x8, 0x6, 0x9, 0x2, 0x2, 0x1, 0xfff, 0x5, 0x7fff, 0x4, 0xfffffffffffffffc, 0xe5a0, 0x4, 0xffffffff80000001, 0x6, 0xffffffff, 0x4, 0x2d0000000000000, 0xda, 0x1, 0x6, 0x0, 0x800, 0x1, 0xea, 0x8, 0x1f, 0x6, 0x3, 0xfffffffffffffff9, 0x401, 0x5980, 0xfffffffffffffff9, 0xe9, 0x5, 0x0, 0x0, 0x1f, 0x200, 0x2, 0xa0, 0xffffffff, 0xad3, 0x7, 0x2, 0x6, 0x100000001, 0x5ea, 0x61a, 0xc7, 0xe6, 0x5, 0xf777, 0x3, 0x4, 0x7fff, 0x20, 0x8]})
syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x2, 0x30c00)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0x8010aa01, &(0x7f00000000c0)={{&(0x7f0000600000/0x2000)=nil, 0x2000}})

2018/04/06 01:05:42 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x2002000000000}])

2018/04/06 01:05:42 executing program 1 (fault-call:2 fault-nth:15):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:42 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xc0ffffff}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:42 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306203, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:42 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x100000000000000, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  129.899624] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  129.906877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  129.914221] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000000e
[  129.926141] binder: 11038:11048 ioctl c0306225 20008fd0 returned -22
[  129.929154] binder: BINDER_SET_CONTEXT_MGR already set
[  129.938392] binder: 11038:11060 ioctl 40046207 0 returned -16
[  130.037271] binder: 11065:11078 ioctl c0306203 20008fd0 returned -22
[  130.052577] binder: BINDER_SET_CONTEXT_MGR already set
[  130.061205] binder: 11065:11080 ioctl 40046207 0 returned -16
[  130.086074] FAULT_INJECTION: forcing a failure.
[  130.086074] name failslab, interval 1, probability 0, space 0, times 0
[  130.097394] CPU: 0 PID: 11082 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  130.104238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  130.113589] Call Trace:
[  130.116169]  dump_stack+0x1b9/0x29f
[  130.119786]  ? arch_local_irq_restore+0x52/0x52
[  130.124438]  ? __save_stack_trace+0x7e/0xd0
[  130.128747]  should_fail.cold.4+0xa/0x1a
[  130.132808]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  130.137898]  ? kasan_kmalloc+0xc4/0xe0
[  130.141775]  ? sctp_sendmsg+0x1888/0x1d70
[  130.145909]  ? sock_sendmsg+0xd5/0x120
[  130.149781]  ? __sys_sendto+0x3d7/0x670
[  130.153741]  ? SyS_sendto+0x40/0x60
[  130.157361]  ? do_syscall_64+0x29e/0x9d0
[  130.161410]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  130.166770]  ? graph_lock+0x170/0x170
[  130.170558]  ? print_usage_bug+0xc0/0xc0
[  130.174602]  ? perf_trace_lock_acquire+0xe3/0x980
[  130.179433]  ? graph_lock+0x170/0x170
[  130.183220]  ? find_held_lock+0x36/0x1c0
[  130.187273]  ? lock_downgrade+0x8e0/0x8e0
[  130.191412]  should_failslab+0x124/0x180
[  130.195459]  kmem_cache_alloc_trace+0x4b/0x780
[  130.200035]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  130.205386]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  130.210916]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  130.215230]  sctp_add_bind_addr+0xf9/0x4a0
[  130.219544]  ? sctp_bind_addr_free+0x20/0x20
[  130.223943]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  130.229133]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  130.234312]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  130.239319]  sctp_copy_local_addr_list+0x499/0x690
[  130.244238]  ? sctp_defaults_init+0xe50/0xe50
[  130.248718]  ? get_random_bytes+0x34/0x40
[  130.252852]  ? sctp_association_new+0x135/0x21e0
[  130.257623]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  130.262800]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  130.268325]  sctp_copy_one_addr+0x5d/0x170
[  130.272545]  ? sctp_copy_one_addr+0x5d/0x170
[  130.276940]  sctp_bind_addr_copy+0x16b/0x45b
[  130.281336]  ? sctp_copy_one_addr+0x170/0x170
[  130.285817]  ? sctp_autobind+0x16d/0x1f0
[  130.289871]  ? sctp_do_bind+0x5f0/0x5f0
[  130.293842]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  130.299365]  ? sctp_v6_scope+0x56/0x60
[  130.303240]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  130.307892]  ? sctp_sendmsg+0x125e/0x1d70
[  130.312033]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  130.317470]  ? __local_bh_enable_ip+0x161/0x230
[  130.322128]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  130.327128]  ? lock_sock_nested+0x9f/0x120
[  130.331344]  ? trace_hardirqs_on+0xd/0x10
[  130.335476]  ? __local_bh_enable_ip+0x161/0x230
[  130.340131]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  130.345651]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  130.350824]  sctp_sendmsg+0x1888/0x1d70
[  130.354785]  ? do_raw_spin_unlock+0x9e/0x2e0
[  130.359179]  ? sctp_id2assoc+0x3e0/0x3e0
[  130.363227]  ? _raw_spin_unlock_bh+0x30/0x40
[  130.367621]  ? __release_sock+0x3a0/0x3a0
[  130.371787]  inet_sendmsg+0x19f/0x690
[  130.375577]  ? ___might_sleep+0x2d0/0x320
[  130.379712]  ? ipip_gro_receive+0x100/0x100
[  130.384029]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  130.389556]  ? security_socket_sendmsg+0x9b/0xd0
[  130.394298]  ? ipip_gro_receive+0x100/0x100
[  130.398609]  sock_sendmsg+0xd5/0x120
[  130.402327]  __sys_sendto+0x3d7/0x670
[  130.406378]  ? SyS_getpeername+0x30/0x30
[  130.410516]  ? wait_for_completion+0x870/0x870
[  130.415265]  ? __lock_is_held+0xb5/0x140
[  130.419408]  ? __sb_end_write+0xac/0xe0
[  130.423372]  ? fput+0x130/0x1a0
[  130.426640]  ? ksys_write+0x1a6/0x250
[  130.430426]  ? SyS_read+0x30/0x30
[  130.433867]  ? mm_fault_error+0x380/0x380
[  130.438010]  SyS_sendto+0x40/0x60
[  130.441476]  ? __sys_sendto+0x670/0x670
[  130.445436]  do_syscall_64+0x29e/0x9d0
[  130.449307]  ? vmalloc_sync_all+0x30/0x30
[  130.453459]  ? _raw_spin_unlock_irq+0x27/0x70
[  130.457941]  ? finish_task_switch+0x1ca/0x820
[  130.462421]  ? syscall_return_slowpath+0x5c0/0x5c0
[  130.467348]  ? syscall_return_slowpath+0x30f/0x5c0
[  130.472266]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  130.477625]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  130.482464]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
2018/04/06 01:05:43 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x8000000000000000}])

2018/04/06 01:05:43 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x200000000000000, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:43 executing program 6:
perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(&(0x7f00000000c0)='./file0/bus\x00', &(0x7f0000000140)='./file0/bus/file0\x00', &(0x7f0000000180)='autofs\x00', 0x1000000, &(0x7f0000000240)="5c341adcc9dde428e5bb30269177b087e97cdce7b6d867d0524724ea6efbaddc8ae1c0da5829ca68876b749c1fe30d6e3d25cef2b9d522ee9b1d253c263581fa6700f99ace4e83da5556f1e491e8fda4f29ad5c113c59f3fe30a4a14cb3876fd116266442e002009069b1bd6e62aa050295be40d929df2636c1e5c0205600b0c8c1c7fca75cc9458a37c192d7d819e4552633b50592e362780306fc7edfb32c7e7e77a58afdae7e4a6e70fc35ad19b76ec08abc2b13a39a86b4bfbe5cfbf2bd63606e2194bdd9a28b3fa740594b4be88d2c02e4869f007294cfd383b80a70a6c65554c9ed26954d7765bf11fe5e4986cd92ccec462a95c0fb854b8c854f418dc121ce539b501f90d0039ad07f3a4ac5e7c28d1983f652c53cd3e66ad5f2f98543f6bc2d33bac2ab52684fae2e6a08d5824f29f378227d670d78c8bde3130cbabdeb63ee2f4a93f2aab8faeee04a547925a8c3ca7be7446017225b1c29bd1cee08c70337431f2179863756ae2063bfc9d894e2ef74094e31c088696292dadd0a524200d8e15885c745d1f1e3d97e76ed1e446b4ff2a3c50351317dcced49f35b293ad9b526f734650b9bb25626a2da838dc29919448123ee4dab7d2ca7c58b5865f2f5cae870f23dcee271a26a3162961aa7e655d7552385463359f1e1bffc53f4e23f8a744aff3996fbc975a3e54c3b5e0583a6b29305555a08aa8b104681272770898f99cb265035bbd59d32d8fab0818f1d3ba89a28624d22006f3e0ae636298fd548e64f62bf248d710c650470b4e1f9ce238d2087fee672cfbf2dfdc592ad4cffd942446f1b27ae2dc35f8ed6459f36e53933fcbc34744669f5ae7f922a4c674690585a29d2bbca24b42394b58b85c6858e94c99c36adf8760d9ddb417867f492886210afd6a887c22b60d3b1c0ecbf313c7643877f891825b457318e1d5d1dde0824ead17a58b04fb6db6d143284c686fae170fb22a5a04cff19ae02ab99a436dbf95691c4480f58eb8f51ca8dee2443def4b797390fa4b2a2086ae22b67e2948da2a09aadbd17d621c9fba4417a28a7352d57ad674c9de848555711baa9c5ab0ea461014fb3daf4d03839fdefe7b23cb4a34d65bd04f56a329935966e10ffb0a1f9724ca391f46259ba79e363622c646bd7f6b1f77f08012906d5ab371a36c3ab5a126e0f649594be0d677483256a393603e8056a90732aa312a10ca7676d8a8099538d8c481f26d92ff94589fcc970da86ab2f56b6a2350aa72d2a098241e3b9396774ee9eed969467a6b0c3c781f81abadf77ad4f7145b54e7d8e6fbc509d60870a463228740715feabbaa3b620d859ef694af89ca3cc6963f85b1cf987fdda1a12fa716a0c5e7d62c967eb408c93aad54788624ca171fbc66c6c2cdffefd35278a8eed0af1989c107f47f06fc322973177a3ebdf3ad4b36bbd46cd7c53edce3c61bcb902fef40eeb2fdaaf7d42eeff9fc85f5eeb30f79ca5b38263e2dd8d1525958b24af76a7d473fbdbb106074587f72cf782e6fbe65419a6cde84591b6e8b6c72048f3487da51e4301094c9ded864e5f77c8081f20b4f49e8eac03bef9d3013a384b1676106d8c0d619e2674a9232ab1b5dabe488e54d4062f6f09c2126719f96a43d427aeaa0f17d20bf3407570e9c1566b615eacc4923d396e10b76b4a5f29faaf5b7d34a53424b32da69189d15d333eca889269b58590d5f70b0cb120a4193c06b2b167f00e2983e0e38f169293a6499879d009ec58b441cfefe304f5cb852e20ea1edce2cf783d48dc012b7388aefa07f530a5ffdd9e9ca51e4dcb477202f1fcac1ef1b0108fffcb84035ecf3f279452694ffe0dacfdcb7443b41ee846318ca76e441c86ee7041708826ac71dcccce8ad95228a04f66273393aa84f83891cab4aabd2db04fbde84810fcd6d430643e7ce6db80c30c2ffdbacee7ac81e74f9f3ba2fcff68eef27e665e40639d1066e74d4080b8a9a3127b828dd726a2a5676557cf20a238cec779818b7e3dfa5ddbf0e95be540a57faa5eec42b6fbcf9357c0bb01061cba2c16b06ed859ed6f2264949b127620474640cc1a9b21121324eacf76e9af7b89aecb1ad2c08bd747dbc36fe2a8f7cc0f1d28331622d7485ffa1894e8861074719309780951d7fdcfd533326d922fc42b505de7e9a97961b27dcee1127bfc46a49b884252c5e697bab0bcfb8e90788865b87bace95381dd68e239a8fe5eb7cd50d714d91bf0d76ef42fce93d948d03fe2e34a9d216f856bd40c5ba9d98c71ee392f876696f6b631b66fdc8da9ff8f60997d868b64abfebb0345fd1d316bdada6be2e6df7afdade73c4a469e7a6c9a89952c71566143db6589329b9b86c3e8652ca57ec38189d36f2dcfacfa4c43b574bbdf9cbfcf133256e4c18e24e421c98a5ef880a39b8a203d3a1f0b1fc8da21bb1148aab2c41dc22ceea96abfab0122e3ac54b7def29f34544cd4eab58dbf67f45f9fce3a14a4d2e2f1313617440a4791cb26ff243656984822114074064732d506aedc6798c0cd124cf9cfd28deac6c50840038b8e8b234acef5bc9969a4e5b1cc35717f5d5f77174bc3fcb3be4ff868869f4c5c90686a24711f3bc212ce58a4161518d4b8ff05dd2a794def8de825c30f5b109379229af8e482f6639f0a3261bbc7bc3c74d4b20da3c961d929c8e13f81196d521f77facdea2ada5f768159e88769be5b132f1c862d7dd6ee0cce891168057df1ee97f05d3245f12664e8ec98a482ccb2672c1ecba7bf9a5195097175b479c7e4c0bbfa169748fffb0bbfa29c868ee63b728326b22489be36c2c5c99a9a03c7010114716f3d5580b7f03bb9dc86ced03a6cd9c5e6f9a44a4284ae61a0c327095fb592d2dd30cd322f63395afd117585db76ed5267eb79e20b750c53ecf12d6f3b3fe2be3c44b18e5af5040b1e1b591c2e16afad467fa9b5237309107f509750444fd936bef30f33ef5cb60c0785aec2528f67b0ba1e89b414582332ca371f9d223690ecd5b25dbbbb81bdac41136d330a3ce2944d76b36418df9b40d70d441a0ef26b7c7cce50c4e079a24146f7fcc646b5915563a023d3c8be3e4ebacf9c32da5bfa8e00b5fc01a036dd0e6c04b2a29f5163f3c4599dffdaa2d6d715b83be953a92d5dd53b844d3441146a0ae34b052c80cf66fd5c84563156e69a1e8f6d5e6139207a630c7b2838935d4f5eb71b6a2854ec7a0a91d8e1177bd890e672059251c43048e3b6969e86964a132d705fd6c872f7e9b79ebee216413cb3a9e5a2291155a72a9c76e699bad5a6b76525abd02359020facd5af61396c27e7b762c3380ecd5b03ea1b6a6f42e2eafd700f2ec174e912bc27f0391687f9a457d73e74d2f8b927bfd2db6f0dba5b8b084979138725e303a339df823039a64882a49126e8b195503d5333234ccdbdc55d1d1c7ec3676e7982b840bb148330721ac7d6345956bf2fb5c682dbe5e69706e254cfe870fbc961d7a88a03eb8f885c900dc725461bb1fc6cd8575ff19ed4d54892ed74686e386b2b01ae9d5d670d3253fb2440ad14948b9d512836e3dcb2b0cf11784dc8718055b697d0d35924f72c7eb764250d48b04549ac50930f55f0686135693eb7f98de30be0a340f8339007bfd7973834a7746d1e70f08ea9fdd5e3d94a38dbed9ba48c595f16351d5c709f315178fcace137ca714cf26657517525f47e86330d94e88331fd9e55acf3e1548bb097187e8707cbeffce5325889b144a1694cb44049e61b8f9b5cbd6a72c6bf67f966d84ec718a13fe7eb6ded354db1669e0dad450f613296ad0cf856cfd6de34adb47cc30340953875b7749a71394c799076a886d8ce6fd9d45036f03e19d9d129745d0aa78ca6478a0635cf6d3d34adb37afa3f830e4649d39bcb68d12a25bc45d707736ac9a4d7e962638dc7194e894be7ea9752b5e9ff3d74fc0f921b017b8eadbb18246c1e667c93d2838001f588836a16b46ebcb419934a406db23cd77e297152925116ebb83774e0854947fa029312ac64c576eb5a7b0556b000d4600258b7873d16cc1eef65ca3e6db0b9bffdf86cd31501ddb1d51325e37dd33a160c66741894c1d53176f8942cec433e04720c106dd0f18ef1738eabd74899b674fe970b65c5a5f110a80671e66840197e149da5470b97c9284e05974c97495d3568c96135bc025a652cb2176c3b49aac45e43cc85e1bc25fcbd38bede0c84258123b80549914ff07e42b5335df14bc912235a3d0b82fdab3fe0171c467f65b5bfe93eda63bbc4d33ba97cf6d88926967742d8c49a7ee1e44c5d18a476f6ce3924165f70414156827bb072196ad296a8fd663b671ea6e19633c6f0707f620bec92035fa8b022765b199c60f33bdf4297756a6b9dd9b0cacc41ed66c4c257827b9be526e3cfb0f951043c82a1e93372b1a3817aa68ff8cd7c72b6b039236354ed3877622d7a2bd547176e35a625397e3b9b4b75a52c1212a4d1222a398c507c4afddc09345515555ead72740d55c52e8d8fcf2772e9017a225a6fce3b9f42e8ef5adf9d9a522843623a65406beeae0c7f41a3ef0c6eca94959c62bb17b4602c9e3684e55c4b1cf97815e9a26b0767cdd8c6fa606c5593775b80099f72adc0c80b311b8a227bc29baeeb27cb74f97bcd171c5de6dc1f632cf779e8a6754da85004cb250745979dbf771cc2149d3ee8201ab2b48cf8072a0fc65c4010b909a8fc607a26ea9871c63387ddcdcd263fdc9f308a557e49d83330cca4fd282c5c0d097853cb316311348a6fa43b4fda529970c104e7dd117b2266e34031a17ea18b4e842d222f35cea464dbd2ef4a92cca3655a65bbd178e1d8e88950baa87613e77645b9c4ccc8378d38fe6d08971abed5a8765d90feb5a91a8c30b91877cacd56a99e9fe886aea00fcd9911b039fca9500c98ed433c70af53f5f5474d9b33e9c1d8128bb82807a120afc60c84f6d803f79e21003295433d3cabeafb949589b3a11e42c76e05d631fb948803868b85daedea462fdeb0c12e139bc3ece0bf181c42c8f28fd5bf1c9821cd92143bf012b0975324531ef18d3743b3bc345570f2a9c30db13e6ab9d699572a8e0911736eba55620e83c453e61b7f717377f4da13a595825f19c92fe2059d166c7621f400b5829380bb2c8fcbe1f328c6ccbcdfb6c110c294d754582e62d1a4e2a3c25b0c5138244bea68994deca04a98a2c36fca04c890075db55491ab58340215c1add455667eeba025529688f2497aebc3dd59623151346b8474be66927b806d3bba60fe40184d101a9f06a77d8c404fd1f95d6ffe3d35004f60b6ac749b0d537cf3c06d57fd736df15d5419b3d570f836ce833870429c0d1976ea68829b495d6fa1eb5ed23eae01eed0fee7ac2deef7c1b22ad8c3dd3515bd6902f96185c6393d5cadc628b21aa67ee21de72cb769f4cf43b472dd2589b9386b4caa20cbd9a5d6b0885a679bd4ab9ec71f7a00a2aa97a884213f7250932a1df6dfa8b71e5c9b3379c38f62bc9eacf0a54f45329490551c9731a915876eb5c2721769916a3588e15a1eaef12b8559645c6f4872980122b48b54a54da89e62c4f11b04103818667ff99fa694092a5cdc0f3cc4dc24d8ff4dfe09d15edec2a6d19863db0361edb62b9e3ff2e302561c38a5ffd0dd85bbc21eaa6bec3cc4457f4f405dbb0c495f3f9a74b600c548a2e0e1c8528f850dfbc7fbe317a7e3adb7382ac984d152b232898f417d58d0f6902cfbcf1004e4c34451d52a7f41f870ce96889d810eb5354f9f21ce5b7ad56cba88522e1856ff66cd1")
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000080)='./file0/bus\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, &(0x7f00000001c0))
llistxattr(&(0x7f00000001c0)='./file0/bus\x00', &(0x7f0000000200)=""/20, 0x14)

2018/04/06 01:05:43 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc030624c, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  130.487638] RIP: 0033:0x4552d9
[  130.490819] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  130.498514] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  130.505766] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  130.513025] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  130.520278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  130.527531] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000000f
[  130.630710] binder: 11093:11096 ioctl c030624c 20008fd0 returned -22
[  130.652395] binder: BINDER_SET_CONTEXT_MGR already set
[  130.659186] binder: 11093:11099 ioctl 40046207 0 returned -16
2018/04/06 01:05:43 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x1000000, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:43 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x4000000}])

2018/04/06 01:05:43 executing program 1 (fault-call:2 fault-nth:16):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:43 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:43 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0189436, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:43 executing program 5:
seccomp(0x0, 0x1, &(0x7f0000000ff0)={0x2, &(0x7f0000000000)=[{0x10020, 0x20000000, 0x400000, 0x7}, {0x100000000000016}]})

2018/04/06 01:05:43 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x62020000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:43 executing program 6:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x10280, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x200, 0x0, 0xb, 0x40, 0x5, 0x8000, 0x1, 0x0, <r2=>0x0}, &(0x7f0000000100)=0x20)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000140)={r2, 0xffffffffffffff7f, 0x0, 0xfffffffffffffff7, 0x80000001, 0x9}, 0x14)
socket$alg(0x26, 0x5, 0x0)
ioctl$DRM_IOCTL_SET_UNIQUE(r1, 0x40106410, &(0x7f0000000840)={0x3f, &(0x7f0000000800)="3d1aca259f0033ae5b662f0a112a62345ba175c3c62c6ab1c8a7593a00d30839f3528f322e37cbe14d9eb489afae34eb38c74ef99ff36ad7a66f3da2eaa85e"})
bind$alg(r0, &(0x7f0000000400)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-camellia-aesni-avx2\x00'}, 0x58)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f00000003c0)={0x5, &(0x7f0000000240)=""/196, &(0x7f0000000780)=[{0x0, 0x42, 0x7, &(0x7f0000000340)=""/66}, {0x8, 0xe9, 0x3, &(0x7f0000000480)=""/233}, {0x16, 0x4f, 0x0, &(0x7f0000000580)=""/79}, {0x8, 0x86, 0x8, &(0x7f0000000600)=""/134}, {0x5, 0x8c, 0x4, &(0x7f00000006c0)=""/140}]})
ioctl$FIONREAD(r1, 0x541b, &(0x7f00000001c0))
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7295df0df8217ad4000000000000000e6", 0x20)
r3 = accept$alg(r0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000880)={0x10000}, 0x4)
sendmsg$alg(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001980)="a27c5f1b6e7ecf53218828584c8c0135af2ed559cfcc09f233d178522ab69929", 0x20}], 0x1, &(0x7f00000001c0), 0x0, 0x4}, 0x48040)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f000059aff7)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r4, 0xc004743e, &(0x7f000082ef0a)=""/246)
ioctl$EVIOCGREP(r4, 0x40047452, &(0x7f0000000040)=""/174)
recvmsg(r3, &(0x7f0000001200)={&(0x7f0000000000)=@vsock={0x0, 0x0, 0x0, @hyper}, 0x10, &(0x7f00000011c0)=[{&(0x7f0000001140)=""/78, 0x4e}], 0x1}, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioctl$TIOCNXCL(r1, 0x540d)

2018/04/06 01:05:44 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x4}])

2018/04/06 01:05:44 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x2000000, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:44 executing program 5:
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x10000000004e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r1, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000000c0)={<r2=>0x0, 0x200}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000002c0)={r2, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x19}}}, 0x4580, 0x4}, &(0x7f0000000280)=0x7d4)
connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10)
r3 = syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x1, 0x400)
ioctl$LOOP_SET_FD(r3, 0x4c00, r1)
getsockopt$inet_int(r1, 0x10d, 0xe, &(0x7f000079bffc), &(0x7f0000000040)=0x4)

2018/04/06 01:05:44 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xf00}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  131.048975] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:05:44 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000))
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  131.087518] binder: 11115:11130 ioctl 40046207 0 returned -16
2018/04/06 01:05:44 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x400000000000000}])

2018/04/06 01:05:44 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x34000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:44 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f000013b000)=[{&(0x7f0000559f24)="580000001400192340834b80040d8c560206f8ff000400000000000000005800004824ca944f64009400050028825a003b7dbe907902008000f0fffefffffe03ed03fff5dd00000010000100000c0900fcff4d00040e05a5", 0x58}], 0x1)
clock_gettime(0x5, &(0x7f0000000080))
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0)
bind$vsock_dgram(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @hyper}, 0x10)
recvmmsg(r0, &(0x7f0000005680)=[{{&(0x7f0000005240)=@pppol2tpv3in6, 0x80, &(0x7f0000005580), 0x0, &(0x7f00000055c0)=""/140, 0x8c}, 0x10001}], 0x1, 0x0, &(0x7f00000057c0)={0x0, 0x989680})
getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000000c0), &(0x7f0000000100)=0x4)

[  131.298810] FAULT_INJECTION: forcing a failure.
[  131.298810] name failslab, interval 1, probability 0, space 0, times 0
[  131.310138] CPU: 0 PID: 11168 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  131.316983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  131.326336] Call Trace:
[  131.328921]  dump_stack+0x1b9/0x29f
[  131.332533]  ? arch_local_irq_restore+0x52/0x52
[  131.337191]  ? __save_stack_trace+0x7e/0xd0
[  131.341510]  should_fail.cold.4+0xa/0x1a
[  131.345559]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  131.350665]  ? kasan_kmalloc+0xc4/0xe0
[  131.354540]  ? kmem_cache_alloc_trace+0x152/0x780
[  131.359367]  ? sctp_add_bind_addr+0xf9/0x4a0
[  131.363765]  ? sctp_copy_local_addr_list+0x499/0x690
[  131.368857]  ? sctp_copy_one_addr+0x5d/0x170
[  131.373252]  ? sctp_bind_addr_copy+0x16b/0x45b
[  131.377821]  ? sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  131.383518]  ? sctp_sendmsg+0x1888/0x1d70
[  131.387648]  ? inet_sendmsg+0x19f/0x690
[  131.391609]  ? sock_sendmsg+0xd5/0x120
[  131.395479]  ? __sys_sendto+0x3d7/0x670
[  131.399436]  ? SyS_sendto+0x40/0x60
[  131.403048]  ? do_syscall_64+0x29e/0x9d0
[  131.407096]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  131.412447]  ? graph_lock+0x170/0x170
[  131.416234]  ? print_usage_bug+0xc0/0xc0
[  131.420282]  ? graph_lock+0x170/0x170
[  131.424072]  ? find_held_lock+0x36/0x1c0
[  131.428125]  ? lock_downgrade+0x8e0/0x8e0
[  131.432264]  should_failslab+0x124/0x180
[  131.436322]  kmem_cache_alloc_trace+0x4b/0x780
[  131.440896]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  131.446070]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  131.451619]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  131.455931]  sctp_add_bind_addr+0xf9/0x4a0
[  131.460153]  ? sctp_bind_addr_free+0x20/0x20
[  131.464544]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  131.469722]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  131.474895]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  131.479899]  sctp_copy_local_addr_list+0x499/0x690
[  131.484817]  ? sctp_defaults_init+0xe50/0xe50
[  131.489299]  ? get_random_bytes+0x34/0x40
[  131.493432]  ? sctp_association_new+0x135/0x21e0
[  131.498180]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  131.503356]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  131.508881]  sctp_copy_one_addr+0x5d/0x170
[  131.513105]  ? sctp_copy_one_addr+0x5d/0x170
[  131.517500]  sctp_bind_addr_copy+0x16b/0x45b
[  131.521895]  ? sctp_copy_one_addr+0x170/0x170
[  131.526374]  ? sctp_autobind+0x16d/0x1f0
[  131.530422]  ? sctp_do_bind+0x5f0/0x5f0
[  131.534384]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  131.539905]  ? sctp_v6_scope+0x56/0x60
[  131.543777]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  131.548428]  ? sctp_sendmsg+0x125e/0x1d70
[  131.552563]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  131.558000]  ? __local_bh_enable_ip+0x161/0x230
[  131.562839]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  131.567842]  ? lock_sock_nested+0x9f/0x120
[  131.572059]  ? trace_hardirqs_on+0xd/0x10
[  131.576190]  ? __local_bh_enable_ip+0x161/0x230
[  131.580854]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  131.586375]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  131.591558]  sctp_sendmsg+0x1888/0x1d70
[  131.595518]  ? do_raw_spin_unlock+0x9e/0x2e0
[  131.599914]  ? sctp_id2assoc+0x3e0/0x3e0
[  131.603969]  ? _raw_spin_unlock_bh+0x30/0x40
[  131.608368]  ? __release_sock+0x3a0/0x3a0
[  131.612514]  inet_sendmsg+0x19f/0x690
[  131.616303]  ? ___might_sleep+0x2d0/0x320
[  131.620453]  ? ipip_gro_receive+0x100/0x100
[  131.624769]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  131.630292]  ? security_socket_sendmsg+0x9b/0xd0
[  131.635041]  ? ipip_gro_receive+0x100/0x100
[  131.639351]  sock_sendmsg+0xd5/0x120
[  131.643054]  __sys_sendto+0x3d7/0x670
[  131.646841]  ? SyS_getpeername+0x30/0x30
[  131.650891]  ? wait_for_completion+0x870/0x870
[  131.655463]  ? __lock_is_held+0xb5/0x140
[  131.659528]  ? __sb_end_write+0xac/0xe0
[  131.663490]  ? fput+0x130/0x1a0
[  131.666764]  ? ksys_write+0x1a6/0x250
[  131.670552]  ? SyS_read+0x30/0x30
[  131.673989]  ? mm_fault_error+0x380/0x380
[  131.678130]  SyS_sendto+0x40/0x60
[  131.681579]  ? __sys_sendto+0x670/0x670
[  131.685541]  do_syscall_64+0x29e/0x9d0
[  131.689412]  ? vmalloc_sync_all+0x30/0x30
[  131.693546]  ? _raw_spin_unlock_irq+0x27/0x70
[  131.698034]  ? finish_task_switch+0x1ca/0x820
[  131.702513]  ? syscall_return_slowpath+0x5c0/0x5c0
[  131.707439]  ? syscall_return_slowpath+0x30f/0x5c0
[  131.712356]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  131.717706]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  131.722538]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  131.727709] RIP: 0033:0x4552d9
[  131.730879] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  131.738572] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
2018/04/06 01:05:44 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40049409, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:44 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x223}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:44 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x100000000000000}])

2018/04/06 01:05:44 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x9effffff00000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:44 executing program 6:
r0 = socket$inet(0x15, 0x80005, 0x0)
rt_sigprocmask(0x0, &(0x7f0000039ff8)={0xfffffffffffffffa}, 0x0, 0x8)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x17, 0x4, @tid=r1}, &(0x7f00008ec000))
getpgrp(0x0)
io_setup(0x0, &(0x7f0000000040))
io_getevents(0x0, 0x0, 0x2, &(0x7f0000000080)=[{}, {}], &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f000004a000)={{0x0, 0x1}, {0x0, 0xe4c}}, &(0x7f0000040000))
timer_delete(0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10)
getpeername$inet(r0, &(0x7f0000000000)={0x0, 0x0, @multicast2}, &(0x7f0000000080)=0x10)

2018/04/06 01:05:44 executing program 5:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10000, 0x88)
getsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000000080)=0x1, &(0x7f00000000c0)=0x4)
clock_adjtime(0x3c49315ae6764a53, &(0x7f0000000380))

2018/04/06 01:05:44 executing program 1 (fault-call:2 fault-nth:17):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:44 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000))
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  131.745836] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  131.753087] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  131.760338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  131.767587] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000010
[  131.881798] FAULT_INJECTION: forcing a failure.
[  131.881798] name failslab, interval 1, probability 0, space 0, times 0
[  131.893092] CPU: 0 PID: 11190 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  131.899944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  131.909307] Call Trace:
[  131.911915]  dump_stack+0x1b9/0x29f
[  131.915562]  ? arch_local_irq_restore+0x52/0x52
[  131.919850] binder: BINDER_SET_CONTEXT_MGR already set
[  131.920239]  ? __save_stack_trace+0x7e/0xd0
[  131.920268]  should_fail.cold.4+0xa/0x1a
[  131.920290]  ? perf_trace_lock+0xd6/0x900
[  131.938056]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  131.943178]  ? zap_class+0x720/0x720
[  131.946907]  ? sctp_sendmsg+0x1888/0x1d70
[  131.947704] binder: 11175:11178 ioctl 40046207 0 returned -16
[  131.951062]  ? sock_sendmsg+0xd5/0x120
[  131.951080]  ? __sys_sendto+0x3d7/0x670
[  131.951097]  ? SyS_sendto+0x40/0x60
[  131.951114]  ? do_syscall_64+0x29e/0x9d0
[  131.951131]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  131.951150]  ? graph_lock+0x170/0x170
[  131.951177]  ? print_usage_bug+0xc0/0xc0
[  131.985773]  ? perf_trace_lock_acquire+0xe3/0x980
[  131.990634]  ? graph_lock+0x170/0x170
[  131.994455]  ? find_held_lock+0x36/0x1c0
[  131.998537]  ? lock_downgrade+0x8e0/0x8e0
[  132.002709]  should_failslab+0x124/0x180
[  132.006785]  kmem_cache_alloc_trace+0x4b/0x780
[  132.011381]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  132.016570]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  132.022104]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  132.026424]  sctp_add_bind_addr+0xf9/0x4a0
[  132.030655]  ? sctp_bind_addr_free+0x20/0x20
[  132.035058]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  132.040245]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  132.045430]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  132.050445]  sctp_copy_local_addr_list+0x499/0x690
[  132.055377]  ? sctp_defaults_init+0xe50/0xe50
[  132.059868]  ? get_random_bytes+0x34/0x40
[  132.064006]  ? sctp_association_new+0x135/0x21e0
[  132.068773]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  132.073956]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  132.079489]  sctp_copy_one_addr+0x5d/0x170
[  132.083722]  ? sctp_copy_one_addr+0x5d/0x170
[  132.088127]  sctp_bind_addr_copy+0x16b/0x45b
[  132.092532]  ? sctp_copy_one_addr+0x170/0x170
[  132.097025]  ? sctp_autobind+0x16d/0x1f0
[  132.101083]  ? sctp_do_bind+0x5f0/0x5f0
[  132.105053]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  132.110579]  ? sctp_v6_scope+0x56/0x60
[  132.114457]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  132.119117]  ? sctp_sendmsg+0x125e/0x1d70
[  132.123268]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  132.128726]  ? __local_bh_enable_ip+0x161/0x230
[  132.133401]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  132.138413]  ? lock_sock_nested+0x9f/0x120
[  132.142638]  ? trace_hardirqs_on+0xd/0x10
[  132.146862]  ? __local_bh_enable_ip+0x161/0x230
[  132.151534]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  132.157074]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  132.162259]  sctp_sendmsg+0x1888/0x1d70
[  132.166227]  ? do_raw_spin_unlock+0x9e/0x2e0
[  132.170629]  ? sctp_id2assoc+0x3e0/0x3e0
[  132.174688]  ? _raw_spin_unlock_bh+0x30/0x40
[  132.179104]  ? __release_sock+0x3a0/0x3a0
[  132.183261]  inet_sendmsg+0x19f/0x690
[  132.187057]  ? ___might_sleep+0x2d0/0x320
[  132.191202]  ? ipip_gro_receive+0x100/0x100
[  132.195520]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  132.201055]  ? security_socket_sendmsg+0x9b/0xd0
[  132.205812]  ? ipip_gro_receive+0x100/0x100
[  132.210126]  sock_sendmsg+0xd5/0x120
[  132.213836]  __sys_sendto+0x3d7/0x670
[  132.217632]  ? SyS_getpeername+0x30/0x30
[  132.221688]  ? wait_for_completion+0x870/0x870
[  132.226289]  ? __sb_end_write+0xac/0xe0
[  132.230268]  ? fput+0x130/0x1a0
[  132.233542]  ? ksys_write+0x1a6/0x250
[  132.237338]  ? SyS_read+0x30/0x30
[  132.240782]  ? mm_fault_error+0x380/0x380
[  132.244928]  SyS_sendto+0x40/0x60
[  132.248374]  ? __sys_sendto+0x670/0x670
[  132.252346]  do_syscall_64+0x29e/0x9d0
[  132.256234]  ? vmalloc_sync_all+0x30/0x30
[  132.260376]  ? _raw_spin_unlock_irq+0x27/0x70
[  132.264871]  ? finish_task_switch+0x1ca/0x820
[  132.269365]  ? syscall_return_slowpath+0x5c0/0x5c0
[  132.274291]  ? syscall_return_slowpath+0x30f/0x5c0
[  132.279219]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  132.284582]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  132.289424]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  132.294600] RIP: 0033:0x4552d9
[  132.297778] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  132.305477] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  132.312735] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  132.319995] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
2018/04/06 01:05:44 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xffffff7f00000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  132.327256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  132.334510] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000011
2018/04/06 01:05:45 executing program 6:
syz_mount_image$xfs(&(0x7f0000000140)='xfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x5, &(0x7f00000000c0)=[{&(0x7f0000000000)="152772add9e0666e8b3beba155214a1aa35b2706530701c3628bf6a3580d9359f44fe8af58511888f2e59ba8cf20cca3a1784de9e6d11a93f2022904713f7eafabd7eefc7febd0b3f4338e42b148f69170026bf466826bc4203a05ca538fd8077e34df722ec5ede2ddafde886790aa438a9e811aec8730bab6689f46a388cc9881009b224fe75f322e8e3f9ea26f6e3754b823e6b6d815df8b722b4f6691d984996c752c80ab", 0xa6, 0x200}, {&(0x7f00000001c0)="22ee377041301f1c7a02388cc03577e7b9db79224e7d913d3955c715e070bd1396300049491507c4ac14e06e3af7b6976e2ee1971d0494caeeb83bf23814d361e1b6c1c2f0b1d87cb19727782483fdf9c8661bb6fb1975cf9762f650eac55d90883c99496db96c100319abaa18b03483c374f2a78226583afb4c029834a5147da252f864e8fe3a25afb5ec24b8", 0x8d, 0x2}, {&(0x7f0000000540)="d2f3cb23c1459d408a4f3e2f956817a4c3ad7b0ce9ed9f6fe534dd8ee58e13e418f78a7c726cd34df84af01ea888cb2464ec8cc8fa6e7205be354d7fd361e7899d057bfea0645da21f9c87b6cfc7bb53f67b5c333144241be816d3ff5ee552ed5bfbba715c0b40f6db02db39f2f3ebb67f5e68c807b2c51397e89885e941f693f0d1a6b672e4c0c30c63d161c2747e2f6e9fdd4130e514cac2ac924596fc46ce408763df2d63ad488fcaa027c0a9999115f2be7958911a23ecbbe06d0d61b4befbb642400aaae96208c5c23887a9779a06efc2686f6f8acdcef65903007b319bc03e7910eaabaa5f1c36300c371ca547a261c32ee425dcd4d46814ff633fcc4840fcd20b048b340d225f65be6bebb2a9665ad638189f0e4a55b2c1ec0975ce852fff981d610b38ba12415be4e1ed8fd746a3ed2ed480ff2d414732a077f9a153164a870d6fca0d029267046d4b760360d787eb4c1934565fcc230ec7347f739241f2fb4803e53858aa2ac81cf5f056545850613ddc202c7bfca6566a12f9721f96f28c2eb5ea8f75f1205029302dcb95140abe2de72d9a296252065a2e5bf57eca91eec5a16213a209614e02b3ce51fff1263e3bf50def1f74df3032014442050741736921bc37b4882af56e8ffb9925ff2cd55fbb0de375223d3ca9f162239ae8838100a1c536a0ae3eb36d99317b7ae4d5463dbdff8c199914edc87a66fd3c64a6f68d1c9c60ce0de93c75e019018f38f1d44ebc9cb2ac31a65c5f87d10669a480d0a5cf7b965f341b105274460f18f2e86ba8207bb7e2d2c375dea756e0375a6cfc282921829862e65bb043c9f2053c1584acbd24b632bb1860b34a97d8d553a2abad91b775e0af0b53a32f4c23373fbdffe435a2551e8c87b9adab09d46e4ce3ccd4a9b06e24c6edc5fef3dd1dd60b22ba869c28f04daa3ea0238b17b6699a8f095f9144d0bac5ea08d621e9aeebfa27c4200ac67dfcb9dd60ade705bbacfaac979a473504cb224f182325ecfbc2636f0a7b1be7d0cf9d21afdfb0868e89f6a6e348447cd0efd8f49fff1d7092913ac6c5b1e5b58ff94c41834a69e0ffbb0248b474a16b481ce33a3cad7113f7132f22204e1f37bf4d8aee574ad795d7fd457b32dff8a5febb71f4dee408fe6b0d5966e83f155a4964568e1e10cda6e1cf576cf95654cbdad31903cfadfb4c9d82981d9be04e06f6570176e6bef00f1132010e208938f132d99121d6cc9ffd403f302adac44ca001ca9271f75d18fed15237d8da60ef6e5d685fe86b9a9b3be11b123912a154a9ddb06cf88d3cf89531342193302a50aa2b82b5aeaceb9a8e788ef185dc2294e8a49cddd4b13d55957cf0def56fc805421e272681fa569d3e5a14fd5cea74bb73b1007179ba2b1c980c91b5f09dbf66aa5cc1f0ed4ae00c7c1ba394b5d4ca76dfa53341df4ece5a13ee5c23288c6613f958995a9b433718bbdff1e24084aa81908bbcfb146c3df1b419fe54a38c410b56ec47787f5ce74571bad7291bdaedecdc1b21f9ae9ed0472b985491da668a044cfaf7a30afbb8414921c6a49da9b755e1e474e706cb4a13f88901298eabb77cafd404413decc7d8f29e4923d65ddc25eb9d647fee805d9da567e5bf00d0aa3fe30036e6a2c36ca32716c43ba281fadca651302bd4c712f07c723b870f623cc2d7423f97c8a9d005eb9b6d49a53fee4f07dce79b1562f7827364cc309c326eda09c853a73177e18979ccbcaddddaa56b5a60abafdf2fa66072ada6f8c93094242a9877ed3777ae083a6f18b4707639e856f806009011d5f8c3e5b5329d15650e46996a1d4ab570b709ffe983e849962c91f51277bb482b3dd467da9e7adacbdf855bad0c1437922aed777d6d5f1ea728db258969285e0c6dd4fab17d0c641f69bdcbf41699adbc40d9bdd21a568b4c3f94454638275465984105230e59124b229dfdc7af24b43d5e0a0bb8244adccaef3cfd5ff29887c35dafefe3c455b6568224a60f585ed2885c09b3c04ca740e504884756c404b3911285f76d3034f9d5c5b67a6a33fb81c25f8dff0b5822efb142b92f43b67d879adf161d9d7c692f78df81e06d0871e101f4c3b294f60b617f0fdbd35bc49e8e90df5bcc0494873eca13c8c3bf931a7acbe1418dbfe00b6b853d01da04707b7370433a6e90abe49ac7e413d9adb5ad7bac647051d73b0fc0a94eb2e2763fcf880a0533f9dddef3b14fd84bb91c947111e66997e9653688ee963f9086cd26c63f542a377e2c6e0b1f8452859d1677b3086b8888788f6751d6dafe0ef00dd3656708cf2f35e1fba6bd9f45982da0e27b5e6d217833e763930393dbad5af9dc1b61a6f17709605cb08be821db8375de4f7fcd34188618ff9f43a2329e46a0bdf62e19b4f55d449ab3314431ff80eb60c0bdf5da334b9b0bdaeb4fb6aa2b6271ff4695bae88f289903da6c6017bd7081a2455f8c7d604173d94654637de55f5c88cf7fa75ba97195c6b5a1620f12bafe880a31b8f61f07a615821a7064f9ee945b2d6b47537c14ce42472d5c804171cd194c785bdfa8b835ebd2eacec0fa74c317a4fe1fc83c82746e7d9ab216068aa7b7b01184d2f0a6bbb9981ca939f668fcc4177158163de12e671c12c0d70874049e75488e9a4f329de44507db4b8b9da68989002e6e3eab2d7cb7e52097790e5888d51f11ce18b9ca453ce9303baba45c2aa69b428852d1623e5ee319375b660d13ae8c9368f577bf7a58b4c34665ed9e3d5ceca22fca042563beac60fe925c396bb26ef272c8789b25ff71d97745b812b5265537e0565af41d250eedb372da86253ca4a0c6a1b37376cecaa95e76af080966a30f7b6125972a2fc9790a8c3ebd2e112c885b1cf519d5abba2aaa66d7beb2191db7af644f3ca0eb47d1ebcf2cea161d8cf8465ed537bef489e68bc3f8ef54b42b8f797c24216464b26baf2e03e6a51999c2d25c328ed5ee8c768672ca283648906c50d6842ef983ace56cf98a83768ff9b2e5d61eed99ec5a149adb78f0780fb982fd2afb1738ac291bb4f9404a2135ed7180457abaed260598030eb8dde093db520bacf7ad7b941535e9573f166d1010332bed895950d49d74a005822d4d67d9c311956382deffab39605cdda0a6a8e4751abf3156fc3ebdba500c65c2a174829e2854c41f58c4450a06182834712347ce6ac8b9edf8b101bb47ad4ef6e8cb2d1ca926fd64fe5eefa62dd454ff88d79bbb969460c4dacd6167bfab4a34ec47c621e69fb6a84b1adcb9aa95c6987ba7f450034b6f2928efa1f2fc4d402c30abd875886ff8d8122b54a0a4fb459b35b440a9efbbf0fd68b9c72f510f8a8bb624c1f56b44f2f94476509b88407052336700878c587d9ab013f411de5b8de5b1e1d74c2ffaa56034c749da560ca9923cf06a982ab55fe6ea227be91628bc58ef2054b6ad02bae83788d91c9e8db66f8ef217ae43b267b045973e4e2b5254032edf6927700d1cf1766395757c150a21a295f67313433348c7e6daf7c5fd03662aa7d753b4c5ecae0de15e54335f64ee97c08651b6e21e095c42f580b5ab7452da0c65d0213b2af84cdbcb3817adba61a4745e961120e678bdb322360b1a72925b7579ca859abac483872d60fa1ce4b6e75b3a38ea5f3bdca8bcf354ff63a87cbed1dfd4a65d408d4e37dc5564d6d36668d44b9e163be26fa7ddd4b31753044f01d8c4bc0b15521a2d3232d2bc90ccb89de2ad1c11615dc7a4fea0fb015fff236c501fb0ebdb951e85f8e4dfe10b45a4023eda1eab04326455beaed49e4ffcfe466780e3154fd7c44a9c8e2a18190f617188e22713e0908fd6c3fe608e69b6ecb71f5f6785c7e06034f27dab48b6d6ca9327924efd8efab6ddd1783050f40582305c18f39d0e5b6bf5f1018ff00548259b181957992e7fdad4137a6263ec3c4581731391fdae8f999d7177dfd8f4c1e163eb3f91beaa957bccea4f6c3e99da07c97e376f2c75a3c57768ec8293e8ba193a3feb9489b6f0b60241427d6c5fde862a6af9628cae7e93a1edc6f96c2797199f069f499c604b383e4ff22302b3ccbc3196f0f5c513a0e1ce968301876c528c269c935a516cd92de78e99f27d07c5b900630494bcc809a9e181b84b91c8f77bca60a122fb5a05bd0d27eae02c2237764fdbb3628ea4dd448fa95f52d0e4ea31b287116f9e054d3f7e12ccdf39a2a4c586337e4e6b05d9d406275f87a0ffbbea54b8a6ebc00362907428035b07d59b87ac6b74c148a3ef2f7e26acce3cfa8741729af543a8fdf5458d70db17b7ac5d3845f0cec65a5317b662ad2f18ef1a5bcb3798215643645fd431dcc0a3312cf8f0c1cc12b09edb9c0cde625fcb8148ba7d9dbff14bb35fbd6bab525fb280964ee5c112939f597665fe98619576ddd04d7646b1bbb044abb8dad5966d7ba5e07a722605d7c185c75897130a880ad0bd157130902d0216ab8b5d94f1cd8f1bfafead019f6718f50b305db514ee930e62bdac143a9beff3f7a4b165d5d5b7ae3945b64da935487f3ce854f5e97d4fb70088a04b9b79c99e71148421645d76a6d433eb0976431c84f11f7a71b1e5886f065b42a8334f8fafc9cc7ed3a72360e6a022283a736891c65521e7885807e4674d7a9ec5878920c67a0844ed2cfb4b1d38f8cda9f37e0a937fc240e11b9bf330c70ecfc12817e1a7ebe3ed7a600dbe81a60613ea9600a61e23c593c7ae87085907f78b17531b103f999279de5692b0c086caead9b6b38f590ecab25cace150b7c9bbeafdda692cced950391112c3f9621915cee95942b95ed445564c4c75467067c2de5d6596966c1b4225826276c7a3abc5def068005977b97003c581746078d61339eded34f1cfe6c2339ef7925bf3ede8e8170d9d289d718a459f2ccf41df4552e4bdedf3d2a8cb7427a4e80d7f0284bcba363b903edd3e52e31ba565e4e2f96159889cd194885e1f07090ba3628f34bf5ba5adc70c57b972aeff8bf2b429de1ced88dc9664eccb132f0e723934079ec3ca7979ea17c4a3bf97ee4c7fcb2f0869aa54ba631d0fe0bf4153aefbd595d58c94023f7783e680c0e915d9e7aebd3d905bcb9081c0aa80b439bcca0a8edef48ea3f68b1564b32fc810a08a25ceaa47c73d85cefa5b8d4e53582337c499fc150101dacba1c480e590b2e7412bb313bde54d670aaf861dbea976320defa672685783aa6f16347108272187e12ef70f5d28639ee2b3b3b935241b562533f4f7c7bbd44b818c8d6734e45a94346d6f2b41632e99d2bde2d4554c60db0ca8742259b778e994ae789a016387312cf2de3d17f6ed4a633ea6e9699be7d4e83481dee0a763f9f0b5c6a0b9bcd41cf89fb2c44de1d496419cba03fc6bd883d543a0ed6e956997be2416a1d42008198bc2f1358f3f0e65f2428888d928e1fc4cc325a063f3732198d7e70f2f5a31f238376bdcf01735c752cf274db2fe9390383ace4fe065cbcf34224815cb673c92c4af72db5892542b80abdbdebb74b63d9cd64307a215703004d98ddb4f8f3573bf2af4600be4c32af2ac48af63d30a13f5ffad591ad0cfe367b1ceaae3527025b91548ae69f36fd7c67f56ce038205771a91ee7dda48021a51710cc284e881c83775ebbeb2b1b8afb5ae5a66b76ef66d582ecf8941104c88db8b1cb619ab99ad515218dbe43714de7f2b1a93dc27e5eaa7f3958902f5e6554abdb6605a6d61694849ac57f21a94502de185ac62ec5bccae53939fad35f9e1336a3a2c8e410a04521722e6405353568a91cce115fbc4f0260bc475f24a754af63120c7dbbc", 0x1000, 0x1f}, {&(0x7f0000000280)="7c10f22c5f462f37633d969ac7a09b4cbde28f5e26e1bf61fe1f82ec64ad6bcdeea765990e1428fa76afccf9b6119f220ccd1597707f9e536302bd67064b714d692b9321e96d9b90e2e46e94c0caed9fe602a17592c96f4de8e4fba3bceaea759c6065275b4e5e1c0e3b3048f43d3d0deafaed2a3386961422909de93c364518cdd114adfe5b15dc0cb98cd17200c0b48b8450792e40f76a5637980b418d6e8e77573862a9db5f8fdea69cf8c5803368e284f5b49c22bbfdafc6199f", 0xbc, 0x8}, {&(0x7f0000001540)="09fe77eb8575c3869d3d407313c76516a85c236b91bd81903a1e7fd403dccecb9f153e8f79ee1d17acc7397b9eb93de704032bce449d2cf0e20549db6cdf94d9889c1a8963c3912cbae31086c666b66cc5b8cd190304535bdc485f14816fe2fe7f4961224d98e5d36223dad242d464adcb7b3ae23430130271be2ede7d309928924650ad88fe109d2049a77f4fafc5e308693fe46f01027b3118c8cc831a1bda70b1e2226739d1c8c245c803de201ec9f39c50b545d082ae3c27b69aafd3eba2244dd091386aa6c909eefa4c52bf", 0xce, 0x1}], 0x0, &(0x7f0000000500)={'nouuid,', {[{@noalign='noalign', 0x2c}]}})
r0 = syz_open_dev$dspn(&(0x7f0000000340)='/dev/dsp#\x00', 0xfffffffffffffffb, 0x501)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

2018/04/06 01:05:45 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000))
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:45 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0046209, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:45 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x20020}])

2018/04/06 01:05:45 executing program 5:
keyctl$reject(0x13, 0x0, 0x0, 0x201, 0x0)
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f00000000c0)={<r1=>0x0})
ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000080)={r1, 0x8})

2018/04/06 01:05:45 executing program 1 (fault-call:2 fault-nth:18):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:45 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xfffff000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:45 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1400}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:45 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x20000200}])

[  132.520743] binder: BINDER_SET_CONTEXT_MGR already set
[  132.542795] FAULT_INJECTION: forcing a failure.
[  132.542795] name failslab, interval 1, probability 0, space 0, times 0
[  132.554156] CPU: 1 PID: 11221 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  132.554291] binder: 11204:11220 ioctl 40046207 0 returned -16
[  132.561004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  132.561012] Call Trace:
[  132.561039]  dump_stack+0x1b9/0x29f
[  132.561061]  ? arch_local_irq_restore+0x52/0x52
[  132.561077]  ? __save_stack_trace+0x7e/0xd0
[  132.561099]  should_fail.cold.4+0xa/0x1a
[  132.595655]  ? perf_trace_lock+0xd6/0x900
[  132.599804]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  132.604901]  ? zap_class+0x720/0x720
[  132.608608]  ? sctp_sendmsg+0x1888/0x1d70
[  132.612757]  ? sock_sendmsg+0xd5/0x120
[  132.616648]  ? __sys_sendto+0x3d7/0x670
[  132.620626]  ? SyS_sendto+0x40/0x60
[  132.624258]  ? do_syscall_64+0x29e/0x9d0
[  132.628318]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  132.633677]  ? graph_lock+0x170/0x170
[  132.637475]  ? print_usage_bug+0xc0/0xc0
[  132.641527]  ? perf_trace_lock_acquire+0xe3/0x980
[  132.646359]  ? graph_lock+0x170/0x170
[  132.650159]  ? find_held_lock+0x36/0x1c0
[  132.654220]  ? lock_downgrade+0x8e0/0x8e0
[  132.658369]  should_failslab+0x124/0x180
[  132.662426]  kmem_cache_alloc_trace+0x4b/0x780
[  132.667004]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  132.673064]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  132.678601]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  132.682917]  sctp_add_bind_addr+0xf9/0x4a0
[  132.687147]  ? sctp_bind_addr_free+0x20/0x20
[  132.691555]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  132.696739]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  132.701919]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  132.706929]  sctp_copy_local_addr_list+0x499/0x690
[  132.711869]  ? sctp_defaults_init+0xe50/0xe50
[  132.716357]  ? get_random_bytes+0x34/0x40
[  132.720497]  ? sctp_association_new+0x135/0x21e0
[  132.725263]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  132.730446]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  132.735979]  sctp_copy_one_addr+0x5d/0x170
[  132.740206]  ? sctp_copy_one_addr+0x5d/0x170
[  132.744610]  sctp_bind_addr_copy+0x16b/0x45b
[  132.749019]  ? sctp_copy_one_addr+0x170/0x170
[  132.753505]  ? sctp_autobind+0x16d/0x1f0
[  132.757556]  ? sctp_do_bind+0x5f0/0x5f0
[  132.761524]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  132.767053]  ? sctp_v6_scope+0x56/0x60
[  132.770932]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  132.775587]  ? sctp_sendmsg+0x125e/0x1d70
[  132.779734]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  132.785182]  ? __local_bh_enable_ip+0x161/0x230
[  132.789848]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  132.794854]  ? lock_sock_nested+0x9f/0x120
[  132.799075]  ? trace_hardirqs_on+0xd/0x10
[  132.803213]  ? __local_bh_enable_ip+0x161/0x230
[  132.807873]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  132.813399]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  132.818581]  sctp_sendmsg+0x1888/0x1d70
[  132.822545]  ? do_raw_spin_unlock+0x9e/0x2e0
[  132.826950]  ? sctp_id2assoc+0x3e0/0x3e0
[  132.831006]  ? _raw_spin_unlock_bh+0x30/0x40
[  132.835414]  ? __release_sock+0x3a0/0x3a0
[  132.839827]  inet_sendmsg+0x19f/0x690
[  132.843617]  ? ___might_sleep+0x2d0/0x320
[  132.847758]  ? ipip_gro_receive+0x100/0x100
[  132.852069]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  132.857594]  ? security_socket_sendmsg+0x9b/0xd0
[  132.862340]  ? ipip_gro_receive+0x100/0x100
[  132.866656]  sock_sendmsg+0xd5/0x120
[  132.870375]  __sys_sendto+0x3d7/0x670
[  132.874169]  ? SyS_getpeername+0x30/0x30
[  132.878223]  ? wait_for_completion+0x870/0x870
[  132.882817]  ? __sb_end_write+0xac/0xe0
[  132.886789]  ? fput+0x130/0x1a0
[  132.890069]  ? ksys_write+0x1a6/0x250
[  132.893864]  ? SyS_read+0x30/0x30
[  132.897314]  ? mm_fault_error+0x380/0x380
[  132.901453]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  132.906290]  SyS_sendto+0x40/0x60
[  132.909732]  ? __sys_sendto+0x670/0x670
[  132.913699]  do_syscall_64+0x29e/0x9d0
[  132.917587]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  132.922445]  ? syscall_return_slowpath+0x5c0/0x5c0
[  132.927369]  ? syscall_return_slowpath+0x30f/0x5c0
[  132.932293]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  132.937653]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  132.942494]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  132.947671] RIP: 0033:0x4552d9
[  132.950847] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  132.958546] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  132.965805] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  132.973060] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  132.980320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  132.987584] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000012
2018/04/06 01:05:45 executing program 5:
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000100)=0x3, 0x4)
listen(r0, 0x1)
r1 = socket$inet6(0xa, 0x80006, 0x0)
connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendmsg(r1, &(0x7f0000000140)={&(0x7f0000000080)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000580)='P', 0x1}], 0x1, &(0x7f00000008c0)}, 0x0)
r2 = accept4$inet6(r0, &(0x7f0000000000), &(0x7f0000000040)=0x1c, 0x0)
dup2(r1, r2)

2018/04/06 01:05:46 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x2002000000000}])

2018/04/06 01:05:46 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0045877, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(0xffffffffffffffff, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:46 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x300000000000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  133.068481] XFS (loop6): Invalid superblock magic number
2018/04/06 01:05:46 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x200000000000000}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:46 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x8000000000000000}])

[  133.181612] XFS (loop6): Invalid superblock magic number
[  133.230975] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:05:46 executing program 6:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00006a4ff7)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pipe2(&(0x7f0000e3eff8)={<r2=>0x0, <r3=>0x0}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x40042409, 0x0)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000000)=0x1, 0x4)
dup3(r4, r3, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x200c0010015, 0x0, 0x80ffff}]})

2018/04/06 01:05:46 executing program 1 (fault-call:2 fault-nth:19):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(0xffffffffffffffff, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:46 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x1000000}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  133.262315] binder: 11244:11267 ioctl 40046207 0 returned -16
[  133.296930] FAULT_INJECTION: forcing a failure.
[  133.296930] name failslab, interval 1, probability 0, space 0, times 0
[  133.308313] CPU: 1 PID: 11274 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  133.315163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  133.324524] Call Trace:
[  133.327161]  dump_stack+0x1b9/0x29f
[  133.330802]  ? arch_local_irq_restore+0x52/0x52
[  133.335470]  ? __save_stack_trace+0x7e/0xd0
[  133.339796]  should_fail.cold.4+0xa/0x1a
[  133.343856]  ? perf_trace_lock+0xd6/0x900
[  133.348003]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  133.353114]  ? zap_class+0x720/0x720
[  133.356822]  ? sctp_copy_local_addr_list+0x499/0x690
[  133.362010]  ? sctp_bind_addr_copy+0x16b/0x45b
[  133.366587]  ? sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  133.372315]  ? sctp_sendmsg+0x1888/0x1d70
[  133.376497]  ? inet_sendmsg+0x19f/0x690
[  133.381176]  ? sock_sendmsg+0xd5/0x120
[  133.385234]  ? __sys_sendto+0x3d7/0x670
[  133.389202]  ? SyS_sendto+0x40/0x60
[  133.392826]  ? do_syscall_64+0x29e/0x9d0
[  133.396882]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  133.402239]  ? graph_lock+0x170/0x170
[  133.406048]  ? find_held_lock+0x36/0x1c0
[  133.410108]  ? print_usage_bug+0xc0/0xc0
[  133.414165]  ? graph_lock+0x170/0x170
[  133.417963]  ? find_held_lock+0x36/0x1c0
[  133.422030]  ? lock_downgrade+0x8e0/0x8e0
[  133.426180]  should_failslab+0x124/0x180
[  133.430316]  kmem_cache_alloc_trace+0x4b/0x780
[  133.434893]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  133.440097]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  133.445804]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  133.450126]  sctp_add_bind_addr+0xf9/0x4a0
[  133.454361]  ? sctp_bind_addr_free+0x20/0x20
[  133.458760]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  133.463945]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  133.469126]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  133.474142]  sctp_copy_local_addr_list+0x499/0x690
[  133.479070]  ? sctp_defaults_init+0xe50/0xe50
[  133.483563]  ? get_random_bytes+0x34/0x40
[  133.487705]  ? sctp_association_new+0x135/0x21e0
[  133.492475]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  133.497686]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  133.503221]  sctp_copy_one_addr+0x5d/0x170
[  133.507446]  ? sctp_copy_one_addr+0x5d/0x170
[  133.511880]  sctp_bind_addr_copy+0x16b/0x45b
[  133.516285]  ? sctp_copy_one_addr+0x170/0x170
[  133.520771]  ? sctp_autobind+0x16d/0x1f0
[  133.524826]  ? zap_class+0x720/0x720
[  133.528530]  ? sctp_do_bind+0x5f0/0x5f0
[  133.532501]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  133.538036]  ? sctp_v6_scope+0x56/0x60
[  133.541915]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  133.546659]  ? sctp_sendmsg+0x125e/0x1d70
[  133.550804]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  133.556248]  ? __local_bh_enable_ip+0x161/0x230
[  133.560910]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  133.565917]  ? lock_sock_nested+0x9f/0x120
[  133.570140]  ? trace_hardirqs_on+0xd/0x10
[  133.574278]  ? __local_bh_enable_ip+0x161/0x230
[  133.578939]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  133.584479]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  133.589662]  sctp_sendmsg+0x1888/0x1d70
[  133.593627]  ? do_raw_spin_unlock+0x9e/0x2e0
[  133.598038]  ? sctp_id2assoc+0x3e0/0x3e0
[  133.602099]  ? _raw_spin_unlock_bh+0x30/0x40
[  133.606502]  ? __release_sock+0x3a0/0x3a0
[  133.610656]  inet_sendmsg+0x19f/0x690
[  133.614457]  ? ___might_sleep+0x2d0/0x320
[  133.618595]  ? ipip_gro_receive+0x100/0x100
[  133.622911]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  133.628440]  ? security_socket_sendmsg+0x9b/0xd0
[  133.633189]  ? ipip_gro_receive+0x100/0x100
[  133.637506]  sock_sendmsg+0xd5/0x120
[  133.641573]  __sys_sendto+0x3d7/0x670
[  133.645368]  ? SyS_getpeername+0x30/0x30
[  133.649423]  ? wait_for_completion+0x870/0x870
[  133.654034]  ? __sb_end_write+0xac/0xe0
[  133.658015]  ? fput+0x130/0x1a0
[  133.661288]  ? ksys_write+0x1a6/0x250
[  133.665082]  ? SyS_read+0x30/0x30
[  133.668523]  ? mm_fault_error+0x380/0x380
[  133.672667]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  133.677502]  SyS_sendto+0x40/0x60
[  133.680946]  ? __sys_sendto+0x670/0x670
[  133.684923]  do_syscall_64+0x29e/0x9d0
[  133.688815]  ? vmalloc_sync_all+0x30/0x30
[  133.692951]  ? _raw_spin_unlock_irq+0x27/0x70
[  133.697437]  ? finish_task_switch+0x1ca/0x820
[  133.701924]  ? syscall_return_slowpath+0x5c0/0x5c0
[  133.706846]  ? syscall_return_slowpath+0x30f/0x5c0
[  133.711770]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  133.717128]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  133.721972]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  133.727148] RIP: 0033:0x4552d9
[  133.730323] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  133.738031] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  133.745289] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  133.752544] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
2018/04/06 01:05:46 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x4000000}])

[  133.759802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  133.767062] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000013
[  133.916117] kvm [11275]: vcpu0, guest rIP: 0xfff0 unimplemented HWCR wrmsr: 0x80feb7
2018/04/06 01:05:47 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40046208, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:47 executing program 1 (fault-call:2 fault-nth:20):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:47 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xf0ffff}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:47 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x1000000}])

2018/04/06 01:05:47 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(0xffffffffffffffff, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:47 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x2000000}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:47 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10)
getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, &(0x7f0000000000)=""/181, &(0x7f00000000c0)=0xb5)
sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffbb, 0x20020003, &(0x7f0000385ff0)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='nv\x00', 0x3)
pipe2(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000180)=0x2)
shutdown(r0, 0x1)
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f00000001c0)=<r3=>0x0)
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000200)=r3)

2018/04/06 01:05:47 executing program 6:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.current\x00', 0x0, 0x0)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000040)={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xf}}, {0x306, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x0, {0x2, 0x4e21, @loopback=0x7f000001}, 'syz_tun\x00'})
setrlimit(0x7, &(0x7f0000a9cff8))
socketpair(0x0, 0x0, 0x0, &(0x7f0000000340))

[  134.153478] FAULT_INJECTION: forcing a failure.
[  134.153478] name failslab, interval 1, probability 0, space 0, times 0
[  134.164847] CPU: 0 PID: 11304 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  134.171696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  134.181059] Call Trace:
[  134.183664]  dump_stack+0x1b9/0x29f
[  134.187316]  ? arch_local_irq_restore+0x52/0x52
[  134.191999]  ? __save_stack_trace+0x7e/0xd0
[  134.196343]  should_fail.cold.4+0xa/0x1a
[  134.200422]  ? perf_trace_lock+0xd6/0x900
[  134.204587]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  134.209709]  ? zap_class+0x720/0x720
[  134.213438]  ? sctp_sendmsg+0x1888/0x1d70
[  134.217600]  ? sock_sendmsg+0xd5/0x120
[  134.221503]  ? __sys_sendto+0x3d7/0x670
[  134.225500]  ? SyS_sendto+0x40/0x60
[  134.229152]  ? do_syscall_64+0x29e/0x9d0
[  134.233218]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  134.238577]  ? graph_lock+0x170/0x170
[  134.242375]  ? print_usage_bug+0xc0/0xc0
[  134.246426]  ? perf_trace_lock_acquire+0xe3/0x980
[  134.251261]  ? graph_lock+0x170/0x170
[  134.255060]  ? find_held_lock+0x36/0x1c0
[  134.259122]  ? lock_downgrade+0x8e0/0x8e0
[  134.263266]  should_failslab+0x124/0x180
[  134.267319]  kmem_cache_alloc_trace+0x4b/0x780
[  134.271896]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  134.277075]  ? __sanitizer_cov_trace_cmp2+0x18/0x20
[  134.282092]  sctp_add_bind_addr+0xf9/0x4a0
[  134.286322]  ? sctp_bind_addr_free+0x20/0x20
[  134.290723]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  134.295911]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  134.301445]  ? sctp_v4_scope+0x19b/0x1c0
[  134.305499]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  134.310687]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  134.315705]  sctp_copy_local_addr_list+0x499/0x690
[  134.320645]  ? sctp_defaults_init+0xe50/0xe50
[  134.325129]  ? get_random_bytes+0x34/0x40
[  134.329266]  ? sctp_association_new+0x135/0x21e0
[  134.334029]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  134.339212]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  134.344744]  sctp_copy_one_addr+0x5d/0x170
[  134.348971]  ? sctp_copy_one_addr+0x5d/0x170
[  134.353374]  sctp_bind_addr_copy+0x16b/0x45b
[  134.357777]  ? sctp_copy_one_addr+0x170/0x170
[  134.362258]  ? sctp_autobind+0x16d/0x1f0
[  134.366311]  ? sctp_do_bind+0x5f0/0x5f0
[  134.370282]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  134.375808]  ? sctp_v6_scope+0x56/0x60
[  134.379685]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  134.384339]  ? sctp_sendmsg+0x125e/0x1d70
[  134.388485]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  134.393929]  ? __local_bh_enable_ip+0x161/0x230
[  134.398592]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  134.403600]  ? lock_sock_nested+0x9f/0x120
[  134.407819]  ? trace_hardirqs_on+0xd/0x10
[  134.411952]  ? __local_bh_enable_ip+0x161/0x230
[  134.416610]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  134.422135]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  134.427316]  sctp_sendmsg+0x1888/0x1d70
[  134.431282]  ? do_raw_spin_unlock+0x9e/0x2e0
[  134.435686]  ? sctp_id2assoc+0x3e0/0x3e0
[  134.439742]  ? _raw_spin_unlock_bh+0x30/0x40
[  134.444142]  ? __release_sock+0x3a0/0x3a0
[  134.448296]  inet_sendmsg+0x19f/0x690
[  134.452088]  ? ___might_sleep+0x2d0/0x320
[  134.456227]  ? ipip_gro_receive+0x100/0x100
[  134.460540]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  134.466084]  ? security_socket_sendmsg+0x9b/0xd0
[  134.470832]  ? ipip_gro_receive+0x100/0x100
[  134.475148]  sock_sendmsg+0xd5/0x120
[  134.478855]  __sys_sendto+0x3d7/0x670
[  134.482653]  ? SyS_getpeername+0x30/0x30
[  134.486709]  ? wait_for_completion+0x870/0x870
[  134.491307]  ? __sb_end_write+0xac/0xe0
[  134.495277]  ? fput+0x130/0x1a0
[  134.498551]  ? ksys_write+0x1a6/0x250
[  134.502431]  ? SyS_read+0x30/0x30
[  134.505874]  ? mm_fault_error+0x380/0x380
[  134.510027]  SyS_sendto+0x40/0x60
[  134.513500]  ? __sys_sendto+0x670/0x670
[  134.517467]  do_syscall_64+0x29e/0x9d0
[  134.521347]  ? vmalloc_sync_all+0x30/0x30
[  134.525487]  ? _raw_spin_unlock_irq+0x27/0x70
[  134.529972]  ? finish_task_switch+0x1ca/0x820
[  134.534459]  ? syscall_return_slowpath+0x5c0/0x5c0
[  134.539398]  ? syscall_return_slowpath+0x30f/0x5c0
[  134.544408]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  134.549766]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  134.554609]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  134.559799] RIP: 0033:0x4552d9
[  134.562978] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  134.570681] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  134.577938] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  134.585193] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  134.592452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
2018/04/06 01:05:47 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x2002000000000}])

2018/04/06 01:05:47 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x2}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  134.599713] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000014
2018/04/06 01:05:47 executing program 6:
r0 = socket(0x1e, 0x1, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x8000, 0x0)
bind(r0, &(0x7f0000d80f80)=@generic={0x1e, "0103000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cb184a"}, 0x80)
pipe2(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
ioctl$GIO_UNISCRNMAP(r1, 0x4b69, &(0x7f00000000c0)=""/199)
bind(r2, &(0x7f0000000280)=@generic={0x1e, "0103000000000000000000004700000000a979f321b30c7bc8790405c7bad62e0a63a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb3151d24acef1f1622ca5bdb9c8ea31000077aeb81c90001d6d7c980400000000f70dc136cb184a"}, 0xfffffffffffffeec)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@loopback={0x0, 0x1}, 0x7, 0x3, 0xff, 0x6, 0x8, 0x5, 0x7}, &(0x7f0000000040)=0x20)

2018/04/06 01:05:47 executing program 1 (fault-call:2 fault-nth:21):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:47 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, 0xffffffffffffffff)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:47 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xfcffffff}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:47 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x4000000}])

[  134.684539] binder: BINDER_SET_CONTEXT_MGR already set
[  134.720684] binder: 11300:11322 ioctl 40046207 0 returned -16
[  134.773933] FAULT_INJECTION: forcing a failure.
[  134.773933] name failslab, interval 1, probability 0, space 0, times 0
[  134.785322] CPU: 0 PID: 11331 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  134.792189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  134.801541] Call Trace:
[  134.804127]  dump_stack+0x1b9/0x29f
[  134.807743]  ? arch_local_irq_restore+0x52/0x52
[  134.812408]  ? __save_stack_trace+0x7e/0xd0
[  134.816723]  should_fail.cold.4+0xa/0x1a
[  134.820773]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  134.825861]  ? kasan_kmalloc+0xc4/0xe0
[  134.829738]  ? sctp_sendmsg+0x1888/0x1d70
[  134.833875]  ? sock_sendmsg+0xd5/0x120
[  134.837752]  ? __sys_sendto+0x3d7/0x670
[  134.841714]  ? SyS_sendto+0x40/0x60
[  134.845327]  ? do_syscall_64+0x29e/0x9d0
[  134.849375]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  134.854728]  ? graph_lock+0x170/0x170
[  134.858519]  ? print_usage_bug+0xc0/0xc0
[  134.862571]  ? graph_lock+0x170/0x170
[  134.866376]  ? find_held_lock+0x36/0x1c0
[  134.870431]  ? lock_downgrade+0x8e0/0x8e0
[  134.874572]  should_failslab+0x124/0x180
[  134.878622]  kmem_cache_alloc_trace+0x4b/0x780
[  134.883193]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  134.888368]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  134.893377]  sctp_add_bind_addr+0xf9/0x4a0
[  134.897603]  ? sctp_bind_addr_free+0x20/0x20
[  134.901998]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  134.907182]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  134.912707]  ? sctp_v4_scope+0x19b/0x1c0
[  134.916754]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  134.921933]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  134.926940]  sctp_copy_local_addr_list+0x499/0x690
[  134.931861]  ? sctp_defaults_init+0xe50/0xe50
[  134.936341]  ? get_random_bytes+0x34/0x40
[  134.940474]  ? sctp_association_new+0x135/0x21e0
[  134.945222]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  134.950399]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  134.955925]  sctp_copy_one_addr+0x5d/0x170
[  134.960144]  ? sctp_copy_one_addr+0x5d/0x170
[  134.964541]  sctp_bind_addr_copy+0x16b/0x45b
[  134.968943]  ? sctp_copy_one_addr+0x170/0x170
[  134.973426]  ? sctp_autobind+0x16d/0x1f0
[  134.977480]  ? sctp_do_bind+0x5f0/0x5f0
[  134.981448]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  134.986975]  ? sctp_v6_scope+0x56/0x60
[  134.990848]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  134.995500]  ? sctp_sendmsg+0x125e/0x1d70
[  134.999639]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  135.005078]  ? __local_bh_enable_ip+0x161/0x230
[  135.009735]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  135.014738]  ? lock_sock_nested+0x9f/0x120
[  135.018957]  ? trace_hardirqs_on+0xd/0x10
[  135.023090]  ? __local_bh_enable_ip+0x161/0x230
[  135.027744]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  135.033272]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  135.038454]  sctp_sendmsg+0x1888/0x1d70
[  135.042411]  ? do_raw_spin_unlock+0x9e/0x2e0
[  135.046809]  ? sctp_id2assoc+0x3e0/0x3e0
[  135.050860]  ? _raw_spin_unlock_bh+0x30/0x40
[  135.055257]  ? __release_sock+0x3a0/0x3a0
[  135.059402]  inet_sendmsg+0x19f/0x690
[  135.063189]  ? ___might_sleep+0x2d0/0x320
[  135.067325]  ? ipip_gro_receive+0x100/0x100
[  135.071633]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  135.077155]  ? security_socket_sendmsg+0x9b/0xd0
[  135.081895]  ? ipip_gro_receive+0x100/0x100
[  135.086203]  sock_sendmsg+0xd5/0x120
[  135.089904]  __sys_sendto+0x3d7/0x670
[  135.093695]  ? SyS_getpeername+0x30/0x30
[  135.097742]  ? wait_for_completion+0x870/0x870
[  135.102313]  ? __lock_is_held+0xb5/0x140
[  135.106371]  ? __sb_end_write+0xac/0xe0
[  135.110332]  ? fput+0x130/0x1a0
[  135.113600]  ? ksys_write+0x1a6/0x250
[  135.117390]  ? SyS_read+0x30/0x30
[  135.120826]  ? mm_fault_error+0x380/0x380
[  135.124966]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  135.129800]  SyS_sendto+0x40/0x60
[  135.133242]  ? __sys_sendto+0x670/0x670
[  135.137205]  do_syscall_64+0x29e/0x9d0
[  135.141075]  ? vmalloc_sync_all+0x30/0x30
[  135.145209]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  135.150040]  ? syscall_return_slowpath+0x5c0/0x5c0
[  135.154954]  ? syscall_return_slowpath+0x30f/0x5c0
[  135.159873]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  135.165227]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  135.170062]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
2018/04/06 01:05:48 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306202, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  135.175234] RIP: 0033:0x4552d9
[  135.178408] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  135.186105] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  135.193366] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  135.200705] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  135.207958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  135.215211] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000015
[  135.334430] binder: 11339:11343 ioctl c0306202 20008fd0 returned -22
2018/04/06 01:05:48 executing program 5:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000080)={@multicast1=0xe0000001, @local={0xac, 0x14, 0x14, 0xaa}}, 0xc)
bind$inet(r0, &(0x7f0000eed000)={0x2, 0x4e21}, 0x10)
getsockopt$inet_mreqsrc(r0, 0x0, 0x2d, &(0x7f0000000040)={@empty, @multicast2, @remote}, &(0x7f00000000c0)=0xc)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa08000000000000000000000000000000000000000000000000000000000000"], 0x0)

2018/04/06 01:05:48 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x4}])

2018/04/06 01:05:48 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x300}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:48 executing program 6:
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000040), &(0x7f0000000080)=0x4)

2018/04/06 01:05:48 executing program 1 (fault-call:2 fault-nth:22):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:48 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, 0xffffffffffffffff)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:48 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306263, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:48 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x100000000000000}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  135.381746] binder: BINDER_SET_CONTEXT_MGR already set
[  135.393608] binder: 11339:11348 ioctl 40046207 0 returned -16
[  135.467237] FAULT_INJECTION: forcing a failure.
[  135.467237] name failslab, interval 1, probability 0, space 0, times 0
[  135.478550] CPU: 1 PID: 11353 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  135.485403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  135.494771] Call Trace:
[  135.497376]  dump_stack+0x1b9/0x29f
[  135.501022]  ? arch_local_irq_restore+0x52/0x52
[  135.505705]  ? __save_stack_trace+0x7e/0xd0
[  135.510051]  should_fail.cold.4+0xa/0x1a
[  135.514127]  ? perf_trace_lock+0xd6/0x900
[  135.518291]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  135.523415]  ? zap_class+0x720/0x720
[  135.527125]  ? sctp_sendmsg+0x1888/0x1d70
[  135.531266]  ? sock_sendmsg+0xd5/0x120
[  135.535230]  ? __sys_sendto+0x3d7/0x670
[  135.539194]  ? SyS_sendto+0x40/0x60
[  135.542811]  ? do_syscall_64+0x29e/0x9d0
[  135.546862]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  135.552216]  ? graph_lock+0x170/0x170
[  135.556032]  ? retint_kernel+0x10/0x10
[  135.559917]  ? print_usage_bug+0xc0/0xc0
[  135.563967]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  135.568973]  ? graph_lock+0x170/0x170
[  135.572773]  ? find_held_lock+0x36/0x1c0
[  135.576835]  ? lock_downgrade+0x8e0/0x8e0
[  135.580980]  should_failslab+0x124/0x180
[  135.585043]  kmem_cache_alloc_trace+0x4b/0x780
[  135.589618]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  135.594798]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  135.600326]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  135.604640]  sctp_add_bind_addr+0xf9/0x4a0
[  135.608869]  ? sctp_bind_addr_free+0x20/0x20
[  135.613270]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  135.618454]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  135.623637]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  135.628650]  sctp_copy_local_addr_list+0x499/0x690
[  135.633578]  ? sctp_defaults_init+0xe50/0xe50
[  135.638065]  ? get_random_bytes+0x34/0x40
[  135.642202]  ? sctp_association_new+0x135/0x21e0
[  135.646957]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  135.652138]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  135.657668]  sctp_copy_one_addr+0x5d/0x170
[  135.661908]  ? sctp_copy_one_addr+0x5d/0x170
[  135.666315]  sctp_bind_addr_copy+0x16b/0x45b
[  135.670721]  ? sctp_copy_one_addr+0x170/0x170
[  135.675205]  ? sctp_autobind+0x16d/0x1f0
[  135.679257]  ? sctp_do_bind+0x5f0/0x5f0
[  135.683224]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  135.688751]  ? sctp_v6_scope+0x56/0x60
[  135.692631]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  135.697288]  ? sctp_sendmsg+0x125e/0x1d70
[  135.701432]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  135.706873]  ? __local_bh_enable_ip+0x161/0x230
[  135.711537]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  135.716542]  ? lock_sock_nested+0x9f/0x120
[  135.720764]  ? trace_hardirqs_on+0xd/0x10
[  135.724906]  ? __local_bh_enable_ip+0x161/0x230
[  135.729566]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  135.735093]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  135.740274]  sctp_sendmsg+0x1888/0x1d70
[  135.744238]  ? do_raw_spin_unlock+0x9e/0x2e0
[  135.748642]  ? sctp_id2assoc+0x3e0/0x3e0
[  135.752697]  ? _raw_spin_unlock_bh+0x30/0x40
[  135.757098]  ? __release_sock+0x3a0/0x3a0
[  135.761250]  inet_sendmsg+0x19f/0x690
[  135.765044]  ? ___might_sleep+0x2d0/0x320
[  135.769183]  ? ipip_gro_receive+0x100/0x100
[  135.773497]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  135.779028]  ? security_socket_sendmsg+0x9b/0xd0
[  135.783777]  ? ipip_gro_receive+0x100/0x100
[  135.788090]  sock_sendmsg+0xd5/0x120
[  135.791797]  __sys_sendto+0x3d7/0x670
[  135.795590]  ? SyS_getpeername+0x30/0x30
[  135.799643]  ? wait_for_completion+0x870/0x870
[  135.804322]  ? __sb_end_write+0xac/0xe0
[  135.808300]  ? fput+0x130/0x1a0
[  135.814001]  ? ksys_write+0x1a6/0x250
[  135.817801]  ? SyS_read+0x30/0x30
[  135.821240]  ? mm_fault_error+0x380/0x380
[  135.825387]  SyS_sendto+0x40/0x60
[  135.828831]  ? __sys_sendto+0x670/0x670
[  135.832795]  do_syscall_64+0x29e/0x9d0
[  135.836682]  ? vmalloc_sync_all+0x30/0x30
[  135.840824]  ? _raw_spin_unlock_irq+0x27/0x70
[  135.845311]  ? finish_task_switch+0x1ca/0x820
[  135.849803]  ? syscall_return_slowpath+0x5c0/0x5c0
[  135.854720]  ? syscall_return_slowpath+0x30f/0x5c0
[  135.859644]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  135.865002]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  135.869851]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  135.875043] RIP: 0033:0x4552d9
[  135.878221] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  135.885919] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  135.893180] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  135.900440] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  135.907698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
2018/04/06 01:05:48 executing program 6:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup3(r2, r0, 0x0)
mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x4, 0x20013, r3, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000040)="440f20c0350e000000440f22c0260f013ab805000000b9078000000f01d9b9321001c0b802000000ba000000000f30c744240000f0d9e8c744240204000000c7442406000000000f011424c4227d0ff70f353e660f38814d0ac4e27d8c07668ec5", 0x61}], 0x1, 0xfffffffffffffffe, &(0x7f0000000000), 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
prctl$setfpexc(0xc, 0x100003)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000140)={<r4=>0x0}, &(0x7f0000000180)=0xc)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r3, 0xc1105518, &(0x7f0000000200)={{0x1, 0x5, 0x62dc, 0xdab, "1a3ede0e2a82ebba4bc917b5db4fc90670949f9605f7ed86ef0a202d44ece91847f02ba649efde816f49ff24", 0x2}, 0x0, 0x0, 0x0, r4, 0x1, 0x40, "28ba1afb7bc664a386e66214f6fc7ce09d8440f81bf71b8c9b8484e755b933ceec2827a373f796352fbc3afbe80371f8da6feb2361f027920d15f22fd66b469c", &(0x7f00000001c0)='/dev/kvm\x00', 0x9, [], [0x3, 0x10000, 0x9]})
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f00000000c0)=0xf, 0x4)

2018/04/06 01:05:48 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, 0xffffffffffffffff)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  135.914958] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000016
2018/04/06 01:05:48 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x100000000000000}])

2018/04/06 01:05:48 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x262}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:49 executing program 5:
perf_event_open(&(0x7f000025c000)={0x2, 0x4d, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f000004cff3)='/dev/usbmon#\x00', 0x0, 0x0)
ioctl$KVM_SET_NR_MMU_PAGES(r0, 0x9208, 0x0)

2018/04/06 01:05:49 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x8000000000000000}])

2018/04/06 01:05:49 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x2, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  136.069968] binder: 11370:11376 ioctl c0306263 20008fd0 returned -22
2018/04/06 01:05:49 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  136.120915] binder: BINDER_SET_CONTEXT_MGR already set
[  136.145054] binder: 11370:11389 ioctl 40046207 0 returned -16
2018/04/06 01:05:49 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5450, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:49 executing program 5:
r0 = perf_event_open(&(0x7f0000723f88)={0x2, 0x70, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x1, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000000c0)='\x00')
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r1, 0x28, &(0x7f0000000100)={0x0, <r2=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000180)={r2, 0xe972, 0x8}, 0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280)={<r3=>0x0, 0x3c, &(0x7f0000000240)=[@in={0x2, 0x4e24, @loopback=0x7f000001}, @in={0x2, 0x4e21, @loopback=0x7f000001}, @in6={0xa, 0x4e24, 0x8, @remote={0xfe, 0x80, [], 0xbb}, 0x7}]}, &(0x7f00000002c0)=0x10)
ioctl$VHOST_GET_FEATURES(r1, 0x8008af00, &(0x7f00000001c0))
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000300)={r3, @in6={{0xa, 0x4e24, 0x2, @dev={0xfe, 0x80, [], 0xa}, 0x1}}, 0x8, 0x1}, &(0x7f00000003c0)=0x90)
rt_sigsuspend(&(0x7f0000000400)={0x8}, 0x8)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000080)={'syzkaller1\x00', {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000440)='!\\]\x00')

2018/04/06 01:05:49 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x1000000}])

2018/04/06 01:05:49 executing program 1 (fault-call:2 fault-nth:23):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:49 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x100000000000000, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:49 executing program 6:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000000))
r3 = dup3(r2, r0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x3, 0x0, 0x1000})
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000800)=[@text64={0x40, &(0x7f0000000040)="440f20c0350e000000440f22c0260f013ab805000000b9078000000f01d9b9321001c0b802000000ba000000000f30c744240000f0d9e8c744240204000000c7442406000000000f011424c4227d0ff70f353e660f38814d0ac4e27d8c07668ec5", 0x61}], 0x1, 0x0, &(0x7f00000001c0)=[@cr4={0x1, 0x100000}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:49 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:49 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xf}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  137.002530] FAULT_INJECTION: forcing a failure.
[  137.002530] name failslab, interval 1, probability 0, space 0, times 0
[  137.013859] CPU: 0 PID: 11414 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  137.020709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  137.030072] Call Trace:
[  137.032682]  dump_stack+0x1b9/0x29f
[  137.036339]  ? arch_local_irq_restore+0x52/0x52
[  137.041025]  ? __save_stack_trace+0x7e/0xd0
[  137.045361]  should_fail.cold.4+0xa/0x1a
[  137.049426]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  137.054528]  ? kasan_kmalloc+0xc4/0xe0
[  137.058412]  ? sctp_sendmsg+0x1888/0x1d70
[  137.062550]  ? sock_sendmsg+0xd5/0x120
[  137.066423]  ? __sys_sendto+0x3d7/0x670
[  137.070382]  ? SyS_sendto+0x40/0x60
[  137.073996]  ? do_syscall_64+0x29e/0x9d0
[  137.078051]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  137.083404]  ? graph_lock+0x170/0x170
[  137.087198]  ? print_usage_bug+0xc0/0xc0
[  137.091243]  ? perf_trace_lock_acquire+0xe3/0x980
[  137.096080]  ? graph_lock+0x170/0x170
[  137.099879]  ? find_held_lock+0x36/0x1c0
[  137.103939]  ? lock_downgrade+0x8e0/0x8e0
[  137.108083]  should_failslab+0x124/0x180
[  137.112133]  kmem_cache_alloc_trace+0x4b/0x780
[  137.116707]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  137.121886]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  137.127412]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  137.131729]  sctp_add_bind_addr+0xf9/0x4a0
[  137.135959]  ? sctp_bind_addr_free+0x20/0x20
[  137.140355]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  137.145539]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  137.150739]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  137.156098]  sctp_copy_local_addr_list+0x499/0x690
[  137.161028]  ? sctp_defaults_init+0xe50/0xe50
[  137.165515]  ? get_random_bytes+0x34/0x40
[  137.169651]  ? sctp_association_new+0x135/0x21e0
[  137.174403]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  137.179587]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  137.185113]  sctp_copy_one_addr+0x5d/0x170
[  137.189334]  ? sctp_copy_one_addr+0x5d/0x170
[  137.193730]  sctp_bind_addr_copy+0x16b/0x45b
[  137.198127]  ? sctp_copy_one_addr+0x170/0x170
[  137.202609]  ? sctp_autobind+0x16d/0x1f0
[  137.206660]  ? sctp_do_bind+0x5f0/0x5f0
[  137.210628]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  137.216152]  ? sctp_v6_scope+0x56/0x60
[  137.220038]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  137.224693]  ? sctp_sendmsg+0x125e/0x1d70
[  137.228832]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  137.234272]  ? __local_bh_enable_ip+0x161/0x230
[  137.239023]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  137.244035]  ? lock_sock_nested+0x9f/0x120
[  137.248262]  ? trace_hardirqs_on+0xd/0x10
[  137.252397]  ? __local_bh_enable_ip+0x161/0x230
[  137.257058]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  137.262580]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  137.267759]  sctp_sendmsg+0x1888/0x1d70
[  137.271721]  ? do_raw_spin_unlock+0x9e/0x2e0
[  137.276122]  ? sctp_id2assoc+0x3e0/0x3e0
[  137.280175]  ? _raw_spin_unlock_bh+0x30/0x40
[  137.284572]  ? __release_sock+0x3a0/0x3a0
[  137.288718]  inet_sendmsg+0x19f/0x690
[  137.292506]  ? ___might_sleep+0x2d0/0x320
[  137.296640]  ? ipip_gro_receive+0x100/0x100
[  137.300950]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  137.306482]  ? security_socket_sendmsg+0x9b/0xd0
[  137.311227]  ? ipip_gro_receive+0x100/0x100
[  137.315541]  sock_sendmsg+0xd5/0x120
[  137.319249]  __sys_sendto+0x3d7/0x670
[  137.323041]  ? SyS_getpeername+0x30/0x30
[  137.327094]  ? wait_for_completion+0x870/0x870
[  137.331669]  ? __lock_is_held+0xb5/0x140
[  137.335729]  ? __sb_end_write+0xac/0xe0
[  137.339694]  ? fput+0x130/0x1a0
[  137.342968]  ? ksys_write+0x1a6/0x250
[  137.346789]  ? SyS_read+0x30/0x30
[  137.350238]  ? mm_fault_error+0x380/0x380
[  137.354387]  SyS_sendto+0x40/0x60
[  137.357830]  ? __sys_sendto+0x670/0x670
[  137.361797]  do_syscall_64+0x29e/0x9d0
[  137.365675]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  137.370506]  ? syscall_return_slowpath+0x5c0/0x5c0
[  137.375424]  ? syscall_return_slowpath+0x30f/0x5c0
[  137.380345]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  137.385701]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  137.390539]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  137.395711] RIP: 0033:0x4552d9
2018/04/06 01:05:50 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x200000000000000, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

[  137.398887] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  137.406598] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  137.413851] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  137.421108] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  137.428363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  137.435619] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000017
2018/04/06 01:05:50 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x20020}])

2018/04/06 01:05:50 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x1000000, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:50 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xffffffc0}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  137.524180] binder: BINDER_SET_CONTEXT_MGR already set
[  137.541006] binder: 11415:11432 ioctl 40046207 0 returned -16
2018/04/06 01:05:50 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40046205, &(0x7f0000008fd0)={0x3c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:50 executing program 6:
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, r1)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c05, 0x0)

2018/04/06 01:05:50 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x20000200}])

2018/04/06 01:05:50 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x2000000, 0x0, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:50 executing program 1 (fault-call:2 fault-nth:24):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  137.715218] binder: BINDER_SET_CONTEXT_MGR already set
[  137.735642] binder: 11446:11447 ioctl 40046207 0 returned -16
[  137.778241] FAULT_INJECTION: forcing a failure.
[  137.778241] name failslab, interval 1, probability 0, space 0, times 0
[  137.789577] CPU: 1 PID: 11461 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  137.796947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  137.806305] Call Trace:
[  137.808906]  dump_stack+0x1b9/0x29f
[  137.812604]  ? arch_local_irq_restore+0x52/0x52
[  137.817383]  ? __save_stack_trace+0x7e/0xd0
[  137.821736]  should_fail.cold.4+0xa/0x1a
[  137.825819]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  137.830939]  ? kasan_kmalloc+0xc4/0xe0
[  137.834841]  ? sctp_sendmsg+0x1888/0x1d70
[  137.839003]  ? sock_sendmsg+0xd5/0x120
[  137.842899]  ? __sys_sendto+0x3d7/0x670
[  137.846879]  ? SyS_sendto+0x40/0x60
[  137.850517]  ? do_syscall_64+0x29e/0x9d0
[  137.854729]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  137.860108]  ? graph_lock+0x170/0x170
[  137.864054]  ? print_usage_bug+0xc0/0xc0
[  137.868108]  ? perf_trace_lock_acquire+0xe3/0x980
[  137.872939]  ? graph_lock+0x170/0x170
[  137.876733]  ? find_held_lock+0x36/0x1c0
[  137.880785]  ? lock_downgrade+0x8e0/0x8e0
[  137.884924]  should_failslab+0x124/0x180
[  137.889065]  kmem_cache_alloc_trace+0x4b/0x780
[  137.893634]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  137.898809]  ? __sanitizer_cov_trace_cmp2+0x18/0x20
[  137.903815]  sctp_add_bind_addr+0xf9/0x4a0
[  137.908043]  ? sctp_bind_addr_free+0x20/0x20
[  137.912436]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  137.917615]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  137.923140]  ? sctp_v4_scope+0x19b/0x1c0
[  137.927191]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  137.932375]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  137.937401]  sctp_copy_local_addr_list+0x499/0x690
[  137.942324]  ? sctp_defaults_init+0xe50/0xe50
[  137.946808]  ? get_random_bytes+0x34/0x40
[  137.950943]  ? sctp_association_new+0x135/0x21e0
[  137.955701]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  137.960878]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  137.966406]  sctp_copy_one_addr+0x5d/0x170
[  137.970628]  ? sctp_copy_one_addr+0x5d/0x170
[  137.975031]  sctp_bind_addr_copy+0x16b/0x45b
[  137.979431]  ? sctp_copy_one_addr+0x170/0x170
[  137.983912]  ? sctp_autobind+0x16d/0x1f0
[  137.987961]  ? sctp_do_bind+0x5f0/0x5f0
[  137.991924]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  137.997457]  ? sctp_v6_scope+0x56/0x60
[  138.001418]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  138.006070]  ? sctp_sendmsg+0x125e/0x1d70
[  138.010210]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  138.015649]  ? __local_bh_enable_ip+0x161/0x230
[  138.020312]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  138.025316]  ? lock_sock_nested+0x9f/0x120
[  138.029534]  ? trace_hardirqs_on+0xd/0x10
[  138.033670]  ? __local_bh_enable_ip+0x161/0x230
[  138.038326]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  138.043850]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  138.049030]  sctp_sendmsg+0x1888/0x1d70
[  138.052991]  ? do_raw_spin_unlock+0x9e/0x2e0
[  138.057391]  ? sctp_id2assoc+0x3e0/0x3e0
[  138.061443]  ? _raw_spin_unlock_bh+0x30/0x40
[  138.065840]  ? __release_sock+0x3a0/0x3a0
[  138.069984]  inet_sendmsg+0x19f/0x690
[  138.073772]  ? ___might_sleep+0x2d0/0x320
[  138.077908]  ? ipip_gro_receive+0x100/0x100
[  138.082217]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  138.087741]  ? security_socket_sendmsg+0x9b/0xd0
[  138.092480]  ? ipip_gro_receive+0x100/0x100
[  138.096787]  sock_sendmsg+0xd5/0x120
[  138.100493]  __sys_sendto+0x3d7/0x670
[  138.104283]  ? SyS_getpeername+0x30/0x30
[  138.108332]  ? wait_for_completion+0x870/0x870
[  138.112902]  ? __lock_is_held+0xb5/0x140
[  138.116963]  ? __sb_end_write+0xac/0xe0
[  138.120925]  ? fput+0x130/0x1a0
[  138.124192]  ? ksys_write+0x1a6/0x250
[  138.127978]  ? SyS_read+0x30/0x30
[  138.131416]  ? mm_fault_error+0x380/0x380
[  138.135550]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  138.140384]  SyS_sendto+0x40/0x60
[  138.143835]  ? __sys_sendto+0x670/0x670
[  138.147794]  do_syscall_64+0x29e/0x9d0
[  138.151678]  ? vmalloc_sync_all+0x30/0x30
[  138.155811]  ? finish_task_switch+0x1ca/0x820
[  138.160292]  ? syscall_return_slowpath+0x5c0/0x5c0
[  138.165208]  ? syscall_return_slowpath+0x30f/0x5c0
[  138.170136]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  138.175492]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  138.180326]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  138.185501] RIP: 0033:0x4552d9
[  138.188684] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  138.196379] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  138.203632] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  138.210888] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  138.218142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  138.225399] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000018
2018/04/06 01:05:51 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:51 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x4e0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000200008000f8", 0x16}], 0x0, &(0x7f0000000040)=ANY=[])
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000600)='./file0\x00', 0x0, 0x0)
recvmmsg(0xffffffffffffff9c, &(0x7f0000004240)=[{{&(0x7f0000000080)=@in6={0x0, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000240)=""/206, 0xce}, {&(0x7f0000000140)=""/81, 0x51}, {&(0x7f0000000340)=""/208, 0xd0}, {&(0x7f0000000440)=""/246, 0xf6}, {&(0x7f0000000640)=""/237, 0xed}], 0x5, &(0x7f0000000740)=""/249, 0xf9, 0x7}, 0xcf}, {{&(0x7f0000000840)=@l2, 0x80, &(0x7f0000002a40)=[{&(0x7f00000001c0)=""/24, 0x18}, {&(0x7f00000008c0)=""/4096, 0x1000}, {&(0x7f00000018c0)=""/245, 0xf5}, {&(0x7f00000019c0)=""/82, 0x52}, {&(0x7f00000005c0)}, {&(0x7f0000001a40)=""/4096, 0x1000}], 0x6, &(0x7f0000002ac0)=""/228, 0xe4, 0x1f}, 0x1}, {{&(0x7f0000002bc0)=@l2, 0x80, &(0x7f0000002fc0)=[{&(0x7f0000002c40)=""/216, 0xd8}, {&(0x7f0000002d40)=""/203, 0xcb}, {&(0x7f0000002e40)=""/197, 0xc5}, {&(0x7f0000002f40)=""/112, 0x70}], 0x4, &(0x7f0000003000)=""/5, 0x5, 0x2}, 0x3}, {{&(0x7f0000003040)=@pppol2tpv3in6={0x0, 0x0, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @local}}}, 0x80, &(0x7f0000003100)=[{&(0x7f00000030c0)=""/34, 0x22}], 0x1, &(0x7f0000003140)=""/4096, 0x1000, 0x6}, 0x7ab280000}, {{&(0x7f0000004140)=@un=@abs, 0x80, &(0x7f00000041c0), 0x0, &(0x7f0000004200)=""/9, 0x9, 0x7}, 0x101}], 0x5, 0x40000000, &(0x7f0000004380)={0x77359400})
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f00000043c0)=[{0x3, 0x2}, {0x8}, {0xf, 0x100000001}, {0x3, 0xfff}, {0x7, 0x20}, {0x0, 0x9}, {0x6, 0x4000000000000000}, {0x8, 0x2dc0}, {0x0, 0x3}, {0xe}], 0xa)

2018/04/06 01:05:51 executing program 1 (fault-call:2 fault-nth:25):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:51 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xf0ffffffffffff}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:51 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x56, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:51 executing program 6:
r0 = socket$inet_sctp(0x2, 0x800000000000001, 0x84)
sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10)
sendto$inet(r0, &(0x7f000026cfff)="c6", 0x1, 0x0, &(0x7f0000033ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10)
shutdown(r0, 0x1)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0), &(0x7f0000000100)=0x8)
r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x101, 0x8400)
r2 = dup(r0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)={r1, r2}, 0x10)

2018/04/06 01:05:51 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x400000000000000}])

2018/04/06 01:05:51 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x2, @dev={0xfe, 0x80}}}}, 0x48)

[  138.339013] FAULT_INJECTION: forcing a failure.
[  138.339013] name failslab, interval 1, probability 0, space 0, times 0
[  138.350423] CPU: 1 PID: 11474 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  138.357269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  138.366618] Call Trace:
[  138.369213]  dump_stack+0x1b9/0x29f
[  138.372835]  ? arch_local_irq_restore+0x52/0x52
[  138.377491]  ? __save_stack_trace+0x7e/0xd0
[  138.381815]  should_fail.cold.4+0xa/0x1a
[  138.385863]  ? perf_trace_lock+0xd6/0x900
[  138.389995]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  138.395107]  ? zap_class+0x720/0x720
[  138.398823]  ? sctp_sendmsg+0x1888/0x1d70
[  138.402970]  ? sock_sendmsg+0xd5/0x120
[  138.406842]  ? __sys_sendto+0x3d7/0x670
[  138.410802]  ? SyS_sendto+0x40/0x60
[  138.414414]  ? do_syscall_64+0x29e/0x9d0
[  138.418480]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  138.423831]  ? graph_lock+0x170/0x170
[  138.427624]  ? print_usage_bug+0xc0/0xc0
[  138.431687]  ? perf_trace_lock_acquire+0xe3/0x980
[  138.436516]  ? graph_lock+0x170/0x170
[  138.440310]  ? find_held_lock+0x36/0x1c0
[  138.444362]  ? lock_downgrade+0x8e0/0x8e0
[  138.448503]  should_failslab+0x124/0x180
[  138.452556]  kmem_cache_alloc_trace+0x4b/0x780
[  138.457126]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  138.462321]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  138.467847]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  138.472159]  sctp_add_bind_addr+0xf9/0x4a0
[  138.476381]  ? sctp_bind_addr_free+0x20/0x20
[  138.480777]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  138.485960]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  138.491142]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  138.496152]  sctp_copy_local_addr_list+0x499/0x690
[  138.501074]  ? sctp_defaults_init+0xe50/0xe50
[  138.505558]  ? get_random_bytes+0x34/0x40
[  138.509691]  ? sctp_association_new+0x135/0x21e0
[  138.514438]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  138.519614]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  138.525145]  sctp_copy_one_addr+0x5d/0x170
[  138.529363]  ? sctp_copy_one_addr+0x5d/0x170
[  138.533762]  sctp_bind_addr_copy+0x16b/0x45b
[  138.538160]  ? sctp_copy_one_addr+0x170/0x170
[  138.542642]  ? sctp_autobind+0x16d/0x1f0
[  138.546691]  ? sctp_do_bind+0x5f0/0x5f0
[  138.550654]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  138.556179]  ? sctp_v6_scope+0x56/0x60
[  138.560053]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  138.564706]  ? sctp_sendmsg+0x125e/0x1d70
[  138.568844]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  138.574282]  ? __local_bh_enable_ip+0x161/0x230
[  138.578940]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  138.583944]  ? lock_sock_nested+0x9f/0x120
[  138.588165]  ? trace_hardirqs_on+0xd/0x10
[  138.592303]  ? __local_bh_enable_ip+0x161/0x230
[  138.596963]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  138.602486]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  138.607664]  sctp_sendmsg+0x1888/0x1d70
[  138.611631]  ? do_raw_spin_unlock+0x9e/0x2e0
[  138.616038]  ? sctp_id2assoc+0x3e0/0x3e0
[  138.620101]  ? _raw_spin_unlock_bh+0x30/0x40
[  138.624638]  ? __release_sock+0x3a0/0x3a0
[  138.628785]  inet_sendmsg+0x19f/0x690
[  138.632765]  ? ___might_sleep+0x2d0/0x320
[  138.636904]  ? ipip_gro_receive+0x100/0x100
[  138.641225]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  138.646749]  ? security_socket_sendmsg+0x9b/0xd0
[  138.651500]  ? ipip_gro_receive+0x100/0x100
[  138.655812]  sock_sendmsg+0xd5/0x120
[  138.659513]  __sys_sendto+0x3d7/0x670
[  138.663330]  ? SyS_getpeername+0x30/0x30
[  138.668256]  ? wait_for_completion+0x870/0x870
[  138.672866]  ? __sb_end_write+0xac/0xe0
[  138.676830]  ? fput+0x130/0x1a0
[  138.680100]  ? ksys_write+0x1a6/0x250
[  138.683893]  ? SyS_read+0x30/0x30
[  138.687332]  ? mm_fault_error+0x380/0x380
[  138.691472]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  138.696330]  SyS_sendto+0x40/0x60
[  138.699788]  ? __sys_sendto+0x670/0x670
[  138.703752]  do_syscall_64+0x29e/0x9d0
[  138.707630]  ? vmalloc_sync_all+0x30/0x30
[  138.711767]  ? _raw_spin_unlock_irq+0x27/0x70
[  138.716251]  ? finish_task_switch+0x1ca/0x820
[  138.720737]  ? syscall_return_slowpath+0x5c0/0x5c0
[  138.725740]  ? syscall_return_slowpath+0x30f/0x5c0
[  138.730663]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  138.736020]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  138.740856]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  138.746036] RIP: 0033:0x4552d9
[  138.749212] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  138.756907] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  138.764174] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  138.771432] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  138.778782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
2018/04/06 01:05:51 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xf0}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:51 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x4000000}])

[  138.786037] R13: 00000000000004f3 R14: 00000000006fa768 R15: 0000000000000019
2018/04/06 01:05:51 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x100000000000000, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:51 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x10)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$ax25_int(r1, 0x101, 0x0, &(0x7f0000000240), &(0x7f0000000380)=0xffffffffffffffb6)
recvmsg(r0, &(0x7f000036bfc8)={&(0x7f000035cff0)=@llc, 0x10, &(0x7f0000b78000), 0x0, &(0x7f000034cf66)=""/154, 0x9a}, 0x0)
r2 = add_key(&(0x7f0000000340)='id_legacy\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000400)="fb7ded", 0x3, 0xfffffffffffffffc)
r3 = add_key(&(0x7f0000000000)='logon\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280)="488d048a09d13db17db5e8c902a7c1a2ad195c9b41b38db3a8b1ba2216e43c180e91cd2c00000000000101000000000000e2e47db63c5e5f4603adb3c20b93d04d06a80b81c62434594a2a94f8c3c5517a9fb5bcd4bea842fb85657a2f353e5d75d0a7777df1cc3bb9854dcd5f370f8a80684b81e418508ba8eb23b84dc7eb90b200f0af1d1b27cd391ccf6c602fd4e548a2aaf604114b3ae45c71e1c334c1cf", 0xa0, r2)
r4 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x400)
ioctl$KDSKBMETA(r4, 0x4b63, &(0x7f00000001c0)=0x3)
keyctl$get_keyring_id(0x0, r3, 0x9)
write(r0, &(0x7f0000a34f31)="1f0000001000077f00000000002000fc0300000408000200048000ad06ffef", 0x1f)
recvmsg(r0, &(0x7f0000000700)={&(0x7f0000000040)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000640), 0x0, &(0x7f00000006c0)=""/55, 0x37}, 0x0)

[  138.854257] binder: 11469:11485 got transaction with invalid offsets ptr
2018/04/06 01:05:51 executing program 1 (fault-call:2 fault-nth:26):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:51 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x1000000}])

[  138.905161] binder: 11469:11485 transaction failed 29201/-14, size 40-29 line 2991
[  138.965137] binder: BINDER_SET_CONTEXT_MGR already set
[  138.972664] FAULT_INJECTION: forcing a failure.
[  138.972664] name failslab, interval 1, probability 0, space 0, times 0
[  138.984053] CPU: 1 PID: 11504 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  138.990991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  138.994144] binder_alloc: 11469: binder_alloc_buf, no vma
[  139.000349] Call Trace:
[  139.000380]  dump_stack+0x1b9/0x29f
[  139.000402]  ? arch_local_irq_restore+0x52/0x52
[  139.000420]  ? __save_stack_trace+0x7e/0xd0
[  139.000442]  should_fail.cold.4+0xa/0x1a
[  139.006067] binder: 11469:11485 transaction failed 29189/-3, size 40-29 line 2963
[  139.008567]  ? perf_trace_lock+0xd6/0x900
[  139.008593]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  139.008613]  ? zap_class+0x720/0x720
[  139.024245] binder: 11469:11505 ioctl 40046207 0 returned -16
[  139.025246]  ? sctp_sendmsg+0x1888/0x1d70
[  139.025265]  ? sock_sendmsg+0xd5/0x120
[  139.025283]  ? __sys_sendto+0x3d7/0x670
[  139.025300]  ? SyS_sendto+0x40/0x60
[  139.025316]  ? do_syscall_64+0x29e/0x9d0
[  139.025330]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  139.025348]  ? graph_lock+0x170/0x170
[  139.055551] binder: undelivered TRANSACTION_ERROR: 29189
[  139.055966]  ? print_usage_bug+0xc0/0xc0
[  139.055983]  ? perf_trace_lock_acquire+0xe3/0x980
[  139.056001]  ? graph_lock+0x170/0x170
[  139.056023]  ? find_held_lock+0x36/0x1c0
[  139.056048]  ? lock_downgrade+0x8e0/0x8e0
[  139.056071]  should_failslab+0x124/0x180
[  139.056094]  kmem_cache_alloc_trace+0x4b/0x780
[  139.061107] binder: undelivered TRANSACTION_ERROR: 29201
[  139.063940]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  139.063958]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  139.063976]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  139.063998]  sctp_add_bind_addr+0xf9/0x4a0
[  139.064017]  ? sctp_bind_addr_free+0x20/0x20
[  139.064033]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  139.064051]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  139.064067]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  139.160030]  sctp_copy_local_addr_list+0x499/0x690
[  139.164964]  ? sctp_defaults_init+0xe50/0xe50
[  139.169447]  ? get_random_bytes+0x34/0x40
[  139.173583]  ? sctp_association_new+0x135/0x21e0
[  139.178334]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  139.183511]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  139.189039]  sctp_copy_one_addr+0x5d/0x170
[  139.193262]  ? sctp_copy_one_addr+0x5d/0x170
[  139.197660]  sctp_bind_addr_copy+0x16b/0x45b
[  139.202057]  ? sctp_copy_one_addr+0x170/0x170
[  139.206542]  ? sctp_autobind+0x16d/0x1f0
[  139.210592]  ? sctp_do_bind+0x5f0/0x5f0
[  139.214554]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  139.220081]  ? sctp_v6_scope+0x56/0x60
[  139.223957]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  139.228608]  ? sctp_sendmsg+0x125e/0x1d70
[  139.232747]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  139.238195]  ? __local_bh_enable_ip+0x161/0x230
[  139.242854]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  139.247856]  ? lock_sock_nested+0x9f/0x120
[  139.252075]  ? trace_hardirqs_on+0xd/0x10
[  139.256210]  ? __local_bh_enable_ip+0x161/0x230
[  139.260865]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  139.266388]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  139.271567]  sctp_sendmsg+0x1888/0x1d70
[  139.275530]  ? do_raw_spin_unlock+0x9e/0x2e0
[  139.279930]  ? sctp_id2assoc+0x3e0/0x3e0
[  139.283994]  ? _raw_spin_unlock_bh+0x30/0x40
[  139.288401]  ? __release_sock+0x3a0/0x3a0
[  139.292543]  inet_sendmsg+0x19f/0x690
[  139.296331]  ? ___might_sleep+0x2d0/0x320
[  139.300465]  ? ipip_gro_receive+0x100/0x100
[  139.304776]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  139.310298]  ? security_socket_sendmsg+0x9b/0xd0
[  139.315040]  ? ipip_gro_receive+0x100/0x100
[  139.319372]  sock_sendmsg+0xd5/0x120
[  139.323074]  __sys_sendto+0x3d7/0x670
[  139.326863]  ? SyS_getpeername+0x30/0x30
[  139.330911]  ? wait_for_completion+0x870/0x870
[  139.335493]  ? __sb_end_write+0xac/0xe0
[  139.339456]  ? fput+0x130/0x1a0
[  139.342720]  ? ksys_write+0x1a6/0x250
[  139.346508]  ? SyS_read+0x30/0x30
[  139.349946]  ? mm_fault_error+0x380/0x380
[  139.354085]  SyS_sendto+0x40/0x60
[  139.357523]  ? __sys_sendto+0x670/0x670
[  139.361493]  do_syscall_64+0x29e/0x9d0
[  139.365364]  ? vmalloc_sync_all+0x30/0x30
[  139.369494]  ? _raw_spin_unlock_irq+0x27/0x70
[  139.373976]  ? finish_task_switch+0x1ca/0x820
[  139.378458]  ? syscall_return_slowpath+0x5c0/0x5c0
[  139.383375]  ? syscall_return_slowpath+0x30f/0x5c0
[  139.388294]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  139.393646]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  139.398479]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  139.403652] RIP: 0033:0x4552d9
[  139.406823] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
2018/04/06 01:05:52 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x9, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:52 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xf000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  139.414529] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  139.421801] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  139.429057] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  139.436312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  139.443999] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000001a
[  139.524470] binder: 11513:11515 got transaction with invalid offsets ptr
[  139.566771] binder: 11513:11515 transaction failed 29201/-14, size 40-29 line 2991
[  139.586301] binder: BINDER_SET_CONTEXT_MGR already set
[  139.591790] binder: 11513:11522 ioctl 40046207 0 returned -16
[  139.607127] binder: undelivered TRANSACTION_ERROR: 29201
2018/04/06 01:05:52 executing program 6:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0)
r1 = syz_open_dev$sndtimer(&(0x7f00000004c0)='/dev/snd/timer\x00', 0x0, 0x2080)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000029fcc)={{0x0, 0x2, 0x0, 0xffefffffffffffff}})
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@dev, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{}, 0x0, @in=@dev}}, &(0x7f0000000000)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@local}, 0x0, @in=@rand_addr}}, &(0x7f0000000080)=0xe8)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000300)={{{@in=@loopback=0x7f000001, @in6=@loopback={0x0, 0x1}, 0x4e21, 0xf9, 0x4e22, 0x9, 0xa, 0xa0, 0x80, 0x2c, r2, r3}, {0x1, 0x2, 0x0, 0x6, 0x401, 0xffffffffffffffff, 0x10c9, 0xfff}, {0x5, 0x80, 0x400, 0x6}, 0x6, 0x6e6bba, 0x3, 0x1, 0x1, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0xe}, 0x4d5}, 0xa, @in=@rand_addr=0xfffffffffffffff8, 0x3506, 0x0, 0x3, 0x6, 0xe6, 0xffff, 0x1}}, 0xe8)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000d97000)={0x0, 0x9})
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000440)={&(0x7f0000000400)='./file0\x00', 0x0, 0x10}, 0x10)

2018/04/06 01:05:52 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

2018/04/06 01:05:52 executing program 1 (fault-call:2 fault-nth:27):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:52 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x4c, 0x0, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:52 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xfffffffffffff000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:52 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x90000, 0x0)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000040)={0x0, 0x5, 0x3, 0x1})
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = dup(r1)
sendmsg$netlink(r2, &(0x7f0000001e00)={&(0x7f0000001a80)=@kern={0x10}, 0xc, &(0x7f0000001d00), 0x0, &(0x7f0000001d80)=[@rights={0x10, 0x84, 0x1}], 0x10}, 0x0)

2018/04/06 01:05:52 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x200000000000000, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:52 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x20020}])

[  139.874392] FAULT_INJECTION: forcing a failure.
[  139.874392] name failslab, interval 1, probability 0, space 0, times 0
[  139.885712] CPU: 0 PID: 11535 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  139.892561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  139.901925] Call Trace:
[  139.904545]  dump_stack+0x1b9/0x29f
[  139.908199]  ? arch_local_irq_restore+0x52/0x52
[  139.912885]  ? __save_stack_trace+0x7e/0xd0
[  139.917226]  should_fail.cold.4+0xa/0x1a
[  139.921304]  ? perf_trace_lock+0xd6/0x900
[  139.925463]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  139.930578]  ? zap_class+0x720/0x720
[  139.934305]  ? sctp_sendmsg+0x1888/0x1d70
[  139.938464]  ? sock_sendmsg+0xd5/0x120
[  139.942360]  ? __sys_sendto+0x3d7/0x670
[  139.942868] binder: 11533:11536 got transaction with invalid offsets ptr
[  139.946337]  ? SyS_sendto+0x40/0x60
[  139.946358]  ? do_syscall_64+0x29e/0x9d0
[  139.946383]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  139.966212]  ? graph_lock+0x170/0x170
[  139.970017]  ? print_usage_bug+0xc0/0xc0
[  139.974073]  ? perf_trace_lock_acquire+0xe3/0x980
[  139.978913]  ? graph_lock+0x170/0x170
[  139.982711]  ? find_held_lock+0x36/0x1c0
[  139.986773]  ? lock_downgrade+0x8e0/0x8e0
[  139.990919]  should_failslab+0x124/0x180
[  139.994974]  kmem_cache_alloc_trace+0x4b/0x780
[  139.999555]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  140.004733]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  140.010259]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  140.014575]  sctp_add_bind_addr+0xf9/0x4a0
[  140.018802]  ? sctp_bind_addr_free+0x20/0x20
[  140.023286]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  140.028468]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  140.033648]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  140.038660]  sctp_copy_local_addr_list+0x499/0x690
[  140.043583]  ? sctp_defaults_init+0xe50/0xe50
[  140.048068]  ? get_random_bytes+0x34/0x40
[  140.052204]  ? sctp_association_new+0x135/0x21e0
[  140.056957]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  140.062145]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  140.067684]  sctp_copy_one_addr+0x5d/0x170
[  140.072003]  ? sctp_copy_one_addr+0x5d/0x170
[  140.076416]  sctp_bind_addr_copy+0x16b/0x45b
[  140.080819]  ? sctp_copy_one_addr+0x170/0x170
[  140.085302]  ? sctp_autobind+0x16d/0x1f0
[  140.089354]  ? sctp_do_bind+0x5f0/0x5f0
[  140.093323]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  140.099303]  ? sctp_v6_scope+0x56/0x60
[  140.103185]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  140.107843]  ? sctp_sendmsg+0x125e/0x1d70
[  140.112001]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  140.117536]  ? __local_bh_enable_ip+0x161/0x230
[  140.122196]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  140.127202]  ? lock_sock_nested+0x9f/0x120
[  140.131426]  ? trace_hardirqs_on+0xd/0x10
[  140.135563]  ? __local_bh_enable_ip+0x161/0x230
[  140.140222]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  140.145749]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  140.151021]  sctp_sendmsg+0x1888/0x1d70
[  140.154995]  ? do_raw_spin_unlock+0x9e/0x2e0
[  140.159401]  ? sctp_id2assoc+0x3e0/0x3e0
[  140.163456]  ? _raw_spin_unlock_bh+0x30/0x40
[  140.167858]  ? __release_sock+0x3a0/0x3a0
[  140.172025]  inet_sendmsg+0x19f/0x690
[  140.175903]  ? ___might_sleep+0x2d0/0x320
[  140.180046]  ? ipip_gro_receive+0x100/0x100
[  140.184360]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  140.189885]  ? security_socket_sendmsg+0x9b/0xd0
[  140.194629]  ? ipip_gro_receive+0x100/0x100
[  140.198941]  sock_sendmsg+0xd5/0x120
[  140.202648]  __sys_sendto+0x3d7/0x670
[  140.206446]  ? SyS_getpeername+0x30/0x30
[  140.210504]  ? wait_for_completion+0x870/0x870
[  140.215110]  ? __sb_end_write+0xac/0xe0
[  140.219184]  ? fput+0x130/0x1a0
[  140.222456]  ? ksys_write+0x1a6/0x250
[  140.226260]  ? SyS_read+0x30/0x30
[  140.229703]  ? mm_fault_error+0x380/0x380
[  140.233854]  SyS_sendto+0x40/0x60
[  140.237297]  ? __sys_sendto+0x670/0x670
[  140.241279]  do_syscall_64+0x29e/0x9d0
[  140.245155]  ? vmalloc_sync_all+0x30/0x30
[  140.249291]  ? _raw_spin_unlock_irq+0x27/0x70
[  140.253775]  ? finish_task_switch+0x1ca/0x820
[  140.258261]  ? syscall_return_slowpath+0x5c0/0x5c0
[  140.263179]  ? syscall_return_slowpath+0x30f/0x5c0
[  140.268106]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  140.273465]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  140.278306]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  140.283484] RIP: 0033:0x4552d9
[  140.286751] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  140.294451] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  140.301708] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  140.308986] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  140.316246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  140.323516] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000001b
[  140.371875] binder: 11533:11536 transaction failed 29201/-14, size 40-29 line 2991
[  140.389837] binder: BINDER_SET_CONTEXT_MGR already set
[  140.395377] binder: 11533:11547 ioctl 40046207 0 returned -16
2018/04/06 01:05:53 executing program 5:
syz_emit_ethernet(0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffff"], 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
open_by_handle_at(r0, &(0x7f0000000040)={0x32, 0x518f, "c4f3a6fbfad8b7db6e1c324145e950a647b8f9e5ede87796b85e5fe0cc83f8099c04665478f1f4f7db3d"}, 0x2000)
r1 = socket$packet(0x11, 0x10000000002, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={"74756e6c30000000e5ff00", <r2=>0x0})
prctl$setmm(0x23, 0x1, &(0x7f0000ffc000/0x3000)=nil)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x1f, r2}, 0xc)
r4 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x8, 0x401)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f0000000140)={0xd6, 0x1, 0x80000000})
setsockopt$inet6_mreq(r1, 0x29, 0x8625ab6a9ffbe217, &(0x7f0000000180)={@remote={0xfe, 0x80, [], 0xbb}, r2}, 0x14)
fcntl$setlease(r3, 0x400, 0x2)
write(r3, &(0x7f0000000100)="53d5616b", 0x4)

2018/04/06 01:05:53 executing program 0 (fault-call:7 fault-nth:0):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:53 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x4}])

2018/04/06 01:05:53 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xc0ffffff00000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:53 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x1000000, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:53 executing program 1 (fault-call:2 fault-nth:28):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:53 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x6c, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:53 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000d19fee)='/dev/input/event#\x00', 0x0, 0x2)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x17, &(0x7f00000019c0)={@dev={0xfe, 0x80}}, 0x14)
read(r0, &(0x7f0000000040)=""/24, 0x18)
write$evdev(r0, &(0x7f0000057fa0)=[{{}, 0x0, 0x100000001}, {}], 0x30)
r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x66, 0x1)
mq_notify(r2, &(0x7f0000000200)={0x0, 0x3e, 0x4, @thr={&(0x7f0000000080)="4a0d74e344ea9bab6bd8b688430420bd9994bc600d0b771907153fc6639b370a59bebe22ac87a6c601bf02c4aa0836d8e0cd8daf962825e05cd9bbaf95040e1d9e68ea92555b17dffff3efdadf72bdabd94ff518e1c0", &(0x7f0000000100)="9f8ae2deb1240f5a346bcbbd946cea543d8d42a311dd7374c9ad8be9d924403fe4670c10d6803f3a66aa45adefbc2eabfb38cc09ddfb8a4b3ef5dc75f4702033c9119d82dc9ec75e90401f4fd84feef123a206a39c7bbba144bc132186a1038a9210fc0b9821356810e35be9ed9877760d331d82c353710cfb8caefffd1523970c8aec417ea44b10d6e0ee6672adcff6eb7837e49009a23400c3938eea2f081e82502ed165690ff38e85cdd4899074edf46f04bee57d8f06899662c9824fe924d42020089ceb043cfdbac98821a53af73267c2538f51c573581d5d6b1aaa0ca840f29a1167ecbb9145"}})

[  140.455463] binder: undelivered TRANSACTION_ERROR: 29201
[  140.491515] FAULT_INJECTION: forcing a failure.
[  140.491515] name failslab, interval 1, probability 0, space 0, times 0
[  140.502868] CPU: 0 PID: 11560 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  140.509714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  140.519076] Call Trace:
[  140.519089] FAULT_INJECTION: forcing a failure.
[  140.519089] name failslab, interval 1, probability 0, space 0, times 0
[  140.521675]  dump_stack+0x1b9/0x29f
[  140.521698]  ? arch_local_irq_restore+0x52/0x52
[  140.521717]  ? __save_stack_trace+0x7e/0xd0
[  140.521739]  should_fail.cold.4+0xa/0x1a
[  140.521759]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  140.554825]  ? kasan_kmalloc+0xc4/0xe0
[  140.558711]  ? sctp_sendmsg+0x1888/0x1d70
[  140.562858]  ? sock_sendmsg+0xd5/0x120
[  140.566742]  ? __sys_sendto+0x3d7/0x670
[  140.570713]  ? SyS_sendto+0x40/0x60
[  140.574336]  ? do_syscall_64+0x29e/0x9d0
[  140.578392]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  140.583750]  ? graph_lock+0x170/0x170
[  140.587552]  ? print_usage_bug+0xc0/0xc0
[  140.591605]  ? perf_trace_lock_acquire+0xe3/0x980
[  140.596466]  ? find_held_lock+0x36/0x1c0
[  140.600531]  ? lock_downgrade+0x8e0/0x8e0
[  140.604680]  should_failslab+0x124/0x180
[  140.609175]  kmem_cache_alloc_trace+0x4b/0x780
[  140.613763]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  140.618953]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  140.624485]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  140.628803]  sctp_add_bind_addr+0xf9/0x4a0
[  140.633039]  ? sctp_bind_addr_free+0x20/0x20
[  140.637440]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  140.642629]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  140.647813]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  140.652828]  sctp_copy_local_addr_list+0x499/0x690
[  140.658371]  ? sctp_defaults_init+0xe50/0xe50
[  140.662860]  ? get_random_bytes+0x34/0x40
[  140.667011]  ? sctp_association_new+0x135/0x21e0
[  140.671772]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  140.676958]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  140.682494]  sctp_copy_one_addr+0x5d/0x170
[  140.686725]  ? sctp_copy_one_addr+0x5d/0x170
[  140.691135]  sctp_bind_addr_copy+0x16b/0x45b
[  140.695554]  ? sctp_copy_one_addr+0x170/0x170
[  140.700047]  ? sctp_autobind+0x16d/0x1f0
[  140.704111]  ? sctp_do_bind+0x5f0/0x5f0
[  140.708089]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  140.713619]  ? sctp_v6_scope+0x56/0x60
[  140.718026]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  140.722684]  ? sctp_sendmsg+0x125e/0x1d70
[  140.726831]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  140.732278]  ? __local_bh_enable_ip+0x161/0x230
[  140.736971]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  140.741989]  ? lock_sock_nested+0x9f/0x120
[  140.746218]  ? trace_hardirqs_on+0xd/0x10
[  140.750359]  ? __local_bh_enable_ip+0x161/0x230
[  140.755026]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  140.760560]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  140.765746]  sctp_sendmsg+0x1888/0x1d70
[  140.769716]  ? do_raw_spin_unlock+0x9e/0x2e0
[  140.774122]  ? sctp_id2assoc+0x3e0/0x3e0
[  140.778182]  ? _raw_spin_unlock_bh+0x30/0x40
[  140.782589]  ? __release_sock+0x3a0/0x3a0
[  140.786747]  inet_sendmsg+0x19f/0x690
[  140.790540]  ? ___might_sleep+0x2d0/0x320
[  140.794692]  ? ipip_gro_receive+0x100/0x100
[  140.799013]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  140.804545]  ? security_socket_sendmsg+0x9b/0xd0
[  140.809295]  ? ipip_gro_receive+0x100/0x100
[  140.813615]  sock_sendmsg+0xd5/0x120
[  140.817325]  __sys_sendto+0x3d7/0x670
[  140.821123]  ? SyS_getpeername+0x30/0x30
[  140.825198]  ? wait_for_completion+0x870/0x870
[  140.829866]  ? __lock_is_held+0xb5/0x140
[  140.833966]  ? __sb_end_write+0xac/0xe0
[  140.837945]  ? fput+0x130/0x1a0
[  140.841221]  ? ksys_write+0x1a6/0x250
[  140.845022]  ? SyS_read+0x30/0x30
[  140.848477]  ? mm_fault_error+0x380/0x380
[  140.852634]  SyS_sendto+0x40/0x60
[  140.856081]  ? __sys_sendto+0x670/0x670
[  140.860052]  do_syscall_64+0x29e/0x9d0
[  140.864022]  ? vmalloc_sync_all+0x30/0x30
[  140.868163]  ? _raw_spin_unlock_irq+0x27/0x70
[  140.872653]  ? finish_task_switch+0x1ca/0x820
[  140.877145]  ? syscall_return_slowpath+0x5c0/0x5c0
[  140.882072]  ? syscall_return_slowpath+0x30f/0x5c0
[  140.887003]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  140.892365]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  140.897209]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  140.902390] RIP: 0033:0x4552d9
[  140.905572] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  140.913289] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  140.920549] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  140.927808] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  140.935068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  140.942327] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000001c
[  140.949610] CPU: 1 PID: 11567 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  140.956455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  140.965808] Call Trace:
[  140.968409]  dump_stack+0x1b9/0x29f
[  140.972053]  ? arch_local_irq_restore+0x52/0x52
[  140.976738]  should_fail.cold.4+0xa/0x1a
[  140.980807]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  140.985913]  ? perf_trace_lock_acquire+0xe3/0x980
[  140.990756]  ? graph_lock+0x170/0x170
[  140.994655]  ? find_held_lock+0x36/0x1c0
[  140.998718]  ? __lock_is_held+0xb5/0x140
[  141.002786]  ? check_same_owner+0x320/0x320
[  141.007101]  ? rcu_note_context_switch+0x710/0x710
[  141.012038]  should_failslab+0x124/0x180
[  141.016096]  kmem_cache_alloc+0x2af/0x760
[  141.020237]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  141.025243]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  141.030775]  mmu_topup_memory_caches+0xf7/0x3a0
[  141.035433]  ? kvm_apic_has_interrupt+0xe1/0x210
[  141.040185]  kvm_mmu_load+0x21/0x10e0
[  141.043975]  ? update_cr8_intercept+0x165/0x1e0
[  141.048639]  vcpu_enter_guest+0x35a0/0x5c40
[  141.052961]  ? kvm_set_msr_common+0x2660/0x2660
[  141.057617]  ? kvm_vcpu_wake_up+0x170/0x170
[  141.061932]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  141.067114]  ? __apic_accept_irq+0x1a0/0xb50
[  141.071521]  ? apic_mmio_write+0x1d0/0x1d0
[  141.075747]  ? perf_trace_lock_acquire+0xe3/0x980
[  141.080601]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  141.086046]  ? kasan_check_write+0x14/0x20
[  141.090271]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  141.095454]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  141.101429]  ? kasan_check_read+0x11/0x20
[  141.105566]  ? apic_has_pending_timer+0x122/0x2f0
[  141.110402]  ? kvm_lapic_reset+0x1020/0x1020
[  141.114803]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  141.120333]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  141.125163]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  141.130178]  kvm_vcpu_ioctl+0x79d/0x12e0
[  141.134231]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  141.138371]  ? graph_lock+0x170/0x170
[  141.142167]  ? find_held_lock+0x36/0x1c0
[  141.146227]  ? lock_downgrade+0x8e0/0x8e0
[  141.150369]  ? kasan_check_read+0x11/0x20
[  141.154509]  ? rcu_is_watching+0x85/0x140
[  141.158646]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  141.163837]  ? __fget+0x40c/0x650
[  141.167284]  ? match_held_lock+0x851/0x8b0
[  141.171509]  ? expand_files.part.8+0x9a0/0x9a0
[  141.176080]  ? kasan_check_write+0x14/0x20
[  141.180306]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  141.185230]  ? wait_for_completion+0x870/0x870
[  141.189811]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  141.194990]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  141.199132]  do_vfs_ioctl+0x1cf/0x1650
[  141.203032]  ? ioctl_preallocate+0x2e0/0x2e0
[  141.207434]  ? fget_raw+0x20/0x20
[  141.210881]  ? __sb_end_write+0xac/0xe0
[  141.214848]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  141.220373]  ? fput+0x130/0x1a0
[  141.223647]  ? ksys_write+0x1a6/0x250
[  141.227440]  ? security_file_ioctl+0x9b/0xd0
[  141.231841]  ksys_ioctl+0xa9/0xd0
[  141.235285]  SyS_ioctl+0x24/0x30
[  141.238643]  ? ksys_ioctl+0xd0/0xd0
[  141.242261]  do_syscall_64+0x29e/0x9d0
[  141.246136]  ? vmalloc_sync_all+0x30/0x30
[  141.250272]  ? _raw_spin_unlock_irq+0x27/0x70
[  141.254756]  ? finish_task_switch+0x1ca/0x820
[  141.259241]  ? syscall_return_slowpath+0x5c0/0x5c0
[  141.264159]  ? syscall_return_slowpath+0x30f/0x5c0
[  141.269085]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  141.274443]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  141.279286]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  141.284471] RIP: 0033:0x4552d9
[  141.287661] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  141.295359] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  141.302619] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  141.309878] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  141.317147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  141.324402] R13: 0000000000000251 R14: 00000000006f6838 R15: 0000000000000000
2018/04/06 01:05:54 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x2000000, @dev={0xfe, 0x80}}}}, 0x48)

2018/04/06 01:05:54 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x20000200}])

2018/04/06 01:05:54 executing program 5:
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0xfffffffffffffffe)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00', <r1=>0x0})
recvfrom$packet(r0, &(0x7f0000000000)=""/243, 0xf3, 0x21, &(0x7f0000000140)={0x11, 0x1f, r1, 0x1, 0xfffffffffffffffb, 0x6, @random="f8145fae75cf"}, 0x14)

2018/04/06 01:05:54 executing program 1 (fault-call:2 fault-nth:29):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  141.415744] binder: BINDER_SET_CONTEXT_MGR already set
[  141.458223] binder: 11572:11577 ioctl 40046207 0 returned -16
[  141.477208] FAULT_INJECTION: forcing a failure.
[  141.477208] name failslab, interval 1, probability 0, space 0, times 0
[  141.488523] CPU: 1 PID: 11588 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  141.495374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  141.504731] Call Trace:
[  141.507314]  dump_stack+0x1b9/0x29f
[  141.510938]  ? arch_local_irq_restore+0x52/0x52
[  141.515596]  ? __save_stack_trace+0x7e/0xd0
[  141.519916]  should_fail.cold.4+0xa/0x1a
[  141.523970]  ? perf_trace_lock+0xd6/0x900
[  141.528110]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  141.533220]  ? zap_class+0x720/0x720
[  141.536927]  ? sctp_sendmsg+0x1888/0x1d70
[  141.541064]  ? sock_sendmsg+0xd5/0x120
[  141.544942]  ? __sys_sendto+0x3d7/0x670
[  141.548904]  ? SyS_sendto+0x40/0x60
[  141.552525]  ? do_syscall_64+0x29e/0x9d0
[  141.556583]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  141.561941]  ? graph_lock+0x170/0x170
[  141.565738]  ? print_usage_bug+0xc0/0xc0
[  141.569792]  ? perf_trace_lock_acquire+0xe3/0x980
[  141.574646]  ? graph_lock+0x170/0x170
[  141.578446]  ? find_held_lock+0x36/0x1c0
[  141.582510]  ? lock_downgrade+0x8e0/0x8e0
[  141.586664]  should_failslab+0x124/0x180
[  141.590725]  kmem_cache_alloc_trace+0x4b/0x780
[  141.595301]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  141.600498]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  141.606035]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  141.610358]  sctp_add_bind_addr+0xf9/0x4a0
[  141.614589]  ? sctp_bind_addr_free+0x20/0x20
[  141.618990]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  141.624178]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  141.629364]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  141.634377]  sctp_copy_local_addr_list+0x499/0x690
[  141.640405]  ? sctp_defaults_init+0xe50/0xe50
[  141.644893]  ? get_random_bytes+0x34/0x40
[  141.649038]  ? sctp_association_new+0x135/0x21e0
[  141.653797]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  141.658982]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  141.664519]  sctp_copy_one_addr+0x5d/0x170
[  141.668745]  ? sctp_copy_one_addr+0x5d/0x170
[  141.673161]  sctp_bind_addr_copy+0x16b/0x45b
[  141.677565]  ? sctp_copy_one_addr+0x170/0x170
[  141.682052]  ? sctp_autobind+0x16d/0x1f0
[  141.686105]  ? sctp_do_bind+0x5f0/0x5f0
[  141.690074]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  141.695608]  ? sctp_v6_scope+0x56/0x60
[  141.699488]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  141.704147]  ? sctp_sendmsg+0x125e/0x1d70
[  141.708293]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  141.713739]  ? __local_bh_enable_ip+0x161/0x230
[  141.718403]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  141.723409]  ? lock_sock_nested+0x9f/0x120
[  141.727632]  ? trace_hardirqs_on+0xd/0x10
[  141.731774]  ? __local_bh_enable_ip+0x161/0x230
[  141.736434]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  141.741960]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  141.747144]  sctp_sendmsg+0x1888/0x1d70
[  141.751110]  ? do_raw_spin_unlock+0x9e/0x2e0
[  141.755517]  ? sctp_id2assoc+0x3e0/0x3e0
[  141.759575]  ? _raw_spin_unlock_bh+0x30/0x40
[  141.763978]  ? __release_sock+0x3a0/0x3a0
[  141.768136]  inet_sendmsg+0x19f/0x690
[  141.771923]  ? ___might_sleep+0x2d0/0x320
[  141.776064]  ? ipip_gro_receive+0x100/0x100
[  141.780381]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  141.785929]  ? security_socket_sendmsg+0x9b/0xd0
[  141.790675]  ? ipip_gro_receive+0x100/0x100
[  141.794992]  sock_sendmsg+0xd5/0x120
[  141.798702]  __sys_sendto+0x3d7/0x670
[  141.802498]  ? SyS_getpeername+0x30/0x30
[  141.806555]  ? wait_for_completion+0x870/0x870
[  141.811155]  ? __sb_end_write+0xac/0xe0
[  141.815123]  ? fput+0x130/0x1a0
[  141.818409]  ? ksys_write+0x1a6/0x250
[  141.822202]  ? SyS_read+0x30/0x30
[  141.825642]  ? mm_fault_error+0x380/0x380
[  141.829784]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  141.834641]  SyS_sendto+0x40/0x60
[  141.838100]  ? __sys_sendto+0x670/0x670
[  141.842070]  do_syscall_64+0x29e/0x9d0
[  141.845954]  ? vmalloc_sync_all+0x30/0x30
[  141.850095]  ? _raw_spin_unlock_irq+0x27/0x70
[  141.854580]  ? finish_task_switch+0x1ca/0x820
[  141.859069]  ? syscall_return_slowpath+0x5c0/0x5c0
[  141.863992]  ? syscall_return_slowpath+0x30f/0x5c0
[  141.868923]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  141.874282]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  141.879121]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  141.884296] RIP: 0033:0x4552d9
[  141.887487] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  141.895187] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  141.902443] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
2018/04/06 01:05:54 executing program 0 (fault-call:7 fault-nth:1):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  141.909699] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  141.916955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  141.924213] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000001d
[  141.966186] FAULT_INJECTION: forcing a failure.
[  141.966186] name failslab, interval 1, probability 0, space 0, times 0
[  141.977563] CPU: 0 PID: 11591 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  141.984412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  141.993770] Call Trace:
[  141.996379]  dump_stack+0x1b9/0x29f
[  142.000021]  ? arch_local_irq_restore+0x52/0x52
[  142.004709]  should_fail.cold.4+0xa/0x1a
[  142.008787]  ? fault_create_debugfs_attr+0x1f0/0x1f0
2018/04/06 01:05:55 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x100000000000000}])

2018/04/06 01:05:55 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt$ax25_int(r0, 0x101, 0x0, &(0x7f0000000340)=0x7, 0x4)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000140))
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000300))
r2 = syz_open_dev$vcsa(&(0x7f0000000280)='/dev/vcsa#\x00', 0x7, 0x20000)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000380)={0x5}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f00000002c0)={0x2, &(0x7f0000000000), 0x0, r2, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f00000003c0)={<r3=>0x0, @in={{0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x4, 0x0, 0x6, 0x0, 0x25}, &(0x7f0000000480)=0x98)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f00000004c0)={<r4=>r3, 0x6dac}, &(0x7f0000000500)=0x8)
r5 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x6, 0x402040)
r6 = socket$inet_icmp(0x2, 0x2, 0x1)
r7 = fcntl$getown(r5, 0x9)
sched_setaffinity(r7, 0x8, &(0x7f00000005c0)=0x6)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x9)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000080)={r4, 0x0, 0x0, 0x9f7f, 0x4, 0xfffffffffffffffa}, &(0x7f00000000c0)=0x14)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x6, &(0x7f00000001c0)={r3, @in6={{0xa, 0x4e23, 0x7f, @ipv4={[], [0xff, 0xff]}, 0x2}}}, &(0x7f0000000100)=0x84)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000180))
ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f0000000540)={0x0, <r8=>0x0, 0x36})
ioctl$DRM_IOCTL_GEM_CLOSE(r5, 0x40086409, &(0x7f0000000580)={r8})

2018/04/06 01:05:55 executing program 1 (fault-call:2 fault-nth:30):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:55 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x2, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  142.013919]  ? kasan_kmalloc+0xc4/0xe0
[  142.017835]  ? kmem_cache_alloc+0x12e/0x760
[  142.022170]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  142.027027]  ? kvm_mmu_load+0x21/0x10e0
[  142.031014]  ? vcpu_enter_guest+0x35a0/0x5c40
[  142.035516]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  142.040539]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  142.044799]  ? graph_lock+0x170/0x170
[  142.048619]  ? do_syscall_64+0x29e/0x9d0
[  142.052692]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  142.058076]  ? find_held_lock+0x36/0x1c0
[  142.062156]  ? __lock_is_held+0xb5/0x140
[  142.066241]  ? check_same_owner+0x320/0x320
[  142.070575]  ? rcu_note_context_switch+0x710/0x710
[  142.075519]  should_failslab+0x124/0x180
[  142.079614]  kmem_cache_alloc+0x2af/0x760
[  142.083817]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  142.088847]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  142.093347] FAULT_INJECTION: forcing a failure.
[  142.093347] name failslab, interval 1, probability 0, space 0, times 0
[  142.094390]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  142.094413]  mmu_topup_memory_caches+0xf7/0x3a0
[  142.094431]  ? kvm_apic_has_interrupt+0xe1/0x210
[  142.094454]  kvm_mmu_load+0x21/0x10e0
[  142.094477]  ? update_cr8_intercept+0x165/0x1e0
[  142.128307]  vcpu_enter_guest+0x35a0/0x5c40
[  142.132640]  ? kvm_set_msr_common+0x2660/0x2660
[  142.137316]  ? kvm_vcpu_wake_up+0x170/0x170
[  142.141638]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  142.146835]  ? __apic_accept_irq+0x1a0/0xb50
[  142.151255]  ? apic_mmio_write+0x1d0/0x1d0
[  142.155482]  ? debug_check_no_locks_freed+0x310/0x310
[  142.160666]  ? print_usage_bug+0xc0/0xc0
[  142.164739]  ? find_held_lock+0x36/0x1c0
[  142.168808]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  142.174260]  ? kasan_check_write+0x14/0x20
[  142.178489]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  142.183676]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  142.189638]  ? kasan_check_read+0x11/0x20
[  142.193782]  ? apic_has_pending_timer+0x122/0x2f0
[  142.198629]  ? kvm_lapic_reset+0x1020/0x1020
[  142.203037]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  142.208571]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  142.213494]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  142.218514]  kvm_vcpu_ioctl+0x79d/0x12e0
[  142.222573]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  142.226719]  ? graph_lock+0x170/0x170
[  142.230515]  ? find_held_lock+0x36/0x1c0
[  142.234577]  ? lock_downgrade+0x8e0/0x8e0
[  142.238911]  ? rcu_is_watching+0x85/0x140
[  142.243052]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  142.248244]  ? __fget+0x40c/0x650
[  142.251695]  ? match_held_lock+0x851/0x8b0
[  142.255930]  ? expand_files.part.8+0x9a0/0x9a0
[  142.260504]  ? kasan_check_write+0x14/0x20
[  142.264737]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  142.269662]  ? wait_for_completion+0x870/0x870
[  142.274240]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  142.279422]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  142.283565]  do_vfs_ioctl+0x1cf/0x1650
[  142.287452]  ? ioctl_preallocate+0x2e0/0x2e0
[  142.291857]  ? fget_raw+0x20/0x20
[  142.295307]  ? __sb_end_write+0xac/0xe0
[  142.299278]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  142.304811]  ? fput+0x130/0x1a0
[  142.308172]  ? ksys_write+0x1a6/0x250
[  142.311972]  ? security_file_ioctl+0x9b/0xd0
[  142.316376]  ksys_ioctl+0xa9/0xd0
[  142.319828]  SyS_ioctl+0x24/0x30
[  142.323185]  ? ksys_ioctl+0xd0/0xd0
[  142.326810]  do_syscall_64+0x29e/0x9d0
[  142.330688]  ? vmalloc_sync_all+0x30/0x30
[  142.334832]  ? _raw_spin_unlock_irq+0x27/0x70
[  142.339338]  ? finish_task_switch+0x1ca/0x820
[  142.343837]  ? syscall_return_slowpath+0x5c0/0x5c0
[  142.348764]  ? syscall_return_slowpath+0x30f/0x5c0
[  142.353699]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  142.359063]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  142.363907]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  142.369089] RIP: 0033:0x4552d9
[  142.372271] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  142.379975] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  142.387265] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  142.394528] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  142.401795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  142.409055] R13: 0000000000000251 R14: 00000000006f6838 R15: 0000000000000001
[  142.416335] CPU: 1 PID: 11601 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  142.423180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  142.432536] Call Trace:
[  142.435131]  dump_stack+0x1b9/0x29f
[  142.438768]  ? arch_local_irq_restore+0x52/0x52
[  142.443444]  ? __save_stack_trace+0x7e/0xd0
[  142.447780]  should_fail.cold.4+0xa/0x1a
[  142.451846]  ? perf_trace_lock+0xd6/0x900
[  142.453737] binder: 11597:11605 unknown command 16456
[  142.455997]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  142.456017]  ? zap_class+0x720/0x720
[  142.456033]  ? sctp_copy_local_addr_list+0x499/0x690
[  142.456053]  ? sctp_bind_addr_copy+0x16b/0x45b
[  142.461260] binder: 11597:11605 ioctl c0306201 20008fd0 returned -22
[  142.466310]  ? sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  142.466324]  ? sctp_sendmsg+0x1888/0x1d70
[  142.466340]  ? inet_sendmsg+0x19f/0x690
[  142.466362]  ? sock_sendmsg+0xd5/0x120
[  142.472274] binder: BINDER_SET_CONTEXT_MGR already set
[  142.475147]  ? __sys_sendto+0x3d7/0x670
[  142.475163]  ? SyS_sendto+0x40/0x60
[  142.475184]  ? do_syscall_64+0x29e/0x9d0
[  142.479785] binder: 11597:11606 ioctl 40046207 0 returned -16
[  142.486236]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  142.486253]  ? graph_lock+0x170/0x170
[  142.486274]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  142.486294]  ? print_usage_bug+0xc0/0xc0
[  142.544513]  ? graph_lock+0x170/0x170
[  142.548316]  ? find_held_lock+0x36/0x1c0
[  142.552367]  ? lock_downgrade+0x8e0/0x8e0
[  142.556504]  should_failslab+0x124/0x180
[  142.560553]  kmem_cache_alloc_trace+0x4b/0x780
[  142.565124]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  142.570297]  ? __sanitizer_cov_trace_cmp2+0x18/0x20
[  142.575303]  sctp_add_bind_addr+0xf9/0x4a0
[  142.579526]  ? sctp_bind_addr_free+0x20/0x20
[  142.583919]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  142.589109]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  142.594634]  ? sctp_v4_scope+0x19b/0x1c0
[  142.598679]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  142.603854]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  142.608861]  sctp_copy_local_addr_list+0x499/0x690
[  142.613781]  ? sctp_defaults_init+0xe50/0xe50
[  142.618266]  ? get_random_bytes+0x34/0x40
[  142.622400]  ? sctp_association_new+0x135/0x21e0
[  142.627170]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  142.632446]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  142.637984]  sctp_copy_one_addr+0x5d/0x170
[  142.642209]  ? sctp_copy_one_addr+0x5d/0x170
[  142.646610]  sctp_bind_addr_copy+0x16b/0x45b
[  142.651015]  ? sctp_copy_one_addr+0x170/0x170
[  142.655503]  ? sctp_autobind+0x16d/0x1f0
[  142.659556]  ? zap_class+0x720/0x720
[  142.663262]  ? sctp_do_bind+0x5f0/0x5f0
[  142.667999]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  142.673539]  ? sctp_v6_scope+0x56/0x60
[  142.677504]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  142.682159]  ? sctp_sendmsg+0x125e/0x1d70
[  142.686300]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  142.691738]  ? __local_bh_enable_ip+0x161/0x230
[  142.696399]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  142.701400]  ? lock_sock_nested+0x9f/0x120
[  142.705619]  ? trace_hardirqs_on+0xd/0x10
[  142.709756]  ? __local_bh_enable_ip+0x161/0x230
[  142.714414]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  142.719938]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  142.725113]  sctp_sendmsg+0x1888/0x1d70
[  142.729072]  ? do_raw_spin_unlock+0x9e/0x2e0
[  142.733499]  ? sctp_id2assoc+0x3e0/0x3e0
[  142.737548]  ? _raw_spin_unlock_bh+0x30/0x40
[  142.742037]  ? __release_sock+0x3a0/0x3a0
[  142.746183]  inet_sendmsg+0x19f/0x690
[  142.749982]  ? ___might_sleep+0x2d0/0x320
[  142.754122]  ? ipip_gro_receive+0x100/0x100
[  142.758443]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  142.763997]  ? security_socket_sendmsg+0x9b/0xd0
[  142.768747]  ? ipip_gro_receive+0x100/0x100
[  142.773057]  sock_sendmsg+0xd5/0x120
[  142.776760]  __sys_sendto+0x3d7/0x670
[  142.780635]  ? SyS_getpeername+0x30/0x30
[  142.784687]  ? wait_for_completion+0x870/0x870
[  142.789277]  ? __sb_end_write+0xac/0xe0
[  142.793248]  ? fput+0x130/0x1a0
[  142.796515]  ? ksys_write+0x1a6/0x250
[  142.800303]  ? SyS_read+0x30/0x30
[  142.803744]  ? mm_fault_error+0x380/0x380
[  142.807891]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  142.812722]  SyS_sendto+0x40/0x60
[  142.816162]  ? __sys_sendto+0x670/0x670
[  142.820121]  do_syscall_64+0x29e/0x9d0
[  142.823990]  ? vmalloc_sync_all+0x30/0x30
[  142.828126]  ? _raw_spin_unlock_irq+0x27/0x70
[  142.832604]  ? finish_task_switch+0x1ca/0x820
[  142.837087]  ? syscall_return_slowpath+0x5c0/0x5c0
[  142.842004]  ? syscall_return_slowpath+0x30f/0x5c0
[  142.846928]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  142.852280]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  142.857112]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  142.862283] RIP: 0033:0x4552d9
2018/04/06 01:05:55 executing program 6:
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f00000001c0)={0x6, [0x40, 0x0, 0xff, 0xe600, 0xd32, 0x9]}, 0x10)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000140)=[@in6={0xa, 0x4e20, 0xfff, @local={0xfe, 0x80, [], 0xaa}, 0x30b9}, @in6={0xa, 0x4e24, 0x4, @loopback={0x0, 0x1}, 0x9}, @in6={0xa, 0x4e22, 0x80, @remote={0xfe, 0x80, [], 0xbb}, 0x2}], 0x54)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={&(0x7f000000c000)={0x10, 0x34000}, 0xc, &(0x7f0000007ff0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c6dcc752ff754184b3214000005e0d49ac6fb980d41071e45c0002e00010000000000000000000200000000000000"], 0x18}, 0x1}, 0x0)

2018/04/06 01:05:55 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x200000000000000, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  142.865543] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  142.873241] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  142.880497] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  142.887761] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
[  142.895018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  142.902275] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000001e
[  143.020431] binder: BINDER_SET_CONTEXT_MGR already set
[  143.033888] binder: 11610:11613 ioctl 40046207 0 returned -16
2018/04/06 01:05:56 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x2002000000000}])

2018/04/06 01:05:56 executing program 0 (fault-call:7 fault-nth:2):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:56 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x2]}}}}, 0x48)

2018/04/06 01:05:56 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x3000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:56 executing program 1 (fault-call:2 fault-nth:31):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:56 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x7a00000000000000, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:56 executing program 5:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0)
ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f0000000200)=ANY=[@ANYBLOB="0600000000000000070000807002000004000000c462000000000000000000000700000006000000040000000180000007000000000000000100004006000000000022001f000000020000000000000008000080000000800000000000010000020000000000000001000080c70000000500000001000000b0000000000000000a00000005000000020000000900000001000000000000008024cec9a5abc42d5c7d9c354343d99c0f6649f32452dd20786ead937bb3e49d3eb8e2ec64aef8331696d2e0a331bdf80eb04b1ff87c2525e837c3"])
r1 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$nl_generic(r1, &(0x7f0000023000)={&(0x7f0000024000)={0x10}, 0xc, &(0x7f0000023ff0)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000002c00ff0a000000000000000003000000100000000c000100085454a7a1000000ba7c29c6d59e88f485f11b1bf4079fd9f6bd4f4c64ce5b994e33974f1d2ead92be00e660ea1e29baa7590ea54476ed650aec71ac524bbdd6c0b502934710c6d55bf42a22c51b51f436d08785f57701e9e14031e9b75b6c"], 0x24}, 0x1}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)

2018/04/06 01:05:56 executing program 6:
r0 = memfd_create(&(0x7f0000000100)='{.wlan1#\x00', 0x2)
ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x101)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000180)={0xaa})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0))
ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000})
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='lo\x00', 0x10)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000240)={{0xffffffffffffffff, 0x3, 0x9, 0x0, 0x9}})
io_setup(0x1000, &(0x7f0000000040))
prctl$seccomp(0x16, 0x3, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x7, 0x3ff, 0x1, 0x3}]})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f00000001c0)={0x9, 0x1, {0x1, 0x0, 0x40, 0x0, 0x80000001}})
io_submit(0x0, 0x0, &(0x7f0000000000))

2018/04/06 01:05:56 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xf000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:56 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x8000000000000000}])

2018/04/06 01:05:56 executing program 5:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e20}, 0x1c)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e21, 0x20, @loopback={0x0, 0x1}, 0x7}, 0x1c)
sendto$inet6(r0, &(0x7f0000000000)='?', 0x1, 0x0, &(0x7f000010e000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000080)={0x3315, {{0xa, 0x4e21, 0xfff, @remote={0xfe, 0x80, [], 0xbb}, 0x2}}, 0x1, 0x1, [{{0xa, 0x4e24, 0x9, @mcast1={0xff, 0x1, [], 0x1}, 0x5}}]}, 0x110)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x0, 0x8}, 0xc)

2018/04/06 01:05:56 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x100000000000000]}}}}, 0x48)

[  143.252238] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:05:56 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xf0ffffff00000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:56 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x3000000, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:56 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x200000000000000]}}}}, 0x48)

2018/04/06 01:05:56 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x400000000000000}])

[  143.272984] binder: 11621:11636 ioctl 40046207 0 returned -16
[  143.338194] FAULT_INJECTION: forcing a failure.
[  143.338194] name failslab, interval 1, probability 0, space 0, times 0
[  143.349540] CPU: 1 PID: 11655 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  143.356382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  143.356837] FAULT_INJECTION: forcing a failure.
[  143.356837] name failslab, interval 1, probability 0, space 0, times 0
[  143.365729] Call Trace:
[  143.365756]  dump_stack+0x1b9/0x29f
[  143.365778]  ? arch_local_irq_restore+0x52/0x52
[  143.365807]  should_fail.cold.4+0xa/0x1a
[  143.391961]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  143.397058]  ? kasan_kmalloc+0xc4/0xe0
[  143.400942]  ? kmem_cache_alloc+0x12e/0x760
[  143.405263]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  143.410103]  ? kvm_mmu_load+0x21/0x10e0
[  143.414073]  ? vcpu_enter_guest+0x35a0/0x5c40
[  143.418563]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  143.423576]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  143.427804]  ? graph_lock+0x170/0x170
[  143.431599]  ? do_syscall_64+0x29e/0x9d0
[  143.435656]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  143.441022]  ? find_held_lock+0x36/0x1c0
[  143.445085]  ? __lock_is_held+0xb5/0x140
[  143.449151]  ? check_same_owner+0x320/0x320
[  143.453912]  ? rcu_note_context_switch+0x710/0x710
[  143.458844]  should_failslab+0x124/0x180
[  143.462904]  kmem_cache_alloc+0x2af/0x760
[  143.467054]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  143.472067]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  143.477771]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  143.482614]  mmu_topup_memory_caches+0xf7/0x3a0
[  143.487276]  ? kvm_apic_has_interrupt+0xe1/0x210
[  143.492031]  kvm_mmu_load+0x21/0x10e0
[  143.495830]  ? update_cr8_intercept+0x165/0x1e0
[  143.500503]  vcpu_enter_guest+0x35a0/0x5c40
[  143.504844]  ? kvm_set_msr_common+0x2660/0x2660
[  143.509505]  ? kvm_vcpu_wake_up+0x170/0x170
[  143.513826]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  143.519100]  ? __apic_accept_irq+0x1a0/0xb50
[  143.523506]  ? apic_mmio_write+0x1d0/0x1d0
[  143.527734]  ? debug_check_no_locks_freed+0x310/0x310
[  143.532919]  ? print_usage_bug+0xc0/0xc0
[  143.536982]  ? find_held_lock+0x36/0x1c0
[  143.541049]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  143.546588]  ? kasan_check_write+0x14/0x20
[  143.550845]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  143.556039]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  143.562003]  ? kasan_check_read+0x11/0x20
[  143.566146]  ? apic_has_pending_timer+0x122/0x2f0
[  143.570987]  ? kvm_lapic_reset+0x1020/0x1020
[  143.575393]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  143.580930]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  143.585766]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  143.590786]  kvm_vcpu_ioctl+0x79d/0x12e0
[  143.594846]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  143.598991]  ? graph_lock+0x170/0x170
[  143.602793]  ? find_held_lock+0x36/0x1c0
[  143.606884]  ? lock_downgrade+0x8e0/0x8e0
[  143.611036]  ? rcu_is_watching+0x85/0x140
[  143.615182]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  143.620374]  ? __fget+0x40c/0x650
[  143.623829]  ? match_held_lock+0x851/0x8b0
[  143.628060]  ? expand_files.part.8+0x9a0/0x9a0
[  143.632635]  ? kasan_check_write+0x14/0x20
[  143.636865]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  143.641791]  ? wait_for_completion+0x870/0x870
[  143.646368]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  143.651552]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  143.655707]  do_vfs_ioctl+0x1cf/0x1650
[  143.659593]  ? ioctl_preallocate+0x2e0/0x2e0
[  143.663996]  ? fget_raw+0x20/0x20
[  143.667458]  ? __sb_end_write+0xac/0xe0
[  143.671430]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  143.676963]  ? fput+0x130/0x1a0
[  143.680266]  ? ksys_write+0x1a6/0x250
[  143.684068]  ? security_file_ioctl+0x9b/0xd0
[  143.688472]  ksys_ioctl+0xa9/0xd0
[  143.691921]  SyS_ioctl+0x24/0x30
[  143.695280]  ? ksys_ioctl+0xd0/0xd0
[  143.698911]  do_syscall_64+0x29e/0x9d0
[  143.702792]  ? vmalloc_sync_all+0x30/0x30
[  143.706933]  ? kasan_check_write+0x14/0x20
[  143.711173]  ? syscall_return_slowpath+0x5c0/0x5c0
[  143.716101]  ? syscall_return_slowpath+0x30f/0x5c0
[  143.721034]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  143.726400]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  143.731244]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  143.736426] RIP: 0033:0x4552d9
[  143.739606] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  143.747309] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  143.754586] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  143.761847] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  143.769108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  143.776370] R13: 0000000000000251 R14: 00000000006f6838 R15: 0000000000000002
[  143.783658] CPU: 0 PID: 11653 Comm: syz-executor1 Not tainted 4.16.0+ #2
[  143.790504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  143.799870] Call Trace:
[  143.802465]  dump_stack+0x1b9/0x29f
[  143.806108]  ? arch_local_irq_restore+0x52/0x52
[  143.810784]  ? __save_stack_trace+0x7e/0xd0
[  143.815122]  should_fail.cold.4+0xa/0x1a
[  143.819192]  ? perf_trace_lock+0xd6/0x900
[  143.823351]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  143.828469]  ? zap_class+0x720/0x720
[  143.832199]  ? sctp_copy_local_addr_list+0x499/0x690
[  143.838047]  ? sctp_bind_addr_copy+0x16b/0x45b
[  143.842646]  ? sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  143.846602] binder: BINDER_SET_CONTEXT_MGR already set
[  143.848363]  ? sctp_sendmsg+0x1888/0x1d70
[  143.848380]  ? inet_sendmsg+0x19f/0x690
[  143.848396]  ? sock_sendmsg+0xd5/0x120
[  143.848412]  ? __sys_sendto+0x3d7/0x670
[  143.848425]  ? SyS_sendto+0x40/0x60
[  143.848445]  ? do_syscall_64+0x29e/0x9d0
[  143.853876] binder: 11660:11666 ioctl 40046207 0 returned -16
[  143.857845]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  143.857864]  ? graph_lock+0x170/0x170
[  143.857882]  ? find_held_lock+0x36/0x1c0
[  143.857898]  ? print_usage_bug+0xc0/0xc0
[  143.857917]  ? graph_lock+0x170/0x170
[  143.904252]  ? find_held_lock+0x36/0x1c0
[  143.908336]  ? lock_downgrade+0x8e0/0x8e0
[  143.912501]  should_failslab+0x124/0x180
[  143.916577]  kmem_cache_alloc_trace+0x4b/0x780
[  143.921170]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  143.926360]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  143.931888]  ? sctp_v6_cmp_addr+0x261/0x6f0
[  143.936200]  sctp_add_bind_addr+0xf9/0x4a0
[  143.940425]  ? sctp_bind_addr_free+0x20/0x20
[  143.944821]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  143.949999]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  143.955178]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  143.960186]  sctp_copy_local_addr_list+0x499/0x690
[  143.965105]  ? sctp_defaults_init+0xe50/0xe50
[  143.969764]  ? get_random_bytes+0x34/0x40
[  143.973901]  ? sctp_association_new+0x135/0x21e0
[  143.978668]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  143.983849]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  143.990182]  sctp_copy_one_addr+0x5d/0x170
[  143.994402]  ? sctp_copy_one_addr+0x5d/0x170
[  143.998800]  sctp_bind_addr_copy+0x16b/0x45b
[  144.003197]  ? sctp_copy_one_addr+0x170/0x170
[  144.007676]  ? sctp_autobind+0x16d/0x1f0
[  144.011723]  ? zap_class+0x720/0x720
[  144.015424]  ? sctp_do_bind+0x5f0/0x5f0
[  144.019385]  sctp_assoc_set_bind_addr_from_ep+0x165/0x1c0
[  144.024908]  ? sctp_v6_scope+0x56/0x60
[  144.028783]  sctp_sendmsg_new_asoc+0x31f/0x10a0
[  144.033435]  ? sctp_sendmsg+0x125e/0x1d70
[  144.037671]  ? sctp_transport_lookup_process+0x1e0/0x1e0
[  144.043112]  ? __local_bh_enable_ip+0x161/0x230
[  144.047857]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  144.052857]  ? lock_sock_nested+0x9f/0x120
[  144.057077]  ? trace_hardirqs_on+0xd/0x10
[  144.061214]  ? __local_bh_enable_ip+0x161/0x230
[  144.065869]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  144.071391]  ? sctp_endpoint_lookup_assoc+0x183/0x290
[  144.076568]  sctp_sendmsg+0x1888/0x1d70
[  144.080528]  ? do_raw_spin_unlock+0x9e/0x2e0
[  144.084924]  ? sctp_id2assoc+0x3e0/0x3e0
[  144.088973]  ? _raw_spin_unlock_bh+0x30/0x40
[  144.093367]  ? __release_sock+0x3a0/0x3a0
[  144.097510]  inet_sendmsg+0x19f/0x690
[  144.101295]  ? ___might_sleep+0x2d0/0x320
[  144.105429]  ? ipip_gro_receive+0x100/0x100
[  144.109740]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  144.115264]  ? security_socket_sendmsg+0x9b/0xd0
[  144.120009]  ? ipip_gro_receive+0x100/0x100
[  144.124322]  sock_sendmsg+0xd5/0x120
[  144.128029]  __sys_sendto+0x3d7/0x670
[  144.131819]  ? SyS_getpeername+0x30/0x30
[  144.135868]  ? wait_for_completion+0x870/0x870
[  144.140458]  ? __sb_end_write+0xac/0xe0
[  144.144419]  ? fput+0x130/0x1a0
[  144.147683]  ? ksys_write+0x1a6/0x250
[  144.151487]  ? SyS_read+0x30/0x30
[  144.154926]  ? mm_fault_error+0x380/0x380
[  144.159064]  SyS_sendto+0x40/0x60
[  144.162503]  ? __sys_sendto+0x670/0x670
[  144.166463]  do_syscall_64+0x29e/0x9d0
[  144.170334]  ? vmalloc_sync_all+0x30/0x30
[  144.174466]  ? kasan_check_write+0x14/0x20
[  144.178688]  ? syscall_return_slowpath+0x5c0/0x5c0
[  144.183603]  ? syscall_return_slowpath+0x30f/0x5c0
[  144.188541]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  144.193895]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  144.198733]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  144.203909] RIP: 0033:0x4552d9
[  144.207083] RSP: 002b:00007f772100cc68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  144.214782] RAX: ffffffffffffffda RBX: 00007f772100d6d4 RCX: 00000000004552d9
[  144.222040] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000013
[  144.229297] RBP: 000000000072bea0 R08: 000000002005ffe4 R09: 000000000000001c
2018/04/06 01:05:57 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x4000000, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  144.236553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  144.243814] R13: 00000000000004f3 R14: 00000000006fa768 R15: 000000000000001f
[  144.263446] FAULT_FLAG_ALLOW_RETRY missing 30
[  144.268155] CPU: 0 PID: 11635 Comm: syz-executor6 Not tainted 4.16.0+ #2
[  144.275002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  144.284359] Call Trace:
[  144.286958]  dump_stack+0x1b9/0x29f
[  144.290605]  ? arch_local_irq_restore+0x52/0x52
[  144.295298]  ? kasan_check_write+0x14/0x20
[  144.299554]  ? do_raw_spin_lock+0xc1/0x200
[  144.303816]  handle_userfault.cold.32+0x44/0x57
[  144.304055] binder: BINDER_SET_CONTEXT_MGR already set
[  144.308492]  ? handle_userfault+0x16c6/0x2760
[  144.318341]  ? userfaultfd_ioctl+0x4d10/0x4d10
[  144.318545] binder: 11670:11672 ioctl 40046207 0 returned -16
[  144.322932]  ? debug_check_no_locks_freed+0x310/0x310
[  144.322952]  ? find_held_lock+0x36/0x1c0
[  144.322975]  ? print_usage_bug+0xc0/0xc0
[  144.322992]  ? print_usage_bug+0xc0/0xc0
[  144.323014]  ? perf_trace_lock+0xd6/0x900
[  144.350364]  ? check_same_owner+0x320/0x320
[  144.354703]  ? do_raw_spin_unlock+0x9e/0x2e0
[  144.359131]  ? zap_class+0x720/0x720
[  144.362854]  ? __lock_acquire+0x7f5/0x5130
[  144.367117]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  144.372643]  ? graph_lock+0x170/0x170
[  144.376438]  ? debug_check_no_locks_freed+0x310/0x310
[  144.381618]  ? find_held_lock+0x36/0x1c0
[  144.385671]  ? lock_downgrade+0x8e0/0x8e0
[  144.389824]  ? kasan_check_read+0x11/0x20
[  144.393971]  ? do_raw_spin_unlock+0x9e/0x2e0
[  144.398375]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  144.403043]  ? kasan_check_write+0x14/0x20
[  144.407263]  ? do_raw_spin_lock+0xc1/0x200
[  144.411491]  __handle_mm_fault+0x34be/0x4150
[  144.415890]  ? vm_insert_mixed_mkwrite+0x40/0x40
[  144.420635]  ? graph_lock+0x170/0x170
[  144.424436]  ? find_held_lock+0x36/0x1c0
[  144.428489]  ? lock_downgrade+0x8e0/0x8e0
[  144.432630]  ? handle_mm_fault+0x8c0/0xc70
[  144.436855]  handle_mm_fault+0x53a/0xc70
[  144.440903]  ? __handle_mm_fault+0x4150/0x4150
[  144.445473]  ? find_vma+0x34/0x190
[  144.449039]  __do_page_fault+0x60b/0xe40
[  144.453101]  ? mm_fault_error+0x380/0x380
[  144.457246]  ? graph_lock+0x170/0x170
[  144.461039]  do_page_fault+0xee/0x8a7
[  144.464831]  ? vmalloc_sync_all+0x30/0x30
[  144.468967]  ? find_held_lock+0x36/0x1c0
[  144.473041]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  144.477874]  page_fault+0x25/0x50
[  144.481318] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0
[  144.486925] RSP: 0018:ffff8801bb2cfce8 EFLAGS: 00010206
[  144.492280] RAX: ffffed0037659fae RBX: 0000000000000018 RCX: 0000000000000003
[  144.499544] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801bb2cfd58
[  144.506804] RBP: ffff8801bb2cfd20 R08: ffffed0037659fae R09: ffffed0037659fab
[  144.514073] R10: ffffed0037659fad R11: ffff8801bb2cfd6f R12: 0000000020013018
[  144.521329] R13: 0000000020013000 R14: ffff8801bb2cfd58 R15: 00007ffffffff000
[  144.528622]  ? _copy_from_user+0x10d/0x150
[  144.533191]  SyS_sigaltstack+0xae/0x320
[  144.537165]  ? do_sigaction+0xa50/0xa50
[  144.541128]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  144.546650]  ? fput+0x130/0x1a0
[  144.549917]  ? ksys_ioctl+0x81/0xd0
[  144.553531]  ? do_syscall_64+0xb7/0x9d0
[  144.557493]  ? do_sigaction+0xa50/0xa50
[  144.561458]  do_syscall_64+0x29e/0x9d0
[  144.565333]  ? vmalloc_sync_all+0x30/0x30
[  144.569471]  ? _raw_spin_unlock_irq+0x27/0x70
[  144.573954]  ? finish_task_switch+0x1ca/0x820
[  144.578439]  ? syscall_return_slowpath+0x5c0/0x5c0
[  144.583359]  ? syscall_return_slowpath+0x30f/0x5c0
[  144.588288]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  144.593645]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  144.598481]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  144.603653] RIP: 0033:0x4552d9
[  144.606826] RSP: 002b:00007ff5d2ff6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083
[  144.614519] RAX: ffffffffffffffda RBX: 00007ff5d2ff76d4 RCX: 00000000004552d9
[  144.621773] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000
[  144.629030] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  144.636284] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  144.643538] R13: 0000000000000604 R14: 00000000006fc100 R15: 0000000000000000
2018/04/06 01:05:57 executing program 5:
set_thread_area(&(0x7f00000000c0)={0x200, 0x1000, 0x400, 0x3, 0x1, 0x0, 0x10000, 0xfffffffffffffff7, 0xafaf, 0x8})
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000300027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
mkdir(&(0x7f0000000080)='./file0//ile0\x00', 0x0)

2018/04/06 01:05:57 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:57 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x4, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:57 executing program 2:
io_setup(0x20, &(0x7f0000000500)=<r0=>0x0)
socketpair(0x3, 0xe, 0x2, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet6_udp_int(r1, 0x11, 0x65, &(0x7f0000000040), &(0x7f0000000080)=0x4)
io_submit(r0, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000200)}])

2018/04/06 01:05:57 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xfcffffff00000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:57 executing program 0 (fault-call:7 fault-nth:3):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:57 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x1000000]}}}}, 0x48)

2018/04/06 01:05:57 executing program 6:
r0 = dup(0xffffffffffffff9c)
accept4$alg(r0, 0x0, 0x0, 0x800)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cryptd(cbc(anubis-generic))\x00'}, 0x58)
r2 = accept$alg(r1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00003bcfd0)="d3ab27191a01002356ba602dff05000bfef9b9d2a4b20079", 0x18)
sendmmsg$alg(r2, &(0x7f0000002c80)=[{0x0, 0x0, &(0x7f00000024c0), 0x0, &(0x7f0000000200)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r2, &(0x7f0000000d40)={&(0x7f0000000a40)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, 0x80, &(0x7f0000000c40)=[{&(0x7f00000009c0)=""/18, 0x12}], 0x1, &(0x7f0000000cc0)=""/97, 0x61}, 0x0)

[  144.805676] FAULT_INJECTION: forcing a failure.
[  144.805676] name failslab, interval 1, probability 0, space 0, times 0
[  144.809917] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000650)
[  144.817099] CPU: 0 PID: 11687 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  144.817111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  144.817121] Call Trace:
[  144.824273] FAT-fs (loop5): Filesystem has been set read-only
[  144.831084]  dump_stack+0x1b9/0x29f
2018/04/06 01:05:57 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
r2 = creat(&(0x7f0000aa0ff8)='./file0\x00', 0x0)
read(r0, &(0x7f0000000340)=""/19, 0x13)
mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='nfs\x00', 0x0, 0x0)
socketpair$inet6(0xa, 0x2, 0x20, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000040)={<r5=>0x0, @in6={{0xa, 0x4e24, 0xfffffffffffffffe, @mcast2={0xff, 0x2, [], 0x1}, 0x3bfa}}, [0x6, 0x385e, 0x100000001, 0xff, 0x4, 0x2, 0xd0, 0x4, 0xbb, 0x9, 0x8, 0x2, 0x10000, 0x8, 0x1f]}, &(0x7f0000000180)=0x100)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000240)={r5, 0x100000001}, 0x216)
fchmod(r0, 0x105)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f0000000200), 0x4)
getpeername$unix(r2, &(0x7f0000000280)=@abs, &(0x7f00000001c0)=0x6e)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000380)={<r6=>0x0}, &(0x7f00000003c0)=0xc)
r7 = fcntl$getown(r3, 0x9)
kcmp$KCMP_EPOLL_TFD(r6, r7, 0x7, r0, &(0x7f0000000400)={r2, r3, 0xffff})
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

[  144.831108]  ? arch_local_irq_restore+0x52/0x52
[  144.831138]  should_fail.cold.4+0xa/0x1a
[  144.861293]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  144.866404]  ? kasan_kmalloc+0xc4/0xe0
[  144.870306]  ? kmem_cache_alloc+0x12e/0x760
[  144.874636]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  144.879469]  ? kvm_mmu_load+0x21/0x10e0
[  144.883435]  ? vcpu_enter_guest+0x35a0/0x5c40
[  144.887916]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  144.892922]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  144.897149]  ? graph_lock+0x170/0x170
[  144.900939]  ? do_syscall_64+0x29e/0x9d0
[  144.904991]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  144.910354]  ? find_held_lock+0x36/0x1c0
[  144.914412]  ? __lock_is_held+0xb5/0x140
[  144.918478]  ? check_same_owner+0x320/0x320
[  144.922794]  ? rcu_note_context_switch+0x710/0x710
[  144.927723]  should_failslab+0x124/0x180
[  144.931776]  kmem_cache_alloc+0x2af/0x760
[  144.935917]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  144.940922]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  144.946448]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  144.951286]  mmu_topup_memory_caches+0xf7/0x3a0
[  144.955960]  ? kvm_apic_has_interrupt+0xe1/0x210
[  144.960713]  kvm_mmu_load+0x21/0x10e0
[  144.964503]  ? update_cr8_intercept+0x165/0x1e0
[  144.969169]  vcpu_enter_guest+0x35a0/0x5c40
[  144.973514]  ? kvm_set_msr_common+0x2660/0x2660
[  144.978190]  ? kvm_vcpu_wake_up+0x170/0x170
[  144.982506]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  144.987689]  ? __apic_accept_irq+0x1a0/0xb50
[  144.992096]  ? apic_mmio_write+0x1d0/0x1d0
[  144.996322]  ? perf_trace_lock_acquire+0xe3/0x980
[  145.001176]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  145.006613]  ? kasan_check_write+0x14/0x20
[  145.010839]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  145.016030]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  145.022004]  ? kasan_check_read+0x11/0x20
[  145.026147]  ? apic_has_pending_timer+0x122/0x2f0
[  145.030980]  ? kvm_lapic_reset+0x1020/0x1020
[  145.035382]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  145.040916]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  145.045746]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  145.050765]  kvm_vcpu_ioctl+0x79d/0x12e0
[  145.054817]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  145.058955]  ? graph_lock+0x170/0x170
[  145.062750]  ? find_held_lock+0x36/0x1c0
[  145.066811]  ? lock_downgrade+0x8e0/0x8e0
[  145.070956]  ? rcu_is_watching+0x85/0x140
[  145.075096]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  145.080288]  ? __fget+0x40c/0x650
[  145.083736]  ? match_held_lock+0x851/0x8b0
[  145.087963]  ? expand_files.part.8+0x9a0/0x9a0
[  145.092540]  ? kasan_check_write+0x14/0x20
[  145.096767]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  145.101692]  ? wait_for_completion+0x870/0x870
[  145.106270]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  145.111453]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  145.115595]  do_vfs_ioctl+0x1cf/0x1650
[  145.119492]  ? ioctl_preallocate+0x2e0/0x2e0
[  145.123891]  ? fget_raw+0x20/0x20
[  145.127339]  ? __sb_end_write+0xac/0xe0
[  145.131305]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  145.136842]  ? fput+0x130/0x1a0
[  145.140131]  ? ksys_write+0x1a6/0x250
[  145.143925]  ? security_file_ioctl+0x9b/0xd0
[  145.148330]  ksys_ioctl+0xa9/0xd0
[  145.151778]  SyS_ioctl+0x24/0x30
[  145.155131]  ? ksys_ioctl+0xd0/0xd0
[  145.158748]  do_syscall_64+0x29e/0x9d0
[  145.162622]  ? vmalloc_sync_all+0x30/0x30
[  145.166760]  ? _raw_spin_unlock_irq+0x27/0x70
[  145.171243]  ? finish_task_switch+0x1ca/0x820
[  145.175728]  ? syscall_return_slowpath+0x5c0/0x5c0
[  145.180648]  ? syscall_return_slowpath+0x30f/0x5c0
[  145.185672]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  145.191035]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  145.195877]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  145.201052] RIP: 0033:0x4552d9
2018/04/06 01:05:58 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x38, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  145.204238] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  145.211937] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  145.219192] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  145.226445] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  145.233704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  145.240970] R13: 0000000000000251 R14: 00000000006f6838 R15: 0000000000000003
[  145.266733] binder: 11677:11699 unknown command 0
2018/04/06 01:05:58 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x3}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:58 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x2000000]}}}}, 0x48)

[  145.299304] binder: 11677:11699 ioctl c0306201 20008fd0 returned -22
[  145.334346] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000650)
[  145.350123] binder: BINDER_SET_CONTEXT_MGR already set
[  145.391153] binder: 11677:11713 ioctl 40046207 0 returned -16
2018/04/06 01:05:58 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x10, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:58 executing program 0 (fault-call:7 fault-nth:4):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:58 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])
r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x1, 0x20002)
sendmmsg$nfc_llcp(r2, &(0x7f0000000200)=[{&(0x7f0000000040)={0x27, 0x1, 0x2, 0x6, 0x200, 0x6, "e1cbc00be975ecc380d19c1309f7af159049739ca49f7b0939775c73dcf535d139e01043f54597883b483771d71c2ae38a3145446d15b4c58adcf2382525c6", 0x22}, 0x60, &(0x7f0000000180)=[{&(0x7f00000000c0)="fd79cba8d83dd5e273a44717268fa073b170e4eb4629a85b6004344a257e710a797dc0781ded244823e4d1ccae33f0347d9a959a8735442d0a52fe40f9e524371de0345a84ba5a1dc212de2904362786aed3cb7f803eee9087e347a9da65f618", 0x60}], 0x1, &(0x7f00000001c0)={0x38, 0x0, 0x4, "811a2e9b10167b640a0b588998eaf5cce356b683b191e886c9c29ab7249edaa936d78fd9"}, 0x38, 0x40800}], 0x1, 0x4000)

2018/04/06 01:05:58 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x930000, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:58 executing program 6:
setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f00000002c0)={{0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}, {0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14}}}}, 0x5c)
r0 = memfd_create(&(0x7f000000e000)='\x00 ', 0x0)
userfaultfd(0x80800)
r1 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x101801)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f000002b000)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f643a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d"})
write$sndseq(r2, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x0, @time={0x77359400}, {}, {}, @connect}], 0x2cf)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f0000000000))
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000100)={0xa7})

2018/04/06 01:05:58 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x2]}}}}, 0x48)

2018/04/06 01:05:58 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x40030000000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:58 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0xe0}, 0x2c)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0xfffffffffffffffe, 0x5, &(0x7f0000346fc8)=ANY=[@ANYBLOB="18000000000000000000000000000000711000c999ce3dd8efc6f558932f2f43a764010000000000"], &(0x7f0000f6bffb)='GPL\x00', 0x0, 0xfb, &(0x7f00001a7f05)=""/251, 0x7ffd}, 0x48)
r1 = syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x1ef82343, 0x20000)
getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f00000002c0)={@dev, <r2=>0x0}, &(0x7f0000000300)=0x14)
ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000340)={@remote={0xfe, 0x80, [], 0xbb}, @empty, @ipv4={[], [0xff, 0xff]}, 0xff, 0x3, 0xd904, 0x400, 0x2, 0x0, r2})
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/qat_adf_ctl\x00', 0x2042, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r3, 0x80045301, &(0x7f00000001c0))
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000240)=<r4=>0x0)
ptrace$cont(0x9, r4, 0x80, 0x81)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10)
socketpair$inet_udp(0x7fffffffefff, 0x2, 0x0, &(0x7f0000000000))

[  145.631584] QAT: Invalid ioctl
[  145.648263] FAULT_INJECTION: forcing a failure.
[  145.648263] name failslab, interval 1, probability 0, space 0, times 0
[  145.656614] binder: BINDER_SET_CONTEXT_MGR already set
[  145.659571] CPU: 1 PID: 11741 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  145.659589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  145.681035] Call Trace:
[  145.683648]  dump_stack+0x1b9/0x29f
[  145.687286]  ? arch_local_irq_restore+0x52/0x52
[  145.691956]  should_fail.cold.4+0xa/0x1a
[  145.696014]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  145.701109]  ? kasan_kmalloc+0xc4/0xe0
[  145.704989]  ? kmem_cache_alloc+0x12e/0x760
[  145.709301]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  145.714131]  ? kvm_mmu_load+0x21/0x10e0
[  145.718092]  ? vcpu_enter_guest+0x35a0/0x5c40
[  145.722583]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  145.727590]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  145.731815]  ? graph_lock+0x170/0x170
[  145.735606]  ? do_syscall_64+0x29e/0x9d0
[  145.739659]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  145.745022]  ? find_held_lock+0x36/0x1c0
[  145.749082]  ? __lock_is_held+0xb5/0x140
[  145.753144]  ? check_same_owner+0x320/0x320
[  145.757458]  ? rcu_note_context_switch+0x710/0x710
[  145.762397]  should_failslab+0x124/0x180
[  145.766462]  kmem_cache_alloc+0x2af/0x760
[  145.770602]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  145.775609]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  145.781136]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  145.785994]  mmu_topup_memory_caches+0xf7/0x3a0
[  145.790655]  ? kvm_apic_has_interrupt+0xe1/0x210
[  145.795402]  kvm_mmu_load+0x21/0x10e0
[  145.799189]  ? update_cr8_intercept+0x165/0x1e0
[  145.803851]  vcpu_enter_guest+0x35a0/0x5c40
[  145.808171]  ? kvm_set_msr_common+0x2660/0x2660
[  145.812825]  ? kvm_vcpu_wake_up+0x170/0x170
[  145.817136]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  145.822315]  ? __apic_accept_irq+0x1a0/0xb50
[  145.826718]  ? apic_mmio_write+0x1d0/0x1d0
[  145.831115]  ? perf_trace_lock_acquire+0xe3/0x980
[  145.835973]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  145.841432]  ? kasan_check_write+0x14/0x20
[  145.845656]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  145.850834]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  145.856789]  ? kasan_check_read+0x11/0x20
[  145.860925]  ? apic_has_pending_timer+0x122/0x2f0
[  145.865755]  ? kvm_lapic_reset+0x1020/0x1020
[  145.870157]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  145.876573]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  145.881401]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  145.886412]  kvm_vcpu_ioctl+0x79d/0x12e0
[  145.890465]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  145.894604]  ? graph_lock+0x170/0x170
[  145.898394]  ? find_held_lock+0x36/0x1c0
[  145.902450]  ? lock_downgrade+0x8e0/0x8e0
[  145.906593]  ? kasan_check_read+0x11/0x20
[  145.910728]  ? rcu_is_watching+0x85/0x140
[  145.914862]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  145.920052]  ? __fget+0x40c/0x650
[  145.923496]  ? match_held_lock+0x851/0x8b0
[  145.927720]  ? expand_files.part.8+0x9a0/0x9a0
[  145.932290]  ? kasan_check_write+0x14/0x20
[  145.936531]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  145.941475]  ? wait_for_completion+0x870/0x870
[  145.946132]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  145.951307]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  145.955444]  do_vfs_ioctl+0x1cf/0x1650
[  145.959328]  ? ioctl_preallocate+0x2e0/0x2e0
[  145.963723]  ? fget_raw+0x20/0x20
[  145.967168]  ? __sb_end_write+0xac/0xe0
[  145.971143]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  145.976668]  ? fput+0x130/0x1a0
[  145.979938]  ? ksys_write+0x1a6/0x250
[  145.984603]  ? security_file_ioctl+0x9b/0xd0
[  145.989003]  ksys_ioctl+0xa9/0xd0
[  145.992454]  SyS_ioctl+0x24/0x30
[  145.995806]  ? ksys_ioctl+0xd0/0xd0
[  145.999423]  do_syscall_64+0x29e/0x9d0
[  146.003300]  ? vmalloc_sync_all+0x30/0x30
[  146.007435]  ? _raw_spin_unlock_irq+0x27/0x70
[  146.011921]  ? finish_task_switch+0x1ca/0x820
[  146.016410]  ? syscall_return_slowpath+0x5c0/0x5c0
[  146.021329]  ? syscall_return_slowpath+0x30f/0x5c0
[  146.026250]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  146.031606]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  146.036452]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  146.041630] RIP: 0033:0x4552d9
[  146.044804] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  146.052503] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  146.059758] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  146.067013] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  146.074272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
2018/04/06 01:05:59 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000005000)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000100)={0x24, 0x2e, 0xafb, 0x0, 0x0, {0x2}, [@nested={0x10, 0x0, [@typed={0xc, 0x1, @u64=0x5}]}]}, 0x24}, 0x1}, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x100000001, &(0x7f0000000500)=<r2=>0x0)
r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x2, 0x40000)
mq_unlink(&(0x7f0000000340)='/dev/loop#\x00')
ioctl$int_in(r0, 0x5421, &(0x7f00000001c0)=0x7)
close(r0)
getpeername$ipx(r3, &(0x7f0000000080), &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000200)={<r4=>0x0, 0x3f, 0x30}, &(0x7f0000000240)=0xc)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000280)={r4, 0xfff}, &(0x7f00000002c0)=0x8)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000200)}])

2018/04/06 01:05:59 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x2e, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:59 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x6c00000000000000, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  146.081526] R13: 0000000000000251 R14: 00000000006f6838 R15: 0000000000000004
[  146.092670] binder: 11743:11744 ioctl 40046207 0 returned -16
[  146.112396] QAT: Invalid ioctl
2018/04/06 01:05:59 executing program 6:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x5, 0x3}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = request_key(&(0x7f0000000100)='rxrpc\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000180)='{}@#,&-}]GPLposix_acl_access\x00', 0xfffffffffffffff9)
keyctl$update(0x2, r2, &(0x7f0000000200)="520e2cc638a04da2666eed84f8", 0xd)
recvmmsg(r1, &(0x7f0000004680)=[{{&(0x7f0000000280)=@generic, 0x80, &(0x7f0000002400)=[{&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f0000002340)=""/143, 0x8f}], 0x2, &(0x7f0000002440)=""/42, 0x2a, 0x1}, 0x1}, {{&(0x7f0000002480)=@nfc_llcp, 0x80, &(0x7f00000039c0)=[{&(0x7f0000002500)=""/177, 0xb1}, {&(0x7f00000025c0)=""/201, 0xc9}, {&(0x7f00000026c0)=""/4096, 0x1000}, {&(0x7f00000036c0)=""/90, 0x5a}, {&(0x7f0000003740)=""/151, 0x97}, {&(0x7f0000003800)=""/130, 0x82}, {&(0x7f00000038c0)=""/223, 0xdf}], 0x7, &(0x7f0000003a40)=""/8, 0x8, 0x6a}, 0x112}, {{&(0x7f0000003a80)=@pppol2tpv3={0x0, 0x0, {0x0, <r3=>0xffffffffffffffff, {0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000003b80)=[{&(0x7f0000003b00)=""/106, 0x6a}], 0x1, &(0x7f0000003bc0)=""/34, 0x22, 0xab}, 0xfd92}, {{&(0x7f0000003c00)=@ax25, 0x80, &(0x7f0000003f80)=[{&(0x7f0000003c80)=""/94, 0x5e}, {&(0x7f0000003d00)=""/176, 0xb0}, {&(0x7f0000003dc0)=""/6, 0x6}, {&(0x7f0000003e00)=""/41, 0x29}, {&(0x7f0000003e40)=""/203, 0xcb}, {&(0x7f0000003f40)=""/2, 0x2}], 0x6, 0x0, 0x0, 0x20}, 0x1}, {{&(0x7f0000004000)=@ax25, 0x80, &(0x7f0000004140)=[{&(0x7f0000004080)=""/129, 0x81}], 0x1, 0x0, 0x0, 0x1f}, 0xc8a}, {{0x0, 0x0, &(0x7f0000004240)=[{&(0x7f0000004180)=""/61, 0x3d}, {&(0x7f00000041c0)=""/67, 0x43}], 0x2, &(0x7f0000004280)=""/107, 0x6b, 0xef69}, 0x1}, {{&(0x7f0000004300)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000004600)=[{&(0x7f0000004380)=""/115, 0x73}, {&(0x7f0000004400)=""/160, 0xa0}, {&(0x7f00000044c0)=""/12, 0xc}, {&(0x7f0000004500)=""/50, 0x32}, {&(0x7f0000004540)=""/98, 0x62}, {&(0x7f00000045c0)=""/8, 0x8}], 0x6, 0x0, 0x0, 0x1}, 0x68bc2272}], 0x7, 0x40002042, 0x0)
r4 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x1fffe, 0x11)
ftruncate(0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000004940)={r2, r2, r2}, &(0x7f0000004980)=""/80, 0x50, &(0x7f0000004b40)={&(0x7f0000004a00)={'sm3\x00'}, &(0x7f0000004a40)="ce6030e9372c8403eaa3dae54193dba42a5b5620c927ad452ea40a8dc56a58c0fdd9cae3354abc4bbab267d492a399326b5aefa07dfe6e4bfbadcd820cb48ab0589cca52ac97f7124ea3cfba046d43b53ddb47fce6a29c1086efbd88806f78e19211e9baa31fe40ebfca274aca7960d2c824f31e9df9bf4e428216bf04491d7790f808ba8149f21675095ba81cb799f6a038eca27a0f3b11c169e84c76443d93040efbd2152ade12065c91fa4c5b51de9e1de3cc863373a98cae030a0cafafa9fefca197e17c40ad8d57030d04c504ea987493beae2118803cd2a244ac9057b6a1d67cd770b8cb60ece4", 0xea})
write(0xffffffffffffffff, &(0x7f0000000300)="d8", 0x1)
ioctl$sock_SIOCGSKNS(r3, 0x894c, &(0x7f0000004900)=0x7ff)
syncfs(r4)
syncfs(r4)
getrandom(&(0x7f0000000340)=""/4096, 0x1000, 0x3)
r5 = memfd_create(&(0x7f0000000000)='em0{]#ppp1systemwlan1\x00', 0x2)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f0000000240)=ANY=[@ANYRES32=<r6=>0x0, @ANYBLOB="e40103002000cc26b2c8"], &(0x7f0000004840)=0xe)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000004880)={r6, 0x5}, &(0x7f00000048c0)=0x8)
setsockopt$bt_BT_SNDMTU(r5, 0x112, 0xc, &(0x7f00000000c0)=0x1f, 0x2)

2018/04/06 01:05:59 executing program 0 (fault-call:7 fault-nth:5):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:59 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0000001c00070f000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00007d73827564cfa0c655f1fb5f3401fac56203e73f3b7aefe14a031f4462cf58634ba4a949a354e3c82c5458760b0a4dbcbc821895dc68e841cbcdfd7a28cf2a060ee3adf2c810fc0c7160d7f140c50c20fb3c4b06d882d4c11fa19054151a75407e79793cb6aa05c82061000737cbd472021b637cf9770b753e6977897c389b04d65df91bf69867adccde83c9825b8a56eecc05c525f9dd85cb7a83fa9447f62337a84545634fcae486fbbed2a2200e8742b3c0deebd0a12d8b01dfc23451371efe9bf5915b3fe72a0da67267bdf0db62c4dfb9739624b0aecdffd072eb3ffc2de7d011bd2d1b79b0fe6e84615e57c83a16ecea79261d218906afc7d7874a5d2df7a85f02a660c3fc79e67c813e256b749f25d6c0a7de25c6683ec1b7a761b8d89af9f121d2c410"], 0x1c}, 0x1}, 0x0)

[  146.216737] openvswitch: netlink: Key 0 has unexpected len 1 expected 0
2018/04/06 01:05:59 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1e, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  146.288945] openvswitch: netlink: Key 0 has unexpected len 1 expected 0
[  146.304825] FAULT_INJECTION: forcing a failure.
[  146.304825] name failslab, interval 1, probability 0, space 0, times 0
[  146.316227] CPU: 0 PID: 11775 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  146.323066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  146.332421] Call Trace:
[  146.335022]  dump_stack+0x1b9/0x29f
2018/04/06 01:05:59 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x2d, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  146.338660]  ? arch_local_irq_restore+0x52/0x52
[  146.343341]  should_fail.cold.4+0xa/0x1a
[  146.347418]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  146.352540]  ? kasan_kmalloc+0xc4/0xe0
[  146.356439]  ? kmem_cache_alloc+0x12e/0x760
[  146.360766]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  146.365624]  ? kvm_mmu_load+0x21/0x10e0
[  146.369602]  ? vcpu_enter_guest+0x35a0/0x5c40
[  146.374103]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  146.379124]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  146.383368]  ? graph_lock+0x170/0x170
[  146.387174]  ? do_syscall_64+0x29e/0x9d0
[  146.391237]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  146.396612]  ? find_held_lock+0x36/0x1c0
[  146.400687]  ? __lock_is_held+0xb5/0x140
[  146.404758]  ? check_same_owner+0x320/0x320
[  146.409091]  ? rcu_note_context_switch+0x710/0x710
[  146.414032]  should_failslab+0x124/0x180
[  146.418097]  kmem_cache_alloc+0x2af/0x760
[  146.422252]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  146.427269]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  146.432815]  ? mmu_topup_memory_caches+0xf7/0x3a0
2018/04/06 01:05:59 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x35, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  146.437664]  mmu_topup_memory_caches+0xf7/0x3a0
[  146.442335]  ? kvm_apic_has_interrupt+0xe1/0x210
[  146.447099]  kvm_mmu_load+0x21/0x10e0
[  146.450902]  ? update_cr8_intercept+0x165/0x1e0
[  146.455579]  vcpu_enter_guest+0x35a0/0x5c40
[  146.459916]  ? kvm_set_msr_common+0x2660/0x2660
[  146.464589]  ? kvm_vcpu_wake_up+0x170/0x170
[  146.468917]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  146.474112]  ? __apic_accept_irq+0x1a0/0xb50
[  146.478528]  ? apic_mmio_write+0x1d0/0x1d0
[  146.482765]  ? debug_check_no_locks_freed+0x310/0x310
2018/04/06 01:05:59 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1d, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  146.487954]  ? print_usage_bug+0xc0/0xc0
[  146.492025]  ? find_held_lock+0x36/0x1c0
[  146.496092]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  146.501541]  ? kasan_check_write+0x14/0x20
[  146.505775]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  146.510969]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  146.516939]  ? kasan_check_read+0x11/0x20
[  146.521091]  ? apic_has_pending_timer+0x122/0x2f0
[  146.525931]  ? kvm_lapic_reset+0x1020/0x1020
[  146.530348]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
2018/04/06 01:05:59 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x34, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  146.535982]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  146.540836]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  146.545866]  kvm_vcpu_ioctl+0x79d/0x12e0
[  146.549928]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  146.554082]  ? graph_lock+0x170/0x170
[  146.558147]  ? find_held_lock+0x36/0x1c0
[  146.562219]  ? lock_downgrade+0x8e0/0x8e0
[  146.566376]  ? kasan_check_read+0x11/0x20
[  146.570538]  ? rcu_is_watching+0x85/0x140
[  146.574685]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  146.579872]  ? __fget+0x40c/0x650
[  146.583316]  ? match_held_lock+0x851/0x8b0
[  146.587538]  ? expand_files.part.8+0x9a0/0x9a0
[  146.592103]  ? kasan_check_write+0x14/0x20
[  146.596325]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  146.601241]  ? wait_for_completion+0x870/0x870
[  146.605814]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  146.611250]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  146.615383]  do_vfs_ioctl+0x1cf/0x1650
[  146.619291]  ? ioctl_preallocate+0x2e0/0x2e0
[  146.623693]  ? fget_raw+0x20/0x20
[  146.627142]  ? __sb_end_write+0xac/0xe0
[  146.631275]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  146.636795]  ? fput+0x130/0x1a0
[  146.640059]  ? ksys_write+0x1a6/0x250
[  146.643848]  ? security_file_ioctl+0x9b/0xd0
[  146.648242]  ksys_ioctl+0xa9/0xd0
[  146.651680]  SyS_ioctl+0x24/0x30
[  146.655031]  ? ksys_ioctl+0xd0/0xd0
[  146.658648]  do_syscall_64+0x29e/0x9d0
[  146.662518]  ? vmalloc_sync_all+0x30/0x30
[  146.666651]  ? _raw_spin_unlock_irq+0x27/0x70
[  146.671141]  ? finish_task_switch+0x1ca/0x820
[  146.675627]  ? syscall_return_slowpath+0x5c0/0x5c0
[  146.680542]  ? syscall_return_slowpath+0x30f/0x5c0
[  146.685462]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  146.690833]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  146.695665]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  146.700837] RIP: 0033:0x4552d9
[  146.704013] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  146.711711] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  146.718962] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  146.726214] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  146.733465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
2018/04/06 01:05:59 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x100000000000000]}}}}, 0x48)

[  146.740715] R13: 0000000000000251 R14: 00000000006f6838 R15: 0000000000000005
2018/04/06 01:05:59 executing program 5:
sched_setaffinity(0x0, 0x8, &(0x7f0000d81ff8)=0x4)
r0 = eventfd(0x80000002)
write$eventfd(r0, &(0x7f0000000080)=0xffffffffffffff90, 0x8)
readv(r0, &(0x7f0000000240)=[{&(0x7f00000003c0)=""/176, 0xb0}], 0x1)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x202}, 0xfffffffffffffe2b)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=ANY=[@ANYBLOB="180000000000000000000000000000726aff00000000000000000000000000000000000000000000"], &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f00000000c0)}, 0x10)
socketpair$inet_udp(0x2, 0x40087447, 0xffffffff00705000, &(0x7f0000000340))

2018/04/06 01:05:59 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x200, 0x100)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{}, {<r3=>0x0}, {}, {}, {}, {}]})
ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x46e)
ioctl$DRM_IOCTL_GET_CTX(r2, 0xc0086423, &(0x7f00000000c0)={r3, 0x2})
ioctl$KVM_ASSIGN_SET_INTX_MASK(r2, 0x4040aea4, &(0x7f0000000100)={0x5, 0x80, 0x100, 0x0, 0xffffffffffffffb9})
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:05:59 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x50700000000000, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:05:59 executing program 6:
getpid()
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, <r0=>0x0})
r1 = accept(0xffffffffffffff9c, &(0x7f0000000040)=@llc, &(0x7f0000000140)=0x80)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000180)={{{@in, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@rand_addr}, 0x0, @in6=@mcast2}}, &(0x7f0000000280)=0xe8)
getgroups(0xa, &(0x7f00000002c0)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, <r3=>0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff])
setsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000300)={r0, r2, r3}, 0xc)
r4 = syz_open_procfs(r0, &(0x7f00006f3ffd)='ns\x00')
getdents64(r4, &(0x7f0000a1bfda)=""/38, 0x1f)
getdents64(r4, &(0x7f00000000c0)=""/79, 0x8e)
fadvise64(r4, 0x0, 0x1, 0x4)

2018/04/06 01:05:59 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0xf, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:05:59 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xf00000000000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:05:59 executing program 0 (fault-call:7 fault-nth:6):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:05:59 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x200000000000000]}}}}, 0x48)

[  147.031387] binder: BINDER_SET_CONTEXT_MGR already set
[  147.038700] FAULT_INJECTION: forcing a failure.
[  147.038700] name failslab, interval 1, probability 0, space 0, times 0
[  147.050068] CPU: 0 PID: 11826 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  147.056934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  147.066281] Call Trace:
[  147.068869]  dump_stack+0x1b9/0x29f
[  147.072488]  ? arch_local_irq_restore+0x52/0x52
[  147.077158]  should_fail.cold.4+0xa/0x1a
[  147.081213]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  147.086304]  ? kasan_kmalloc+0xc4/0xe0
[  147.090184]  ? kmem_cache_alloc+0x12e/0x760
[  147.094497]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  147.099329]  ? kvm_mmu_load+0x21/0x10e0
[  147.103297]  ? vcpu_enter_guest+0x35a0/0x5c40
[  147.107784]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  147.112795]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  147.117029]  ? graph_lock+0x170/0x170
[  147.120821]  ? do_syscall_64+0x29e/0x9d0
[  147.124871]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  147.130232]  ? find_held_lock+0x36/0x1c0
[  147.134291]  ? __lock_is_held+0xb5/0x140
[  147.138360]  ? check_same_owner+0x320/0x320
[  147.142673]  ? rcu_note_context_switch+0x710/0x710
[  147.147636]  should_failslab+0x124/0x180
[  147.151689]  kmem_cache_alloc+0x2af/0x760
[  147.155832]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  147.160839]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  147.166373]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  147.171207]  mmu_topup_memory_caches+0xf7/0x3a0
[  147.175865]  ? kvm_apic_has_interrupt+0xe1/0x210
[  147.180617]  kvm_mmu_load+0x21/0x10e0
[  147.184408]  ? update_cr8_intercept+0x165/0x1e0
[  147.189075]  vcpu_enter_guest+0x35a0/0x5c40
[  147.193400]  ? kvm_set_msr_common+0x2660/0x2660
[  147.198058]  ? kvm_vcpu_wake_up+0x170/0x170
[  147.202375]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  147.207558]  ? __apic_accept_irq+0x1a0/0xb50
[  147.211962]  ? apic_mmio_write+0x1d0/0x1d0
[  147.216189]  ? perf_trace_lock_acquire+0xe3/0x980
[  147.221046]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  147.226486]  ? kasan_check_write+0x14/0x20
[  147.230711]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  147.235894]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  147.241852]  ? kasan_check_read+0x11/0x20
[  147.245992]  ? apic_has_pending_timer+0x122/0x2f0
[  147.250828]  ? kvm_lapic_reset+0x1020/0x1020
[  147.255253]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  147.260784]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  147.265622]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  147.270637]  kvm_vcpu_ioctl+0x79d/0x12e0
[  147.274693]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  147.278834]  ? graph_lock+0x170/0x170
[  147.282629]  ? find_held_lock+0x36/0x1c0
[  147.286694]  ? lock_downgrade+0x8e0/0x8e0
[  147.290839]  ? rcu_is_watching+0x85/0x140
[  147.294986]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  147.300176]  ? __fget+0x40c/0x650
[  147.303621]  ? match_held_lock+0x851/0x8b0
[  147.307845]  ? expand_files.part.8+0x9a0/0x9a0
[  147.312416]  ? kasan_check_write+0x14/0x20
[  147.316639]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  147.321570]  ? wait_for_completion+0x870/0x870
[  147.326152]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  147.331368]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  147.335508]  do_vfs_ioctl+0x1cf/0x1650
[  147.339391]  ? ioctl_preallocate+0x2e0/0x2e0
[  147.343791]  ? fget_raw+0x20/0x20
[  147.347237]  ? __sb_end_write+0xac/0xe0
[  147.351205]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  147.356733]  ? fput+0x130/0x1a0
[  147.360004]  ? ksys_write+0x1a6/0x250
[  147.363806]  ? security_file_ioctl+0x9b/0xd0
[  147.368207]  ksys_ioctl+0xa9/0xd0
[  147.371654]  SyS_ioctl+0x24/0x30
[  147.375011]  ? ksys_ioctl+0xd0/0xd0
[  147.378633]  do_syscall_64+0x29e/0x9d0
[  147.382519]  ? vmalloc_sync_all+0x30/0x30
[  147.386658]  ? _raw_spin_unlock_irq+0x27/0x70
[  147.391147]  ? finish_task_switch+0x1ca/0x820
[  147.395633]  ? syscall_return_slowpath+0x5c0/0x5c0
[  147.400555]  ? syscall_return_slowpath+0x30f/0x5c0
[  147.405483]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  147.410852]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  147.415694]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  147.420870] RIP: 0033:0x4552d9
[  147.424048] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
2018/04/06 01:06:00 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x1)
sendmsg$kcm(r2, &(0x7f0000000340)={&(0x7f0000000040)=@l2={0x1f, 0x80000000, {0x7, 0xeb98, 0x2b, 0xb0, 0x20, 0x100000001}, 0x2, 0x2}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000180)="2181c33795d451a57dfef23831d6bf7e671670499c8279e2b7fb09a7dd3adb74fc0aabb34e6a99a17f89419f50b891c5887ac5067e3c35fd50fca26f7d402bfbb99c5587001a1be0708354158a11620a7d38363742973fa2917c89e86d3ad0563ece019c96267da936ad03cc4527d864fd50499de12c2ae9cac027e7fb94eaee084295d39f95351637bd1a01155e584165e78dd1b2c80a8cd588931aa252c6aedfb7d0512391553143957360e8307bfc23768795d676", 0xb6}, {&(0x7f00000000c0)}, {&(0x7f0000000240)="c41f23ec5ac5faa0d60c2e0fc5fe8814abbb5be6947e139b1d1b6152564b2957541f1acae415953fc1c86b43a67027746b178026c0f94e9e39ebf05b486d1e60035907cafc1543c5bebf213051298bc848f70c22dc77c16be22c672b2a002678340ac781882f37c6ffbee503a496f05471d6c3434c7e5cfde0519f4b4434c8fd33115db82effadbf5347a86d1197edcf6ea5b9a7571ff86b44", 0x99}], 0x3, &(0x7f0000000740)=[{0xc0, 0x13f, 0x5, "96fbcf588f2ec1c36d0043119ac8f8fa6d56a5ee326a453683b3259352de4d0e9ab499fe6ce396f4a6dfd7ae15156c7419cc654ec074fd379366d842e958527763043062f164ac62426ded7fc4ecd73e78135b2780ec0f813a2786dc4ae00097af585fbb0cad2865244f909435243de11a231e6074b56a5639d59601b6e184b00ab81c9b299ee55ed56fc9e77542612c08345b8aa813df513415e4a97db800a5851f9b34113957d88d"}, {0xd0, 0x0, 0x2, "fefc364ca5ab12180f262b6d3c53344a8ee5712b9ec2e16c06564d0556480ca48bacf541722e8afcaa513cfac416069971998d25e048394648ffec55c0a399ca04872986f6510b3b10725e79a1bca3d950041658abc0d6e59222e87b106ff2337d483a472acb6b4a3a1f8597d2a4adbbc03f90b2f386d6d36bb758da59121519f1cefbbce03864232003a9cfb2c1fb19e6802f31f7524c1d773a4c679189aea59c6f0483e1354ab0a7bed602bbd8da0f3ad9d1b79a124e7f4e5e41483149"}, {0x60, 0x108, 0x7, "1fe37b823d67d3b4bab85377ac7385574e34ef421cc91182bd812728ff27787878c28f9654f9317d2bc6b0bceca852b11d4660a6a12f883b5c96d25b0ed31cf7b1c35870da08b391a1cdc3fabe"}, {0x80, 0x3a, 0x8000, "969de5309b82f3e2fb37eb6be244171078e7321c1cb5de460b226b4b8a98fe01f6f4ba06ac85e3a241114514301a7f63bbfa56b0b44f3f49185eede91fe483e80a057a043dd0e0ca9d671a511f41102ed83722df2a9b9ca12f8d879ee295b3f64c06057358af2798338c99b60699ac"}], 0x270, 0x8000}, 0x40)
fstat(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
quotactl(0x6, &(0x7f00000000c0)='./file0\x00', r3, &(0x7f0000000400)="847dfd2c9ec6464e358ec24187cffc292f7ffd6c4416ee1dc57313a13d8e56cbfece8ef16d3aca")

2018/04/06 01:06:00 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x41, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  147.431746] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  147.439004] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  147.446268] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  147.453528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  147.460785] R13: 0000000000000251 R14: 00000000006f6838 R15: 0000000000000006
2018/04/06 01:06:00 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xf0ffffff}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:06:00 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x1000000]}}}}, 0x48)

[  147.485830] binder: 11811:11828 ioctl 40046207 0 returned -16
2018/04/06 01:06:00 executing program 0 (fault-call:7 fault-nth:7):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:06:00 executing program 6:
unshare(0x8000000)
r0 = mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x5, 0x2})
clock_gettime(0x0, &(0x7f0000000180)={<r1=>0x0, <r2=>0x0})
rt_sigtimedwait(&(0x7f0000000100)={0x5}, &(0x7f0000000140), &(0x7f00000001c0)={r1, r2+30000000}, 0x8)
mq_timedsend(r0, &(0x7f0000e71fff), 0x0, 0x0, 0x0)
mq_timedreceive(r0, &(0x7f0000000040)=""/131, 0x83, 0x20040000, 0x0)

2018/04/06 01:06:00 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0xffffff7f, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:06:00 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000300)='/dev/loop#\x00', 0x2001080, 0x20000)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000680)='fou\x00')
sendmsg$FOU_CMD_GET(r0, &(0x7f0000000780)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)=ANY=[@ANYBLOB="5700800048dad23e9a1f9f9e821bfc60d6f0c3498b", @ANYRES16=r2, @ANYBLOB="000025bd7000fddbdf2503000000040000080002000000000008235c7926283caed8ea050004000e5b963629824bab0100000000000000000000000000647e56f93280101c56768e58"], 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x40800)
creat(&(0x7f0000000000)='./file0\x00', 0x10)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ppp\x00', 0x1030c0, 0x0)
munlockall()
io_submit(r1, 0x6, &(0x7f0000000640)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffe, r0, &(0x7f0000000040)="6de27938f99040a638dee09b17a2808374f76b8846f87daebb23d7b001427965159927fd6fb48529ef13128b32c68416f95862abe3ac2dcd0f4d4c6b039045fb6eeaf42bb4a0234c301e1d9d2a06f35e8513baa0ecf0adf1b58e3e61b731a256606157593e8a5a267319ce77f077a5a200b24dd0f4b41fa8684eb4b9842c63525926984b81ca8163f99b4c67e5942a54a1e96de03279ef77a933765f44af895b3a978aee9029f1c45eded08eb3a118dabda591a0d1700646ba035a02c63873c891b29970ad47d85974aae5", 0xcb, 0x3ff, 0x0, 0x1, r3}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x800, r3, &(0x7f0000000200)="41d1b22224f56d0aac1b8e24ce8938466d817fb224fe37debb62c8973bd8", 0x1e, 0x7, 0x0, 0x0, r3}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0xc36, r0, &(0x7f0000000280)="3a71d093b25ac5ac8f71d0243a790127fe8c79121cbf7cee4d20073a8b5a4153d56b7ab3708515c67b7cc47ef85ccab6a5472f0c24b2f003a8c6cf55fce3ca647fe2af6b5d21122895e3ad84bc60", 0x4e, 0x1, 0x0, 0x1, r3}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x7c, r0, &(0x7f0000000380)="2b7e2647a90af60cee71b5f564d89a84afe9db7949d54847e9d608b7dfe9ba8743f9bb23904756e9dc9124a5630f6433e127f74c2a6d0d6af7ecf532e6ce5f35f87dcb", 0x43, 0x9, 0x0, 0x1, r3}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x3, 0x0, r3, &(0x7f0000000540)="aceea0299701a3bfcfdec0eb3cbb403addcfab9d866275ec7eecf73bec55a42f756ad5c92f3dee3cfe5692f6430202e6e44893b7e8652189e709cbeed3f2d69c797a3547657a5124f0053e2f271675d7c8abb7e7949a4465cd59ba8bead0c75901cbcb007a31b6079256f00989bde7050b77760a85da7cf7304e9e17059dcfc33e0a820db977916de232e1370c80f88e9031ea2da6b20de4c92b319cb70325cbe55ada1985397e98bc47154bc5c3f2e3176fd3395f98356ea6a2584cc43af2ddee74369fbcef17beda4dad5ae09b075837aedbcbf8950aa361be88f8bc35fc", 0xdf, 0x5, 0x0, 0x1, r3}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0xffffffff, r3, &(0x7f0000000480)="40dd2cb81077e2097c10c65fa2f21ffd76b11cf4e6e49b5ba5850752887def55b1e825a8051130", 0x27, 0xfffffffffffffa9f, 0x0, 0x1, r3}])

[  147.678988] binder: BINDER_SET_CONTEXT_MGR already set
[  147.692863] binder: 11850:11857 ioctl 40046207 0 returned -16
[  147.727185] FAULT_INJECTION: forcing a failure.
[  147.727185] name failslab, interval 1, probability 0, space 0, times 0
[  147.738515] CPU: 0 PID: 11859 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  147.745359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  147.754712] Call Trace:
[  147.757322]  dump_stack+0x1b9/0x29f
[  147.760937]  ? arch_local_irq_restore+0x52/0x52
[  147.765603]  should_fail.cold.4+0xa/0x1a
[  147.769651]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  147.774744]  ? kasan_kmalloc+0xc4/0xe0
[  147.778625]  ? kmem_cache_alloc+0x12e/0x760
[  147.782945]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  147.787787]  ? kvm_mmu_load+0x21/0x10e0
[  147.791776]  ? vcpu_enter_guest+0x35a0/0x5c40
[  147.796293]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  147.801310]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  147.805564]  ? graph_lock+0x170/0x170
[  147.809367]  ? do_syscall_64+0x29e/0x9d0
[  147.813436]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  147.818811]  ? find_held_lock+0x36/0x1c0
[  147.822891]  ? __lock_is_held+0xb5/0x140
[  147.826965]  ? check_same_owner+0x320/0x320
[  147.831273]  ? rcu_note_context_switch+0x710/0x710
[  147.836567]  should_failslab+0x124/0x180
[  147.840617]  kmem_cache_alloc+0x2af/0x760
[  147.844753]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  147.849764]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  147.855311]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  147.860165]  mmu_topup_memory_caches+0xf7/0x3a0
[  147.864831]  ? kvm_apic_has_interrupt+0xe1/0x210
[  147.869586]  kvm_mmu_load+0x21/0x10e0
[  147.873381]  ? update_cr8_intercept+0x165/0x1e0
[  147.878044]  vcpu_enter_guest+0x35a0/0x5c40
[  147.882354]  ? kvm_set_msr_common+0x2660/0x2660
[  147.887008]  ? kvm_vcpu_wake_up+0x170/0x170
[  147.891324]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  147.896507]  ? __apic_accept_irq+0x1a0/0xb50
[  147.900899]  ? apic_mmio_write+0x1d0/0x1d0
[  147.905114]  ? debug_check_no_locks_freed+0x310/0x310
[  147.910299]  ? print_usage_bug+0xc0/0xc0
[  147.914349]  ? find_held_lock+0x36/0x1c0
[  147.918396]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  147.923825]  ? kasan_check_write+0x14/0x20
[  147.928050]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  147.933227]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  147.939178]  ? kasan_check_read+0x11/0x20
[  147.943316]  ? apic_has_pending_timer+0x122/0x2f0
[  147.948154]  ? kvm_lapic_reset+0x1020/0x1020
[  147.952568]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  147.958097]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  147.962931]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  147.967960]  kvm_vcpu_ioctl+0x79d/0x12e0
[  147.972026]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  147.976175]  ? graph_lock+0x170/0x170
[  147.979982]  ? find_held_lock+0x36/0x1c0
[  147.984063]  ? lock_downgrade+0x8e0/0x8e0
[  147.988233]  ? kasan_check_read+0x11/0x20
[  147.992393]  ? rcu_is_watching+0x85/0x140
[  147.996536]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  148.001714]  ? __fget+0x40c/0x650
[  148.005326]  ? match_held_lock+0x851/0x8b0
[  148.009549]  ? expand_files.part.8+0x9a0/0x9a0
[  148.014112]  ? kasan_check_write+0x14/0x20
[  148.018418]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  148.023329]  ? wait_for_completion+0x870/0x870
[  148.027894]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  148.033079]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  148.037214]  do_vfs_ioctl+0x1cf/0x1650
[  148.041096]  ? ioctl_preallocate+0x2e0/0x2e0
[  148.045488]  ? fget_raw+0x20/0x20
[  148.048923]  ? __sb_end_write+0xac/0xe0
[  148.052881]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  148.058426]  ? fput+0x130/0x1a0
[  148.061696]  ? ksys_write+0x1a6/0x250
[  148.065488]  ? security_file_ioctl+0x9b/0xd0
[  148.069879]  ksys_ioctl+0xa9/0xd0
[  148.073317]  SyS_ioctl+0x24/0x30
[  148.076664]  ? ksys_ioctl+0xd0/0xd0
[  148.080292]  do_syscall_64+0x29e/0x9d0
[  148.084159]  ? vmalloc_sync_all+0x30/0x30
[  148.088290]  ? _raw_spin_unlock_irq+0x27/0x70
[  148.092767]  ? finish_task_switch+0x1ca/0x820
[  148.097245]  ? syscall_return_slowpath+0x5c0/0x5c0
[  148.102160]  ? syscall_return_slowpath+0x30f/0x5c0
[  148.107075]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  148.112424]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  148.117260]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  148.122429] RIP: 0033:0x4552d9
[  148.125607] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  148.133305] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  148.140558] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  148.147811] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  148.155078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  148.162333] R13: 0000000000000251 R14: 00000000006f6838 R15: 0000000000000007
2018/04/06 01:06:01 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x36, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:06:01 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x2000000]}}}}, 0x48)

2018/04/06 01:06:01 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x9effffff}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:06:01 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$llc(r1, &(0x7f0000000040)={0x1a, 0x30b, 0x0, 0x6, 0x9c, 0x2, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x10)
setsockopt$inet_opts(r1, 0x0, 0x0, &(0x7f0000000080)="57f324eeed552ff78ce3c327a7809710", 0x10)
io_setup(0x20, &(0x7f0000000500)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:06:01 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x7300, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:06:01 executing program 6:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f0000519fa8)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000000c000098a86d8f009500000000000000"], &(0x7f0000c43000)='syzkaller\x00', 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x400000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r1, 0xc02c5341, &(0x7f0000000080))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0xe, 0xb4, &(0x7f00000002c0)="5b91c0a09d140a69db03fb2fd262", &(0x7f0000000100)=""/180}, 0x28)

2018/04/06 01:06:01 executing program 0 (fault-call:7 fault-nth:8):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:06:01 executing program 5:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x40000, 0x0)
write$sndseq(r0, &(0x7f0000000400)=[{0x8000000000000, 0x7ff, 0x100, 0xad, @tick=0x55f77c20, {0x51, 0x9}, {0x8, 0x37}, @ext={0xad, &(0x7f0000000040)="af5aba9406a10010453985a45b661c42dcbdcedc4134aebf583a8bdfe2e37a3609f95706772920890531b4057fdfece61ffa6367607e038fa9df755fe091e47370c5e118312d51f5b2e8e6eff99441dc07f9759b61ad0bae9459dd98f5ed1e9601ed349caa29283e2653511b9a29011861e15679f1046f26325ea37ce7e0a505337f2844faf7a2e5d4ffbdee2ca0b74061cb0a2df9557a1fd9c6ffe7bfb5218f442acb5f00ce8d38ade903ef36"}}], 0x30)
syz_emit_ethernet(0xf4, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaa160180c20000008137ffff00e6f815ffffffffffffffffffff000100000000ffffffffffff00065deb1e209d38cea4b73049f9b3231aa44a4086184d55c71848019fda6081ca74604b764dc6c7763faec858374e5ae4c03c63b7e63dc01b418cab3800000003dbf523f36a8af398ae177bc0275ce85665dc0da20188e8ef69e044f0d605efc82bd20afe678cbf4818360202ff1ba8dbec3613468c0ccf7dc099a9b5ea222774dd07c878d4725f40d8578dc692f51535403db1b74416d514a25ce7c32b0e72996dd01adf84de863f89becdd41cbf150314426f696a4761fe909816b8dd828da9f6b1a6b42ca6a288b075e0136a4cc049"], &(0x7f0000000200))
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x400200, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x140, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f00000001c0)={<r3=>0x0, 0x6, 0x30}, &(0x7f0000000240)=0xc)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000280)=@sack_info={r3, 0x80000001, 0x9}, &(0x7f00000002c0)=0xc)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
chmod(&(0x7f0000000100)='./file0\x00', 0x48)

[  148.654720] FAULT_INJECTION: forcing a failure.
[  148.654720] name failslab, interval 1, probability 0, space 0, times 0
[  148.666621] CPU: 1 PID: 11883 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  148.673467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  148.682829] Call Trace:
[  148.685435]  dump_stack+0x1b9/0x29f
[  148.689079]  ? arch_local_irq_restore+0x52/0x52
[  148.693853]  should_fail.cold.4+0xa/0x1a
[  148.697914]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  148.703010]  ? kasan_kmalloc+0xc4/0xe0
[  148.706910]  ? kmem_cache_alloc+0x12e/0x760
[  148.711229]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  148.716127]  ? kvm_mmu_load+0x21/0x10e0
[  148.720092]  ? vcpu_enter_guest+0x35a0/0x5c40
[  148.724592]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  148.729687]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  148.733927]  ? graph_lock+0x170/0x170
[  148.737723]  ? do_syscall_64+0x29e/0x9d0
[  148.741778]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  148.747151]  ? find_held_lock+0x36/0x1c0
[  148.751213]  ? __lock_is_held+0xb5/0x140
[  148.755578]  ? check_same_owner+0x320/0x320
[  148.759898]  ? rcu_note_context_switch+0x710/0x710
[  148.764825]  should_failslab+0x124/0x180
[  148.768907]  kmem_cache_alloc+0x2af/0x760
[  148.773055]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  148.778065]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  148.783702]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  148.788543]  mmu_topup_memory_caches+0xf7/0x3a0
[  148.793476]  ? kvm_apic_has_interrupt+0xe1/0x210
[  148.798233]  kvm_mmu_load+0x21/0x10e0
[  148.802032]  ? update_cr8_intercept+0x165/0x1e0
[  148.806701]  vcpu_enter_guest+0x35a0/0x5c40
[  148.811030]  ? kvm_set_msr_common+0x2660/0x2660
[  148.815692]  ? kvm_vcpu_wake_up+0x170/0x170
[  148.820015]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  148.825204]  ? __apic_accept_irq+0x1a0/0xb50
[  148.829611]  ? apic_mmio_write+0x1d0/0x1d0
[  148.833842]  ? perf_trace_lock_acquire+0xe3/0x980
[  148.838698]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  148.844138]  ? kasan_check_write+0x14/0x20
[  148.848363]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  148.853549]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  148.859597]  ? kasan_check_read+0x11/0x20
[  148.863736]  ? apic_has_pending_timer+0x122/0x2f0
[  148.868566]  ? kvm_lapic_reset+0x1020/0x1020
[  148.872972]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  148.878517]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  148.883350]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  148.888367]  kvm_vcpu_ioctl+0x79d/0x12e0
[  148.892424]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  148.896565]  ? graph_lock+0x170/0x170
[  148.900358]  ? find_held_lock+0x36/0x1c0
[  148.904422]  ? lock_downgrade+0x8e0/0x8e0
[  148.908566]  ? rcu_is_watching+0x85/0x140
[  148.912708]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  148.917899]  ? __fget+0x40c/0x650
[  148.921347]  ? match_held_lock+0x851/0x8b0
[  148.925573]  ? expand_files.part.8+0x9a0/0x9a0
[  148.930144]  ? kasan_check_write+0x14/0x20
[  148.934373]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  148.939296]  ? wait_for_completion+0x870/0x870
[  148.943868]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  148.949048]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  148.953188]  do_vfs_ioctl+0x1cf/0x1650
[  148.957070]  ? ioctl_preallocate+0x2e0/0x2e0
[  148.961467]  ? fget_raw+0x20/0x20
[  148.964912]  ? __sb_end_write+0xac/0xe0
[  148.968879]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  148.974413]  ? fput+0x130/0x1a0
[  148.977686]  ? ksys_write+0x1a6/0x250
[  148.981481]  ? security_file_ioctl+0x9b/0xd0
[  148.985886]  ksys_ioctl+0xa9/0xd0
[  148.989330]  SyS_ioctl+0x24/0x30
[  148.992867]  ? ksys_ioctl+0xd0/0xd0
[  148.996483]  do_syscall_64+0x29e/0x9d0
[  149.000358]  ? vmalloc_sync_all+0x30/0x30
[  149.004584]  ? _raw_spin_unlock_irq+0x27/0x70
[  149.009070]  ? finish_task_switch+0x1ca/0x820
[  149.013553]  ? syscall_return_slowpath+0x5c0/0x5c0
[  149.018472]  ? syscall_return_slowpath+0x30f/0x5c0
[  149.023406]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  149.028764]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  149.033604]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  149.038779] RIP: 0033:0x4552d9
[  149.041955] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
2018/04/06 01:06:02 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x2a702)
get_mempolicy(&(0x7f0000000000), &(0x7f0000000040), 0xfff, &(0x7f0000ffd000/0x3000)=nil, 0x5)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:06:02 executing program 5:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffff9c, 0x84, 0x72, &(0x7f0000000800)={0x0, 0x0, 0x2d}, &(0x7f0000000780)=0x24a)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000007c0)={0x0, 0x488c}, 0x8)
accept$ax25(0xffffffffffffffff, &(0x7f0000000b00), &(0x7f0000000b40)=0x10)
bind$inet6(r0, &(0x7f0000c67000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x1000008000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r1, &(0x7f0000065fc8)={&(0x7f0000791000)={0x10}, 0xc, &(0x7f0000df6000)={&(0x7f0000000b80)=ANY=[@ANYBLOB="1c000000130afdfffffffffffffff7ff0000000008001100bdfa8ee05acf753bc5b34be728b773ef5665855b65418be8ffed79f173dd11c1be7a473a8d"], 0x3d}, 0x1}, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000740)=""/14, &(0x7f00000001c0)=0xffffffffffffff83)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r2, &(0x7f00002f7ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffff9c, 0xc00c642e, &(0x7f0000000200)={0x0, 0x80000, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000240)={<r4=>0x0, 0x80000})
ioctl$DRM_IOCTL_GEM_CLOSE(r3, 0x40086409, &(0x7f0000000280)={r4})
socket$inet_smc(0x2b, 0x1, 0x0)
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/rtc\x00', 0x88002, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000000d80)=[@in={0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e20, 0x762, @loopback={0x0, 0x1}, 0x5cae2c5a}, @in6={0xa, 0x4e20, 0xc4c, @dev={0xfe, 0x80, [], 0x200}, 0x4}], 0x48)
recvmsg(r2, &(0x7f0000000700)={&(0x7f0000000300)=@pppol2tp={0x0, 0x0, {0x0, <r6=>0xffffffffffffffff, {0x0, 0x0, @multicast1}}}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000380)=""/113, 0x71}, {&(0x7f0000000400)=""/163, 0xa3}, {&(0x7f00000004c0)=""/95, 0x5f}, {&(0x7f0000000540)=""/120, 0x78}, {&(0x7f0000000100)=""/27, 0x1b}, {&(0x7f00000005c0)=""/104, 0x68}], 0x6, &(0x7f00000006c0)=""/54, 0x36, 0x5}, 0x100)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f00000008c0)=ANY=[@ANYBLOB="d8ba0000000000000a004e240000000000000000000000000000ffff00000009050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000410000004a000006b245c726fe8000000000000000000000000000aa08000000000000000000000000000000000000000000000000000000000000000018009d5235435d01222e3d2ec2ea43ff4d000000000000000000002000000000003a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x1)
connect$vsock_dgram(r6, &(0x7f0000000080)={0x28, 0x0, 0x2713, @hyper}, 0x10)
sendmmsg(r2, &(0x7f0000d1bf10)=[{{&(0x7f0000000140)=@ax25={0x3, {"a976372427d807"}}, 0x80, &(0x7f0000d73fb0), 0x0, &(0x7f0000000100)}}], 0x159, 0x0)
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f00000002c0))
accept(r0, &(0x7f0000000000)=@l2, &(0x7f00000000c0)=0xffffffffffffffd4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000240)={&(0x7f0000000400)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x14, 0x25, 0x331, 0x0, 0x0, {0x10000b}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:06:02 executing program 6:
r0 = socket$inet6(0xa, 0x80006, 0xfc)
r1 = syz_open_pts(0xffffffffffffff9c, 0x80)
ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000000))
getsockopt$inet6_int(r0, 0x29, 0x53, &(0x7f0000000080), &(0x7f0000000040)=0x4)

[  149.050001] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  149.057263] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  149.064520] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  149.071786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  149.079042] R13: 0000000000000251 R14: 00000000006f6838 R15: 0000000000000008
[  149.086605] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:06:02 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x37, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:06:02 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:06:02 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x2000000]}}}}, 0x48)

[  149.132154] binder: 11874:11888 ioctl 40046207 0 returned -16
2018/04/06 01:06:02 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x6000, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:06:02 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])
r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x2, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0)
ioctl$PPPOEIOCDFWD(r2, 0xb101, 0x0)

2018/04/06 01:06:02 executing program 0 (fault-call:7 fault-nth:9):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:06:02 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x3b, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:06:02 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x2]}}}}, 0x48)

2018/04/06 01:06:02 executing program 6:
r0 = syz_open_dev$sndseq(&(0x7f0000000340)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000fb6000)=""/28, 0x1c)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x33}, &(0x7f0000000180)=<r1=>0x0)
clock_gettime(0x0, &(0x7f00000001c0)={<r2=>0x0, <r3=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000200)={{r2, r3+30000000}, {0x0, 0x1c9c380}}, &(0x7f0000000240))
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00')
fcntl$setstatus(r4, 0x4, 0x4000)
getsockopt$IPT_SO_GET_INFO(r4, 0x0, 0x40, &(0x7f0000000100)={'security\x00'}, &(0x7f0000000000)=0x18)
ioctl$sock_inet_SIOCGIFBRDADDR(0xffffffffffffffff, 0x8919, &(0x7f0000000080)={'bcsf0\x00', {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}})
pread64(0xffffffffffffffff, &(0x7f00000000c0)=""/8, 0x18e, 0x1ffff)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e23, 0x81, @local={0xfe, 0x80, [], 0xaa}, 0x4}}, 0xffffffff, 0x4, 0x9, "5515f272617a5189b2330e84de26dbce85d41a077c6936bc6561e2627d72523ea80b79aeb17e8e2dfa572bb17eee36ac814a0c94614ca96befe29365d83f439548660744d6d7b65e302ad444f536d9a4"}, 0xd8)
timer_create(0x2, &(0x7f0000000b40)={0x0, 0x2f, 0x2, @thr={&(0x7f0000000a80)="e54089b9e7e915271bca43f63936f7b5f8737a7327a274281cf0aeac7c2f7ca4d041ab74b7586976c9d8abae7c1fa0dfafa5ae3ce2fc294f0fecee34a371a635592f73ad5fcddb07fdb5fa2a375981f5a9ea05ed3303dbbdc45aac8d542393a2d0f3e9636b61cdb0e8e55fe8b3ba0178b8486233d8dddbb6aa69867927a7ad3e8f667115d3b189d6b656f38f49ca57377906da57efcd69515589b95f36afec86b6", &(0x7f0000000a00)="d40bc5d296ddb613eeedf9ab78b3d948524c2a5a8dd642d7"}}, &(0x7f0000000b80))
readv(r4, &(0x7f0000000040)=[{&(0x7f0000000c00)=""/4096, 0x1000}, {&(0x7f0000001c00)=""/4096, 0x1000}], 0x2)
fcntl$getflags(0xffffffffffffffff, 0x1)
ioctl$KVM_SET_XSAVE(0xffffffffffffffff, 0x5000aea5, &(0x7f0000000540)={"460c9cf8b07702c9181d1d046c64b55e215c5ec7223994b24162a21095676fca7c01e693ae37b76c3e661ee06786f4f762861a97961f4b6218c4186d7aad6f6e440dedfd7e8fc8282a3baffe91366dae552f5212fa5916c111b362fd205e173d513d584412dc2e9259907acf743a027e61dc52420161db13b1f5d8394e0f9969e36bd2fe36dfe02c35e2a093e96fb6adf5221880a2ba4b689b51f242d571045d1a80ecce7d4945579c65faaf9d450e5991135fcbeefc72cf892299351b4ed9801c7125e10746a1fde2da3b3e6a9f71a9695fb4cf136132bb8350519131b7eadc5e8886e5e7eba20b59eca1e97cd621d9826d388f086ee4b808f3487867fdff826555f8f7ee156028bcd1e4c2289f3c04def2bc2137c60737d5641fc60954827593b659874d5189520d7e514b2a99990536cbcc4158f54601188ea1ac4ea60ae555ef708787f53426551228e29f2c9f75bd2bb748caacd89b800b3e3a35f64ad6ac60634c8108297963f7d2ae6eb0d98191556a2b610541ad1498ef4414b51c4f3d4061764d5aa341eae5524115ed94767e937c989165370bf286f354340dd94044cb0ce83e836b317996641892f4523c4390854dff59389a1b4982594c99e5977cdee4f5d7294e427922126e71992c2048d39ae179cb13c812371d7b82dacb2b899c7e41fd2aed8080fabbe0a7f6583f76bae7537b7028c8c5f340f5567143d3dd80610a05f44334d285c07c53732df0a19c8ae7a49d50b14b8ce92d2dffe8c7e0800cde8f3f325c269337555e9aab55e36bb6693eb7c36ea129abd3262dbdeae37f1f2183b95ad4d2e30c5f8bdae86a9bb778a336c82d0083e46b0711c3fde5815a2367c0cd76f0b89d0faa9fea546b320b27858516ba6bdc06076815dd7a558378e8186219728013327856cb08ad7fd557d8f89699bcbb060352cdee845bd8836b90fa275a8d6146a284848ba2bb2f6f96de064255447de4dc938476a932a4799cd4982a2eec922a9518f7944f174674ce20e657b23c0038515b607d0b030f8c1bd1d0c05af848aab2cb06ea3888c14ea21d20fc489289d1733d9052ab5373c06388649dc1c7c52dbfa2de3a65cad4e63c4c500777c4cc576cbbdccb2cf34a62c77e912d459b338c87cb54cc9ea851269450203fc1fab5ac7825690d49770ade69509e54e0c31c5a431327a9480740581b0f278f687162c81a5c735c8b5d4dc094ae67b897f0ead168a794a74ec8dbd73d7b5b2ec7044b54d76418fe2160e8218c9375d60f68c8ea2d513201aee3b02150b9410da81a8a0eb4dfc7fdd5ed026e46df5fedcac011cd2ee5f1fa8df919043ab45ba600f50e6d84ddb97bd578688fd2e3600f6ccea874b78a0134502bc4f9e4c7369d6cdb012b1ada2cacb09e5587d5456e40faf327e58b92704e118181a208b36336f865ebcf9e070014c379cc"})
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x20000010800a})

[  149.358912] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:06:02 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])
r2 = eventfd(0x1)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x18c80, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='net/connector\x00')
r5 = creat(&(0x7f0000000480)='./file0\x00', 0x8)
io_submit(r1, 0x4, &(0x7f0000000540)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x2, 0x8, r0, &(0x7f0000000000)="106f8552f6327d6f7da72d332286e464d39aa50da0a4d14870d8ab53232797ea2f346e21e4721f6c4e05b57b637a935b24d4bb5b9370466bc233a74e3bab0ea3fb9d6ad26aebf71ad403ea4d90484ff50394df1c8e64326bafeb23358f7c27bc2cf7347cad45eb990899a6bc3e06f48de32e8be133716f9ebcfd28779dad861b3241129172f32cbf55a4c1cc524e1595121557a5f49fe8989d964d2609a7f4d63f51affd701ecac734b2ead1ac7e382342234acf6032fd01c1249358d729326de54f6796ad0ab61f6899a2cebc73097deefe3a2f2d27235bd62dbead8bfaeaa8051ae4f011f0201db955af7a", 0xec, 0xfffffffffffffc82, 0x0, 0x1, r2}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2, r0, &(0x7f0000000740)="c3ed16d21cf299a38e0912492ef0e832eb4c2c152eef00dab2f44c83fea16564b5b5f590ba0641cf764b224576a760465b1fe3997f97d39826a535dd8fb417f4e061c3a9c4fa59cb9096edc3b2ec35698b58cb32aa597a168e967d2cf839d52c8392c0c113ce63779996cd149d528369dfdee4d8342b8eda24b51a6846594b9c86a6834b20e3439117fb49dbf95839bcd83d05a84eb37f9c4d5e712303e513f9e3b8c2c1b962e5c21715f38c0dcd3dea50a3dc1122a034e2d76bb909642564ebf22d6db835c07f5f3be03a4c177d93e4727078c07394008b2bcd303640c2ce9bd5b9bd61b9163310c50dd13bc9bddaa0cfc49fdeb6c64bb7e7237d8a11b00adeedb600e6441c565ba7f8bc671be4874621bbffc7de9da797d6fb61fb9a08ade7f7d83fc56a54c1c17972999aab4bb376af8181844712e84ae4fde0d3f3726370f25b7c682f5e653c48693621edff396aeb13df32276b288ced177b51964d92420a302a13a38205cd39b52e675c2ca8f611f6b22c0f1883deda13292838710ddefd50254f9b68d2dd15cfc4bd63e3c31e06719d9e1f23cd9121604a3fde8d37554a3c6f71583ad7b52cca852d50fa1a8fa729a45cc95209a1001e09816f3c581e1dc2127ace1fc9ab8084f1d43ba637f65ee6592c0ed9814bb289f6cf5e2dd439d91159115e09e22795d3c106769271cc0cf48385956b0004bd4345f57eed07aa0001c2a09fdb5aa48e1056ea6f6017a18bf86c1f4fddbe24181a023a561a1eb77449df5b9d0c5c5422d1e60a01b5ec9ef8e8f85c7fc0043ca2030a494928d862b6e83f024705ad262ec0c7fcf57fe1590b7d02a02e5995c700ec37d155d841fd5701e5fc25c00eb696ff60a9427f807e8f36465802a35db8c286392c09c1915dab06876d3351e7fa2afd58a0d098b869fee1e9a5e76f00f9824aad54717bd8a47fc91b619879ee5e280e23fd2b13f7c3ae166f19cad351664ca9f77d6725279e2268ebb82b2dc9a237ce32a7d3f3a638fd029b47a55cfaee619aed382e8742be9ce1317a0f516b9847fc65ef2798e9ac76debaa8c4dea52f8507f6c4ec898b5585cfb63ce77a2d1819b0d053c2bbd7584edc12e441d4be3110471abb0fd44c09cef9b1a2dfcf3df90552661ab7e9ff9027ed0a52ef9e988722520726cccf51c257b649b272b2d1c949733fd30624c9a72655c7f6c993bc944aab4ad8ac005dce100c6447bc84b53cc0bd5453b5dd1e63b957c8c49acc58e5b1f8fafbb2f0667756cefcb1adc464d72a5c21e477bd3840df2d8bce801b9bccf70ad04c123409abc57a4919034dab4862b86b9b53abe5c3b85efc43cdc006dc76a360ba4abe5501f4d82a129ccfa18b1c7a1153aa0f1c3894d594fbd1ae0ba4b661f76a19e1d2a388235236af78390fbe2558501cf2a549303a7f509ddde28cf9913b437c5fee34e9e64f13e29c93d2fa0b3446bf0618337e2a2c808ff01c2e36233240901bdaf51a6156e0040a803fb6021c556147caaaf02825bf7c611bf083fb22c5478c22d8a281fe685bd2c52e5ae3597eb83d9c5eb7db3bdf1d73b68e0d8e68bdc00ecfc9a9e9f667d123374ba4a096ba39c4a1e9c77d2cb4257aa9cd57c2f7aa6dd39492ad98b366d0f6217ab69702fcb19f8e5f5f4f2a7b72b10006db34a56b0d501fee291f30d3d42d42c98cbf07c5ccf38d1428c81a78739814ac35998ac17395a83dc49d5b2104db779cdcd64da239ca3ce5383a302db5fa87631155a71b143c6dc83f1c42c84cb9a936a10f02c803d14bd18471c839a5af71bc5a6b7ac9ccf49625134c9b18ca8c3c0a9b1c8f675674229c4b58001ae63403df7cf1899c6ce6a43a9b6ae257ad599354fc69cb06343653d7f7b5a8fc3dfef8e1daa33a4bdca406668c21a23511e7fa62ece8ea4a5d313899b75d29c34601024b3551a845074493222d6d17225a4b8cd03fdde22a7898661da6bccd373b8f554893bf5ba58f85cd6fe2781f0c836374af1fbedcae946d64bc7fb7eba205697d43cdbebdcecb0361e616a9019d2e437b497a1a08ac8fd6f74643f015f96690c18c75d797b4c629c29e218d0fd6fd28d5d46989ec3f9e92f962958d62f5ed5cc12894d7d20092a04293b335ecddf11ad1b2c0333a1ed84c7c4cf5cbeac2e4e785a141725c14fc0c7c104bce8bcb8651f8d474c607ce75b1b74e840f8f69d9d069b2aefcd7d925ac761674756b9ce988c01f598e4433ac891f380f3065b406b9fe49b5f4d3e4e807dadbfb49ec5774770eb70732f4563d82ee37a00c724012f374f3f4282b67a94b66227f07700c5fdad4fc566a97674b1f78124c59eea6127679c2f4721e7245538d817efc9cd142bbce0b4ab014bced5930be9807379b6d9f53f8aa4283243ab745073d7d204675cb97d826263c760c686119c151881f11e4d188d8e2d7c9bb5ea0a0303957e71d9edc662c0b91d0786712891b4d413551a7f52c9760335a133225a6fb48f433eb0fd678bf97d3849f21ffa2e3deb05e8ff221ade6669e486ef83ba56c269ebef026b11260483828088a21a5d86647fe639afd2d6eff877b631def7becdf319444506d4589fc9e11a46291ae51a5a2219771ecd17400a9596f19515e5552f9b16dafefa059b8bcd7b533d85f4dc3839207e633682381fcc04bd3a701833c253ccc4efe0f10838f82dbcbe8b17b7f21574162b950eddf06044def5a137c2eb19b00a6ca762bbf7852a9992b843727f9dad03b9da8af84fbf161f3c0bce03a3c4882670140e0948ce0557350fd64674067487716cc29ce6c44bb9f8a8e87d974e36a9db51166bb0d5061227c465cfd71937772e66f2587b1205546d7f5013b59c598c65615ea730fc7c778efa55ee6eaf99c6952a4367d659f870008154be57bdfa10a3b9bc7ee132e1e663f7f96821f044fb2b327e9f7fcfe51cb284233e83d4426396e67b65a3e260e5d8084094ed41ff00679011c5bfc31b1e7f644e43d83933b6924ac05af1f82a6ec6547293f15dd99f3503012b5ccb8e43243232ed98e09e300baa82f2a4f717202212c1113a6fe0d3501ad0be75db52f52e25c27e61c0bdf018113de3213b28d6d286a44e1e2b754feef806affa36059847526ce247f6d51def2a4dba3db38744f2a61c9527a4f3cf65bf6680cfb352cbb95d004d573a0411c736d36c136b76433b1d6e875808659e45fa983852e53a3eea3fb43f9cfb34e467e301f3a449e7a85046ffd39d6c764ecbe00576d98497e0d7f2c237f2d60c5334178cb73f47107e81aca67d4048cc37393147e9fb8ce8dbe076fb8ed693ca22b18df327bc8746664544490741d8eeb1b6506c7eab5525933047bccfd81bf2ec77e3898f0df9b53b189d923959b12865d160b12a3f78e7be192d26dc7fe05044b05b1784addd54205d81c8a75d7f2a3e12d28a7b7a6b38f617e0e0b42a7eb4f7a7b8aa9aaf80218c0013302c907b37dcbd3f614888b83cbdecb7dbc3d925067449e493826d7599332e4c3e951b6865485471526d764260c1b51ae9eee8f479e3b066b7af78fd701156d114f252db403fb6d614d3cc584a7be472d059910802d245a8b69fcd7d7eccf73db223cd4a0eeecef2db51b2ba6913b42e4a93a82592f662c9e94e44eedbdcf0ae49364e675d7dbff6a4737b7af109277a1a3dbb86f2a7985fad08bef19f00904646d2981e1af889b3e67e39c1dba3d59567fea3ab6544130507ad6b17cca48d86261b7f71d28806bb4b6fe8f679c5cc7d5bf9f743d1dc2f9ddfa25d116f5bb6028548ccc4eb7b772eea875492fa06b480b04c7bafd2b1248e383e6ddb4110fe6875ce06197f1c87c98e5a6dca9e90e05e571855d431da177d8a6340a316f3126f5bdd21a2c43b774b0fe05dfbb8cd755139c785b9a860f2e763f7648d6292e4862c144ed9c7c9fe81252d8adbe29e37294f76c310cb6850e4b9360ef53f1d0288b0ee851657e1ca5c58b0d5c315c62f541ffa1aa267ee090cad191539ff6bc9c0c372489be508a5d95ab901a7ba9539f0fb9070428924a49352b7eee1be3c2696016236211538a22087ffedf93079404475e3dddd0272db8ba79ac8216a3bfac568f55b19ea3124288bd122030894a75fce18f17bc506af93728ab6f9750b6262eaac32b37b0b0d6777cb2f35ed4fd2a1916bdc96e79d097a56a71eaaf93f5afd9802256a519911810ce383937e7158ab285dda0905f6f011488c542305b72e8287a0c97e3a033ac8a7b9dc28613020393bdbcd71f784969edfbdcdb21c164f3e088736afe7cb438d62ee629d838a73c53a4692f3d16f72992bd4bdac57e2a17745dff20aed8897c22d31ee4ba32bd4ee5c8a139b8a91c66ddec6266f0634125df93b628feacc6f5b7a235b75fbb476a3bfbc76b27f957f6d78c3a681b901664ef35e7bc0823ffab9672f10296da2aef6efa26a38f36ad168b0457d5cc627a70278433ddcbbc165b6ed6a5521451e6a3569011afe104d0b1d76c0cffde00942e0960c804ee9850d4416ee05b802ac857c909623356b135aba6036ccbe468d9619843979f78f7150ffe89068fa5eded4b2ec3bad9aae74ae192e77fb5037fc077ec697dfac910cb23b813182dde8c2248a7c7ee4ab5a59a10a6af4db3b841732a5820890a8fd6ea381262440b7b8d096ff8a743709611c498bbbc0b9a3ae71e2f98340601200592900f399af5c3d3840f88f9bb423d4f50612257de5054ec58b20cb7e3ce7c6f1ecc64e3cb1ef3c8b954c157ee51af0dda3d352deb0ce08d04a92c7fe863e7c6e26948af3af892ff02aa5c5c66f3728d324a3ef76144f36603b6fe574b8c21acdb73a1986189322e58bc70c92e595cac4de12dff294549d0eef2db7a1ad0ff6c61655c678788a9329fa3e81164f09639e18500bf5dfc3e4293286dec6c7486e0d33e2aa5e3ffd2796d21c0d52067c6a6b0cf88ab0b1d32649944da8475587cbd29d29fa508b03f4ef4bc597b81394b330a024c6382b07d95b251f26bf326fb667c118d58a3ac88b56b8d4115eaf884606d90a2834df49f713ce2f01bfde88a272ad566f4f543814f71d0b575d496608f07a718d57bca5036bbac8a95919fe370fcdaddc019646356f0eb70c88f0246c5d90bc841beeddf57bc9add34c2edcd6345b06b1b57c34488c9584e95af257adfef7427948aff77bc1776085b7c14ccfb09551e5ddb1c76b0b5e97ea09003353d12b95f04ff52ec7353385027f12c0522a2048463b68901903a29eda2e641ca566239f297d0a218bf968ed8cfcd6c1495e577f7f1c1f3d7693202229490fbaa34f65f43827baf624de994a5f3b3ec24dd021ea52dfd1f6f1908f0d4ec33565d4c6e003faca4e6b0d47cfe1c217f70d29b084b702dbf02da45ed7c5b549e49d731112315f9238814621704d0d8b462f0996f6c19a812f2e18dbc6aa6aaf4a8d0d409bdbce6aaf9c242c75e3a32709da72bb3bfba31025a57737e637478df46447d81a28a2b73d2a5d780480cfad21ed931fdeb6e0d4c3a7ae9c7b54120a559ff91fb016c77b692aa62b8628c5496cf2b0d6fffaec18a4dd2fbcc9f70c49dba641c5d2cacfdad2f08ce63c1a0626f0d73530a779c2b22f21aa6c814903e78a03adf60d8316f6f9716053966a9d605cd08acc0abe92c9062a21b6af2ea3ec340fa47e0246e5936b55ada1f30596d20b1a886a797f8a50badddbb0a5a5dd34c0f9971bf2f1dcf7346ef5e0ce36befbc33c2bfb2cb68c6344d185078650f811216aab321080ace29fe456d6d5b69c7c92429ab6f3cc8f8f9f6018284d7d9", 0x1000, 0x3, 0x0, 0x1, r3}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x4, r0, &(0x7f0000000200)="70ce679fdaadc18f0efb2dd7fc871164c15ef6f3577e47c1a06ebb01ecabb7ccb7d03f092f802a6661f662ba38e21c336dd760ebf65f32b588d4298cda838ea856350163812b60f73aecc6621085f8bad4893064b5d34c5fd2b85b18024ad740a549522c4504808fcbf48932b420e05d88fc58fc80adf721e73f732b071fb992724d6753903c039cff824a75ad660fc39ed1ea7056efba3f079cf8f7f82130f35a814f0052323c754392d45874d72a87fa855130868a24f8a46239694d0dafdf5035ddee", 0xc4, 0x7, 0x0, 0x0, r4}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xa, 0x5, r0, &(0x7f00000003c0)="83237260bdd4fae65507aa47bec4b51b42592c3e58d9fc9e2de240bbc5dd861fc56cb1760cbee4a5081fb5ec5e9e15359a1359e3f0eeb3da4980ade27968227262c4e7d9048ae72348a15c7d7aa97a6d9f48fe922213f26fb9d683e44e02f11ccf1448a8fead038166609808e70641c6ce5c4e3de7d137cddf059693eb128c82c6efab2bd70081fc43aa1bdd17d842e9dc9228278d1df6cfa9c9c1fe03eb590236eb22b8ac99", 0xa6, 0x3, 0x0, 0x1, r5}])

[  149.401294] binder: 11917:11924 ioctl 40046207 0 returned -16
[  149.439839] FAULT_INJECTION: forcing a failure.
[  149.439839] name failslab, interval 1, probability 0, space 0, times 0
2018/04/06 01:06:02 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0xa, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  149.451204] CPU: 1 PID: 11927 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  149.458059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  149.467424] Call Trace:
[  149.470030]  dump_stack+0x1b9/0x29f
[  149.473684]  ? arch_local_irq_restore+0x52/0x52
[  149.478377]  should_fail.cold.4+0xa/0x1a
[  149.482460]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  149.487574]  ? kasan_kmalloc+0xc4/0xe0
[  149.491474]  ? kmem_cache_alloc+0x12e/0x760
[  149.495806]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  149.500658]  ? kvm_mmu_load+0x21/0x10e0
[  149.504646]  ? vcpu_enter_guest+0x35a0/0x5c40
[  149.509152]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  149.514172]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  149.518411]  ? graph_lock+0x170/0x170
[  149.522201]  ? do_syscall_64+0x29e/0x9d0
[  149.526253]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  149.531612]  ? find_held_lock+0x36/0x1c0
[  149.535671]  ? __lock_is_held+0xb5/0x140
[  149.539735]  ? check_same_owner+0x320/0x320
[  149.544054]  ? rcu_note_context_switch+0x710/0x710
[  149.548985]  should_failslab+0x124/0x180
[  149.553045]  kmem_cache_alloc+0x2af/0x760
[  149.557185]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  149.562190]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  149.567717]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  149.572556]  mmu_topup_memory_caches+0xf7/0x3a0
[  149.577212]  ? kvm_apic_has_interrupt+0xe1/0x210
[  149.581961]  kvm_mmu_load+0x21/0x10e0
[  149.585749]  ? update_cr8_intercept+0x165/0x1e0
[  149.590414]  vcpu_enter_guest+0x35a0/0x5c40
[  149.594737]  ? kvm_set_msr_common+0x2660/0x2660
[  149.599395]  ? kvm_vcpu_wake_up+0x170/0x170
[  149.603712]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  149.608894]  ? __apic_accept_irq+0x1a0/0xb50
[  149.613314]  ? apic_mmio_write+0x1d0/0x1d0
[  149.617540]  ? perf_trace_lock_acquire+0xe3/0x980
[  149.622391]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  149.627829]  ? kasan_check_write+0x14/0x20
[  149.632056]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  149.637255]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  149.643225]  ? kasan_check_read+0x11/0x20
[  149.647375]  ? apic_has_pending_timer+0x122/0x2f0
[  149.652294]  ? kvm_lapic_reset+0x1020/0x1020
[  149.656699]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  149.662235]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  149.667070]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  149.672175]  kvm_vcpu_ioctl+0x79d/0x12e0
[  149.676230]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  149.680370]  ? graph_lock+0x170/0x170
[  149.684166]  ? find_held_lock+0x36/0x1c0
[  149.688226]  ? lock_downgrade+0x8e0/0x8e0
[  149.692373]  ? rcu_is_watching+0x85/0x140
[  149.696511]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  149.701701]  ? __fget+0x40c/0x650
[  149.705149]  ? match_held_lock+0x851/0x8b0
[  149.709376]  ? expand_files.part.8+0x9a0/0x9a0
[  149.713947]  ? kasan_check_write+0x14/0x20
[  149.718347]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  149.723290]  ? wait_for_completion+0x870/0x870
[  149.727863]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  149.733044]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  149.737194]  do_vfs_ioctl+0x1cf/0x1650
[  149.741079]  ? ioctl_preallocate+0x2e0/0x2e0
[  149.745477]  ? fget_raw+0x20/0x20
[  149.748923]  ? __sb_end_write+0xac/0xe0
[  149.752892]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  149.758418]  ? fput+0x130/0x1a0
[  149.761692]  ? ksys_write+0x1a6/0x250
[  149.765486]  ? security_file_ioctl+0x9b/0xd0
[  149.769887]  ksys_ioctl+0xa9/0xd0
[  149.773349]  SyS_ioctl+0x24/0x30
[  149.776714]  ? ksys_ioctl+0xd0/0xd0
[  149.780344]  do_syscall_64+0x29e/0x9d0
[  149.784228]  ? vmalloc_sync_all+0x30/0x30
[  149.788369]  ? _raw_spin_unlock_irq+0x27/0x70
[  149.792853]  ? finish_task_switch+0x1ca/0x820
[  149.797350]  ? syscall_return_slowpath+0x5c0/0x5c0
[  149.802272]  ? syscall_return_slowpath+0x30f/0x5c0
[  149.807195]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  149.812553]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  149.817395]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  149.822575] RIP: 0033:0x4552d9
[  149.825756] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  149.833466] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  149.840738] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
2018/04/06 01:06:02 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x4c, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:06:02 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0xe, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  149.847998] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  149.855263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  149.862520] R13: 0000000000000251 R14: 00000000006f6838 R15: 0000000000000009
2018/04/06 01:06:02 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x100000000000000]}}}}, 0x48)

[  149.965774] binder: BINDER_SET_CONTEXT_MGR already set
[  149.998415] binder: 11943:11952 ioctl 40046207 0 returned -16
2018/04/06 01:06:03 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x10, 0x4, 0x0, 0xfffffffffffffffa}, 0x2c)
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x40, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r0, 0xae78, &(0x7f0000000080)=0x2)

2018/04/06 01:06:03 executing program 2:
socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sync_file_range(r0, 0xe, 0x3, 0x2)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
r2 = shmget$private(0x0, 0x4000, 0x54000004, &(0x7f0000ff9000/0x4000)=nil)
shmctl$IPC_RMID(r2, 0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000200)}])
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x101000, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x2, r4, &(0x7f0000000080)="55c3983629c59d5470d6f179e2076c57e085293338efe68e91db217bfaad9d0116b76ee276ef26db8e628359e7cbff0fc5045d4bfe118e65364dd3ab334ae7de8ba33479ca54290c05cf43501316ad9b5673ee1272c0846eeff5698ebbffaf3d5c20194cc89fbcc1b3cd84a871a589e1f1424ab7ca5cc1cf1f2c553e62785ffde2fdf94a461a4ac789", 0x89, 0x5, 0x0, 0x1, r3}])

2018/04/06 01:06:03 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0xfef4, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:06:03 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x730000, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:06:03 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0xffffff9e}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:06:03 executing program 0 (fault-call:7 fault-nth:10):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:06:03 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x200000000000000]}}}}, 0x48)

2018/04/06 01:06:03 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f000001bfc8)={&(0x7f0000db4000)={0x10}, 0xc, &(0x7f00006bcff0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000001800010300000000000004000800150007feffff908aeaf3070013615df16b5146a841ec8bc9c120d3c017692d1e87ed215660"], 0x2c}, 0x1}, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x80, 0x0)

[  150.498911] FAULT_INJECTION: forcing a failure.
[  150.498911] name failslab, interval 1, probability 0, space 0, times 0
[  150.510263] CPU: 0 PID: 11984 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  150.515633] binder: BINDER_SET_CONTEXT_MGR already set
[  150.517101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  150.517107] Call Trace:
[  150.517133]  dump_stack+0x1b9/0x29f
[  150.517154]  ? arch_local_irq_restore+0x52/0x52
[  150.517182]  should_fail.cold.4+0xa/0x1a
[  150.546700]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  150.551819]  ? kasan_kmalloc+0xc4/0xe0
[  150.555722]  ? kmem_cache_alloc+0x12e/0x760
[  150.560064]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  150.563108] binder: 11973:11991 ioctl 40046207 0 returned -16
[  150.564910]  ? kvm_mmu_load+0x21/0x10e0
[  150.564929]  ? vcpu_enter_guest+0x35a0/0x5c40
[  150.564949]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  150.584246]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  150.588491]  ? graph_lock+0x170/0x170
[  150.592543]  ? do_syscall_64+0x29e/0x9d0
[  150.596595]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  150.601962]  ? find_held_lock+0x36/0x1c0
[  150.606032]  ? __lock_is_held+0xb5/0x140
[  150.610107]  ? check_same_owner+0x320/0x320
[  150.614426]  ? rcu_note_context_switch+0x710/0x710
[  150.619352]  should_failslab+0x124/0x180
[  150.623404]  kmem_cache_alloc+0x2af/0x760
[  150.627548]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  150.632554]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  150.638082]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  150.642917]  mmu_topup_memory_caches+0xf7/0x3a0
[  150.647576]  ? kvm_apic_has_interrupt+0xe1/0x210
[  150.652325]  kvm_mmu_load+0x21/0x10e0
[  150.656115]  ? update_cr8_intercept+0x165/0x1e0
[  150.660953]  vcpu_enter_guest+0x35a0/0x5c40
[  150.665266]  ? kvm_sched_in+0x82/0xa0
[  150.669083]  ? kvm_set_msr_common+0x2660/0x2660
[  150.673747]  ? perf_trace_lock+0x900/0x900
[  150.677969]  ? lock_repin_lock+0x410/0x410
[  150.682193]  ? kvm_arch_vcpu_put+0x2ef/0x420
[  150.686599]  ? __schedule+0x80f/0x1e40
[  150.690481]  ? __sched_text_start+0x8/0x8
[  150.694627]  ? lock_acquire+0x1dc/0x520
[  150.698589]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  150.704049]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  150.710105]  ? kasan_check_read+0x11/0x20
[  150.714242]  ? apic_has_pending_timer+0x122/0x2f0
[  150.719074]  ? kvm_lapic_reset+0x1020/0x1020
[  150.723483]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  150.728325]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  150.733339]  kvm_vcpu_ioctl+0x79d/0x12e0
[  150.737390]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  150.741530]  ? graph_lock+0x170/0x170
[  150.745323]  ? find_held_lock+0x36/0x1c0
[  150.749381]  ? lock_downgrade+0x8e0/0x8e0
[  150.753527]  ? rcu_is_watching+0x85/0x140
[  150.757668]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  150.762858]  ? __fget+0x40c/0x650
[  150.766306]  ? match_held_lock+0x851/0x8b0
[  150.770540]  ? expand_files.part.8+0x9a0/0x9a0
[  150.775110]  ? kasan_check_write+0x14/0x20
[  150.779334]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  150.784267]  ? wait_for_completion+0x870/0x870
[  150.788840]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  150.794030]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  150.798172]  do_vfs_ioctl+0x1cf/0x1650
[  150.802143]  ? ioctl_preallocate+0x2e0/0x2e0
[  150.806628]  ? fget_raw+0x20/0x20
[  150.810075]  ? __sb_end_write+0xac/0xe0
[  150.814049]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  150.819572]  ? fput+0x130/0x1a0
[  150.822843]  ? ksys_write+0x1a6/0x250
[  150.826638]  ? security_file_ioctl+0x9b/0xd0
[  150.831045]  ksys_ioctl+0xa9/0xd0
[  150.834489]  SyS_ioctl+0x24/0x30
[  150.837841]  ? ksys_ioctl+0xd0/0xd0
[  150.841457]  do_syscall_64+0x29e/0x9d0
[  150.845338]  ? vmalloc_sync_all+0x30/0x30
[  150.849475]  ? _raw_spin_unlock_irq+0x27/0x70
[  150.853960]  ? finish_task_switch+0x1ca/0x820
[  150.858445]  ? syscall_return_slowpath+0x5c0/0x5c0
[  150.863361]  ? syscall_return_slowpath+0x30f/0x5c0
[  150.868284]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  150.873641]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  150.878481]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  150.883658] RIP: 0033:0x4552d9
[  150.886833] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  150.894530] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  150.901784] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  150.909053] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  150.916309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  150.923575] R13: 0000000000000251 R14: 00000000006f6838 R15: 000000000000000a
2018/04/06 01:06:03 executing program 5:
r0 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'sit0\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0x402})
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0xffffffff, @hyper}, 0xfffffefa)
r1 = syz_open_dev$tun(&(0x7f00000002c0)='/dev/net/tun\x00', 0x0, 0x4104)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000180)={0x20000000000002ac, &(0x7f0000000140)})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102})

2018/04/06 01:06:03 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x200000, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000040)={0x2})
r1 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000200)}])

2018/04/06 01:06:03 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1b, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:06:03 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x1000000]}}}}, 0x48)

2018/04/06 01:06:03 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x200000000000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:06:03 executing program 6:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000000)="2bb222adf2375b726d5a858d6a6292c30837866388644d949aa23c6a3f2ac79623e66d76007b2e504459a9f82737022a7b9df3bf30e62fe42bae3d", 0x3b}], 0x1)
bind$inet(r0, &(0x7f0000142ff0)={0x2, 0x4e22}, 0x10)
sendto$inet(r0, &(0x7f0000243fca), 0x2c4, 0x200080c4, &(0x7f0000b56000)={0x2, 0x4e22}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000b26000)=0x1ffa, 0x4)
sendto$inet(r0, &(0x7f0000000140)='\\', 0x1, 0x0, &(0x7f0000000180)={0x2, 0x0, @loopback=0x7f000001}, 0x10)
writev(r0, &(0x7f0000018cd2)=[{&(0x7f00000001c0)="02", 0x1}], 0x1)

2018/04/06 01:06:03 executing program 0 (fault-call:7 fault-nth:11):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:06:03 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x48, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:06:04 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1a, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:06:04 executing program 2:
socket$unix(0x1, 0x7, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f00000000c0)=0x8, 0x4)
syz_open_dev$sndmidi(&(0x7f0000000100)='/dev/snd/midiC#D#\x00', 0x4, 0x2000)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7, 0x80)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4)
accept$alg(r3, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x74, &(0x7f0000000180)=""/220, &(0x7f0000000280)=0xdc)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])
prctl$void(0x3f)

[  151.136438] binder: BINDER_SET_CONTEXT_MGR already set
[  151.146764] FAULT_INJECTION: forcing a failure.
[  151.146764] name failslab, interval 1, probability 0, space 0, times 0
[  151.158096] CPU: 0 PID: 12020 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  151.164947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  151.174400] Call Trace:
[  151.177036]  dump_stack+0x1b9/0x29f
[  151.180684]  ? arch_local_irq_restore+0x52/0x52
[  151.185377]  should_fail.cold.4+0xa/0x1a
[  151.186105] binder: 12003:12021 ioctl 40046207 0 returned -16
[  151.189451]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  151.189469]  ? kasan_kmalloc+0xc4/0xe0
[  151.189488]  ? kmem_cache_alloc+0x12e/0x760
[  151.189505]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  151.189525]  ? kvm_mmu_load+0x21/0x10e0
[  151.217475]  ? vcpu_enter_guest+0x35a0/0x5c40
[  151.221984]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  151.227020]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  151.231264]  ? graph_lock+0x170/0x170
[  151.235072]  ? do_syscall_64+0x29e/0x9d0
[  151.239149]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  151.244537]  ? find_held_lock+0x36/0x1c0
[  151.248617]  ? __lock_is_held+0xb5/0x140
[  151.252705]  ? check_same_owner+0x320/0x320
[  151.257047]  ? rcu_note_context_switch+0x710/0x710
[  151.262010]  should_failslab+0x124/0x180
[  151.266090]  kmem_cache_alloc+0x2af/0x760
[  151.270267]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  151.275292]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  151.280838]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  151.285695]  mmu_topup_memory_caches+0xf7/0x3a0
[  151.290372]  ? kvm_apic_has_interrupt+0xe1/0x210
[  151.295142]  kvm_mmu_load+0x21/0x10e0
[  151.299163]  ? update_cr8_intercept+0x165/0x1e0
[  151.303845]  vcpu_enter_guest+0x35a0/0x5c40
[  151.308188]  ? kvm_set_msr_common+0x2660/0x2660
[  151.313042]  ? kvm_vcpu_wake_up+0x170/0x170
[  151.317396]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  151.322601]  ? __apic_accept_irq+0x1a0/0xb50
[  151.327028]  ? apic_mmio_write+0x1d0/0x1d0
[  151.331279]  ? perf_trace_lock_acquire+0xe3/0x980
[  151.336151]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  151.341597]  ? kasan_check_write+0x14/0x20
[  151.345833]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  151.351022]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  151.356987]  ? kasan_check_read+0x11/0x20
[  151.361135]  ? apic_has_pending_timer+0x122/0x2f0
[  151.365979]  ? kvm_lapic_reset+0x1020/0x1020
[  151.370392]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  151.375920]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  151.380766]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  151.385777]  kvm_vcpu_ioctl+0x79d/0x12e0
[  151.389832]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  151.393976]  ? graph_lock+0x170/0x170
[  151.397763]  ? find_held_lock+0x36/0x1c0
[  151.401813]  ? lock_downgrade+0x8e0/0x8e0
[  151.405949]  ? rcu_is_watching+0x85/0x140
[  151.410085]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  151.415267]  ? __fget+0x40c/0x650
[  151.418705]  ? match_held_lock+0x851/0x8b0
[  151.422935]  ? expand_files.part.8+0x9a0/0x9a0
[  151.427504]  ? kasan_check_write+0x14/0x20
[  151.431722]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  151.436639]  ? wait_for_completion+0x870/0x870
[  151.441213]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  151.446399]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  151.450530]  do_vfs_ioctl+0x1cf/0x1650
[  151.454410]  ? ioctl_preallocate+0x2e0/0x2e0
[  151.458806]  ? fget_raw+0x20/0x20
[  151.462254]  ? __sb_end_write+0xac/0xe0
[  151.466235]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  151.471760]  ? fput+0x130/0x1a0
[  151.475040]  ? ksys_write+0x1a6/0x250
[  151.478836]  ? security_file_ioctl+0x9b/0xd0
[  151.483242]  ksys_ioctl+0xa9/0xd0
[  151.486685]  SyS_ioctl+0x24/0x30
[  151.490044]  ? ksys_ioctl+0xd0/0xd0
[  151.493661]  do_syscall_64+0x29e/0x9d0
[  151.497538]  ? vmalloc_sync_all+0x30/0x30
[  151.501682]  ? _raw_spin_unlock_irq+0x27/0x70
[  151.506184]  ? finish_task_switch+0x1ca/0x820
[  151.510674]  ? syscall_return_slowpath+0x5c0/0x5c0
[  151.515590]  ? syscall_return_slowpath+0x30f/0x5c0
[  151.520522]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  151.525897]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  151.530749]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  151.535927] RIP: 0033:0x4552d9
[  151.539114] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  151.546825] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  151.554086] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  151.561340] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  151.568687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  151.575944] R13: 0000000000000251 R14: 00000000006f6838 R15: 000000000000000b
2018/04/06 01:06:04 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x2f, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

2018/04/06 01:06:04 executing program 6:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f000045fff8)={0x0, <r1=>0x0})
r2 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x4, 0x80)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000000200)=ANY=[@ANYRES32=<r3=>0x0, @ANYBLOB="b900000044fea14c89727da9f630f945baae29c6bc9d992bf5b09fd57b62c6f794b3f4ed0f72dbd5048fd2e81d4a4c2f82e25f07537ad5c35c238d9a4f330f1e248e0c8f648308000582d168bca9e2da8cc4bc10384a24c5f98c6126d65446a118a8ff39b37e2bf67c8375ea1d3d3ab1f3a994aa2fdba4e33ae891d86dc892c1aa1fea2457edb5b0c22e34ba5aa020c37e5ad67eba3153090cfc0a677748f02c9bcfd099753794335eb9b90ccbb32685f61a8c9ec60b78f9ad2f6999900d27bfb695d7e1ae7f65cab3934d4eb07b"], &(0x7f0000000140)=0xc1)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r3, 0xcb99, 0x9}, &(0x7f00000001c0)=0xc)
keyctl$set_reqkey_keyring(0xe, 0x1)
ptrace(0x4207, r1)
ioctl$KDSKBLED(r2, 0x4b65, 0x5)
ptrace$cont(0x1f, r1, 0x35, 0x0)

2018/04/06 01:06:04 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x3, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

2018/04/06 01:06:04 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:06:04 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x1000000]}}}}, 0x48)

2018/04/06 01:06:04 executing program 0 (fault-call:7 fault-nth:12):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:06:04 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
keyctl$set_reqkey_keyring(0xe, 0xfffffffffffffffd)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])

2018/04/06 01:06:04 executing program 5:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c)
listen(r0, 0x43)
msgget(0x2, 0x450)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f000078dffc), 0x4)
r2 = accept4(r0, &(0x7f0000c71ff0)=ANY=[], &(0x7f0000f5effc), 0x0)
write(r1, &(0x7f0000000280)="95554a803729ad636433e07c40c0a4c27ecd90883f2c576af6a1d7cc1b484551ac8588dc9e5cc90c3f5317facb1dc4cc722a7e8e7ad1b478a6bd9230b4dc2676ab77b7638143b8b71076eba550fb67257a5d0a1a53bfecec8c2c19d4b486bb8cc68af0b815bf6cd9adb7d121d5d6a3c8218eab1fe7d90bc7bf20a300ea16f255e4571a1e49efe02e588b7b251b85b9400db808cdf1618211c0c12ddc85a4e8d2b7d8c04f09c10352f4b0c62ea2d270db10935ab76d91a3f6a7646b7a91550e9699b407706a0e73bc49d40b7e8e11ea0771164b03228a7da3b7fd7978c00b533affee71831ad2ba50107990f40be09c84d334b9e4105d65b6a71fe96a2ec0cabd9c367d6ee6a5395b974fbe7857ef46fd6bdbaf83c2017d483db4d35f50d2f7b548c5674aab21d77852c1358cc5989021e967bf3cdd492ba3749b7eefa0459264d677c777a8ec0cfae330b459cef03562a8e6362b3f72d6c6dd90ffa36468b762d2bde88b4d5adad30accd44025d833f09c557c4fe2e653660d56653edece3f136e160606b1eb6736678dfebce9893b69f4cb2bd3bb54445906b7ede0e7415ffdf036250d6bb41438fef7c2a787cb912394422c6808d65f6158438619e4f8d4fcdebf64f968f7af4cb0eb2bf43e5fad16e6947acad44b7379a556dca81c3d70880118eacbec5cfca4f29622907bba9fa620fe96313e897a53eda5dbbef6eccb633d0f798f98fe36c3f0e9cb3d945b454cfe379958fa91c024c5db5a38aa309acd8cc6f952c9a6f5e468b3d618e0c7116118f0465682f4db28c43d82156cf2dc33b1cdbaedd02d2402f7b57b6cd4182469172465fab4260470064bf27096196dcab8f2676e55edd63af9bd0d3f64082a362f624627b8a5c4d075e298f0896a2adf7625321aababf293b92551315ba29ab13deda481d866640df3fabeb2991000e6e0ac2fac17740b54d0f15d3edb4e67d95bfb5078cc57a0a16518cc762e425858ad84fb422775af0d1929655bef87c0f68b8ade4cd274bf6f6c54ec160b30b5916d01b2c3bab57acc05207cf82dd67d7d4109e6db2d6e6ebc651f73a734648c567ee04e9ff241db6e04b4d47e9167c7dcf697c7e6213cf4dd275b645c92a2f1de0105a703676d4d09f8d05ae94995380be4d8c91cdd4649ace1e22c96243401114f8a7461293c45eba254328ef50877b0686bb1ca4b35e3cb21e020a92c9fd6c0a095934ba0ee829bbfc4c44a60dc17d8a667752970d23514efcd1c5d125cbe73fb96adf249901e1792aa6f5e89198b144635610f64d74e672e3815f276ee06702904644d6de561473ea7538da3ce72a8cd17d76f1fed3ae9e5cf95c1a692b0399744879ed3a62bab6d3a59f14f6133f5ae29d3dd297bdcbd647f68432a2e9a2f0c9191903739aa26fc6b10d59f469aaa5d98d46e18ff0f8083f200633a8cd46eb36617528f41a76db427c7fa72c6872099ab49577652a334b28acdb8766564a59b5b912fded089a4c95250a2bc3fb8d7727bd07c4fdae7f360d4797626b91e3924cea4b678d9eb3c430372a850c3da210fe5bbb2eba38f33917e13297ac16bb4c0e2fa4ac881f8d4b5ec1db40472ecd5f739ed8ddd611247761afc6e7afaaaa39f9fba3ed066b69dc8c5e6fd2523bdd76442ed2fe724b9e25514bfdb50654d3de10122323c89d9461da9a5ea0b9a571e958eff1973715667923118e9a711992a9a34862c5cf62834a6f30ffacad1c9e09cdd6c40439776a08e052be25b7a41a91ae0447f891b0e96e2b6b0c4e6c5e0d81cb11369f69c479d21ba1da9e6a02d7a568c45ece22454df72e130dbb1a1662f6904dee3aa30e20d85809ef53dcb1e35a495ee71cc2660bc5e17e6bd40375cef2f7aa763a49d40f5f9b5695cd371d126d9253f8b32c9a7ec13dccda64da3375f430baad125e695505bb7aaa60cdc1a58025d85adf4c61293e766fca490419d624c87c91c87bd5f20301a49b057f650edda9f3c54fb2b6a0a18d0034604b2068e7b68bb97851a13987ff45c0a3126350d61d8a4176c2c105b3787a2b5e4c816b5a992cc6d682055fa263e53d289e25bf7b328daa007f60d162b567b79c6beea3f92105df6ff920a1701c35022568944c5764ad0b5d062af084afe63b4fce78e88de7cefa956d7823dcef8a927b2ed360add81fe814f57e385457448c1785849fa922efb64d91c0d39af08a3d76e62dbfd73f1a2b18ad5dc5047df71ee5770c0cc5f787217eda9e3c43bc65b10ecdb666981c00adf9d4ec43d61098b09a36d1b2ebfad93588a414a2bdf144007332112ebc55a5d3a13cc54497822b21d6d94fdb3044cb5fc0097fbc41eb51e730af4e739bdddb7a7ec1062287381bd05f010cec368ab1c8c2fe21ecadf9147290022ec2b5d1f1f34707156579cf29dacce0b4844f31d8b8fbbfb5fa1d94bb01d76507cd698a4dd95ef61f40ae644f3584476b75230a1b6b701193d833028c5f574706289df4d4f2e5cb62fd2dde7c075461460a908647ab7d98944041d0ad9b41a4925708900ae2c322f1da0e773e2b4c10a0bcb99dd9a72f3a5bf76b65e5eefd21183e42e185a585a0250b42dbe026ea8384277dbe031e64900766b5573c1cd689819dbaca3f7fb33fb3fc67bec8a41d6ccb3831a942a017be4ece5f87fb371a9d0e872ba049a767cde20bc0c10f0f2a899507cefa43e076af6d9d9c91618f0e88bc9a149f2bd8222605459dc05725eaa67e316b364415b452d065bdedcdd9177c136a7e9a8364e56d6cf31a7ac3794cd37812f3707f1441b06c1b20e4799aa89e9644ba279cb7f56cd8f4707d5f0415e14b3c85d62c064524e8125252ff44a4f956392f26df5b1e26c245654346fc9a87affdef29be4d449704eafc739f2f19c7b21c281ac7be6e4eae57c8bc0c0be7c30ffce03566e164c872944de3a456c971d02bff4737da26900bbebcd31d824adbc5116f48c0e5aea651a52777ee159f7edfdb9c1ab950148f909c169b928beb4f720f8579c4d4ed3b5390dbe24133d2e0cd69104191579585e69325940402ccaf2cb7aa0b56874938a18d0c5afe75f548496c46d9156c8dd474621b93b047061a958281abc09aa2b0525902037155e3911d164d7be43deaa096a67656ae581ff93eff6557d00c090a001ae46e7b36bb5e022468a944204106f4f3ad4c164063f869c68975775cb175192aefc2648fb35454d70a61509ad75b577f4a6e235e45a1d59cc3d0efa2493003703e79b5e6feb95a65cfd11cf5546a0c7eba265e5c1fde5c014df0d3b36e2448bbec73cdd360ff9079772e0ec5e7741921088d1938ae24e6f3260ab2a7fbca783ec1393274c941046306343bb6b101937f73938f3276d5796051e3b636f8b8dfd27cb436e4207da67aaf905c87f7df1552081a1d9d5473ad86f6e9f8c081f17d52090b72f133d4ed7f992fb0dc376e43e458ec71d909797fb72a59e78a0c953b39c957a086d087b8405cc12b83ca66acca07caa79ec2aed94ecf902bfbec396ee62e618dc8f52e705aafaeff37c9fb15d0dbe36d95c05065c12ebc89cadfaea491950edb24d920928e65b55d9972b6baa6eb36e85f362195c00d5e7714fda7c1056d08473ada591c54274735d50fb6332deb01f302ca66dc4dd64ef55ea5b0852d6323b0f6faa6131628dab8c9104728b9394b77d3b4ac2c265f932453fadf967b7407c1be21f45e162a0565c0cebe0fdd721825cd0c793ee38cb481804db5fc9ff302c2990a38f1918b299224759700a89e78c02eb7306a86a01681c1507a735345bc70d70f249f9cde2ec42f509db02a35268dcddd08e65cb86a155f7289036b5c37020147e9550bd1d3aa0c099d2141c55bd39bd642973dca219608bf2df788bc58fe7a7f8017e99050f7c171d2dc848a22744a6821d62a66063638707b78122bda6952ee09ccbc9a3419179f4400c0254555d13f7eb3243a265ff059c51fbcaa6c9cdbe04337e34be18c61b5844e375c0b605724095871bbf7533edf1fc1178c6648ae60cc9b44f72a6f3665aaa42279797424ef647cac8ba", 0xb31)
close(r2)

2018/04/06 01:06:04 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x0, 0xffffff7f00000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

2018/04/06 01:06:04 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x2000000]}}}}, 0x48)

[  151.729583] binder: 12036:12055 unknown command 64
[  151.745383] binder: 12036:12055 ioctl c0306201 20008fd0 returned -22
[  151.762448] binder: BINDER_SET_CONTEXT_MGR already set
[  151.779905] FAULT_INJECTION: forcing a failure.
[  151.779905] name failslab, interval 1, probability 0, space 0, times 0
[  151.782115] binder: 12036:12057 ioctl 40046207 0 returned -16
[  151.791468] CPU: 0 PID: 12053 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  151.791478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  151.791483] Call Trace:
[  151.791510]  dump_stack+0x1b9/0x29f
[  151.819745]  ? arch_local_irq_restore+0x52/0x52
[  151.824427]  should_fail.cold.4+0xa/0x1a
2018/04/06 01:06:04 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000091000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000aab000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x3c, 0x4c00000000000000, &(0x7f0000451fb4)=ANY=[@ANYBLOB="11634840000000000000000000000000000000000000000000000000000000000000000028000000000000001d00000000000000", @ANYPTR=&(0x7f0000787fe0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})

[  151.828499]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  151.834353]  ? kasan_kmalloc+0xc4/0xe0
[  151.838247]  ? kmem_cache_alloc+0x12e/0x760
[  151.842573]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  151.847429]  ? kvm_mmu_load+0x21/0x10e0
[  151.851412]  ? vcpu_enter_guest+0x35a0/0x5c40
[  151.855962]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  151.860984]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  151.865234]  ? graph_lock+0x170/0x170
[  151.869045]  ? do_syscall_64+0x29e/0x9d0
[  151.873216]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
2018/04/06 01:06:04 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x28, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  151.878616]  ? find_held_lock+0x36/0x1c0
[  151.882694]  ? __lock_is_held+0xb5/0x140
[  151.886767]  ? radix_tree_free_nodes+0x2d0/0x340
[  151.891545]  ? check_same_owner+0x320/0x320
[  151.895872]  ? rcu_note_context_switch+0x710/0x710
[  151.900828]  should_failslab+0x124/0x180
[  151.904899]  kmem_cache_alloc+0x2af/0x760
[  151.909062]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  151.914080]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  151.919969]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  151.924820]  mmu_topup_memory_caches+0xf7/0x3a0
[  151.929492]  ? kvm_apic_has_interrupt+0xe1/0x210
[  151.934258]  kvm_mmu_load+0x21/0x10e0
[  151.938064]  ? update_cr8_intercept+0x165/0x1e0
[  151.942743]  vcpu_enter_guest+0x35a0/0x5c40
[  151.947087]  ? kvm_set_msr_common+0x2660/0x2660
[  151.951758]  ? kvm_vcpu_wake_up+0x170/0x170
[  151.956090]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  151.961282]  ? __apic_accept_irq+0x1a0/0xb50
[  151.965699]  ? apic_mmio_write+0x1d0/0x1d0
[  151.969940]  ? debug_check_no_locks_freed+0x310/0x310
[  151.975129]  ? print_usage_bug+0xc0/0xc0
2018/04/06 01:06:04 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x200000000044042)
io_setup(0x20, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)}])
io_setup(0x44, &(0x7f0000000000))

[  151.979200]  ? find_held_lock+0x36/0x1c0
[  151.983267]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  151.988724]  ? kasan_check_write+0x14/0x20
[  151.992965]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  151.998159]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  152.004131]  ? kasan_check_read+0x11/0x20
[  152.008292]  ? apic_has_pending_timer+0x122/0x2f0
[  152.013134]  ? kvm_lapic_reset+0x1020/0x1020
[  152.017548]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  152.023090]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  152.027930]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  152.032968]  kvm_vcpu_ioctl+0x79d/0x12e0
[  152.037036]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  152.041184]  ? graph_lock+0x170/0x170
[  152.044991]  ? find_held_lock+0x36/0x1c0
[  152.049326]  ? lock_downgrade+0x8e0/0x8e0
[  152.053482]  ? kasan_check_read+0x11/0x20
[  152.057629]  ? rcu_is_watching+0x85/0x140
[  152.061782]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  152.066983]  ? __fget+0x40c/0x650
[  152.070437]  ? match_held_lock+0x851/0x8b0
[  152.074678]  ? expand_files.part.8+0x9a0/0x9a0
[  152.079258]  ? kasan_check_write+0x14/0x20
[  152.083493]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  152.088424]  ? wait_for_completion+0x870/0x870
[  152.093007]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  152.098198]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  152.102346]  do_vfs_ioctl+0x1cf/0x1650
[  152.106238]  ? ioctl_preallocate+0x2e0/0x2e0
[  152.110645]  ? fget_raw+0x20/0x20
[  152.114107]  ? __sb_end_write+0xac/0xe0
[  152.118092]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  152.123629]  ? fput+0x130/0x1a0
[  152.126913]  ? ksys_write+0x1a6/0x250
[  152.130718]  ? security_file_ioctl+0x9b/0xd0
[  152.135138]  ksys_ioctl+0xa9/0xd0
[  152.138597]  SyS_ioctl+0x24/0x30
[  152.141960]  ? ksys_ioctl+0xd0/0xd0
[  152.145587]  do_syscall_64+0x29e/0x9d0
[  152.149487]  ? vmalloc_sync_all+0x30/0x30
[  152.153636]  ? _raw_spin_unlock_irq+0x27/0x70
[  152.158132]  ? finish_task_switch+0x1ca/0x820
[  152.162628]  ? syscall_return_slowpath+0x5c0/0x5c0
[  152.167564]  ? syscall_return_slowpath+0x30f/0x5c0
[  152.172500]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  152.177874]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  152.182747]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  152.187936] RIP: 0033:0x4552d9
[  152.191122] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  152.198834] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  152.206101] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  152.213368] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  152.220723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  152.227986] R13: 0000000000000251 R14: 00000000006f6838 R15: 000000000000000c
2018/04/06 01:06:05 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000280)={0x10, 0x0, 0x300000000000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000800)={0x14, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x12}}, 0x14}, 0x1}, 0x0)

[  152.301359] binder: BINDER_SET_CONTEXT_MGR already set
2018/04/06 01:06:05 executing program 0 (fault-call:7 fault-nth:13):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
r3 = dup2(r2, r2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2018/04/06 01:06:05 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x2]}}}}, 0x48)

2018/04/06 01:06:05 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}, 0xb)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x24, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[  152.341711] binder: 12062:12075 ioctl 40046207 0 returned -16
[  152.417370] FAULT_INJECTION: forcing a failure.
[  152.417370] name failslab, interval 1, probability 0, space 0, times 0
[  152.428674] CPU: 0 PID: 12078 Comm: syz-executor0 Not tainted 4.16.0+ #2
[  152.435519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  152.444884] Call Trace:
[  152.447485]  dump_stack+0x1b9/0x29f
[  152.451134]  ? arch_local_irq_restore+0x52/0x52
[  152.456445]  should_fail.cold.4+0xa/0x1a
[  152.460959]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  152.466072]  ? kasan_kmalloc+0xc4/0xe0
[  152.469974]  ? kmem_cache_alloc+0x12e/0x760
[  152.474299]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  152.479131]  ? kvm_mmu_load+0x21/0x10e0
[  152.483096]  ? vcpu_enter_guest+0x35a0/0x5c40
[  152.487579]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  152.492584]  ? kvm_vcpu_ioctl+0x79d/0x12e0
[  152.496810]  ? graph_lock+0x170/0x170
[  152.500599]  ? do_syscall_64+0x29e/0x9d0
[  152.504654]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  152.510018]  ? find_held_lock+0x36/0x1c0
[  152.514084]  ? __lock_is_held+0xb5/0x140
[  152.518149]  ? check_same_owner+0x320/0x320
[  152.522543]  ? rcu_note_context_switch+0x710/0x710
[  152.527907]  should_failslab+0x124/0x180
[  152.531962]  kmem_cache_alloc+0x2af/0x760
[  152.536113]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  152.541118]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  152.546646]  ? mmu_topup_memory_caches+0xf7/0x3a0
[  152.551482]  mmu_topup_memory_caches+0xf7/0x3a0
[  152.556149]  ? kvm_apic_has_interrupt+0xe1/0x210
[  152.560901]  kvm_mmu_load+0x21/0x10e0
[  152.564696]  ? update_cr8_intercept+0x165/0x1e0
[  152.569378]  vcpu_enter_guest+0x35a0/0x5c40
[  152.573702]  ? kvm_set_msr_common+0x2660/0x2660
[  152.578359]  ? kvm_vcpu_wake_up+0x170/0x170
[  152.582677]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  152.587864]  ? __apic_accept_irq+0x1a0/0xb50
[  152.592268]  ? apic_mmio_write+0x1d0/0x1d0
[  152.596493]  ? perf_trace_lock_acquire+0xe3/0x980
[  152.601352]  ? kvm_check_async_pf_completion+0x39b/0x5a0
[  152.606789]  ? kasan_check_write+0x14/0x20
[  152.611030]  ? kvm_inject_apic_timer_irqs+0x13e/0x340
[  152.616216]  ? kvm_clear_async_pf_completion_queue+0x780/0x780
[  152.622189]  ? kasan_check_read+0x11/0x20
[  152.626326]  ? apic_has_pending_timer+0x122/0x2f0
[  152.631158]  ? kvm_lapic_reset+0x1020/0x1020
[  152.635559]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  152.641091]  kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  152.645919]  ? kvm_arch_vcpu_ioctl_run+0x28e/0x1140
[  152.651032]  kvm_vcpu_ioctl+0x79d/0x12e0
[  152.655088]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  152.659244]  ? graph_lock+0x170/0x170
[  152.663042]  ? find_held_lock+0x36/0x1c0
[  152.667111]  ? lock_downgrade+0x8e0/0x8e0
[  152.671256]  ? rcu_is_watching+0x85/0x140
[  152.675392]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  152.680591]  ? __fget+0x40c/0x650
[  152.684044]  ? match_held_lock+0x851/0x8b0
[  152.688272]  ? expand_files.part.8+0x9a0/0x9a0
[  152.692931]  ? kasan_check_write+0x14/0x20
[  152.697167]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  152.702089]  ? wait_for_completion+0x870/0x870
[  152.706663]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  152.711849]  ? kvm_vcpu_fault+0x5f0/0x5f0
[  152.715988]  do_vfs_ioctl+0x1cf/0x1650
[  152.719875]  ? ioctl_preallocate+0x2e0/0x2e0
[  152.724275]  ? fget_raw+0x20/0x20
[  152.727720]  ? __sb_end_write+0xac/0xe0
[  152.731688]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  152.737217]  ? fput+0x130/0x1a0
[  152.740490]  ? ksys_write+0x1a6/0x250
[  152.744287]  ? security_file_ioctl+0x9b/0xd0
[  152.748691]  ksys_ioctl+0xa9/0xd0
[  152.752137]  SyS_ioctl+0x24/0x30
[  152.755492]  ? ksys_ioctl+0xd0/0xd0
[  152.759110]  do_syscall_64+0x29e/0x9d0
[  152.762986]  ? vmalloc_sync_all+0x30/0x30
[  152.767126]  ? _raw_spin_unlock_irq+0x27/0x70
[  152.771624]  ? finish_task_switch+0x1ca/0x820
[  152.776115]  ? syscall_return_slowpath+0x5c0/0x5c0
[  152.781043]  ? syscall_return_slowpath+0x30f/0x5c0
[  152.785981]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  152.791341]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  152.796183]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  152.801359] RIP: 0033:0x4552d9
[  152.804537] RSP: 002b:00007fbb7f590c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  152.812236] RAX: ffffffffffffffda RBX: 00007fbb7f5916d4 RCX: 00000000004552d9
[  152.819505] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015
[  152.826763] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  152.834028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  152.841291] R13: 0000000000000251 R14: 00000000006f6838 R15: 000000000000000d
[  213.198093] IPVS: ftp: loaded support on port[0] = 21
[  213.725763] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  214.533258] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[  214.539389] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.618307] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  214.698909] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  214.705148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  214.712796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  230.484314] bond0 (unregistering): Released all slaves
[  246.751221] INFO: task kworker/1:4:8597 blocked for more than 120 seconds.
[  246.758421]       Not tainted 4.16.0+ #2
[  246.762519] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  246.770520] kworker/1:4     D23144  8597      2 0x80000000
[  246.776213] Workqueue: events cgwb_release_workfn
[  246.781079] Call Trace:
[  246.783759]  __schedule+0x807/0x1e40
[  246.787506]  ? __sched_text_start+0x8/0x8
[  246.791692]  ? lock_downgrade+0x8e0/0x8e0
[  246.795876]  ? mark_held_locks+0xc9/0x160
[  246.800042]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  246.804650]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  246.809781]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  246.814828]  schedule+0xef/0x430
[  246.818227]  ? prepare_to_wait+0x194/0x4d0
[  246.822488]  ? __schedule+0x1e40/0x1e40
[  246.826483]  ? finish_wait+0x420/0x420
[  246.830392]  ? graph_lock+0x170/0x170
[  246.834214]  ? zap_class+0x720/0x720
[  246.837948]  ? print_usage_bug+0xc0/0xc0
[  246.842050]  ? find_held_lock+0x36/0x1c0
[  246.846139]  bit_wait+0x18/0x90
[  246.849438]  __wait_on_bit+0xb3/0x130
[  246.853259]  ? bit_wait_io+0x90/0x90
[  246.857016]  out_of_line_wait_on_bit+0x204/0x3a0
[  246.861821]  ? check_same_owner+0x320/0x320
[  246.866162]  ? __wait_on_bit+0x130/0x130
[  246.870252]  ? init_wait_var_entry+0x1a0/0x1a0
[  246.874864]  ? __might_sleep+0x95/0x190
[  246.878953]  wb_shutdown+0x370/0x470
[  246.882719]  ? set_wb_congested+0x70/0x70
[  246.886918]  ? find_held_lock+0x36/0x1c0
[  246.891057]  ? graph_lock+0x170/0x170
[  246.894880]  ? lock_acquire+0x1dc/0x520
[  246.898894]  cgwb_release_workfn+0x87/0x750
[  246.903254]  ? wb_get_create+0x1dd0/0x1dd0
[  246.907529]  ? __lock_is_held+0xb5/0x140
[  246.911636]  process_one_work+0xc1e/0x1b50
[  246.915919]  ? finish_task_switch+0x182/0x820
[  246.920459]  ? pwq_dec_nr_in_flight+0x490/0x490
[  246.925189]  ? __schedule+0x80f/0x1e40
[  246.929118]  ? pick_next_task_fair+0x97f/0x1670
[  246.933838]  ? graph_lock+0x170/0x170
[  246.937665]  ? graph_lock+0x170/0x170
[  246.941505]  ? find_held_lock+0x36/0x1c0
[  246.945606]  ? find_held_lock+0x36/0x1c0
[  246.949719]  ? lock_acquire+0x1dc/0x520
[  246.953720]  ? worker_thread+0x41f/0x1440
[  246.957903]  ? lock_downgrade+0x8e0/0x8e0
[  246.962079]  ? lock_release+0xa10/0xa10
[  246.966096]  ? kasan_check_read+0x11/0x20
[  246.970271]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  246.974897]  worker_thread+0x1cc/0x1440
[  246.978912]  ? process_one_work+0x1b50/0x1b50
[  246.983455]  ? graph_lock+0x170/0x170
[  246.987285]  ? find_held_lock+0x36/0x1c0
[  246.991401]  ? find_held_lock+0x36/0x1c0
[  246.995515]  ? __schedule+0x1e40/0x1e40
[  246.999536]  ? do_raw_spin_unlock+0x9e/0x2e0
[  247.003973]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  247.008626]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  247.013764]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  247.018840]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  247.024408]  ? __kthread_parkme+0x1b7/0x280
[  247.028771]  kthread+0x345/0x410
[  247.032185]  ? process_one_work+0x1b50/0x1b50
[  247.036719]  ? kthread_bind+0x40/0x40
[  247.040556]  ret_from_fork+0x3a/0x50
[  247.044312] 
[  247.044312] Showing all locks held in the system:
[  247.050676] 2 locks held by khungtaskd/881:
[  247.055227]  #0: 00000000dcefd9fa (rcu_read_lock){....}, at: watchdog+0x1ff/0xf60
[  247.063175]  #1: 00000000d81d6042 (tasklist_lock){.+.+}, at: debug_show_all_locks+0xde/0x34a
[  247.071865] 2 locks held by getty/4435:
[  247.075861]  #0: 0000000030c0e5be (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  247.084178]  #1: 00000000ef98dafd (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  247.093074] 2 locks held by getty/4436:
[  247.097079]  #0: 0000000079ab149e (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  247.105364]  #1: 00000000de06e9ac (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  247.114363] 2 locks held by getty/4437:
[  247.118370]  #0: 00000000d1f739b7 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  247.126667]  #1: 0000000005519d63 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  247.135565] 2 locks held by getty/4438:
[  247.139572]  #0: 00000000e94f0834 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  247.147863]  #1: 00000000312eeb6c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  247.156781] 2 locks held by getty/4439:
[  247.160784]  #0: 0000000065b15626 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  247.169087]  #1: 000000002a3cb55e (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  247.178035] 2 locks held by getty/4440:
[  247.182042]  #0: 00000000e6122f0a (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  247.190337]  #1: 00000000e1ba2b73 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  247.199251] 2 locks held by getty/4441:
[  247.203246]  #0: 00000000f1219b68 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  247.211552]  #1: 000000004fe115e3 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  247.220485] 2 locks held by kworker/1:4/8597:
[  247.225028]  #0: 00000000de097bcc ((wq_completion)"events"){+.+.}, at: process_one_work+0xaef/0x1b50
[  247.234375]  #1: 000000005bface4d ((work_completion)(&wb->release_work)){+.+.}, at: process_one_work+0xb46/0x1b50
[  247.244854] 
[  247.246501] =============================================
[  247.246501] 
[  247.253552] NMI backtrace for cpu 1
[  247.257212] CPU: 1 PID: 881 Comm: khungtaskd Not tainted 4.16.0+ #2
[  247.263607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  247.272953] Call Trace:
[  247.275540]  dump_stack+0x1b9/0x29f
[  247.279170]  ? arch_local_irq_restore+0x52/0x52
[  247.283844]  nmi_cpu_backtrace.cold.4+0x19/0xce
[  247.288513]  ? lapic_can_unplug_cpu.cold.26+0x3f/0x3f
[  247.293700]  nmi_trigger_cpumask_backtrace+0x151/0x192
[  247.298978]  arch_trigger_cpumask_backtrace+0x14/0x20
[  247.304163]  watchdog+0xc10/0xf60
[  247.307623]  ? reset_hung_task_detector+0xb0/0xb0
[  247.312471]  ? __schedule+0x1e40/0x1e40
[  247.316448]  ? do_raw_spin_unlock+0x9e/0x2e0
[  247.320857]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  247.325439]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  247.330553]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  247.335592]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  247.341125]  ? __kthread_parkme+0x1b7/0x280
[  247.345447]  kthread+0x345/0x410
[  247.348809]  ? reset_hung_task_detector+0xb0/0xb0
[  247.353647]  ? kthread_bind+0x40/0x40
[  247.357454]  ret_from_fork+0x3a/0x50
[  247.361237] Sending NMI from CPU 1 to CPUs 0:
[  247.365800] NMI backtrace for cpu 0
[  247.365810] CPU: 0 PID: 12098 Comm: syz-executor6 Not tainted 4.16.0+ #2
[  247.365815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  247.365823] RIP: 0033:0x400f87
[  247.365827] RSP: 002b:00007ffeb08f9b80 EFLAGS: 00000286
[  247.365835] RAX: 00000000aac85e77 RBX: 000000000000001b RCX: 00000000004552d9
[  247.365840] RDX: 000000000040f2d0 RSI: 0000000000a44bd0 RDI: 0000000000000043
[  247.365845] RBP: 00000000004b9bb1 R08: 000000000000000c R09: 0000000000000001
[  247.365850] R10: 0000000002180940 R11: 0000000000000246 R12: 0000000000000000
[  247.365855] R13: 0000000000000003 R14: 000000000000009e R15: 00000000000346c9
[  247.365863] FS:  0000000002180940(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000
[  247.365868] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  247.365873] CR2: 0000000002644000 CR3: 000000018ccab000 CR4: 00000000001406f0
[  247.365881] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  247.365886] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  247.366804] Kernel panic - not syncing: hung_task: blocked tasks
[  247.472580] CPU: 1 PID: 881 Comm: khungtaskd Not tainted 4.16.0+ #2
[  247.478978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  247.488328] Call Trace:
[  247.490919]  dump_stack+0x1b9/0x29f
[  247.494548]  ? arch_local_irq_restore+0x52/0x52
[  247.499223]  ? printk_safe_log_store+0x260/0x260
[  247.503976]  panic+0x22f/0x4de
[  247.507162]  ? add_taint.cold.5+0x16/0x16
[  247.511314]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  247.516852]  ? nmi_trigger_cpumask_backtrace+0x13a/0x192
[  247.522300]  ? printk_safe_flush+0xd7/0x130
[  247.526621]  watchdog+0xc21/0xf60
[  247.531036]  ? reset_hung_task_detector+0xb0/0xb0
[  247.535885]  ? __schedule+0x1e40/0x1e40
[  247.539860]  ? do_raw_spin_unlock+0x9e/0x2e0
[  247.544268]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  247.548857]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  247.553963]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  247.558978]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  247.564516]  ? __kthread_parkme+0x1b7/0x280
[  247.568838]  kthread+0x345/0x410
[  247.572203]  ? reset_hung_task_detector+0xb0/0xb0
[  247.577040]  ? kthread_bind+0x40/0x40
[  247.580840]  ret_from_fork+0x3a/0x50
[  247.585290] Dumping ftrace buffer:
[  247.588942]    (ftrace buffer empty)
[  247.592641] Kernel Offset: disabled
[  247.596260] Rebooting in 86400 seconds..