x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 315.021203] loop3: p1 size 117440512 extends beyond EOD, truncated 13:46:30 executing program 2: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000240)=0x1ff, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000200)="2f65786500000000000409004bddd9de91be10eeaf000ee9a90f798058439ed554fa07424ada75af1f02ac06edbcd7a071fb35331ce39c5a00000000") getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e24}}, 0x0, 0x0, 0x80, 0xc000000000}, &(0x7f0000000040)=0x98) fsetxattr(r1, &(0x7f0000000280)=@known='user.syz\x00', &(0x7f00000002c0)='\x00', 0x398, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000300)={r2, @in={{0x2, 0x4e23, @broadcast}}, 0x0, 0x0, 0x1800000000000000, 0x6}, &(0x7f00000003c0)=0x98) ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, &(0x7f00000001c0)) fremovexattr(r1, &(0x7f00000000c0)=@known='user.syz\x00') ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000080)=0x0) ptrace$getsig(0x4202, r3, 0x5, &(0x7f0000000400)) write$FUSE_DIRENT(r1, &(0x7f0000000800)=ANY=[@ANYBLOB="e801000004000000010000000008000002000000000000007f0000000000000039000000117000002f65786500000000000409004bddd9de91be10f6af0026e9a90f798058439ed554fa07424ada75af1f02ac06edbcd7a071fb35331ce39c5a0000000000000000020000000000000001000000000000000000000004000000010000000000000080000000000000000900000000000000757365722e73797a000000000000000002000000000000000010000000000000ddd674ac079e20324ca23339000000ec0500002f65786500000000000409004bddd9de91be10eeaf000ee9a90f798058439ed554fa07424ada75af1f02ac06edbcd7a071fb35331ce39c5a00000000000000000500000000000000ff0f000000000000000000080200000000000000000000000800000000000000390000009d0200002f65786500000000000409004bddd9ce91be10eeaf000ee9a90f798058439ed554fa07424ada75af1f02ac06edbcd7a071fb35331c24d466849c40e0359949f78797fee39c5a0000000000020000020000000000000007000000000000000c000000feffffff2b5b283a75736572657468300000000002000000000000000100000000000000100000000263636d737305000000000000f30700000000000000090000000900000075730000000000000000000000000000"], 0x1e8) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f00000004c0)={0x2, {{0xa, 0x4e21, 0x7, @loopback, 0x3}}}, 0x445) bind$packet(r0, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x1000, 0x6, @local}, 0x14) socket$inet6(0xa, 0x1000000000002, 0x0) r4 = socket$inet6(0xa, 0x1000000000002, 0x0) fstatfs(r4, &(0x7f0000000680)=""/118) 13:46:30 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="153f6234488dd25d766070") syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x2c, 0x0, @local, @local, {[], @tcp={{0x2100, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f0000000000)) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x40, 0x0) fstat(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = getgid() write$FUSE_ATTR(r1, &(0x7f0000000200)={0x78, 0x0, 0x7, {0xff, 0x8000, 0x0, {0x6, 0x3, 0x9, 0x6, 0x6, 0xfffffffffffffffa, 0x7d27, 0x6, 0x1000, 0xc6c, 0x9, r2, r3, 0x5, 0x2}}}, 0x78) 13:46:30 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) r2 = getuid() sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid=r2}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r4 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r4, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r3) [ 315.254186] FAULT_FLAG_ALLOW_RETRY missing 30 [ 315.258971] CPU: 0 PID: 10136 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 315.266404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.275797] Call Trace: [ 315.278460] dump_stack+0x1c4/0x2b4 [ 315.282149] ? dump_stack_print_info.cold.2+0x52/0x52 [ 315.287413] handle_userfault.cold.33+0x47/0x62 [ 315.292159] ? perf_trace_run_bpf_submit+0x267/0x330 [ 315.297329] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 315.301953] ? perf_tp_event+0xbe0/0xbe0 [ 315.306043] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.311694] ? check_preemption_disabled+0x48/0x200 [ 315.311701] dccp_invalid_packet: invalid packet type [ 315.316742] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.316766] ? check_preemption_disabled+0x48/0x200 [ 315.316790] ? memset+0x31/0x40 [ 315.335903] ? perf_trace_lock+0x4a7/0x7a0 [ 315.340191] ? zap_class+0x640/0x640 [ 315.343942] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 315.348559] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.354478] ? check_preemption_disabled+0x48/0x200 [ 315.354498] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.354525] ? graph_lock+0x170/0x170 [ 315.354560] ? __lock_acquire+0x7ec/0x4ec0 [ 315.354603] ? find_held_lock+0x36/0x1c0 [ 315.354647] ? __handle_mm_fault+0x45dc/0x53e0 [ 315.354671] ? lock_downgrade+0x900/0x900 [ 315.354707] ? kasan_check_read+0x11/0x20 [ 315.354728] ? do_raw_spin_unlock+0xa7/0x2f0 [ 315.354751] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 315.354778] ? kasan_check_write+0x14/0x20 [ 315.354800] ? do_raw_spin_lock+0xc1/0x200 [ 315.408529] __handle_mm_fault+0x45ed/0x53e0 [ 315.413146] ? zap_class+0x640/0x640 [ 315.416916] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 315.421792] ? graph_lock+0x170/0x170 [ 315.425640] ? print_usage_bug+0xc0/0xc0 [ 315.429737] ? perf_swevent_put_recursion_context+0x1f/0xa0 [ 315.435505] ? graph_lock+0x170/0x170 [ 315.439722] ? handle_mm_fault+0x42a/0xc70 [ 315.443984] ? lock_downgrade+0x900/0x900 [ 315.448163] ? check_preemption_disabled+0x48/0x200 [ 315.453218] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 315.459049] ? kasan_check_read+0x11/0x20 [ 315.463226] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 315.468529] ? rcu_bh_qs+0xc0/0xc0 [ 315.472092] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 315.477574] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.483151] ? check_preemption_disabled+0x48/0x200 [ 315.488217] handle_mm_fault+0x54f/0xc70 [ 315.492350] ? __handle_mm_fault+0x53e0/0x53e0 [ 315.496991] ? find_vma+0x34/0x190 [ 315.500596] __do_page_fault+0x67d/0xed0 [ 315.504703] ? mm_fault_error+0x380/0x380 [ 315.508904] ? graph_lock+0x170/0x170 [ 315.512748] ? migrate_swap_stop+0x930/0x930 [ 315.517196] do_page_fault+0xf2/0x7e0 [ 315.521030] ? vmalloc_sync_all+0x30/0x30 [ 315.525208] ? error_entry+0x76/0xd0 [ 315.528956] ? trace_hardirqs_off_caller+0xbb/0x310 [ 315.534007] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.538893] ? trace_hardirqs_on_caller+0x310/0x310 [ 315.543967] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.548877] page_fault+0x1e/0x30 [ 315.552358] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 315.558008] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 315.576934] RSP: 0018:ffff8801c52877f0 EFLAGS: 00010202 [ 315.583197] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 315.592124] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff8801c5287890 13:46:31 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000004fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f000000a000)=[{&(0x7f000000a000)=@abs, 0x6e, &(0x7f000000d000), 0x0, &(0x7f0000001ef8)=[@cred={0x20}, @cred={0x20}, @cred={0x20}, @rights={0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}], 0x80}], 0x1, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x0, 0x17, 0xfffffffffffffe82, &(0x7f0000000040)="a1549e9fb788fafad6765fe0d67d60369a7cb8e6d857ed", &(0x7f0000000180)=""/176, 0xffffffff}, 0x28) ioctl$KVM_S390_INTERRUPT_CPU(0xffffffffffffffff, 0x4010ae94, &(0x7f0000002000)={0x0, 0x15}) signalfd(r0, &(0x7f0000000000)={0x6}, 0x8) ioctl(r0, 0xc1004110, &(0x7f0000001f64)) [ 315.600051] RBP: ffff8801c5287828 R08: ffffed0038a50f13 R09: ffffed0038a50f12 [ 315.607348] R10: ffffed0038a50f12 R11: 0000000000000003 R12: 0000000020013004 [ 315.614653] R13: 0000000020013000 R14: ffff8801c5287890 R15: 00007ffffffff000 [ 315.621991] ? _copy_from_user+0x10d/0x150 [ 315.626446] evdev_do_ioctl+0xb51/0x2180 [ 315.629727] dccp_invalid_packet: invalid packet type [ 315.630556] ? str_to_user+0x90/0x90 [ 315.630583] ? graph_lock+0x170/0x170 [ 315.630605] ? perf_tp_event+0xbe0/0xbe0 [ 315.630630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 13:46:31 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)="7374617409c0c2febcf9df2deac8c177ff171248e91193513049f831550d6f7de66cf637bdbf1311920c8a26eda4dcc3783f9db5116b34d31b0512a5608aaff01e7952340cd6fd00000000", 0x275a, 0x0) pwrite64(r0, &(0x7f00000005c0)="d7", 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)="6367726f75702e636f6e74726f6c68657273005ee27f468c2dfdcf95941eedc6b5c59955e7b4efd7e3c74d5dc323f26888a61e2641e3146c97fce90be919f2fe47f984e0a5bbcc92eb45db97c3b73f16b308a265db72491f6745b176b2c8e192261adbdd6c8324e26d5916aacf229285fc3bb485c526e93c748cef05143b667fcd5592d8af3d6253fe219ca252db7a7f5b1ebda0126c7c595f328b1635e535e90b0918080c65c6a13e5224b73389d684", 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000100), 0x12) ioctl$FIBMAP(r1, 0x1, &(0x7f00000000c0)) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000140)={0x0, 0x0, 0x56cd421e, 0x10001}) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000300)={0x0, r1, 0x0, 0x3}) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r3, &(0x7f00000001c0)={0x7}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@noextend='noextend'}]}}) write$P9_RREADDIR(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000000000000000007002e2f66696c6530"], 0x2a) write$P9_RGETATTR(r3, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RWALK(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="160000006f0100010000000000000000000000000000"], 0x16) write$P9_RGETATTR(r3, &(0x7f0000000540)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RWRITE(r3, &(0x7f0000000400)={0xb, 0x77, 0x1}, 0xb) write$P9_RGETATTR(r3, &(0x7f0000000640)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RWALK(r3, &(0x7f0000000940)={0x9, 0x6f, 0x1}, 0x9) write$P9_RSTATu(r3, &(0x7f0000000980)={0xcd, 0x7d, 0x1, {{0x0, 0xa9, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, "", 0x3, '9p\x00', 0x8, 'noextend', 0x6b, "0a51e1b6405863d4e5b8c23744dcac6b27414e600338252baee13f45a59cc15e8246fc95a2839328ea01811d4542cf659ba4802a0271ffa2985ef70d23f7bbf1996ee03c04c5f8c06e4156b7a28570e6c3e5cdcdc71f458b419df573d439b53591a55cd8cd56f8e606f31f"}, 0xf, '!cpuset]cgroup-'}}, 0xcd) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000008c0)='9p\x00', 0x0, &(0x7f0000000800)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) r4 = creat(&(0x7f0000000300)='./file0/file0\x00', 0x0) fchmod(r4, 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)) [ 315.652882] ? check_preemption_disabled+0x48/0x200 [ 315.652909] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.663480] ? check_preemption_disabled+0x48/0x200 [ 315.668528] ? memset+0x31/0x40 [ 315.671865] ? find_held_lock+0x36/0x1c0 [ 315.675974] ? __fget+0x4aa/0x740 [ 315.679456] ? lock_downgrade+0x900/0x900 [ 315.683660] ? check_preemption_disabled+0x48/0x200 [ 315.688705] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 315.694511] ? kasan_check_read+0x11/0x20 [ 315.698755] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 315.704031] ? rcu_bh_qs+0xc0/0xc0 [ 315.707579] ? __fget+0x4d1/0x740 [ 315.711038] ? ksys_dup3+0x680/0x680 [ 315.714762] evdev_ioctl_handler+0x144/0x1a0 [ 315.719190] evdev_ioctl+0x27/0x2e [ 315.722753] ? evdev_ioctl_compat+0x30/0x30 [ 315.727086] do_vfs_ioctl+0x1de/0x1720 [ 315.731012] ? ioctl_preallocate+0x300/0x300 [ 315.735437] ? __fget_light+0x2e9/0x430 [ 315.739439] ? fget_raw+0x20/0x20 [ 315.742899] ? _copy_to_user+0xc8/0x110 [ 315.746906] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.752462] ? put_timespec64+0x10f/0x1b0 [ 315.756629] ? nsecs_to_jiffies+0x30/0x30 [ 315.760783] ? do_syscall_64+0x9a/0x820 [ 315.764755] ? do_syscall_64+0x9a/0x820 [ 315.768756] ? lockdep_hardirqs_on+0x421/0x5c0 [ 315.773378] ? security_file_ioctl+0x94/0xc0 [ 315.777795] ksys_ioctl+0xa9/0xd0 [ 315.781253] __x64_sys_ioctl+0x73/0xb0 [ 315.785141] do_syscall_64+0x1b9/0x820 [ 315.789063] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 315.794473] ? syscall_return_slowpath+0x5e0/0x5e0 [ 315.799441] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.804316] ? trace_hardirqs_on_caller+0x310/0x310 [ 315.809334] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 315.814378] ? prepare_exit_to_usermode+0x291/0x3b0 [ 315.820032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.824901] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.830113] RIP: 0033:0x457579 [ 315.833323] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 13:46:31 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0xfffffffffffffffe, &(0x7f0000000000)="153f6234488dd25d766070") r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f000014f000)={&(0x7f00003c7ff4), 0xc, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0) ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f0000000100)=0x5) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x4, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2], [], @rand_addr}}, 0x118) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000080)=[{0x4, 0x6}, {0x8, 0x9}], 0x2) [ 315.852508] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 315.860234] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 315.867535] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000005 [ 315.874809] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 315.882122] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 315.889401] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:31 executing program 3: r0 = socket$inet(0x2b, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x2) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000300)={0x0, 0x7, 0x3, [0x1ff, 0x4, 0x6]}, &(0x7f0000000340)=0xe) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000380)=@assoc_value={r2, 0x97}, 0x8) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x34001, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in6={{0xa, 0x4e21, 0xcbd, @loopback, 0x4}}, 0x20, 0x77ed}, &(0x7f00000000c0)=0x90) setsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000140)=@assoc_value={r4}, 0x8) ioctl$DRM_IOCTL_AGP_ALLOC(r3, 0xc0206434, &(0x7f00000003c0)={0x5, 0x0, 0x10002, 0x7}) ioctl$DRM_IOCTL_AGP_UNBIND(r3, 0x40106437, &(0x7f0000000400)={r5, 0x2}) ioctl$DRM_IOCTL_MARK_BUFS(r3, 0x40206417, &(0x7f0000000040)={0xffffffffffffffff, 0x2a12, 0xfff, 0x5, 0x10, 0x7fbd}) syz_read_part_table(0x0, 0x1, &(0x7f0000000540)=[{&(0x7f0000000180)="a30e16fc06ad6b33bc107db6eeb34e82c683dfab0837ff505f650e7e42", 0x1d, 0xde3}]) r6 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r6, 0xc0086420, &(0x7f0000000200)={0x0}) ioctl$DRM_IOCTL_GET_CTX(r3, 0xc0086423, &(0x7f0000000100)={r7}) 13:46:31 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) r2 = getuid() sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid=r2}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r3, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r4 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r4, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(0xffffffffffffffff) 13:46:31 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) getuid() mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:31 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000340)=0xbdb, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = memfd_create(&(0x7f0000000000)='\x00', 0x4) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000240)='/dev/null\x00', 0x0, 0x0) getsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000140)=0xfffffffffffffff9, &(0x7f0000000200)=0x4) ftruncate(r1, 0x1000000) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x113, 0x100a}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r2, &(0x7f0000000440)={0x15, 0x110, 0xfa00, {r3, 0x3f, 0x0, 0x0, 0x0, @ib={0x1b, 0xb79a, 0x10001, {"9579e4220d4cd0d69c3e96c961a8b19b"}, 0x14000000000000, 0x20, 0x3}, @in6={0xa, 0x4e24, 0x9, @ipv4={[], [], @loopback}}}}, 0x118) sendfile(r0, r1, &(0x7f00000037c0)=0xf10001, 0xfffffdef) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000380)={0x2, 0x400, 0x0, 'queue1\x00'}) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r1, &(0x7f0000000100)={0xb, 0x10, 0xfa00, {&(0x7f0000000280), r3, 0x2}}, 0x18) connect$netlink(r0, &(0x7f0000000040)=@kern={0x10, 0x0, 0x0, 0x10000020}, 0xc) 13:46:31 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x0, 0x0) bind$rds(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)={0x7, 0x4, 0x8, 0x8}, 0x2c) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r1, &(0x7f0000000000), &(0x7f0000000100)=""/230}, 0x18) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) [ 316.224980] loop3: [CUMANA/ADFS] p1 [ADFS] p1 [ 316.267460] loop3: p1 size 117440512 extends beyond EOD, [ 316.276402] truncated 13:46:32 executing program 0: [ 316.319714] FAULT_FLAG_ALLOW_RETRY missing 30 [ 316.324437] CPU: 0 PID: 10178 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 316.331831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.341232] Call Trace: [ 316.343881] dump_stack+0x1c4/0x2b4 [ 316.347556] ? dump_stack_print_info.cold.2+0x52/0x52 [ 316.352813] handle_userfault.cold.33+0x47/0x62 [ 316.357572] ? perf_trace_run_bpf_submit+0x267/0x330 [ 316.362719] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 316.368301] ? perf_tp_event+0xbe0/0xbe0 [ 316.373172] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.379697] ? check_preemption_disabled+0x48/0x200 [ 316.386144] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.392745] ? check_preemption_disabled+0x48/0x200 [ 316.397789] ? memset+0x31/0x40 [ 316.401105] ? perf_trace_lock+0x4a7/0x7a0 [ 316.405378] ? zap_class+0x640/0x640 [ 316.409114] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 316.413718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.419274] ? check_preemption_disabled+0x48/0x200 [ 316.424312] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.429891] ? graph_lock+0x170/0x170 [ 316.433727] ? __lock_acquire+0x7ec/0x4ec0 [ 316.438005] ? find_held_lock+0x36/0x1c0 [ 316.442127] ? __handle_mm_fault+0x45dc/0x53e0 [ 316.446735] ? lock_downgrade+0x900/0x900 [ 316.450922] ? kasan_check_read+0x11/0x20 [ 316.455093] ? do_raw_spin_unlock+0xa7/0x2f0 [ 316.459522] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 316.464132] ? kasan_check_write+0x14/0x20 [ 316.468387] ? do_raw_spin_lock+0xc1/0x200 [ 316.472666] __handle_mm_fault+0x45ed/0x53e0 [ 316.477090] ? zap_class+0x640/0x640 [ 316.480854] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 316.485720] ? graph_lock+0x170/0x170 [ 316.490334] ? print_usage_bug+0xc0/0xc0 [ 316.494422] ? perf_swevent_put_recursion_context+0x1f/0xa0 [ 316.500158] ? graph_lock+0x170/0x170 [ 316.504018] ? handle_mm_fault+0x42a/0xc70 [ 316.508272] ? lock_downgrade+0x900/0x900 [ 316.512440] ? check_preemption_disabled+0x48/0x200 [ 316.517491] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 316.523824] ? kasan_check_read+0x11/0x20 [ 316.528706] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 316.534005] ? rcu_bh_qs+0xc0/0xc0 [ 316.537567] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 316.543039] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 316.548599] ? check_preemption_disabled+0x48/0x200 [ 316.553656] handle_mm_fault+0x54f/0xc70 [ 316.557744] ? __handle_mm_fault+0x53e0/0x53e0 [ 316.562356] ? find_vma+0x34/0x190 [ 316.565931] __do_page_fault+0x67d/0xed0 [ 316.570032] ? mm_fault_error+0x380/0x380 [ 316.574215] ? graph_lock+0x170/0x170 [ 316.578050] ? migrate_swap_stop+0x930/0x930 [ 316.582494] do_page_fault+0xf2/0x7e0 [ 316.586320] ? vmalloc_sync_all+0x30/0x30 [ 316.590491] ? error_entry+0x76/0xd0 [ 316.594227] ? trace_hardirqs_off_caller+0xbb/0x310 [ 316.599265] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.604131] ? trace_hardirqs_on_caller+0x310/0x310 [ 316.609195] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.614076] page_fault+0x1e/0x30 [ 316.617546] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 316.623192] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 316.642110] RSP: 0018:ffff880190a177f0 EFLAGS: 00010202 [ 316.647495] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 316.654778] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880190a17890 [ 316.662064] RBP: ffff880190a17828 R08: ffffed0032142f13 R09: ffffed0032142f12 [ 316.669346] R10: ffffed0032142f12 R11: 0000000000000003 R12: 0000000020013004 [ 316.676635] R13: 0000000020013000 R14: ffff880190a17890 R15: 00007ffffffff000 [ 316.683973] ? _copy_from_user+0x10d/0x150 [ 316.688239] evdev_do_ioctl+0xb51/0x2180 [ 316.692336] ? str_to_user+0x90/0x90 [ 316.696096] ? graph_lock+0x170/0x170 [ 316.699917] ? perf_tp_event+0xbe0/0xbe0 [ 316.704017] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.709583] ? check_preemption_disabled+0x48/0x200 [ 316.714623] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.720182] ? check_preemption_disabled+0x48/0x200 [ 316.725223] ? memset+0x31/0x40 [ 316.728538] ? find_held_lock+0x36/0x1c0 [ 316.732641] ? __fget+0x4aa/0x740 [ 316.736117] ? lock_downgrade+0x900/0x900 [ 316.740284] ? check_preemption_disabled+0x48/0x200 [ 316.745332] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 316.751146] ? kasan_check_read+0x11/0x20 [ 316.755317] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 316.760615] ? rcu_bh_qs+0xc0/0xc0 [ 316.764200] ? __fget+0x4d1/0x740 [ 316.767691] ? ksys_dup3+0x680/0x680 [ 316.771442] evdev_ioctl_handler+0x144/0x1a0 [ 316.775896] evdev_ioctl+0x27/0x2e [ 316.779459] ? evdev_ioctl_compat+0x30/0x30 [ 316.783804] do_vfs_ioctl+0x1de/0x1720 [ 316.787736] ? ioctl_preallocate+0x300/0x300 [ 316.792165] ? __fget_light+0x2e9/0x430 [ 316.796162] ? fget_raw+0x20/0x20 [ 316.799630] ? _copy_to_user+0xc8/0x110 [ 316.803633] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 316.809190] ? put_timespec64+0x10f/0x1b0 [ 316.813364] ? nsecs_to_jiffies+0x30/0x30 [ 316.817541] ? do_syscall_64+0x9a/0x820 [ 316.821547] ? do_syscall_64+0x9a/0x820 [ 316.825544] ? lockdep_hardirqs_on+0x421/0x5c0 [ 316.830153] ? security_file_ioctl+0x94/0xc0 [ 316.834597] ksys_ioctl+0xa9/0xd0 [ 316.838082] __x64_sys_ioctl+0x73/0xb0 [ 316.841999] do_syscall_64+0x1b9/0x820 [ 316.845909] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 316.851298] ? syscall_return_slowpath+0x5e0/0x5e0 [ 316.856765] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.861819] ? trace_hardirqs_on_caller+0x310/0x310 [ 316.866887] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 316.871931] ? prepare_exit_to_usermode+0x291/0x3b0 [ 316.876980] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.881882] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 316.887093] RIP: 0033:0x457579 [ 316.890305] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 316.909231] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:46:32 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) r2 = getuid() sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid=r2}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r3, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r4 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r4, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(0xffffffffffffffff) [ 316.916976] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 316.924263] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000005 [ 316.931549] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 316.938845] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 316.946146] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:32 executing program 1: 13:46:32 executing program 2: 13:46:32 executing program 3: 13:46:32 executing program 1: 13:46:32 executing program 0: 13:46:32 executing program 3: 13:46:32 executing program 2: 13:46:32 executing program 4: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r3 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r3, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r2) 13:46:32 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) r2 = getuid() sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid=r2}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r3, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r4 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r4, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(0xffffffffffffffff) 13:46:32 executing program 1: 13:46:33 executing program 3: 13:46:33 executing program 0: 13:46:33 executing program 2: 13:46:33 executing program 3: 13:46:33 executing program 1: syslog(0x3, &(0x7f0000000000)=""/112, 0x315b64d) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000200)=@in6={0xa, 0x0, 0xb, @mcast1={0xff, 0x1, [0x0, 0x0, 0xa0010000, 0x800000000000000]}}, 0x80, &(0x7f0000000140), 0x0, &(0x7f0000000a00)}, 0x0) [ 317.515962] FAULT_FLAG_ALLOW_RETRY missing 30 [ 317.521155] CPU: 1 PID: 10215 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 317.528545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.537914] Call Trace: [ 317.540535] dump_stack+0x1c4/0x2b4 [ 317.544196] ? dump_stack_print_info.cold.2+0x52/0x52 [ 317.553826] ? kasan_check_write+0x14/0x20 [ 317.558110] ? do_raw_spin_lock+0xc1/0x200 [ 317.562392] handle_userfault.cold.33+0x47/0x62 [ 317.567119] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 317.572123] ? mark_held_locks+0x130/0x130 [ 317.576827] ? find_held_lock+0x36/0x1c0 [ 317.580954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.586540] ? check_preemption_disabled+0x48/0x200 [ 317.591597] ? debug_smp_processor_id+0x1c/0x20 [ 317.596291] ? perf_trace_lock+0x14d/0x7a0 [ 317.600565] ? rcu_bh_qs+0xb1/0xc0 [ 317.604132] ? print_usage_bug+0xc0/0xc0 [ 317.614799] ? rcu_bh_qs+0xc0/0xc0 [ 317.618393] ? zap_class+0x640/0x640 [ 317.622127] ? __lock_acquire+0x7ec/0x4ec0 [ 317.626391] ? __unlock_page_memcg+0x70/0x100 [ 317.630914] ? graph_lock+0x170/0x170 [ 317.634745] ? __lock_acquire+0x7ec/0x4ec0 [ 317.638998] ? mark_held_locks+0x130/0x130 [ 317.643247] ? lockdep_hardirqs_on+0x421/0x5c0 [ 317.643271] ? find_held_lock+0x36/0x1c0 [ 317.643303] ? __handle_mm_fault+0x45dc/0x53e0 [ 317.643328] ? lock_downgrade+0x900/0x900 [ 317.661030] ? kasan_check_read+0x11/0x20 [ 317.665206] ? do_raw_spin_unlock+0xa7/0x2f0 [ 317.669639] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 317.674251] ? kasan_check_write+0x14/0x20 [ 317.678509] ? do_raw_spin_lock+0xc1/0x200 [ 317.682780] __handle_mm_fault+0x45ed/0x53e0 [ 317.687294] ? zap_class+0x640/0x640 [ 317.691233] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 317.697228] ? graph_lock+0x170/0x170 [ 317.702125] ? print_usage_bug+0xc0/0xc0 [ 317.707170] ? graph_lock+0x170/0x170 [ 317.711027] ? handle_mm_fault+0x42a/0xc70 13:46:33 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000340)=0xbdb, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = memfd_create(&(0x7f0000000000)='\x00', 0x4) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000240)='/dev/null\x00', 0x0, 0x0) getsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000140)=0xfffffffffffffff9, &(0x7f0000000200)=0x4) ftruncate(r1, 0x1000000) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x113, 0x100a}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r2, &(0x7f0000000440)={0x15, 0x110, 0xfa00, {r3, 0x3f, 0x0, 0x0, 0x0, @ib={0x1b, 0xb79a, 0x10001, {"9579e4220d4cd0d69c3e96c961a8b19b"}, 0x14000000000000, 0x20, 0x3}, @in6={0xa, 0x4e24, 0x9, @ipv4={[], [], @loopback}}}}, 0x118) sendfile(r0, r1, &(0x7f00000037c0)=0xf10001, 0xfffffdef) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000380)={0x2, 0x400, 0x0, 'queue1\x00'}) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r1, &(0x7f0000000100)={0xb, 0x10, 0xfa00, {&(0x7f0000000280), r3, 0x2}}, 0x18) connect$netlink(r0, &(0x7f0000000040)=@kern={0x10, 0x0, 0x0, 0x10000020}, 0xc) 13:46:33 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/protocols\x00') socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) preadv(r0, &(0x7f00000015c0)=[{&(0x7f00000016c0)=""/244, 0xf4}, {&(0x7f0000000140)=""/111, 0x6f}, {&(0x7f0000001640)=""/99, 0x63}], 0x3, 0x0) [ 317.715287] ? lock_downgrade+0x900/0x900 [ 317.719469] ? check_preemption_disabled+0x48/0x200 [ 317.724528] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 317.731451] ? kasan_check_read+0x11/0x20 [ 317.735619] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 317.740915] ? rcu_bh_qs+0xc0/0xc0 [ 317.740935] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 317.740955] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 317.740974] ? check_preemption_disabled+0x48/0x200 [ 317.741001] handle_mm_fault+0x54f/0xc70 [ 317.764626] ? __handle_mm_fault+0x53e0/0x53e0 [ 317.769234] ? find_vma+0x34/0x190 [ 317.772807] __do_page_fault+0x67d/0xed0 [ 317.776912] ? mm_fault_error+0x380/0x380 [ 317.781080] ? graph_lock+0x170/0x170 [ 317.784922] do_page_fault+0xf2/0x7e0 [ 317.788767] ? vmalloc_sync_all+0x30/0x30 [ 317.792942] ? error_entry+0x76/0xd0 [ 317.796681] ? trace_hardirqs_off_caller+0xbb/0x310 [ 317.801723] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 317.806597] ? trace_hardirqs_on_caller+0x310/0x310 [ 317.811648] ? trace_hardirqs_off_thunk+0x1a/0x1c 13:46:33 executing program 3: r0 = socket$inet6(0xa, 0x80006, 0xffffffff) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000040)={0x0, 0xc6, "a4365ce7c616cf95c4989f80598219658cc357d14406e0cd782bf12695ae6d5dde7a54c51a0479819f804a4294714d359654ec7143c6f4a6811bbfda5c4a4a2de399af053a87b678cec39417238f293c30aee961ddca0f9ac823d180908b2f13d77db13559ddc3f63359687c2bc51dbd890a20181e1ed3ac5c870596e765443765d5bf164f8dcddddff146ac1d2cd21cb027732b2684e2c2a404618b05f126a94ae36a4e0c07991f46c9c4c0217f8d307870165ec6b403bc683e0b4d609e2817842884f389da"}, &(0x7f0000000140)=0xce) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000180)={r1, 0x2, 0x1, [0x0]}, 0xa) r2 = add_key$user(&(0x7f00000004c0)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f00000002c0)='X', 0x1, 0xfffffffffffffffe) socketpair$inet(0x2, 0x4, 0x80000001, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$EBT_SO_GET_INFO(r3, 0x0, 0x80, &(0x7f0000000200)={'filter\x00'}, &(0x7f0000000280)=0x78) keyctl$update(0x2, r2, &(0x7f0000000740)="73172b6adbb30ff283f064ded0a4350774a80d86023172e4e11a92ce089480eb63c31241022f29878d3097e7c617a113a87965e260faa9a5e30d123856ac9e08f23cd216236449fc63fe061ad9fe2ebd327aec72c2db52755fcd394e7cdd07d791d5a803ccdb6aee814619bdd3ddb4a56cd937d1290f2bb573223f35d22a1e53bd40765a04aca1b820e3092f449e63141e84b4024e24cbcf94e553c58c60eb03f3d04e21ff46ef2442d1427055ab0b2a64340b92164038e2b577cadf95bfd0e500dbabecddf12735eefcf188c92ec1b0f3f01876353b49e580212c7d99400a9bc45b2d786a34c48dbcffe6910662b5278f7f4112d17eb3bf60289e8f71edb51d7be976bad941e53b958799e13539362ae1ff9a458d6f8b09ce70c28e1a11c27029128adc332f7e49055a78c4b091eb8c8a52561e34bb00214310abb44acd30a346f7a4e12c653ac6967c198b26350307ae79651378a0ee32394a2c77d5f4096326ba8ec53145f366e26f1fc671437b8157dc4a7f719d0a5851c95e0a273fcca95b61bbbd93de9293458f137200b162acd90a9ed08d2397d8c7224f9b476f6c4579a5cd4e11c96c5317dfe7c5a85c5a93c37b763e6c0e4af34d90807b3c77dd477b4248532c5947ac33e40c8f42a7c80e9da6396922da2d3738c36b70091fe0870bd7ebfe8f6f72b5952e23965693220291cb0595b30ce096ff6c46db553f7adc6d9e9234b9cae2cb3bf97180df6b3aa3bad5bd055d1462e8680ed4e75d7701845174f7ca47e8429aefec6f1ddfac5cc2b9f7e315357e567fec3afe481df82b23d99a29d00add447d6b3275e7146b2f337a061c00d1a52c2235b2975ba1a47f761fd9e441c7879271239d29fd1c0bfb7d0c334190f7a42ad480743e275af12edf446a1e4dae9b249788e8b02521c8527423c1441cb73c8476a158c76a1e9eb954e8ab21c135d71ffad7cd3d2999762d9fbf6618902a643ecc20512d63a2af33ec686c7f431ad7fccb3a674e5459f11d4a21b2147163580ebbcf721adeb960fb864e14003d15c4924d1a41f2af0e6c33ff0cc0da39225b3e079be8f3aff7419716d3dfec04dba231236742dc9b87616adf117831a875f1ad984306d80640b0513a7e66c19bf7854951e559969d151e28f4756aeb2c0691cdc3bc1b69095dea47201de76f4e49fa0c137ed3cc04abd21fbba31bacfb4fbe9ca5a609c1e7d5c989ab1cf0c1f541b7e0c2aacf93cd95d8cf6175b91f72b0539061e2e62c430edf7c2490961074c075ee302ff938eeb8467eb8319b885209aebc68a8349dfbf3516b986cc8a27081f1021af2bae4ee9f21a668ce4dbf9961230959450345131da2d953594e2c4ad61eca203b40179fa71e318bc8b3ebf0e1242f4d9498727593259b78acdd6fa750f6ec544ae2e51a901c0cd491ede48d60ad9c5a706add391e7bb2ada4da0feb028fae56e682ae9b0b51d55a91491e591325967fb4e8bd191365a9e52259cb5e02bc9ee07d4f961bae08beefe1b7cfe37524bc811451caa0bdf6a633cc60697a9b784762f1dfb2c09d7fedd8ec237c225a2a900b80c5af224426af8d5a354f65c53289d89e1789a1530f6c4380daf61f0aa4a048d07eb6f045965c21d56d84675af2ee804e51030bf06ba1351b74ac46f217f5da6b2d4256e6e46a58525b6c932f4e2c289a1e1bb1662285e69e88c87415ae1338cd8a1686921f98c542b28e8721f4952df76e01621f1820e5869adf23ee00f24b957a677291d5fd76f5e600998c06bcb73645bd943de69abf3af0f927e3d46c8ead124d03b84a71f580b2ae1a6480a77328ae9376b04b1a7213bd6a3950405bcfa714e6504b3f3d3dc6108d383010f1d0e7023c170a30b0ca9736ca2fb711776d53972e507ba98e0d03e1f5e5a80871d7c30700d90df1f5b2f3a6998cd5da7fe24be48ea9013495c0b8d92757c58c4ef74e5c603684ae05c0058bdec45773cacddf761dc951a54aeaa94275eda454f686a2661ccc0f6d8bd28bc1998af928b6aa9bb75a61f6378bbf1c8bc2f640fe2a74ae3831ed2806a00d73ff56bb51ccf3d2315c06f07bf0cea1d7607e0a2bf671be076058ab5e61800e7f61243fdbb156771423b210419b3db07c970e9f98dc302144cd6920b8108e2f127e380948486e65ecd441b0e6a97f0687dc607b18e6ef5f489201ec255fb23f423f4b103e6ed9ed776dc1b018899f73c1400740571a61970fbfb48d6e7dca06f0b2016e5d605e86695977d03da6a95ca807dd1b25a365c25038b1be6c887d1ffae86f55924562e141a0411f54bf9e9a8d03929b1b84306664fa809afad78f2709d6323a7d5b0c02df0b75739c2d942719d1eae081f554471c7592ccd210942ca27926ea1161d50ad76d06dac3b6a05832f43c3502408ba78a4d77f7e1e31078e298ae1d21d00aaa395d5a7613d893fa43c2641ceddba591e9bafd5900e7334e7ccd7f88afcc3e413cbe519d42ba83567b03c97f32c932a4c9182fa27be3d1592429dd01b68db79c4f86244f052368e18a7f116858747109830786a7d36b901e8f5051762a2c1fbce95f18930cbe24f5f1d1c76d04d39cd15b78d0e1c8386f250da063f5414a66f611773246626cf4c0ecf14c8d741a1894cc26edb5b6d765e44da12ec1ef913113d59d3c6908de7dfdd1a902d3d63ab98a8fd416f16b6e32b257f83de2dc7653d87a4b4acbd937145638970f634a6f2cf3051c2380a44cf82c5de400a1f1f963a7de4ac60d75601e970d975ecef283389912d74613cbb96994fecb8011108223d78c19f6792c77a3c85109f073a970c858079994df25189899862187bc8fb7a8840807844ffe4ad2dd90f1bb23dda552e1a8598b610acd8d0e18158dc2a7e873cd5b237925d907a3ede4", 0x801) syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) keyctl$dh_compute(0x17, &(0x7f0000000600)={r2, r2, r2}, &(0x7f0000000640)=""/240, 0xf0, 0x0) [ 317.816529] page_fault+0x1e/0x30 [ 317.820009] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 317.825657] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 317.844578] RSP: 0018:ffff88018127f7f0 EFLAGS: 00010202 [ 317.849960] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 317.857241] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff88018127f890 [ 317.864518] RBP: ffff88018127f828 R08: ffffed003024ff13 R09: ffffed003024ff12 [ 317.871794] R10: ffffed003024ff12 R11: 0000000000000003 R12: 0000000020013004 [ 317.871806] R13: 0000000020013000 R14: ffff88018127f890 R15: 00007ffffffff000 [ 317.871862] ? _copy_from_user+0x10d/0x150 [ 317.871888] evdev_do_ioctl+0xb51/0x2180 [ 317.871911] ? str_to_user+0x90/0x90 [ 317.899175] ? lock_downgrade+0x900/0x900 [ 317.903702] ? graph_lock+0x170/0x170 [ 317.907528] ? do_futex+0x249/0x26d0 [ 317.911271] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.916827] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.922420] ? find_held_lock+0x36/0x1c0 [ 317.926523] ? __fget+0x4aa/0x740 [ 317.929856] MPI: mpi too large (16392 bits) [ 317.929998] ? lock_downgrade+0x900/0x900 [ 317.938478] ? check_preemption_disabled+0x48/0x200 [ 317.943526] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 317.949343] ? kasan_check_read+0x11/0x20 [ 317.953523] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 317.958822] ? rcu_bh_qs+0xc0/0xc0 [ 317.962410] ? __fget+0x4d1/0x740 [ 317.965895] ? ksys_dup3+0x680/0x680 [ 317.969646] evdev_ioctl_handler+0x144/0x1a0 [ 317.974121] evdev_ioctl+0x27/0x2e [ 317.977677] ? evdev_ioctl_compat+0x30/0x30 [ 317.982022] do_vfs_ioctl+0x1de/0x1720 [ 317.985934] ? ioctl_preallocate+0x300/0x300 [ 317.990375] ? __fget_light+0x2e9/0x430 [ 317.994383] ? fget_raw+0x20/0x20 [ 317.997889] ? _copy_to_user+0xc8/0x110 [ 318.001895] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 318.007453] ? put_timespec64+0x10f/0x1b0 [ 318.011621] ? nsecs_to_jiffies+0x30/0x30 [ 318.015799] ? do_syscall_64+0x9a/0x820 [ 318.019817] ? do_syscall_64+0x9a/0x820 [ 318.024362] ? lockdep_hardirqs_on+0x421/0x5c0 [ 318.028975] ? security_file_ioctl+0x94/0xc0 [ 318.033412] ksys_ioctl+0xa9/0xd0 [ 318.036899] __x64_sys_ioctl+0x73/0xb0 [ 318.040813] do_syscall_64+0x1b9/0x820 [ 318.044742] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 318.050135] ? syscall_return_slowpath+0x5e0/0x5e0 [ 318.055083] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.059950] ? trace_hardirqs_on_caller+0x310/0x310 [ 318.064981] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 318.070021] ? prepare_exit_to_usermode+0x291/0x3b0 [ 318.075062] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.079934] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 318.085134] RIP: 0033:0x457579 [ 318.088339] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 318.107281] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:46:33 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sysfs$3(0x3) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10100, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xbc, r1, 0x30, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x1ff}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x5}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x72b2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'nq\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, [], 0x1f}}, @IPVS_SVC_ATTR_PROTOCOL={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x12}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'eql\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x20000001}, 0x4041) syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x2, 0x2802) [ 318.115007] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 318.122288] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000005 [ 318.129563] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 318.136850] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 318.144136] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:33 executing program 4: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r3 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r3, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r2) 13:46:33 executing program 2: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x200, &(0x7f0000000400), &(0x7f0000000580), &(0x7f00000004c0), &(0x7f0000000500)) mknod(&(0x7f0000000440)='./file0\x00', 0x4000001040, 0x6c) r2 = syz_open_dev$midi(&(0x7f00000005c0)='/dev/midi#\x00', 0x1, 0x53d240) getsockopt$IP6T_SO_GET_ENTRIES(r2, 0x29, 0x41, &(0x7f0000000600)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000006700000008899922c3a174af2210bbee9b32b5e57c22109bb8eb83043cc25d0b3fce5c64fc76b0fe1af717c51d52bf5359e4fc99c272d69f191fc2e8e6e093b695874617ce4213a3dcdf6fb274677d8a4b567c292aa7c4dbf8b205dfe5008d04b2bbd7afda3f67e884b35c"], &(0x7f00000006c0)=0x8b) execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000300), &(0x7f0000000340)) r3 = gettid() r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00') write$cgroup_int(r4, &(0x7f0000000200), 0x12) socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r5, 0x5452, &(0x7f0000008ff8)=0x3f) getresuid(&(0x7f0000000100), &(0x7f00000001c0)=0x0, &(0x7f0000000280)) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='security.capability\x00', &(0x7f00000002c0)=@v3={0x3000000, [{0x3, 0x46f}, {0x3f, 0x9}], r7}, 0x18, 0x0) recvfrom$unix(r6, &(0x7f0000bf5000), 0x0, 0x0, &(0x7f0000000140)=@abs, 0x6e) fcntl$setown(r5, 0x8, r3) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000000)={0x1000000000000000, 0x5e5eef6c, 0xc, 0x1, 0xfffffffffffffffb, 0x6, 0x1f, 0x9, 0x0}, &(0x7f0000000480)=0x20) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000000500)={r8, 0x25a}, &(0x7f0000000540)=0x8) fcntl$setsig(r5, 0xa, 0x12) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000340)=""/241) dup2(r4, r0) tkill(r3, 0x16) 13:46:33 executing program 0: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000), 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28000000110011000000000000000000ff0100000000000000001e00000100000000000000"], 0x1}}, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x2, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000500)={0x1}, 0x10) pipe(&(0x7f0000000380)={0xffffffffffffffff}) write(0xffffffffffffffff, &(0x7f00000001c0), 0xffffffea) restart_syscall() r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000180)="2e65f32efe0a6766c7442400008000006766c7442402000000006766c744240600000000670f011c24b866000f00d066b88044a2b20f23c80f21f866350400d0000f23f80f0766b80500000066b9080000000f01c10f0766b8010000000f01c10f01dfb835008ee0", 0x68}], 0x1, 0x0, &(0x7f00000000c0), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000480)=[@textreal={0x8, &(0x7f0000000300)="67660f3a400300baf80c66b85fbeb78066efbafc0cb0e3eeba200066edc30f350f20e06635200000000f22e0660f3830b3708f3e0f060f01712166b9800000c00f326635000100000f30", 0x4a}], 0x1, 0x10, &(0x7f00000004c0), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$vsock_dgram(r1, &(0x7f0000000040)={0x28, 0x0, 0x2711, @reserved}, 0x10) ioctl$KVM_RUN(r4, 0xae80, 0x0) 13:46:33 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) r2 = getuid() sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid=r2}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) r3 = userfaultfd(0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r4, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r5 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r5, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r3) 13:46:33 executing program 1: syslog(0x3, &(0x7f0000000000)=""/112, 0x315b64d) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000200)=@in6={0xa, 0x0, 0xb, @mcast1={0xff, 0x1, [0x0, 0x0, 0xa0010000, 0x800000000000000]}}, 0x80, &(0x7f0000000140), 0x0, &(0x7f0000000a00)}, 0x0) 13:46:34 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sysfs$3(0x3) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10100, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xbc, r1, 0x30, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x1ff}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x5}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x72b2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'nq\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, [], 0x1f}}, @IPVS_SVC_ATTR_PROTOCOL={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x12}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'eql\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x20000001}, 0x4041) syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x2, 0x2802) [ 318.419085] FAULT_FLAG_ALLOW_RETRY missing 30 [ 318.435668] CPU: 1 PID: 10252 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 318.443060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 318.452424] Call Trace: [ 318.455039] dump_stack+0x1c4/0x2b4 [ 318.458694] ? dump_stack_print_info.cold.2+0x52/0x52 [ 318.463909] ? kasan_check_write+0x14/0x20 [ 318.468167] ? do_raw_spin_lock+0xc1/0x200 [ 318.472440] handle_userfault.cold.33+0x47/0x62 [ 318.477154] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 318.481760] ? mark_held_locks+0x130/0x130 [ 318.486016] ? find_held_lock+0x36/0x1c0 [ 318.490135] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 318.495708] ? check_preemption_disabled+0x48/0x200 [ 318.500770] ? debug_smp_processor_id+0x1c/0x20 [ 318.505449] ? perf_trace_lock+0x14d/0x7a0 [ 318.509697] ? rcu_bh_qs+0xb1/0xc0 [ 318.513252] ? print_usage_bug+0xc0/0xc0 [ 318.517327] ? rcu_bh_qs+0xc0/0xc0 [ 318.520902] ? zap_class+0x640/0x640 [ 318.524676] ? __lock_acquire+0x7ec/0x4ec0 [ 318.528932] ? __unlock_page_memcg+0x70/0x100 [ 318.533442] ? graph_lock+0x170/0x170 [ 318.537284] ? __lock_acquire+0x7ec/0x4ec0 [ 318.541539] ? mark_held_locks+0x130/0x130 [ 318.545796] ? lockdep_hardirqs_on+0x421/0x5c0 [ 318.550397] ? find_held_lock+0x36/0x1c0 [ 318.554510] ? __handle_mm_fault+0x45dc/0x53e0 [ 318.559108] ? lock_downgrade+0x900/0x900 [ 318.563285] ? kasan_check_read+0x11/0x20 [ 318.567453] ? do_raw_spin_unlock+0xa7/0x2f0 [ 318.571898] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 318.576497] ? kasan_check_write+0x14/0x20 [ 318.580750] ? do_raw_spin_lock+0xc1/0x200 [ 318.585038] __handle_mm_fault+0x45ed/0x53e0 [ 318.589460] ? zap_class+0x640/0x640 [ 318.593208] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 318.598068] ? graph_lock+0x170/0x170 [ 318.601889] ? print_usage_bug+0xc0/0xc0 [ 318.605975] ? graph_lock+0x170/0x170 [ 318.609821] ? handle_mm_fault+0x42a/0xc70 [ 318.614086] ? lock_downgrade+0x900/0x900 [ 318.618269] ? check_preemption_disabled+0x48/0x200 [ 318.623333] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 318.629144] ? kasan_check_read+0x11/0x20 [ 318.633308] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 318.638602] ? rcu_bh_qs+0xc0/0xc0 [ 318.642158] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 318.647645] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 318.653203] ? check_preemption_disabled+0x48/0x200 [ 318.658292] handle_mm_fault+0x54f/0xc70 [ 318.662389] ? __handle_mm_fault+0x53e0/0x53e0 [ 318.666993] ? find_vma+0x34/0x190 [ 318.670556] __do_page_fault+0x67d/0xed0 [ 318.674645] ? mm_fault_error+0x380/0x380 [ 318.678815] ? graph_lock+0x170/0x170 [ 318.682653] do_page_fault+0xf2/0x7e0 [ 318.686488] ? vmalloc_sync_all+0x30/0x30 [ 318.690654] ? error_entry+0x76/0xd0 [ 318.694389] ? trace_hardirqs_off_caller+0xbb/0x310 [ 318.699438] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.704312] ? trace_hardirqs_on_caller+0x310/0x310 [ 318.709377] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.714251] page_fault+0x1e/0x30 [ 318.717717] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 318.723359] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 318.742291] RSP: 0018:ffff88018558f7f0 EFLAGS: 00010202 [ 318.747670] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 318.754968] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff88018558f890 [ 318.762266] RBP: ffff88018558f828 R08: ffffed0030ab1f13 R09: ffffed0030ab1f12 [ 318.769552] R10: ffffed0030ab1f12 R11: 0000000000000003 R12: 0000000020013004 [ 318.776829] R13: 0000000020013000 R14: ffff88018558f890 R15: 00007ffffffff000 [ 318.784216] ? _copy_from_user+0x10d/0x150 [ 318.788495] evdev_do_ioctl+0xb51/0x2180 [ 318.792579] ? str_to_user+0x90/0x90 [ 318.796302] ? lock_downgrade+0x900/0x900 [ 318.800472] ? graph_lock+0x170/0x170 [ 318.804303] ? do_futex+0x249/0x26d0 [ 318.808063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 318.813641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 318.819223] ? find_held_lock+0x36/0x1c0 [ 318.823339] ? __fget+0x4aa/0x740 [ 318.826815] ? lock_downgrade+0x900/0x900 [ 318.831011] ? check_preemption_disabled+0x48/0x200 [ 318.836075] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 318.841888] ? kasan_check_read+0x11/0x20 [ 318.846052] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 318.851344] ? rcu_bh_qs+0xc0/0xc0 [ 318.854954] ? __fget+0x4d1/0x740 [ 318.858434] ? ksys_dup3+0x680/0x680 [ 318.862177] evdev_ioctl_handler+0x144/0x1a0 [ 318.866645] evdev_ioctl+0x27/0x2e [ 318.870197] ? evdev_ioctl_compat+0x30/0x30 [ 318.874532] do_vfs_ioctl+0x1de/0x1720 [ 318.878449] ? ioctl_preallocate+0x300/0x300 [ 318.882895] ? __fget_light+0x2e9/0x430 [ 318.886891] ? fget_raw+0x20/0x20 [ 318.890393] ? _copy_to_user+0xc8/0x110 [ 318.894397] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 318.899955] ? put_timespec64+0x10f/0x1b0 [ 318.904168] ? nsecs_to_jiffies+0x30/0x30 [ 318.908415] ? do_syscall_64+0x9a/0x820 [ 318.912410] ? do_syscall_64+0x9a/0x820 [ 318.916406] ? lockdep_hardirqs_on+0x421/0x5c0 [ 318.921010] ? security_file_ioctl+0x94/0xc0 [ 318.925465] ksys_ioctl+0xa9/0xd0 [ 318.928944] __x64_sys_ioctl+0x73/0xb0 [ 318.932923] do_syscall_64+0x1b9/0x820 [ 318.936855] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 318.942242] ? syscall_return_slowpath+0x5e0/0x5e0 [ 318.947181] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.952422] ? trace_hardirqs_on_caller+0x310/0x310 [ 318.957487] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 318.962530] ? prepare_exit_to_usermode+0x291/0x3b0 [ 318.967565] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.972440] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 318.977639] RIP: 0033:0x457579 [ 318.980869] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 318.999808] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 319.007539] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 13:46:34 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x80000, 0x0) ioctl$BLKIOMIN(r0, 0x1278, &(0x7f0000000080)) r1 = socket$inet6(0xa, 0x1, 0x0) clone(0x210007fa, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) mount$9p_virtio(&(0x7f00000000c0)='/dev/qat_adf_ctl\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x40, &(0x7f0000000240)={'trans=virtio,', {[{@privport='privport'}, {@cache_fscache='cache=fscache'}, {@fscache='fscache'}, {@version_L='version=9p2000.L'}, {@aname={'aname', 0x3d, 'self+\\'}}, {@cache_loose='cache=loose'}, {@mmap='mmap'}, {@cache_none='cache=none'}, {@noextend='noextend'}], [{@smackfsdef={'smackfsdef', 0x3d, 'lo\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0xffffffffffffffff}}, {@pcr={'pcr', 0x3d, 0xc}}]}}) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000200)) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'lo\x00', &(0x7f0000000140)=@ethtool_stats={0x4d}}) [ 319.015023] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000005 [ 319.022298] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 319.029585] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 319.036872] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 319.206159] QAT: Invalid ioctl 13:46:34 executing program 1: syslog(0x3, &(0x7f0000000000)=""/112, 0x315b64d) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000200)=@in6={0xa, 0x0, 0xb, @mcast1={0xff, 0x1, [0x0, 0x0, 0xa0010000, 0x800000000000000]}}, 0x80, &(0x7f0000000140), 0x0, &(0x7f0000000a00)}, 0x0) [ 319.230431] QAT: Invalid ioctl 13:46:34 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000100)='/dev/snd/controlC#\x00', 0xfffffffffffffffd, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0x81785501, &(0x7f0000001000)) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000240)={0x0, 0xf8, "f93931d6a514476014329ce2ca75a10f412dab95f9fba534bbe59973fe9cae1474fb2fba8247d684255ed876363c43a3b49ca8757e1f009fd9db371ddd42275d907602584bccb99cf07c91aa24938b48bb54d64b0efa5c4fb45de48ef9b7754c86e61120b2fd001e016da8bab8b976fc31e60f61ed830664ac13ba0a4cb4581c37a4c6be3aefe849e52ab882d2728cfa90831bdd02c3af6317b9315eba53fcc17bed06fd649fd477b3ecc0f0ea2d05c5311863a5839121397fb0ebe80b1d30204931355f921b4f4d300a852872c3e1f0a8e660f06620fba79adc87d6317e2ef6de62008137dc7857b17e12286a9d971d0ad0cba8c2ae07e5"}, &(0x7f0000000340)=0x100) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000380)={r1, 0x0, 0x6, [0x6, 0x80000001, 0xfffffffffffffff7, 0x200, 0x101, 0x1]}, 0x14) r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x7ff, 0x20001) ioctl$EVIOCSREP(r2, 0x40084503, &(0x7f00000003c0)=[0x0, 0x6]) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e22, 0x7fff, @local, 0x6}}, 0x10001, 0x2, 0x5, 0x5, 0x2}, &(0x7f0000000080)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f00000000c0)={r3, 0x1ff, 0x10, 0x101, 0x71d2}, &(0x7f0000000200)=0x18) 13:46:35 executing program 0: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000), 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28000000110011000000000000000000ff0100000000000000001e00000100000000000000"], 0x1}}, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x2, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000500)={0x1}, 0x10) pipe(&(0x7f0000000380)={0xffffffffffffffff}) write(0xffffffffffffffff, &(0x7f00000001c0), 0xffffffea) restart_syscall() r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000180)="2e65f32efe0a6766c7442400008000006766c7442402000000006766c744240600000000670f011c24b866000f00d066b88044a2b20f23c80f21f866350400d0000f23f80f0766b80500000066b9080000000f01c10f0766b8010000000f01c10f01dfb835008ee0", 0x68}], 0x1, 0x0, &(0x7f00000000c0), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000480)=[@textreal={0x8, &(0x7f0000000300)="67660f3a400300baf80c66b85fbeb78066efbafc0cb0e3eeba200066edc30f350f20e06635200000000f22e0660f3830b3708f3e0f060f01712166b9800000c00f326635000100000f30", 0x4a}], 0x1, 0x10, &(0x7f00000004c0), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$vsock_dgram(r1, &(0x7f0000000040)={0x28, 0x0, 0x2711, @reserved}, 0x10) ioctl$KVM_RUN(r4, 0xae80, 0x0) 13:46:35 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sysfs$3(0x3) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x10100, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xbc, r1, 0x30, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x1ff}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x5}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x72b2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'nq\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, [], 0x1f}}, @IPVS_SVC_ATTR_PROTOCOL={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x12}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'eql\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x20000001}, 0x4041) syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x2, 0x2802) 13:46:35 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) r2 = getuid() sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid=r2}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) r3 = userfaultfd(0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r4, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r5 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r5, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r3) 13:46:35 executing program 4: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r3 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r3, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r2) 13:46:35 executing program 1: setrlimit(0x8, &(0x7f0000000000)={0x3, 0x385}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x200, 0x0) ioctl$TCSBRK(r0, 0x5409, 0x3) socketpair(0x18, 0x0, 0x0, &(0x7f0000000040)) 13:46:35 executing program 2: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="153f6234488dd25d766070") clone(0x0, &(0x7f0000000140)="b7828e45142a5ff6faa5bf65a1b55ce3343918015efb1ce3feb72306df7e63d04604dd4b6dfb692e3b621ba460efbb2a8388fedee596d0282649de4c1410934020a0f13f507654eec614046643d1e83129d51b3a0a522cdc18b76f6072177e63481e3adc3a8aa033bcb1756c8933001a79b89bd5eb31782177ce5d4b407b86bb6d0100e4df1f5d57361bcd536bccb598bf553735165c06b4e1c99ea3babd4aebf081018103b866d89306b7ee0a242bba2c93db73c15a97f2d46b129563ec303a9b2907d694353b1461daf3213b", &(0x7f0000000080), &(0x7f0000000240), &(0x7f0000000280)="a60b71a63882e33343d5c4e3b7941d0cb8d56e1a6b1a250d3210135402ee0fb5ecebec64679796493e497bdd6360df0e502ff1f321b984426db8b76360a6d5b07bc877ebcf743e5bb9f1028480d185447b46acf4f41788337209a0537cff7e5b79d97b277db004c087797dd625f76e263c9b875a14f028c522b98331edd5677e306842a9c220a8630581f7edf57cbd7291701155602738686ccc4501") r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)) read(r1, &(0x7f00000000c0)=""/117, 0xfffffffffffffeeb) 13:46:35 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x8080, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e21, 0x7, @local, 0x35}}, 0x7, 0x6, 0x80000000, 0x5, 0x9}, &(0x7f0000000040)=0x98) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={r1, @in6={{0xa, 0x4e23, 0x6, @remote, 0x523}}, 0x3f, 0xd2b, 0x7fff, 0xfff, 0xe0}, &(0x7f0000000240)=0x98) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="cf"]) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000080)="f20f1ac5f30fd6c066baf80cb81cadeb89ef66bafc0c66b8000066ef0f23bcc4c3296d5e000d0f01cbc744240022121284c744240201000000c7442406000000000f0114240f07b8010000000f01c10f2247", 0x52}], 0x1, 0x0, &(0x7f0000000000), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 319.643160] FAULT_FLAG_ALLOW_RETRY missing 30 [ 319.648063] CPU: 1 PID: 10298 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 319.655449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.664825] Call Trace: [ 319.667473] dump_stack+0x1c4/0x2b4 [ 319.671129] ? dump_stack_print_info.cold.2+0x52/0x52 [ 319.676395] ? kasan_check_write+0x14/0x20 [ 319.680694] ? do_raw_spin_lock+0xc1/0x200 [ 319.684975] handle_userfault.cold.33+0x47/0x62 [ 319.689699] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 319.694301] ? mark_held_locks+0x130/0x130 [ 319.698562] ? find_held_lock+0x36/0x1c0 [ 319.702659] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 319.708221] ? check_preemption_disabled+0x48/0x200 [ 319.713316] ? debug_smp_processor_id+0x1c/0x20 [ 319.718012] ? perf_trace_lock+0x14d/0x7a0 [ 319.722268] ? rcu_bh_qs+0xb1/0xc0 [ 319.725833] ? print_usage_bug+0xc0/0xc0 [ 319.729928] ? rcu_bh_qs+0xc0/0xc0 [ 319.733504] ? zap_class+0x640/0x640 [ 319.737240] ? __lock_acquire+0x7ec/0x4ec0 [ 319.741499] ? __unlock_page_memcg+0x70/0x100 [ 319.746030] ? graph_lock+0x170/0x170 [ 319.749869] ? __lock_acquire+0x7ec/0x4ec0 [ 319.754129] ? mark_held_locks+0x130/0x130 [ 319.758396] ? find_held_lock+0x36/0x1c0 [ 319.762501] ? __handle_mm_fault+0x45dc/0x53e0 [ 319.767105] ? lock_downgrade+0x900/0x900 [ 319.771283] ? kasan_check_read+0x11/0x20 [ 319.775463] ? do_raw_spin_unlock+0xa7/0x2f0 [ 319.779897] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 319.784503] ? kasan_check_write+0x14/0x20 [ 319.788760] ? do_raw_spin_lock+0xc1/0x200 [ 319.793050] __handle_mm_fault+0x45ed/0x53e0 [ 319.797475] ? zap_class+0x640/0x640 [ 319.801219] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 319.806079] ? graph_lock+0x170/0x170 [ 319.809914] ? print_usage_bug+0xc0/0xc0 [ 319.814005] ? graph_lock+0x170/0x170 [ 319.817861] ? handle_mm_fault+0x42a/0xc70 [ 319.822119] ? lock_downgrade+0x900/0x900 [ 319.826289] ? check_preemption_disabled+0x48/0x200 [ 319.831330] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 319.837145] ? kasan_check_read+0x11/0x20 [ 319.841312] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 319.846615] ? rcu_bh_qs+0xc0/0xc0 [ 319.850178] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 319.855648] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 319.861210] ? check_preemption_disabled+0x48/0x200 [ 319.866262] handle_mm_fault+0x54f/0xc70 [ 319.870350] ? __handle_mm_fault+0x53e0/0x53e0 [ 319.875005] ? find_vma+0x34/0x190 [ 319.878578] __do_page_fault+0x67d/0xed0 [ 319.882668] ? mm_fault_error+0x380/0x380 [ 319.886864] ? graph_lock+0x170/0x170 [ 319.890700] ? migrate_swap_stop+0x930/0x930 [ 319.895136] do_page_fault+0xf2/0x7e0 [ 319.898964] ? vmalloc_sync_all+0x30/0x30 [ 319.903137] ? error_entry+0x76/0xd0 [ 319.906891] ? trace_hardirqs_off_caller+0xbb/0x310 [ 319.911934] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 319.916801] ? trace_hardirqs_on_caller+0x310/0x310 [ 319.921900] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 319.926790] page_fault+0x1e/0x30 [ 319.930269] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 319.935913] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 319.954848] RSP: 0018:ffff88018558f7f0 EFLAGS: 00010202 [ 319.960240] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 319.967528] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff88018558f890 [ 319.974819] RBP: ffff88018558f828 R08: ffffed0030ab1f13 R09: ffffed0030ab1f12 [ 319.982119] R10: ffffed0030ab1f12 R11: 0000000000000003 R12: 0000000020013004 [ 319.989411] R13: 0000000020013000 R14: ffff88018558f890 R15: 00007ffffffff000 [ 319.996738] ? _copy_from_user+0x10d/0x150 [ 320.001005] evdev_do_ioctl+0xb51/0x2180 [ 320.005096] ? str_to_user+0x90/0x90 [ 320.008829] ? lock_downgrade+0x900/0x900 [ 320.013010] ? graph_lock+0x170/0x170 [ 320.016831] ? do_futex+0x249/0x26d0 [ 320.016872] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.016898] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.026160] ? find_held_lock+0x36/0x1c0 [ 320.026190] ? __fget+0x4aa/0x740 [ 320.026210] ? lock_downgrade+0x900/0x900 [ 320.043400] ? check_preemption_disabled+0x48/0x200 [ 320.048430] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 320.054232] ? kasan_check_read+0x11/0x20 [ 320.058903] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 320.064188] ? rcu_bh_qs+0xc0/0xc0 [ 320.067749] ? __fget+0x4d1/0x740 [ 320.071217] ? ksys_dup3+0x680/0x680 [ 320.074947] evdev_ioctl_handler+0x144/0x1a0 [ 320.079375] evdev_ioctl+0x27/0x2e [ 320.082928] ? evdev_ioctl_compat+0x30/0x30 [ 320.087268] do_vfs_ioctl+0x1de/0x1720 [ 320.091169] ? ioctl_preallocate+0x300/0x300 [ 320.095593] ? __fget_light+0x2e9/0x430 [ 320.099598] ? fget_raw+0x20/0x20 [ 320.103056] ? _copy_to_user+0xc8/0x110 [ 320.107040] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 320.112583] ? put_timespec64+0x10f/0x1b0 [ 320.116739] ? nsecs_to_jiffies+0x30/0x30 [ 320.120895] ? do_syscall_64+0x9a/0x820 [ 320.124896] ? do_syscall_64+0x9a/0x820 [ 320.128883] ? lockdep_hardirqs_on+0x421/0x5c0 [ 320.133476] ? security_file_ioctl+0x94/0xc0 [ 320.137895] ksys_ioctl+0xa9/0xd0 [ 320.141367] __x64_sys_ioctl+0x73/0xb0 [ 320.145263] do_syscall_64+0x1b9/0x820 [ 320.149155] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 320.154526] ? syscall_return_slowpath+0x5e0/0x5e0 [ 320.159463] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.164335] ? trace_hardirqs_on_caller+0x310/0x310 [ 320.169375] ? prepare_exit_to_usermode+0x291/0x3b0 [ 320.174406] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.179263] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.184455] RIP: 0033:0x457579 [ 320.187653] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 320.206563] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 320.214280] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 320.221561] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000005 [ 320.228830] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 320.236129] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 13:46:35 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000017000)=0xfffff7fffffffffd, 0x4) bind$inet(r0, &(0x7f0000011ff0)={0x2, 0x4e20, @multicast2}, 0x10) r1 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="252464dfd6e3eff73aa8c66d235b6e9004a6396fb442328ab37c0fb7672c6cadd620eb0e2a53d1faf964c239fd4c4876d48953edf2232059225fd260ca6bc82e9a8377e9344afe7be9ac5f01d5bfc251e715ba58717fcdb1770d27cce98d85ddb8883f8ec985da2b76a5270bea6ddd32832eab7936d1e303a37af72609e62f4bf556619225a0382ae5db04e86d6b8b5776cd4c4e496ebdd36b536d94ef2571e0e2468d13858584ce8767a7e2d4af5477d450f66b053786417c16df3dd4855286f4e1acf2490181485e11f9b4db9bac3a19ef7f921e1eb24a733594bc5ee3da4b3ee47954118480d07664a2fc0fba6193950d2c10c1100a", 0xf7, 0xfffffffffffffffd) keyctl$update(0x2, r1, &(0x7f0000000480)="5e43952d551d59c8538cd561e7f4f4eebea664b60980ca1a639ba0378a835445d03f30fc63255bc69b895df9b97caa32188b004cb30db5d517248a12c37d725d668399823eb8f9dc6ef73416576026584c795438d0a53c00ccfc4e94907c6e256063434490ce9b92955ec1d6cc9aacb0358816a04c80710cba48bc510bc21b9564be3f9ef6a6049968ed63b1b45c957727577d7d063ebf6a4ff470930c651db671cbcf306579bf03a393364d12d84f2e3b8d0336e9d3bc2e86c408dcc93759dee377d8c63c527cccba75140529e4fdaac9995acd459ce3d5a242499d447b36cbe22a7f58f50c97e199ed8dc4dfe9f26146a66d2babaca8fa490475a8110c0443246e51381906fc19168dd65017e40c325d52fe961574725f540b852ac532fa83bf3000cd04265860ae1ebe77e5d56eb01dc2ed456f577ba22ebf03a1df10f3d1ca86dff978544bb099e0e23a0546d57dce14bdb073a4c08f77aa1bf94f9a389f4f729db818a6892cf707a41502b4d8dcb664097db44510cd1d48dbd18e34c6195d0ca802ae77d34207b3ad7e8b090f630c3948928be9ca24f38a4d36117ec85ea6c1dbf5663a89bee638a1cf95e225df0859e08988d6f98db41aa05e19fc66d50bf31542c4b3599759fc6a30e8b4a5371066a5843f73235fcf5def0c2c33ca2cf6bef0bb606a3c1b00871e4e85b1e6c22358f8cba73e7a55b50540fa59ce0e644129ecfa3e30312cc9d06b1d8be5bc58bbf9be48a41f3d835b93a4b58deb6a5eb85233aa885e76f3a7b31d7fdea0cda6bed920806022440aab2153533344b949fb5ba6679980dbfb72a524a69eeecb546560930b09396555d865464a738a9f33c0634213cecd6d131c4c0b02ed4388f746b329a639e2c1edc7983e2e9856f9a81ce7616ca20f0cac577b42944d3866dea45d595c0f644cea6691c671fcfd6676e7a6bc864a84c5391c27a1a49637d615d7fbfaab9ba33b55ba34cd324c030785424c9d715723698eec76f16df9c6ac9b5d219462c335bf13df164e75f3034a0af64f049c2b430c8c4d330ea468c2aaf283733cf6fa1fd58b10701b2ab4a268578df2885d4567421ee9ec5252d3a9fc49f14460d6cefb5fb8f1d1ad3455e4c39fcf94bffb9a20ebf7f86f98cd9a8a9633f8121f78466c331836f15061fa156cb0d13d32158cf804ddf738e6323c26a500ef69865113427a25ffe74e35b3a232efc2b699ac1205527be3aeb55e2f80bdfd86bffa5788402dc11fa277d035e8c6482747812dcc91426f0c860f24040706166b092dd0c41eb13b6b5b1c21a5410931648357d1b05b15e5cb49cccbb7d17a348aa457302a0b143ce33821f03fced7268774b4125125cf335c5e49cfe624e0bee94cc951b667f186d7c8477fa1bfe00aa8062443d99677c6c78d95d97e036756433ee19086f56800169a692022312051b35e69a33183ddbbc4b23fb10cd98170b06d7c10343ef4f638894a6c4f397e073d078724892792b8b55b0295e9fa1cd3067518ff6ebe80bb55e87bc40065b78cf1e8cd7fe3838734a05440d513e1d89008ca08d954074dbae237323f014b8ae72adc63c582446f43f66b04da1a6ffaeee881fe3dcc4f89ad0e8864434999df7550ba6983b6fe34d4753d215671038f852247c7e150119cee915fd94369bd5002721170c650a01a24e08f01ba1070956e91f88f600a15b1ed4a11943f5657053b98cdb825fd971f3089ef3b0f33c7c51ed9b01beef5131296cb9b8de225e0cdfca54bb96b61c3144801195c95b7089e8567016234a72581de588dfe91d6e5794efd00c42c144c2e8528b83eff58f946f74dae0904466cd897f091e58cb4145fc4bc4eded3349dcce16c2af74333fcd5dc29d16a4b5a483b72ce03d0f699330412230b1243427b4acdee638ce486ab573a002edec89fb80f98a4bc7ff4787b38658290274e41962537a6358a05e9fd957c2b8ab232c0e1fd6015a3a059bedd0fca82a87c995eb747811da755fecee0cdd7876f33b0efea176bc6c69e1c6bdeb360c2555d54d954ee9427779216690fbe406bf9638309cbc51a0b2ec4b45d436058252aa4a1665d91959b0070c3bf13548cfb922540662a593ed200c070f7fa10ed655adee88037821e1ddbc091ea2cf63806d21b7d8913fe7fa31e3b02d6c1390309bfd2138fbc0b4c282459b663511a04f35430ef37288912bd49a87ece301fce6c01c15b2a15a035f63a60ccb095d2491185a0953b2523a3a9b4aa990313067de24d1543e2d20f030064dc4ff9008a4850049b9839ab7b61685884af15a6fd0b9869d1104b7c74d34be46d8ccef9ece9d3fea15b8c358d5ec1f1a1da3f6705d284b3af3b5a529ab2bb18398954dab115409ba7eb58de729c6a986b5663856cbfbf55ef1633771eb8c0079bb2fd436ebb2acb2eb15b270fd1cc59b79461f4f6e91ccfbee6c8780ebb851008df24573149da236770f1ef0b9f1dff44b95d9e89a4466416db3e9bffce7bf4563174877f32342d3c2ef91c26147ef71e294f3b2e684976996b1ea337df0fa4d94c736b30cbfb9820dd2840aa565ebc64b00d698db3d1ab7a2d8656591201f959dc45944ef97f87f0b66e3cac6bd0831d86ac7e927794caf101594f6d25bd064962a1a2986e7f4582bd6963b16791fff5b235734f88481531afe56830a419a757dca95c9d4ab9a26e177c24136464307022a02ebea837b2d2d5f95917fa88b834d4d614442fa4eeff0a8495c469b68c0ed3bd59ecd42052deea66a2ac6100f77df202bac06ced9e1d8ecf430fc3743ffc142e36a9f14c52196f48805fb506565fa192f6712273cf017ec7c5d8245e256ac7bc3322b4f256bdc6283871284773fe12992b7610147a1505c65606c5941a10c21027e7428792811683e8b04d8c110d88380d7b9a61adfaa236e3be430dd459368fd4c455f5a03a873bb9d54557ce8024c461f58846f6ece157df952b13c26a51d65581b4545d6f70eef15bca47901507b2a2b6984ab0487b1557cf1043f8091f23dba6a12d5259117975b0d98ceab55904507742dc780468d86e7aeeeec225260cc92a0a4c7afe982d1c590a9fc4fc21b77377cf2ed7470dfa1cfdc0ae335138e8dc92277db932e1dd9498c4cd92dc08d448a13dd8bceb1795e20415b984a79398ffc658d6beae690b43165aa8e1cbca0d1a1f7cf0eeaea6a5d6df20a6a8319f0897c9f5d6230b5bd06278943d98afbfa26e48624f994115a49bd4dcc1b2c9619806ea35660491497ce40ec6cc30cd0e057fe3120db644dd3d92b97ca743a56f7c2ef698691f93c21b459e435416b37e8dc01e9e795d112c764659f3459b88dec34d063ced5cd22b7c57ae112069f4ded85688b6e1908b688c1405d9c166ba6442e10b000fe31b661f4d36dfb51c447d8b54a6a13a4d2f815224cc0f95f09bc2c2910348ee57a68bbf31807ce7479e6bba5ac2aa913c306cd5da882a8dbc4ba89f4aea0c9a1fd9a15d6741bbc6f895f3db804b116cff769b458efb29c3c345127b23d0ea520a6cd080c5861ebc116050ef36497ffb44d62b8d1ea87b8b19046cf9ccc3572ec2c3a700bcd068d8db7c07b44cc66de4d52e8ff195cb2e214c6b6c188f4269b52d83a8b851fcd5d43ea5cb1c5873d7d48493608c8ca88306c844fb44af70306527268c5e9d47c0d307e43766ed506a676b9e5a88f36afd69bede70b1af7510f536233964e86ea06643ae2209395e1bb602619881831d422c302b0406c099104863a60f503c6191ebcfeef272bd7b6dad09865249dd9044b30f53d4514fa99c4275d46a3b286a23dd15155f24b7194a3fda38fe6a555d933f529875c13b0f170701ac1e5d30a4d0bba2c3fd4b56e235bce29beff82d7885b3d017b9cf81227864c510f011f5678814791c4962f266ac635773443ffbb474e1e1386d191a4095faf9dd0348e7294740883bbcdf719bf12f76d0bec4fe7d7f9b2a1465e44673442716b60b238a5a99c1fe553fb4b9cd1b25a045188abc66b6597bd23ecae2b1499682ed9ea4a3e65064d2935215632b611e13cecc623dbdee6804a6edcf2fe3268e73c76fbd0188a896187d81defa12c4a9374bc8d539c530532fa54628f36fc51f474cde7d8f4ae973f93e3183e9d2a6c68c40e4a10ab908d5903e6b216955e58d40cca197e820e55b678de19570ee23f954a14bb1941bafbe66f3d8ad2af306a61205b45519667dfd333070cb49f1f0a793693932630a6536760705df5756f118d848ba3c2f0c2da2f84da30d75235cc693476314dd05fd79b03bdeda663b540309e23276c0779cbc7f4cf2c8dcc4d2d22b66b2ddd012b6038b31db06ca7d361108172e2606b94477301eefe52f58e0439db2fb991fb41e5c0610d06284a31f259171c5de10db23c8baccc2741462ac8e6cae7abd4d1e7269693f8d1ed8ba5a24e2bace8933a596cae50c5a3a969dc7fbbd03b804882faaf4018596102163c7f22ddf041ad10e996ff8fbc19e9bcb4349b3a8d86a251350b2b7f483e0f41a37ceed199e81e9ca8c0fbac8a55872d3bd502b9b559502e689a33ad83f910a80e3591d8e06341f3581f36d88fd110c46aa0908aa8738725c93ae2937373064593a534ea2ba7694f4f534246979c35ac503fb9e2a9298cd74c03df5cd9ff3b61265d29bfe828b7e01e3128e105f96f4b07b2f3c084d88d354b6ee54f50d2ed7f3ccd37e49c4e381a1ce59c7897c31e9ff3a18acf7105c9e8b6d148feaed7008a8bca6548ec3f101a8c897795073c3c931077698d6b0c09385bc040027e6dcb5aa5ca66b70f662e6945efaa5251efebacae9d0f5a17fcc06b241c1de4af0a1aedac4deb2c827425f22f0a84941394fde3d8968384569c1808868154136c6a44fe462c636514c7b5176782346090ae60c56394b9db97bdc3fd83291b6a797d43c986231179a58561eaa7da221bbb639a3ce2a1aa5e5633ff94f88b198b3b0f080d166f155e72817825ccf8ced5bbb20030b20c7943343c52f9dc986738f8ae2193f5244c740c27bb8b2cf27cad6620fe1d90bb973e7af17a62ec0490666bd8a89fa578d35f15d66ef5051ea1fc5c15720c79b5f3db87c27ede7d74461cd68d487db18126167344068cc2e666132f76393646f50edb7a2a1f6fe2178d2572adaff1e351059cb4c70382f413c51f2f0c3a1887c870c1e4ec7749d98e92b802ce97bf0dbf2e823c785864a2972dfcd3020f98e1d6290ae6247f67d7ef7b91aa4bef3fd621ad9fd247a9ca35022e103abda06fc73ce74b10f999ac3e0e162d328e2a1667a1c066c42af82d5a2179d10e22e7203942034d09fe186c89f7f27b7ccd89c6ac157faa900354e93be81ac5a524bbcc41a19992d514e2ad20f8781703cb03b3bda0de033b52d8fbcad844e18e8fcb6d7907ee01dd5c56242550aff09676d8fc53329477a1bcf4c28212dd10378cad033046038bd29d0c282ff7b2156f626b15a1bea01f82e111ce21bfcadda90c3998bd6b73cf4ff01b4290923330026ae75f9370a4f704221a2d911af8832ee1f8b7b4d7118a6531fc4ef1d96315f20c7b76d5cfbd1d001d06842f76073a8b115e8b50988eaf97f6610f35eb95ccd3e38c9b63571f0549f63efbf14f8472dde6df0fa74fbf08abeb70059a8514ac8df618463a2de3f6a13f52ef8be850680d1e3ac8b376fbd85394861c39680628eb2900836e247e85b12fe037671e8c06107aa1525d3f99d646a81bdb6a900b872ffa2301e8a516be6a9a2c4a2f655918b574906748677c65c0ff405c24d632ce6ed25951908", 0x1000) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000440)='lo\x00', 0x10) listen(r0, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000017000)=0xfffff7fffffffffd, 0x4) bind$inet(r2, &(0x7f0000011ff0)={0x2, 0x4e20, @multicast2}, 0x10) listen(r2, 0x0) [ 320.243402] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:36 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000380)={0x1fe, 0x0, &(0x7f0000ff9000/0x4000)=nil}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RVERSION(r0, &(0x7f00000003c0)={0x15, 0x65, 0xffff, 0x0, 0x8, '9P2000.u'}, 0x15) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getuid() syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file0\x00', 0x7ffe, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000140)="4635f1f17d683cd32e3731ba6a6c867586cc90cefca3b246af3d351a9a1f8a2fba872de59ad408d8a60d1f6c7243e94f4e6ec80b562b023decde1a9ef13add497d2a207a2e7e180483", 0x49, 0xb}], 0x0, &(0x7f0000000240)) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4008700c, &(0x7f0000004540)) 13:46:36 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='mounts\x00') getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000000c0)={0x0, 0x4}, &(0x7f0000000100)=0x8) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f00000002c0)) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000140)={0xffffffff, 0x800a, 0x1, 0x80000000, r1}, 0x10) unshare(0x600) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000180)={r1, @in6={{0xa, 0x4e22, 0x5, @ipv4={[], [], @broadcast}, 0x5a0c}}, 0x3f, 0xa2}, &(0x7f0000000240)=0x90) pselect6(0x40, &(0x7f0000000000)={0x8}, &(0x7f0000000040), &(0x7f0000000300), &(0x7f0000000340)={0x0, 0x1c9c380}, &(0x7f0000000280)={&(0x7f0000000380), 0x8}) 13:46:36 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) r2 = getuid() sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid=r2}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) r3 = userfaultfd(0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r4, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r5 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r5, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r3) 13:46:36 executing program 1: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x614100, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000040)=""/31, &(0x7f0000000080)=0x1f) poll(&(0x7f00000000c0)=[{r0, 0x2040}, {r0, 0x40}, {r0, 0x8014}, {r0, 0x2}, {r0, 0x11}, {r0, 0x401}], 0x6, 0x3) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000100)="f1ff88e94f6222171546bc781ae30983", 0x10) ioctl$KVM_SMI(r0, 0xaeb7) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0xf) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x200000, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000180)=0x4031) ioctl$IOC_PR_PREEMPT_ABORT(r0, 0x401870cc, &(0x7f00000001c0)={0x100000001, 0xb15, 0x5, 0x3f}) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, r2, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x18, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0xf}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000340)=0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f00000003c0)={{0x6, 0x6, 0xf2, 0x5, 'syz1\x00', 0x3ff}, 0x3, 0x10000400, 0x4, r3, 0x7, 0x8, 'syz1\x00', &(0x7f0000000380)=["2a73656c66bf00", '#\x00', '/dev/urandom\x00', '/dev/rtc0\x00', 'IPVS\x00', 'IPVS\x00', '\x00'], 0x2b, [], [0x10000, 0x4f8, 0x3ff, 0x3d5f]}) r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000500)='/dev/vsock\x00', 0x100, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000580)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000540)={0xffffffffffffffff}, 0x2, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r4, &(0x7f00000005c0)={0xf, 0x8, 0xfa00, {r5, 0xb}}, 0x10) r6 = geteuid() fstat(r4, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(r0, &(0x7f0000000600)='./file0\x00', r6, r8, 0x1000) setsockopt$inet6_buf(r0, 0x29, 0xff, &(0x7f00000006c0)="681913eb1bb2f14592438bca78625498", 0x10) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000700)={0x6, 0x0, [{0x81c, 0x0, 0x3}, {0xbff, 0x0, 0x3a9c}, {0xe1e77a9d23eaa4e6, 0x0, 0x6}, {0x0, 0x0, 0x8001}, {0xbfe, 0x0, 0x6}, {0xbff}]}) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000780)=0x5) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f00000007c0), 0x4) r9 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000800)='/proc/self/net/pfkey\x00', 0x40000, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000840)={'bcsh0\x00', 0x0}) setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000880)={{{@in6=@local, @in=@rand_addr=0x7, 0x4e20, 0x0, 0x4e20, 0x3, 0xa, 0x20, 0x80, 0x3b, r10, r7}, {0x8, 0x9, 0x1, 0x0, 0xfff, 0x6, 0x3f11, 0x1}, {0x5, 0x7, 0x7fffffff, 0x6}, 0x9, 0x6e6bbb, 0x3, 0x0, 0x3, 0x3}, {{@in6=@mcast2, 0x4d6, 0x7f}, 0x0, @in6=@loopback, 0x3500, 0x0, 0x1, 0x5, 0x7c2c3a96, 0x7, 0x1}}, 0xe8) read(r9, &(0x7f0000000980)=""/205, 0xcd) sync_file_range(r4, 0x2, 0x3800000, 0x0) ioctl$UI_DEV_CREATE(r4, 0x5501) ioctl(r1, 0x101, &(0x7f0000000a80)="631491ff245213b6b07a62b97a67be815717bf3f2e879c596964f2093da163e9346e45217dc8a0a4dd00b3f0bf2570e646d279a34123f167768b87a664186362cabaa39c") 13:46:36 executing program 4: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid=r1}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r3 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r3, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r2) [ 320.510455] Unknown ioctl 1074310793 13:46:36 executing program 2: openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='fdinfo/3\x00') setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000000), 0x4) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) r1 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000340)="f3d667dd28140eebc3804cf84d6bbb73380bf3c85664af0afea764ed508589448d6c610d597e8bcd1f5c9a1436c314eb1bd5ef5248937dbfb0223bbe9f862dc0bcb69527169e7c8b6a719c308f8f2f567442e83c30c8112ef9b0279f27b58ea68ff9c08792da460f27089b000db9fdf4d6921a72d4f3c01ec47780de49de4013cab41b95745e58cff82ed27586db76a5eaeaf3af7810b769ae5091ffa557f5c34493a1a0bdc568c9a73654d12ab5d573ef6b2e385ede5c6f4b4aa8d1573bb6e0111c578977", 0xc5, 0xfffffffffffffffd) keyctl$read(0xb, r1, &(0x7f0000000240)=""/143, 0x8f) [ 320.533498] Unknown ioctl 21761 [ 320.533591] ntfs: (device loop0): is_boot_sector_ntfs(): Invalid boot sector checksum. [ 320.548210] Unknown ioctl 1074310793 [ 320.573204] Unknown ioctl 21761 [ 320.605781] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 320.656548] FAULT_FLAG_ALLOW_RETRY missing 30 [ 320.668695] ntfs: (device loop0): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover. [ 320.670358] CPU: 0 PID: 10333 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 320.688170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.697545] Call Trace: [ 320.700163] dump_stack+0x1c4/0x2b4 [ 320.703830] ? dump_stack_print_info.cold.2+0x52/0x52 [ 320.709102] handle_userfault.cold.33+0x47/0x62 [ 320.713914] ? perf_trace_run_bpf_submit+0x267/0x330 [ 320.719054] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 320.723713] ? perf_tp_event+0xbe0/0xbe0 [ 320.727809] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.733407] ? check_preemption_disabled+0x48/0x200 [ 320.738492] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.743812] ntfs: (device loop0): ntfs_fill_super(): Not an NTFS volume. [ 320.744054] ? check_preemption_disabled+0x48/0x200 [ 320.755928] ? memset+0x31/0x40 [ 320.759277] ? perf_trace_lock+0x4a7/0x7a0 [ 320.763563] ? zap_class+0x640/0x640 [ 320.767330] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.772915] ? check_preemption_disabled+0x48/0x200 [ 320.777963] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.783536] ? graph_lock+0x170/0x170 [ 320.787407] ? __lock_acquire+0x7ec/0x4ec0 [ 320.791693] ? find_held_lock+0x36/0x1c0 [ 320.795813] ? __handle_mm_fault+0x45dc/0x53e0 [ 320.800437] ? lock_downgrade+0x900/0x900 [ 320.804652] ? kasan_check_read+0x11/0x20 [ 320.808824] ? do_raw_spin_unlock+0xa7/0x2f0 [ 320.813277] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 320.817897] ? kasan_check_write+0x14/0x20 [ 320.822154] ? do_raw_spin_lock+0xc1/0x200 [ 320.826455] __handle_mm_fault+0x45ed/0x53e0 [ 320.830888] ? zap_class+0x640/0x640 [ 320.834647] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 320.839513] ? graph_lock+0x170/0x170 [ 320.843356] ? print_usage_bug+0xc0/0xc0 [ 320.847451] ? perf_swevent_put_recursion_context+0x1f/0xa0 [ 320.853189] ? graph_lock+0x170/0x170 [ 320.857070] ? handle_mm_fault+0x42a/0xc70 [ 320.861361] ? lock_downgrade+0x900/0x900 [ 320.865555] ? check_preemption_disabled+0x48/0x200 [ 320.870609] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 320.876426] ? kasan_check_read+0x11/0x20 [ 320.880601] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 320.885903] ? rcu_bh_qs+0xc0/0xc0 [ 320.889469] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 320.895046] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 320.900611] ? check_preemption_disabled+0x48/0x200 [ 320.905669] handle_mm_fault+0x54f/0xc70 [ 320.909766] ? __handle_mm_fault+0x53e0/0x53e0 [ 320.914382] ? find_vma+0x34/0x190 [ 320.917964] __do_page_fault+0x67d/0xed0 [ 320.922072] ? mm_fault_error+0x380/0x380 [ 320.926243] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 320.931287] ? graph_lock+0x170/0x170 [ 320.935132] do_page_fault+0xf2/0x7e0 [ 320.938963] ? vmalloc_sync_all+0x30/0x30 [ 320.943136] ? error_entry+0x76/0xd0 [ 320.946890] ? trace_hardirqs_off_caller+0xbb/0x310 [ 320.952419] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.957287] ? trace_hardirqs_on_caller+0x310/0x310 [ 320.962360] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.967280] page_fault+0x1e/0x30 [ 320.970783] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 320.976465] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 320.995387] RSP: 0018:ffff8801898377f0 EFLAGS: 00010202 [ 321.000782] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 321.008067] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880189837890 [ 321.015351] RBP: ffff880189837828 R08: ffffed0031306f13 R09: ffffed0031306f12 [ 321.022651] R10: ffffed0031306f12 R11: 0000000000000003 R12: 0000000020013004 [ 321.029943] R13: 0000000020013000 R14: ffff880189837890 R15: 00007ffffffff000 [ 321.037292] ? _copy_from_user+0x10d/0x150 [ 321.041564] evdev_do_ioctl+0xb51/0x2180 [ 321.045664] ? str_to_user+0x90/0x90 [ 321.049408] ? graph_lock+0x170/0x170 [ 321.053240] ? perf_tp_event+0xbe0/0xbe0 [ 321.057562] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 321.063128] ? check_preemption_disabled+0x48/0x200 [ 321.068184] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 321.073768] ? check_preemption_disabled+0x48/0x200 [ 321.078830] ? memset+0x31/0x40 [ 321.082172] ? find_held_lock+0x36/0x1c0 [ 321.086279] ? __fget+0x4aa/0x740 [ 321.089757] ? lock_downgrade+0x900/0x900 [ 321.093926] ? check_preemption_disabled+0x48/0x200 [ 321.098977] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 321.104795] ? kasan_check_read+0x11/0x20 [ 321.108968] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 321.114272] ? rcu_bh_qs+0xc0/0xc0 [ 321.117897] ? __fget+0x4d1/0x740 [ 321.121427] ? ksys_dup3+0x680/0x680 [ 321.125190] evdev_ioctl_handler+0x144/0x1a0 [ 321.129638] evdev_ioctl+0x27/0x2e [ 321.133205] ? evdev_ioctl_compat+0x30/0x30 [ 321.137558] do_vfs_ioctl+0x1de/0x1720 [ 321.141495] ? ioctl_preallocate+0x300/0x300 [ 321.145927] ? __fget_light+0x2e9/0x430 [ 321.149930] ? fget_raw+0x20/0x20 [ 321.153407] ? _copy_to_user+0xc8/0x110 [ 321.157436] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 321.162995] ? put_timespec64+0x10f/0x1b0 [ 321.167178] ? nsecs_to_jiffies+0x30/0x30 [ 321.171350] ? do_syscall_64+0x9a/0x820 [ 321.175348] ? do_syscall_64+0x9a/0x820 [ 321.179349] ? lockdep_hardirqs_on+0x421/0x5c0 [ 321.183962] ? security_file_ioctl+0x94/0xc0 [ 321.188406] ksys_ioctl+0xa9/0xd0 [ 321.191910] __x64_sys_ioctl+0x73/0xb0 [ 321.195858] do_syscall_64+0x1b9/0x820 [ 321.199770] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 321.205162] ? syscall_return_slowpath+0x5e0/0x5e0 [ 321.210115] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.214986] ? trace_hardirqs_on_caller+0x310/0x310 [ 321.220030] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 321.225092] ? prepare_exit_to_usermode+0x291/0x3b0 [ 321.230147] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.235046] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.240253] RIP: 0033:0x457579 13:46:36 executing program 3: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x301000, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, r0, 0x0) madvise(&(0x7f000079c000/0x800000)=nil, 0x800000, 0xc) sigaltstack(&(0x7f0000804000/0x1000)=nil, &(0x7f0000000000)) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0xc4, 0x4) ioctl$KVM_SMI(r1, 0xaeb7) ppoll(&(0x7f0000000040)=[{r1, 0x80}, {r1, 0xd0}, {r1}, {r1, 0x2000}, {r1}], 0x5, &(0x7f0000000080)={0x0, 0x1c9c380}, &(0x7f00000000c0)={0x8}, 0x8) ioctl$PIO_FONTX(r0, 0x4b6c, &(0x7f0000000380)="18a5793d89203bcde92d2ac99def1ed65d77671be0a21820febc1bf7b06b24cf5d3c7da6cf9d6aabd17a3f7c") perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x11, 0x3, 0x300) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200)=@nfc, 0x80, &(0x7f0000000000)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1, &(0x7f0000000280)=""/240, 0xd932}, 0x0) r2 = socket$kcm(0xa, 0x2, 0x11) lsetxattr$security_smack_entry(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='security.SMACK64MMAP\x00', &(0x7f00000014c0)='/dev/audio\x00', 0xb, 0x2) sendmsg$kcm(r2, &(0x7f0000000480)={&(0x7f0000000080)=@in6={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [0xe803, 0x0, 0x2a0]}, 0xd}, 0x80, &(0x7f0000000340), 0x2b, &(0x7f0000000180)}, 0x0) madvise(&(0x7f00002f8000/0xc00000)=nil, 0xc00000, 0xd) 13:46:36 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = accept$inet(0xffffffffffffff9c, &(0x7f0000000400), &(0x7f0000000440)=0x10) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000540)) r3 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x0, 0x549080) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000200)) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @dev}, 0x10) sendto$inet(r2, &(0x7f0000000000), 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) getpid() getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000640)={{{@in=@rand_addr, @in=@dev}}, {{@in6=@mcast1}, 0x0, @in6=@ipv4={[], [], @broadcast}}}, &(0x7f00000004c0)=0xe8) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000380), &(0x7f0000000340)=0xffffffffffffff83) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000780)) geteuid() lstat(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000ac0)={0x0, r3, 0x0, 0x2, &(0x7f0000000a80)='[\x00'}, 0x30) fstat(r0, &(0x7f0000000b00)) getgroups(0x4, &(0x7f0000000b80)=[0xffffffffffffffff, 0x0, 0xee00, 0xffffffffffffffff]) getpgrp(0xffffffffffffffff) getresgid(&(0x7f0000000d00), &(0x7f0000000d40), &(0x7f0000000d80)) sendmmsg$unix(r3, &(0x7f0000001480)=[{&(0x7f0000000e00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001400)=[{&(0x7f0000001340)="7de79d14b3ea20ec6d4137c402336743588b58fb143f2c469a05c75358aa224058113a560c3630fe23f8174b58ad8f7b7acb52d60359af80b696c49958dfe749ceda6422ba74e614623c20f22dcd99fb0b0e064f7a163980810e970550272dd6ede9d1c31ea1d2dca0e4c00ee77872e5047da82997cff868a3804a894c0d873d5e19a71f3b0c4ae5c59d4d72a4101541ed546e2766e68b9ce4dee64ce9", 0x9d}], 0x1, 0x0, 0x0, 0x40}], 0x1, 0x40) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000015c0)='ip6_vti0\x00', 0x10) syz_open_dev$sndtimer(&(0x7f00000007c0)='/dev/snd/timer\x00', 0x0, 0x8000) r4 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x105082) ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000240)={{0x1, 0x0, 0x3f, 0x6}, 'syz1\x00', 0x50}) tgkill(0x0, 0x0, 0x1f) r5 = memfd_create(&(0x7f00000000c0)="000000008c00000000000000000000", 0x0) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x10, &(0x7f00000001c0)={0x80}) sched_getaffinity(0x0, 0x8, &(0x7f0000000180)) pwritev(r5, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5) sendfile(r2, r4, &(0x7f00000ddff8), 0x102000002) [ 321.243470] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 321.262387] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 321.270125] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 321.277422] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000005 [ 321.284720] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 321.292008] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 321.299293] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:37 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) getuid() mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 321.349825] ntfs: (device loop0): is_boot_sector_ntfs(): Invalid boot sector checksum. [ 321.380939] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. 13:46:37 executing program 2: openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='fdinfo/3\x00') setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000000), 0x4) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) r1 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000340)="f3d667dd28140eebc3804cf84d6bbb73380bf3c85664af0afea764ed508589448d6c610d597e8bcd1f5c9a1436c314eb1bd5ef5248937dbfb0223bbe9f862dc0bcb69527169e7c8b6a719c308f8f2f567442e83c30c8112ef9b0279f27b58ea68ff9c08792da460f27089b000db9fdf4d6921a72d4f3c01ec47780de49de4013cab41b95745e58cff82ed27586db76a5eaeaf3af7810b769ae5091ffa557f5c34493a1a0bdc568c9a73654d12ab5d573ef6b2e385ede5c6f4b4aa8d1573bb6e0111c578977", 0xc5, 0xfffffffffffffffd) keyctl$read(0xb, r1, &(0x7f0000000240)=""/143, 0x8f) [ 321.420589] ntfs: (device loop0): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover. 13:46:37 executing program 4: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x80, @uid=r1}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r3 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r3, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r2) 13:46:37 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000400)="f02da9e8b95d3f0000000087b40ea2d3", 0x10) r1 = syz_open_dev$usbmon(&(0x7f0000000280)='/dev/usbmon#\x00', 0x0, 0x0) r2 = accept$alg(r0, 0x0, 0x0) poll(&(0x7f0000000100)=[{r1, 0x402}], 0x1, 0xb6b) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000)={r1, r1, 0x0, 0x3}, 0x10) write(r2, &(0x7f0000000040)="cdb97690000000000000000000000000000000000000", 0x16) 13:46:37 executing program 0: capset(&(0x7f0000f0fffa)={0x19980330}, &(0x7f00008e7000)) r0 = socket(0x10, 0x3, 0x0) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r0, 0x111, 0x5, 0x9, 0x4) ioctl$sock_ifreq(r0, 0x2000000089f1, &(0x7f0000000080)={'sit0\x00\x00\x00\x00\x008\n\x00', @ifru_data=&(0x7f0000000180)="adf985b8d39b968aa06e6dd52a129c452bddaf7c073a95c48fa9ec914bfd6758"}) 13:46:37 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x5, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:37 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) close(r0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000280)='/dev/full\x00', 0x0, 0x0) io_setup(0x3ff, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x345}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$INOTIFY_IOC_SETNEXTWD(r1, 0x40044900, 0x50) io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000000040)="1000000005000000", 0x8}]) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000140)={0x0, r0}) 13:46:37 executing program 4: r0 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000020}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd}, @typed={0x8, 0x80, @uid=r0}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) [ 321.733229] capability: warning: `syz-executor0' uses 32-bit capabilities (legacy support in use) 13:46:37 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x800000000000004) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64031, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ID(r1, 0x80082403, &(0x7f0000000000)) 13:46:37 executing program 2: openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='fdinfo/3\x00') setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000000), 0x4) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) r1 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000340)="f3d667dd28140eebc3804cf84d6bbb73380bf3c85664af0afea764ed508589448d6c610d597e8bcd1f5c9a1436c314eb1bd5ef5248937dbfb0223bbe9f862dc0bcb69527169e7c8b6a719c308f8f2f567442e83c30c8112ef9b0279f27b58ea68ff9c08792da460f27089b000db9fdf4d6921a72d4f3c01ec47780de49de4013cab41b95745e58cff82ed27586db76a5eaeaf3af7810b769ae5091ffa557f5c34493a1a0bdc568c9a73654d12ab5d573ef6b2e385ede5c6f4b4aa8d1573bb6e0111c578977", 0xc5, 0xfffffffffffffffd) keyctl$read(0xb, r1, &(0x7f0000000240)=""/143, 0x8f) 13:46:37 executing program 1: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f00000001c0)={0x7}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@noextend='noextend'}]}}) write$P9_RREADDIR(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="2a00f307060000290300000000002d77d02cf2483ad200000000000000000000000000000700d52f6669"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RWALK(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="160000006f0100010000000000000000000000000000"], 0x16) write$P9_RSTAT(r1, &(0x7f0000000700)={0x56, 0x7d, 0x1, {0x0, 0x4f, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1, '(', 0x5, 'rfdno', 0x5, 'rfdno', 0x11, 'vboxnet1trustedlo'}}, 0x56) write$P9_RGETATTR(r1, &(0x7f0000000540)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RWRITE(r1, &(0x7f0000000400)={0xb, 0x77, 0x1}, 0xb) write$P9_RGETATTR(r1, &(0x7f0000000800)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RSTATFS(r1, &(0x7f0000000440)={0x43, 0x9, 0x1}, 0x43) write$P9_RGETATTR(r1, &(0x7f00000009c0)={0xa0, 0x19, 0x1, {0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23}}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000008c0)='9p\x00', 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0\x00') 13:46:37 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:37 executing program 0: r0 = socket$inet6(0xa, 0xb, 0x0) accept4(r0, &(0x7f0000000000)=@ax25, &(0x7f0000000080)=0x80, 0x800) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x48, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff0100000000000000000000000000010000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000efffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dbda09b097598159682e2b70bdb694b0000000000018ffc1965bb6dc7d2900c4ff596bc026324de92e0e379c15a1201e003e545ec2a607c086160e3a9776e27dcb7e910fe3076c319f54f8da83b502491b3b6e6504fe9060ccf11bde7120b8392e31e38967039939e62ad099f403d9efcb5efd64c8a2e7edfb5a9e531c0c80a168c70190f8ab8a84de32e7a599fd750ecdb2cacafd2d13f838b505672feae086d79c00b7507edde771ba2462d80fc0aa5cbd37"], 0x90) 13:46:37 executing program 4: r0 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x29, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd}, @typed={0x8, 0x80, @uid=r0}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) 13:46:37 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x408000, 0x0) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000000c0)=0x8001, 0x4) seccomp(0x1, 0x7, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) 13:46:38 executing program 3: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000340)=ANY=[]) fstat(0xffffffffffffffff, &(0x7f0000002b40)) read$FUSE(0xffffffffffffffff, &(0x7f0000001000), 0x1000) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50}, 0x50) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000000)=0x0) fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x2, 0x4, 0x6, 0x1, r1}) getpid() setpgid(0x0, 0x0) 13:46:38 executing program 2: openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='fdinfo/3\x00') setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000000), 0x4) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) r1 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000340)="f3d667dd28140eebc3804cf84d6bbb73380bf3c85664af0afea764ed508589448d6c610d597e8bcd1f5c9a1436c314eb1bd5ef5248937dbfb0223bbe9f862dc0bcb69527169e7c8b6a719c308f8f2f567442e83c30c8112ef9b0279f27b58ea68ff9c08792da460f27089b000db9fdf4d6921a72d4f3c01ec47780de49de4013cab41b95745e58cff82ed27586db76a5eaeaf3af7810b769ae5091ffa557f5c34493a1a0bdc568c9a73654d12ab5d573ef6b2e385ede5c6f4b4aa8d1573bb6e0111c578977", 0xc5, 0xfffffffffffffffd) keyctl$read(0xb, r1, &(0x7f0000000240)=""/143, 0x8f) 13:46:38 executing program 0: r0 = socket$inet6(0xa, 0x1000000000001, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, 0x0}) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000100)=r1) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0xfffffffffffffffd, 0x0, 0x2) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc03300, 0x1, &(0x7f0000000000), 0x1, 0x2000000000002) mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1) r2 = syz_open_dev$binder(&(0x7f0000872936)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000040)='trusted.overlay.origin\x00', &(0x7f0000000080)='y\x00', 0x2, 0x1) 13:46:38 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:38 executing program 4: r0 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x0, 0xa00, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd}, @typed={0x8, 0x80, @uid=r0}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) 13:46:38 executing program 0: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x4000000003, 0x3) syz_mount_image$minix(&(0x7f0000000000)='minix\x00', &(0x7f0000000040)='./file0\x00', 0x9, 0x5, &(0x7f0000000500)=[{&(0x7f0000000200)="5506795616758bc7912fe11106062d7d5a361bc1e30493bf4983faed1b6bd5170ea8c19f41bc43cc98a153ae057f83f239e27429915735ff1bec576a5649282d1b49c5b846ff7a619b25db18553cb353e2e9a426177c9b64b30cbf8df001e1e23f14a8aa83c40c2b64593a5165efa257b846387ab8a150217945266dc006a014c09a024dd4463829346e5b1e74b0a5f9e4d107e9c5562f42573b529e75506b234741807435887b12", 0xa8, 0x81}, {&(0x7f0000000080)="41122033da30fa25897db07724350b59db869aa176f6d9a040397c98b3f2e2892cd4d59ac27450fd43a5041b42c77fd54cc9eee5bb1ee943842424b24d5d069afedb1a166005ac1ea209cdc3c9a5ab5985db3a04fb377723d1edc3d493eac4d155ca78af8136b2f9de180f1f3ea3431f7a551b0038625666", 0x78, 0x3ff}, {&(0x7f0000000300)="268c1ed3cb26e8d30fb9b20410e3be2afd539ab2106e2d4dd0e0d159e36214851a5ead4ad96a2cf9223fe0f824a04e3d88f74224fd3ccc7a0d50859c8c65c172fb4e44813a1bf91624054f93029b906d4ca0aaa282d6f81646ddbd3ee487867abf6525e306e385f1a5db31b5271243abb6f86df4240618d9233c764b2ab92ab37320c92d63fec7ad4fa6284b3efeee534ac3b78d5b8a6254b5ee6e2db8e65ce40f69544a256d0e8b5a55268f75f2546da16d16b2e1ed848aa257eeaec1b10b6b33cbd33f7e725e5675764a1d3db1a8baafa75ec34d772e3218a790576e3566c762fdae0512f55c31dfe1c520d8ae8514", 0xf0}, {&(0x7f0000000400)="e64d28588c57bf9f4dc871ebd520df05d20ec9a0701f94f4dcb76aa5fa28fffc6c97243dde448558f7b4151b16bde39a5ac6aded190138688ddb30d439116a990e0b29460e757ed769ff6cfcd5e447c0c76728bb5bb39b0e83113d0a874dd2bc4cc42a84d3853b7d0596ddf7dfa29e", 0x6f, 0x9}, {&(0x7f0000000480)="ffd14b3306659f45a1086109fb18e4080afce8d2ce750959d812d866143e582e69cdd35ef7e5d659c75802feb595caa3f74526cd026407aed4cf89c175f40e4279815f31e3b08d7359db69a9cf05cb885ac45c5666c445f43829d72818a759d108f38ce069534e5128782db0", 0x6c, 0x7}], 0x32, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000140)={0x5, 0x4, 0x0, 0xf3d, 0x8}) syz_emit_ethernet(0xf6, &(0x7f0000000580)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [{[{0x9100, 0xff, 0x3, 0x4}], {0x8100, 0xe4e, 0x4, 0x1}}], {@mpls_mc={0x8848, {[{0x9, 0x20, 0x9f, 0x100000000}, {0x100000001, 0x6, 0x7fffffff, 0x8}, {0x5, 0x4bd, 0x9, 0x9}, {0x4, 0x10000, 0x1f81, 0x7f}], @generic="eb932f51f50a488085ebaae0503e0a729b2ba0eaf33c84564785df14f3724626521f28ecb0cabeefdbc922a27820f152de7c074e489766336491c677a5e6dea6ea16677fb3d996c9f441c556c7b670f84a8145da842cdecc067a54c45be94b0d114c139f64d113fcbc66aca996b64c19d5c7d3d88a456c1f093d7e9270dd1920c7b79951be84acc0ac1f56b64d9912ed3e90ebd4070aab58ce7cc701900f090508196cd9172dd116983e330eedac7c1dbad9a141de53ae2073427755911822d57abaaccab15c17f0656c31e0be2249ea"}}}}, 0x0) getsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f00000002c0)=ANY=[@ANYPTR=&(0x7f0000000280)=ANY=[]], &(0x7f0000000100)=0x1) ioctl$FS_IOC_GETFSLABEL(r0, 0x800452d2, &(0x7f0000000680)) 13:46:38 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:38 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xa800220}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x94, r1, 0x8, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xbe28}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9c2}, @IPVS_CMD_ATTR_DEST={0x38, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x400}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x9}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}]}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3f}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x22, 0x21}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x44014}, 0x4000) sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x34003}, 0xc, &(0x7f0000000100)={&(0x7f0000001e00)={0x1c, 0x28, 0x829, 0x0, 0x0, {0xf}, [@typed={0x8, 0x7, @pid}]}, 0x1c}}, 0x0) 13:46:38 executing program 4: r0 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x0, 0x0, 0x70bd27, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd}, @typed={0x8, 0x80, @uid=r0}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) 13:46:38 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r0, 0x80045301, &(0x7f0000000040)) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=0x0, &(0x7f00000000c0)=0x4) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000100)={r1, 0x3f}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000180)={r1}, &(0x7f00000001c0)=0x8) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, 0x0, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x8, 0xa00) bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) r3 = getpid() r4 = syz_open_procfs(r3, &(0x7f0000000280)='sched\x00') ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f00000002c0)={r0}) r6 = semget(0x1, 0x4, 0x411) semctl$GETNCNT(r6, 0x3, 0xe, &(0x7f0000000300)=""/233) sync_file_range(r0, 0x70, 0xfffffffffffffe01, 0x2) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000400)={0x0, @speck128, 0x0, "36c5a279a7865c3e"}) write$UHID_GET_REPORT_REPLY(r0, &(0x7f0000000440)={0xa, 0x3, 0x7, 0xffffffffffffffff}, 0xa) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000480)=[@in6={0xa, 0x4e22, 0x5, @local, 0x2}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xd}}], 0x2c) setsockopt$sock_int(r5, 0x1, 0x22, &(0x7f00000004c0)=0x401, 0x4) setsockopt$inet_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000500)='tls\x00', 0x4) connect$inet(r0, &(0x7f0000000540)={0x2, 0x4e22}, 0x10) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000580)={r1, 0x100000000}, &(0x7f00000005c0)=0x8) sched_getattr(r3, &(0x7f0000000600), 0x30, 0x0) waitid(0x3, r3, 0x0, 0x40000009, &(0x7f0000000640)) setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000740)={'filter\x00', 0x7, 0x4, 0x458, 0x118, 0x0, 0x258, 0x370, 0x370, 0x370, 0x4, &(0x7f0000000700), {[{{@arp={@broadcast, @loopback, 0xff, 0xffffffff, @empty, {[0x0, 0xf37185ffbbd16892, 0xff, 0xff, 0xff, 0xff]}, @mac, {[0x0, 0xff, 0x0, 0xff, 0x0, 0xff]}, 0x0, 0xd74, 0xc00, 0x5, 0x7fff, 0x6, 'bond0\x00', 'vlan0\x00', {0xff}, {}, 0x0, 0x202}, 0xf0, 0x118}, @unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={[], 0x1d}, @empty, @remote, @rand_addr=0xa376, 0x1, 0xffffffff}}}, {{@uncond, 0xf0, 0x118}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x4a8) clock_gettime(0x0, &(0x7f0000000c00)={0x0, 0x0}) timerfd_settime(r0, 0x1, &(0x7f0000000c40)={{r7, r8+30000000}, {0x77359400}}, &(0x7f0000000c80)) getsockopt$IPT_SO_GET_REVISION_MATCH(r5, 0x0, 0x42, &(0x7f0000000cc0)={'IDLETIMER\x00'}, &(0x7f0000000d00)=0x1e) syz_mount_image$jfs(&(0x7f0000000d40)='jfs\x00', &(0x7f0000000d80)='./file0\x00', 0x6, 0x4, &(0x7f0000000f80)=[{&(0x7f0000000dc0), 0x0, 0x6}, {&(0x7f0000000e00)="7443289fdb5fadbf6e3d22f913a4ff9bf8e137da55a0a2c65370d714f51ac8cec5f2", 0x22, 0x2}, {&(0x7f0000000e40)="20e69ca61fe3ffc7ae4494d3ee999db1cba62d4e1abb08b2a06d00415ede19b5102bd7152d1392edf98270545a104433d3b7f336f078d2df41c9281f27b60c8ae2a22fba4c737f3a85e8d129cc73ea1e3d7bb488e61ada08a90f09f96af4af4b39c17f3086e2fc6f5e35a36eb6cd6ebf101ac523041deafef0ea00a92e7cfe9a12879c4debfd5095a60453413650edf1fd4ff30ca72a587bd4365e6167ad3c011ad22f9890430343dacac814dd698353", 0xb0, 0x101}, {&(0x7f0000000f00)="ac4b672d94fee5f331b3861da4535eb9035937c55cdb470a971dd351327a6f4b105057612dbb288fcd4c7d56008e6ff53a7168ad45c1aa3dc6286606fa9e6cb3b282da0929e80eeaacee364723fef56038bf1c74847622c824be97409988199bcf1da70d4d2acab0924c45be4ee1c55a381ca09fb09d21", 0x77, 0x9}], 0x1, &(0x7f0000001000)={[{@integrity='integrity'}, {@resize_size={'resize', 0x3d, 0x338e6153}}, {@discard_size={'discard', 0x3d, 0x1}}, {@resize_size={'resize', 0x3d, 0x6}}, {@errors_remount='errors=remount-ro'}], [{@appraise_type='appraise_type=imasig'}]}) rt_tgsigqueueinfo(r3, r3, 0x33, &(0x7f00000010c0)={0x17, 0x0, 0x10000000000, 0x3}) fcntl$setown(r2, 0x8, r3) 13:46:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x200031, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000001100)) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000000)=0x143f, 0x4) [ 322.854929] netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'. [ 322.929148] JFS: discard option not supported on device [ 322.941481] jfs: Unrecognized mount option "appraise_type=imasig" or missing value [ 323.419487] kauditd_printk_skb: 6444 callbacks suppressed [ 323.419516] audit: type=1326 audit(1538315199.067:6582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10411 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 323.446608] audit: type=1326 audit(1538315199.077:6583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10411 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 323.468011] audit: type=1326 audit(1538315199.077:6584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10411 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 323.491670] audit: type=1326 audit(1538315199.077:6585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10411 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 323.513156] audit: type=1326 audit(1538315199.077:6586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10411 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 323.534581] audit: type=1326 audit(1538315199.077:6587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10411 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 323.556027] audit: type=1326 audit(1538315199.077:6588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10411 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 323.577432] audit: type=1326 audit(1538315199.077:6589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10411 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 323.598893] audit: type=1326 audit(1538315199.077:6590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10411 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 323.620322] audit: type=1326 audit(1538315199.077:6591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10411 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 13:46:40 executing program 2: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x1) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1}) ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000180)={'veth1_to_bridge\x00', {0x2, 0x4e21, @local}}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x280, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x7, 0x12, &(0x7f0000000080)=@raw=[@ldst={0x3, 0x2, 0x1, 0xa, 0xc, 0x3d, 0xfffffffffffffff5}, @map={0x18, 0xf, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x48}, @jmp={0x5, 0x7f, 0xb, 0x5, 0x7, 0xfffffffffffffff6, 0xfffffffffffffffd}, @call={0x85, 0x0, 0x0, 0x52}, @call={0x85, 0x0, 0x0, 0x4c}, @jmp={0x5, 0x80000001, 0x9, 0xa, 0xa, 0xfffffffffffffffc, 0x4}, @ldst={0x3, 0x3, 0x3, 0xf, 0xf, 0xffffffffffffffff, 0xffffffffffffffff}, @map={0x18, 0x0, 0x1, 0x0, r1}], &(0x7f0000000140)='GPL\x00', 0x1, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x1000000000000}, 0x1f8) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000200)={0x9, 0x6, 0x200, 0xb, 0x1}) 13:46:40 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:40 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r0, &(0x7f0000000080)="1b", 0x1, 0x0, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @remote, 0x9}, 0x1c) pread64(r0, &(0x7f0000000180)=""/4096, 0xfffffffffffffe2c, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x8000000039, &(0x7f00000000c0)="d1020400005800200007000613f32e1c00ce5fe1b471985e", 0x18) listen(r0, 0x5) accept(r0, &(0x7f0000000000)=@can, &(0x7f0000000100)=0x80) 13:46:40 executing program 4: r0 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x0, 0x0, 0x0, 0x25dfdbfe, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd}, @typed={0x8, 0x80, @uid=r0}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) 13:46:40 executing program 3: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pread64(r0, &(0x7f0000002300)=""/39, 0x3, 0x0) r1 = socket$inet(0x2, 0xf, 0x7) setsockopt(r1, 0x5, 0x8, &(0x7f0000000100)="e410444c92ec93c17f56b6113fb4fe10119df847115331ac37c8e699dc5ce79b8abafe85af5fc7068b3d1e126a045e553420d71fc882d9796c2e3a6c4958acc473a74a28566829e9", 0x48) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="b100485caa2a", @remote, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @broadcast}, @igmp={0x11, 0xe0, 0x0, @multicast1}}}}}, &(0x7f00003b5000)) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhci\x00', 0x101001, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000200)={0x0, 0x0, 0x2080, {0x2, 0x1, 0x3}, [], "7f5c0e16df782dfba96ba09d10ff13933592de8e0d0e1b336fcc1a8af131f092178fc0db4372704551e05e699808aea7ab260abf290cf56123a63f15f152bb6016b86745b9cba3cc869715aec32ce0ab06ef9845a1717de2eebbe32633a9acbc9a9d080864a4d378da2b7de40ccc35044190e1c5aa7701eb54ab7db025477bc8151ef7d85f2f7162f8c3b99b75c19836c353807fc2079f5ed4e59da387c7a95a6e09b4be281774b9ea93c771f74d626eda50443e9a3dd4cc43a73206603ce179a53abb4e9aadb9f2cbb1411af20bfdddeedbe2a1410d865c6c533729fded8212dfd4a645457a7132277ffcf6951a4b01089deb9dc9ed33f09fd46de5d5b8342c0ff6e87692cd5cd2afa38e94cef1a88120ba29c8c7c5a2079b47bc7cbfa011c41e05f04920f964e5c478ae743516e84e51022093527c9236257bcdd80c49402f2b7631685a92ee8186dcad240db48bc8c65fbaa9673126b891ab1f1e886c0d098820e719d6cf88cd51ae8e8f9f7f932e69151265e0173e060070cce4eb7ec78f4fb475eb374c545b0a0241c1a94e626ea6f9a0214cf4d3710f185615f6517c24be42f1d9de98d3c0814a0d4f54f6ced156a334527bc5f3c4c185036b4e60cf8a22e09994a456376e960ba4027612d7818dd0bffd909a548f167102766bdd685a97283d5853f9e6e86999a33c91991eba3eae90c4199bf77e55a07f5f1498ea10191a1f84f858a7bae7d84b7c9c85c07fc988331fc868b86bfba997dd76b330183ef19dfbd17d6158d519742fbf565cddb925a18f1d4c4d789c2bf999b11c2b99a85a40f8bb7ea116ab6a7d86bad5865590de29f290344746c27b644f4aeca50b25d4759a21942dcf243149301d9b00429c66aef428f202f79a6b397fc08f11abbe29f156d7515d8fe75fd964ed9a2573b65a739ff72cae77024917331364af79260d3e59edf0c1590824c61941d7fd82145688924a5b7bc27c657041f801b2686f5eac98f64f3dcdef3e6910388464111b03a5440ba5428c1a14bbca4af1daeda084a91e2c01fc4c52d00c773803142bae18a70060f258bacd073d2a043af48cc3f36db9dc8e55e2121c1177ac7706c5605e58bac2cd24ea611adfacb97dff65b984d6cdcc825b841d3dc38ae973911ff32193df0958d9ceab0c42721d42693bb2606ae7098f7f75f899218eb4fc1e333694f70ae6ef6e40ea1850533fef01964b7955bbc0ec07f7ea51103241f36dc6c54e9d3d5fc49cc817e1ad08d02f601f488cb0cfee8cd7c67049e06e95a9dd63addfbc43d26987820ab437e6ae2eca50e9e7c2cd31e6ad3453b06e25e79f2d75d8e1b6a68b13a8520528434f854ee185a3fb705f62d229cc710af40fc08c301b7e82c48cb035553e3dbc23558e0013b4c590efdc905f014c8f5cd56519ac6080e740a6f51300730c65a9e503c9b428d26e9ff1859833b3d904db569120d20c4b30f745e97fcf531667158860d77c0128a5faf2fd11fa3bbbf5061c55be91ff8c3678816668211271f61fb32f6851cd2947307ae6d9ef4043684f49d30c3bfca7ea43248482000ed41578f836269f0d374d5619f0638da956193695ecd9ff6ecb1e7e981e24785703a0822e86e6710bacb8634a6ebbc11c71e18c106d5e2d0d1a44e91bce1b3c0574f169e3918ac14286bdeed878c1738033ed883bf2bb34835a2f13d95302792c70b0b800b9118dab534a4e7bd83bb8e2cd844f5861eb86917dec52f0985165cac438aa8ab59fd237ee456fd89bde0ec43c9d172110f0b473c90e392fe6083ed60496a68fe9cac825878e269993e5d55a7b312cc227dac7373c29f6323ce113f62f3e741c4e92d33b7caadc903c38bc9d4354d126c1e43c8d1c2c4a3efea3538655cfb1d16647997f9f11df97ae68646e64410297eb337c7c7c41ee31dad831a90e4aa5794d0e00c7bf9b57fc0013d7e220f127efa5ad2c646e95a611dbbd88770b70f9e24e69d8652750f54c64a180fd7540640c17f97891fecd4b4353c7948fc87e23ff2dafc869bf7aaed1255d9ab1fe0e12f7978ea8f4791bb5f9be6730b46b4b3ddb7ae1bdcbcfd384cf993f097117c1c0eb41ac7e5371a2e78bdb9cd780faae315729904ba5d9099d21de25292b3b0d18181f5e7c35e5ce02b2ab056691cff1d5fdcf3fba045db0d00661cdb6732ab404cc7789f73efe6945cc25a78e2760a4747b4876bb4dda379955940f0ae0673a3384dddbc2efb9fe6e6941718efbdb007827b5c1f7f053ad1b26ce5da5a015b1a516eb13a81a66dfb8d5abafdb70d30d270660a05b4feb1b3374ca0e8b0aaee9a0369a201b4cf8b7e0417cd066ee4a357987c721ae55096888a423d5f9436d128d4fa1e068659ca0d15bb486b3f1f394f3937569c7a1d82f47311c4307d8f817c8f70b68ac6f53029e3353256c6ec77707491d369ce042d034a55c4c1186cea1e129b47a4f88e94e6ba2f412970d1199ef46d2b3b82a0cd5ec56479db9496286bf9fb6569d65e9c3256c3c1a2b9d1da4f1aaa3e0a103f2d4a67b741e85997e572dc7b804c21534718a2309dbf92623e2b4bddd04344a894ce41e07dd895cabaffcd667ce0738392d2831a7f9dacf1811c4e823af13b13429d60a474f36cb98f22188176935c1fe8cdd022f0d34a936bc418ee0b43930a98c794cba800a57a200d04ee028d79878e14d7055de04bb492305efc96d5c97f6d4481c79396da9431b5c3a6b03afca8153a78648775c4f121ee4f4973a5f07777b3880c419f41833f62bdfc6f2e643e3c660220a4dec15229d9115060c306c0aabff9f462b088c5fee66acf64a9b0a76e9e21063e4c31df7c78430938de077d8de9ad04474100d4d76a6073f4a44b6f757183f1edb2d81c78685ec4e7ec05de097944bc9d6cc29ac309c88384cd51b1ea7ce65e3a4d3f1e5bc33a8a975cf92e9b8402463124c10e7e3cdf66a5b58a5ec71d8c0badf5e840add072567b274e142d74e0657d02515dc302ae446a0e5f88037dc810faee005bc6ef0f1c7d26e9372cf933ecfe6805f5d3b88b818d8f23799ee599ef349a86afb167c19c59b75b2cf1237e28060be6bf57ca7e3cb8c5c1696643e898e073448a9bb4211fc63f303779d7a75e4ee177201b734cf073f54c6e72f51e3309f8ac8255bfc8c7f2241d15f173b2b3096589bfec3d42b3621582923ebed7b6fac1a52c2d9752dcea49fa472fe8e05e65c28303084162510fcf37c17aa3a4f56f76603a1410a1b7107eb1de63f89348225b325998f7d9155faee135f7fcbe870364593a0b379babfd42c18eb534d2ab1f42ba192c6e6e822f8feb9e0555b3437fb205eaad729a0aa2286647bd9c81f5d7428c00bc97cbd7c05185da468438a21826e42b9cedacdc5e8a4d7cd27b250a095475f5de935a8f68ae8a204fdf39c1ac90ca34112f966bc4c237c847e0c617c7da55419f7ede3e8ccd4afdff744dfdc5a2fd67db964cb92de3e913f6d6e86d8c4d3cd3bcb445a7a3125f28f54a0aa8319974e2f424615834070fd53607b0b643af62cc8f6aadcb457babab3ad8791093551a1be04b39e9992b94ffd6b0866b4dd565d6e1e14e1317e6f21f81985d67d42ab3a4e1578ae6070036af84f2bfe684b0f9afacd20d00d574acfe4476293826f3bd6c22aa5849e8666f9bf5e1e111479c2a482075f6f045adfa201ce63b00f7512226917f67975036fd6977b259fa947086dd450df69eaeed97ebb9319e6fb8af5f04690b6cb3c3c62f9f539b30d61edab1a73565713199a03c37f9b8c96f574862d1b9191de1ec61dd15a442156af66daf3870f0863c114f210ed5d3ec740db01af31211d54965cad16862efe9bb0016f0c07a79eab6c77d7bec91bee7e34b8c98f3b2bbd0c2de8c497c1239370900478f589b8fa5eee767809ecacff6e540ca5f143450f6f78290a8acceb8f07f1c7a1471d66e77e2af5a94fb33cf5966ee9250018b03010442581e7be738f6ac494b5acf283e47fedb536eb9949335b9ef21435f5f659a0f34f28aae61f729229da0b3a9a9756dca5f6af8ae5acda8ebd2ecb847ef7352e14a3ff52a190d3490d38a543a6803d0775687f8781d2ca7c970f4aaaafdf6b5070d50cbfbd44c89c0cafb08e80c4220cc62b50c178c0222443a6814cceec1016e846b2ee16cdc63e8b201619f40179b4d71c7ffd27b6795852cfc484cbb1afb28648786deab67c9c3b689c0c79aedf9a59afb9527ec9b91f1d1e4429dae2756393104fa4e67c6c8f137c17277971d4b396158ac994b4bfad399da8ba07831eb7ab12f2fc88f90d7cebf961bfe93028f73c4cd9ea8211ca6c62219e1e0182327a5c6987e8bc22c2cd5a41b660cb5d0bab426917113b5f1d13835ce3e5ef389968c05db3894c15559896941fdc2b9fd30ef7ad09db576db07bc87b7bca3e4d35ef6f5f45adf6ed138f6b148b3aa392d867ac83c4f76c2767518cb972f4581f2e9d7779d378d7acd133c8a6a94577d0af79a7bba4f0071fd84a0c478572b82648c0922d25102097d1369d054b03542d5c1571c7e9b4bc7a7ed6b39d427f30eb7befb747f317794d5622a05b3d99d4aa1a99a15fc63401039c78263159e29d307a1bd7bca8af8c32d61a0dc939b78031f58ffd96d3cf40731261039aa933b80b50f27ab3e7e50db60b6f1413902fc910e6e0cb9e22e059c6c04e57eda992e00685bf53e9635f1880ac7a6dd22da5c69f2e9ef234285004aba1f78624d1f28b896938930601d934cfcfae17fc516d9de99787df39679f354b83a9a53b8662223b0f4c380237d6c6e775a24369c2993026cc60e418aff9e9eb8482789114a4ebd3a21d8c2d6a836afb912be6426565783d9f1c52ae646cc10b086f26dcdb9f3bd170a3c8d0658b0f79b2012417811f0a0e02eeb742b70abdfb258f65698ac9fb895c70b871198a4590c48b0e59e1e9ff6df2f15737ce75e944caed32eb05ec7840fb8b6fad1f8479c99fa827d6bfd9a7bf3c4047277e206fae561ac18e1607a49048ded6b085ea9d06b19d811ab39e3531bf270ff9b10e9c870f5e3ed9975ce079c26c28440c0c96d663fcb7f3f92241bfa1df6e0d3ce228d1a0ca99b2fc08883c02c1af42d80ecc703bb5739e4b4b635f3d004d1ecf958df47d094bbfb659f0bca0429ad135ef9843c76fa306fb6f934a324b9811ecb9e79153d8c3e188c31c63a129c96c006b1cacb9dfc42ef1e002f67ee487a43fa6e2880f1588c927549e12a55f7a0637b08216a39f0445b9073e0fe06850d2abbdf9c0f57a7ca0e1c06d3ffe714dfdf0adf7d18a91a4f1a32d5cd4f008f47d6885b1ace15144814e39092e0b6a6a2bafa622bb789293dc307dbc28b9a247149d26a45113abefad4978ffef80cf6d6c389fb741e4f31f0c926a3501a5baa5bf6541641bdc653bc499e489b020776f03102a5bf2aaafb97b726c07fb1364ccef780d10334e892d10d69653bbdb789b16bcc814ffecad93d26a7c3a7ecb005882121881ded23f4f1dd20356b352b7b33504dd4b9963911ddcef8069d79d6ce1bcb28fb659921f5c4c99db7618098634fc70043a940bc1aaf1874f634a01935df2bc0517bda33f0396217d696b2e12eb887d7376b2362611da37c53e359a8598e1a56dfc05c049db8aa8db424d5b186a87a972a56f6239e43e3a12e7399fe389fcf7da997c540322b8958e01fef17d355e01d38143d7c893aae6c777a84a5d18cf9871b12b2b9e6e6f7b6c4e2dcb8272ac9fada0565338c371cd538701de37112476f69addd1495daad68df391715e2bbf4aaad2", "bf1cae99517ba178af3d79fa6f25dfdc9abf68ebac02868311ec73f2d7afdb7660ede97d568ffb22a01a372c766a19ad3caada0e0c835ca2b1dd6caf1f337c545903bb073516db62b06543a0655af7a26bb538cffa2c44c5b1edc9496619554912556fda9b17f8779471de99d6da5ea474a6f9108b650cb0d635008976537217de4fe184dda76b7c31bb1d0b68f3bb82e6c8332782df783457ced13eb0c4756350d6fa3b267498f42956419103f947251a6d0256758863694f8a681386525b19311399988580e378217504e45b91586091bbff84d91d08c46350801a8855ca2fe42876b97b2e961c551e6a986d96d1cfd8a4323a9385732c3502d26ec7256e753a00d83261e49a65dc9445fc56b47aec6c0e56b7c75de60ca35ee49bb6e7b873b8ca3c251466a4cd97af131743ea5bcb23aa65e86dd65e688ed8b9ef6d5b5e39bace14100fb23d0261171fd1cbfb98b719f2e744b8558d4a65c1909f930f09b01edd213fca0d9010b52afbda7cb4a38359e9ecc2957790938e5039f399c288f277de23338e57666433e84e82684892c235b0533738305e1fb1359969a4cb85d85ed5499dff1f4c59f1095e879742e3d1b0e9b271542ffbcdf09a5b7b250fbaf216a2bc65a1771cc05c0b9080d12a925eaf53910303b392cf009fe87a9692b7693ac8813eba74a2a1a609bd7d20489fa5ba8d03b807d64701a4fe910f08cfcfb60e12b619743368fd292cdc6cea1c28902dd08fd9315261d0c4de67c73f2e7c0d9752d5cd6011baffdc3bd095c6e18526e233368b53e0e8177a375db46e96231e3df0feecea4b0d708d05cf54cc3ea5bbe3905b08a2811169c1acc2f2fa72e658d4c88c39c059ce3d88debcffc472eca47086c9cd415190a2fd281cd28a582a047042664252919930adc57cb05eb270c49c52ed2fb7eaf91742a0976db5e49debc5f0b7884e14920f85f5d6fec39c6df08d97a543c943e5fd47bb52c4a1ed8cf62720c44e884ca78f3fcf34315583b42f9910b248cbad28f2f65d9506d3434270ae91d76faa6e30c48a1eaa516e52149e326ef0031d33a8f97078486e4195acef7bb5c8292da0ca7158e58f95094ff5ea2311692ca1d89db788923f63be45355aa4c768145a14cb8245c8c2c358988f0ec996d7afea68d61e4f5d5558eb90116a4f59edb2bae9fc3e36e5d0ca4a3f66fbc36f2b91725d784372607396793bb4e0bcbbc3bced3ce7edfd07a818a7745f52662a805396a766729c6c7a72e77ce6a46facacdd34e61e2851103f60bce5244eaed52bd418b1fa280967b5ea0cbcec2a92b162fde2f4ed5b2f617163694e9cb6dead356fdedb5ff8d11594690ecd4d8bceafd76f5059549a274295cf784470e5df13e35ac518e036e079c2cdf4dd762c0dbc44409f32125bda45dffd4f6605772001c9109f098ee2fa23874f1cf42b73747b0bef226a8d9a02ce00dfb125665cd82e261d59296ebb0bb360b5a4c3410c8ddf770aa3bd98f9c31812108d50a4e5ad36ca6cc8ede3cc212d4359561002c9d74bd591238c0a7d280cda76a08a36ccf75311f58802eba03dc7f4d89a1af6750e7a88a0c5db5aa16f4fcd5eb3a1cbe2b14c95f40f4e0cabcc65cee8472382f6a53cf7e06551a643ae6c0240536da3c8d8a538ffbe1dfe9860aec4aef7e004613fadc2151f2621882dd8bb8129b278d0bbeeba057ef35eaf07f1546bd550a6707f6ae7f6c9ac18e7d78d1559dcfa72bd12987d19c0e1fc51c243141f27a349e128465635eb5e498efc5d2a218065a2137efaecfb2b994a54fb72b295e1ed52cb68d8891724321813d7d0224beb8ae5b90a19bed4330767d4555592a1cd3d1b8e7d9d7caf6a01b8ad8b40e5b63959f3db1c3f2743b8cbb08e56581fe654d0c1527685a574dbf9b16eeacc7fb2ab6bae3438c84ef3c4cc857af5707a1b0b4c7ab281c07d3f9653734385cc5cfd288f05198677a62a786292e233afb28ba4e8fb70a91a61ef09dad151748e282680d7324b8d7cebe2493c70f5a004c4edd165d7f322c658f3e9ba5b347e31790fed5edbc8d16a3e3572986994e9a16f34bddd93358c7eaaa74266e15bb6af0afbe035a30c9affbe7e9d301fb55451fffcd6c29fe16abf76b1ffdf0a4e6102a4d1054cf2f7b6531a6fe6e68752f5b14736dd6d8f34c5e1f8ceef18f479b66dd51ce37da430789e4767f3832aea286c3a30193816b468e1890f2e87a18e17ea250be63e22fba260f741c84a3898264d0dda94af8500976080c775ca278bd335556f4c5a47e2543f95447d69dbab92711b9ba7d6de22af43b7715d51668848f5502b4072a953e0a8ddd668040f7ff7e68201c16a9c92f9fe824ae8115b56fb46bf40dc49cda9a673862adceca6f37fb8e87f3682a00a96620e0f6f53b998017a7a65780731cf4633bbe0f5d45b98fb72091329e4d3ea425a0b0310cd39d9e3b60022d689bf45822172baf64e11adc18497511f622b494892df23cf4373cd21569153697a8b7787a2be34cefe786afd26b09bb109ad31a579683a96086eb52ab13371e9563d4b237fe677c24ec7fc6a0ad8ab6d89ee239b609411140c6b01773ec6162a8bf5294ce5fa49f12ad964d22b0a4caf2f1f4b41f896e3a011d934f5506e8e3f36c303fb835bac61bf1f22fd86cb375c9e25b0badd56b976967cb37cb4bd07268c8fe93c6e18eb79c426bbdeda961d685c0026f05d5848d821b19abfdc9dbb5bb445b8d121413a16989fb1af1b2c14109e9c442e4ce862238e5b90bffe6a93eae4b6d9d2e555d3dcf5cdae087c9585b2f2b9b38fc37351346818e065587032a32efd5a61e9848366a3b06d889641a40bd1f9695fe4117c94c7a0853ceaaa182951adb8c534752960403913d1e64463b8416dad3edf95a8ef2932f69b76359ef98dd27f9ce3afdbd2009d575799e5f04f7d8cc9c9cd2728dda3a97eab7406b9e0109689225ade324134c1bf52773b9cd9ca6c60e8c397fa29fb783a6677fd0f98a127d69e5b677dc92764cfe53d874cfbcf6b88e5f3514bc45539d68fd3a3aeb500cf9e4e0245493da180a520b6e5d6403d41f8cbc57d47721b533da603e67d5b8b57a287e79e209210b9d8e7cdb7316be0b5dc1952e9b7043d2373e7058a786e5880f083c39066cbff39ed02db9a116ac907661c8a57b324427d16a459a8d6f75b45995b6d9adb5643e70fc7e75a329c3fc0f758e3336d94c1f9acb348d61eeed97ba0dce60eee683bba203d2469e19aca5b441bd444e47d19d83b8d4b4bbd6aea10b3e1fac08a7c4ac22e69a58a5e82cd7714d9a7e7bfa90bd9810d57bcbb790ec20feb3c881d77ee516b0243c6251b0c59df1b027eae75b501e216e4caa4166441f402a7f865f8a16576601712ae1946d2cc500796fe8538dc8f8018af71a3381a8e08cc6a14998c51a3e1687e1038a3246afee3135a55a8a2f8e4e6cc106136668edec60f6e724b7f2669b15095ac7bd6999b1eca3e326c45af29565bf6682ee4b15f74fe4a76245f21fab23ce71694083aceda7d07fc48b2b5a2bfe3c19efab243d43575d0774bfe5cf13b761132f88235f6b3b572fc08dda7ec64a3b5e7e1f89218991e49063473a9c7df5ce6bc8a1da9ecc449317cc4cc7a1fa8b853c650a32e2a71a720d94bc8e1b723d0fdaf239da076544bf4f3942b2787dad72e8d8027d9fd5e2b4d62597861174ffcc78d737822f3fcb81de418748d55ad5bef76c8c41f14912bdeeeafc8d2c85a4783e6841280d3984fe78f2b9801ec95b50c3bebc56fb0ffe368fe228f33286609feee3002e35c2ff547b8430afd18e7215f20cf2c46c5dc15558e1668f56f1f82a6dace964e5175c13869eb86e69d66c0e937d35175f5029b9466963b2aedb0a357c5d4b6c9a4b1c0c3a0b0faeff49d61f1e8e532573d1324bba97deed36c889623fedff37e08527ce8ebcb88a560d7b8d29c8a9b0a1d95d44883b6e0c574a3960e959dbe11e5015022862aa85bae5257cb3e3d7aa16c7d2a1431b5b2cf55b9ba221ccdb7bfb88124cc6357616c3a60fac859f5bdf80d1130a137daa4f20fe10d746d4d777fbd31cbc00f5c052ba9ed6eeaa10813540801ea21589f38b2b2be8ef6b9d20de0f35875a8f7c7ea561e1417b26df637f47a9322cc31525901a676f437d9b3009f1697be8c74d7a39d8be522830cb03fed20e44c6c3609ae0d41df0c3c6b7aae4848438a8b0a90f97eda39c4990b1cc298f549dabadacf61e7fdb014da3009a0a17d8b0121cc4325bb439c21478fdf62bf950fc65a50f254db5873ad99950c50313a516e79634b75d2b93898f759646dd14417c0ee346bf1f156b06d644d73233628e8d406b4c866091cd099fe3c7a4e1d86e34bc747e64ba20eea3a6e5f4778497bea85275de36b558f387a581dcf118bf52d519c1762b352a8b1712cc1dc2bb4acc2832caa15829057b297f55566e08f19db7bd2f48305cd0b06d42b75beb20019513366e62519575a6a1254465c0037519b794ef3c0a8a27aef12c7d50a96ae48c68815615c7ae0db7ea581b8008cfdfd41e521e6ec39bbed87adaff685d233e9d9013184ab9703ba9cce83053099c3d97421793ad362c1d921bdaa1e1d9c963145306ae572d14d7db2bc50c6f67950a060f3ff445b774e214c9a107891c3bfee8b577e9d5bef6dc279d3ce69c153150e4fa6fd90cc41e5f23cde73c6efb3be4606502ad9ba518f58179aa4389ee91839c47c3b9deff353babf275fd2f343f3cf46a7ec7841d640406fdc2253929eb55ca0a52ea54cb6d7dd255c7937104d1ade71153d679f07132a60830eb75ce74849800a07e38adaf633eec12d921377c5916afe02fc9ddeb31f62d11368f0601e7d4466641c98f46e10158d2e22fe1cb8b97567dca5552de30274b76cbc9303a4c07968bff0054f89c2e9f213cf2f804a2fc901f57dec18e3a85c724eb80ad9db34d4fa5ad0bd5d49c24992885513118d1b4e1d1840252981d6f0d42aa156111629531162bc3e7378c472ea9604c6958fe85fed67d7e8f9023443d0a7c0b77fe3a43bf78d874c68314ccfb63f4918099b5899dbb18d894a1b1fb6d6ea8f8888a90821c02afa3aa24f3f6cf2caaed84066a33ae5487ec3ab36efdc07b73f35b2d90295a0f7decc1d2eb4ee09722fa3c3d906cb19097a1b1f7010761db5dda5e292329f5f4aa959915ec497c5d082da9310301e87bfcf4994f6c6cdecfda7e031fda9dd3245e84840ed9e59d0315ae139dc09026cc44888ed83a78b6dabfe338911e60a117e3e59a8d59474a17949e747af6643a612d47295a73c59de4879afbf9a25aa9bf67883ba23ea7d87e70d6a0af32d673be080e914b8b3d49ed9e5564b6228959d10d9e9c7a470e8b8a93538045adcb16972bf371f4ff669f3a29791c493d1ce80d45410a3e789e1f3c62c93ea68bca66c7c391f5023cd1b52bc6fe3dbe3107a121584f04b233ddc60f4072c1eb9ee398ca59ccb882001fcbdb8c02728e0c7973929a4f512cd838aec7f4802f5a16459133e52cd39e0a888bd723382b9d129adc8aad5bb0011acefe9e3a59164289882c93904fae8e9765e3bfd6f6bf3cdd4ac5925aec29c4fb6ee2cbff1ebd3014350c9ab87bf89815c7b7c24c3f996957cae311110ff60caa90405a5bb4b4e6883fc48791e466dd235188358d63030912f714b899caf69c895fd86705cf075510524ac98945637d986bb90f0d76d89883794cc5878745825cd4103c0d8020f04d88f71436506ccca182854743d39dcc4d445715a770fc1e138e97cc3d218dbf3"}) 13:46:40 executing program 0: r0 = socket$kcm(0x29, 0x81000000009, 0x0) sendmmsg(r0, &(0x7f000000ab00)=[{{&(0x7f0000000080)=@in={0x2, 0x0, @broadcast}, 0x10, &(0x7f000000a280), 0x0, &(0x7f0000000040)}}, {{&(0x7f0000000080)=@can, 0x10, &(0x7f000000a5c0), 0x0, &(0x7f000000a600)}}], 0x2, 0x0) 13:46:40 executing program 2: add_key(&(0x7f0000000140)='asymmetric\x00', &(0x7f0000000180), &(0x7f00000001c0), 0xfffff, 0xfffffffffffffffc) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$KVM_GET_CPUID2(r0, 0xc008ae91, &(0x7f0000000080)=ANY=[@ANYBLOB="0300caa600000000000000000000000000000000000086f4834e7e4377cf0f6500000000000000000000000000f0000000000000000000000000000000000000000001000080000040000000000000000000000000"]) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000040)={0x100, 0x3c}) 13:46:40 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x0, 0x80300) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000280)={"b61d3bbe52d75028290785806c026a89b9b1f382d910b3a4aa7b7a3be01627489bc78960dc4a8d8006367a195b9537b7da7acbd83e0c7d61ff9ee151c07b4a894822001e51c79ea8d975f519bd4c83773fab6d212d3bc009fdbe498bc54a964bc215400866865357fa8e35ef56474dc150404bf29ed0456914aa67901bf3d7bb3ba29e324fca8bd4a0b1b2bd278ea3a0576d82c8ae7d8e1fa5e723eee2bb10337bbd3c66f17e7948f81d8da2527dde4a2cd834303701ba103fd94a0c993fa9b5aa87cac21aa20bbe3c531f3c9e8669beca073b815e7c537fa9be19d59d746dda736ce163d030baae4f0950b5b23c7075cf9d19230bc6bf00eb1f130720d75a0f79ba1dd1d46a35bb539fc1d8a9393157a475375c53ed18909358365b478f1fbbea0a1ca9f467747ffb219a8c84c16bc5eb0f2799ef3bb223983ae829346b4f97dd22a040076fcd796b6c96b69b772fc9647ccfb451421195eab4dcec01a0ae5cf1eeb88cbf60a9a58a252997574fa4d3fa15bd5730bcb6b3dcbd030a02b62adf0c5f9b866d768f638248db923b0360cb0ebee0377228f71abe62f9c8b381f7d43be979417a721d041799eaddcaf7f92ffc2b207469251cab19ede5712a340c7c809ae5071851eae8307e464c4c9f04a6be73b0131401cbead4c9772e1bff9a75610e5ef0f22ea700bdac176d1d303bc4fc45f1a80cf38dd8cc2040c0fdec25243ab41e2d5b4371e25c4374926e7ef808821f05ff339ceca62ad91e010389279989f4146fe45ed09b80d32bce8176eeb5b00ef3c7cc5594f59d0dc9e48a4744f6d380ffb7dd8a7f662c1487e78c6941dd35a8d17c29d2c6905a770da057b33ee6e7a03a228ba26b3b9d703548ee6b2a680ee570919d73055421056009ad7f97409b83769aa2be3cbde957d65ea0396d045ad838d993ead88f01649a9c0e868ca9ee0fdd32fe11d1d18fb37bb61537f83680a80aa67c3a7b1bc26025b0286042bc453c3487fabc7d173a4edc3cb978f55cbdcc8d84d85dbaff93970e623f235b40485ca6ffdea0d56c9b87879fbcbea0f1e3e3d70d6d804d4de7e09bfa292d63b68139abe327863c86f559c3933ddc3651fd6fe5552e1654b1bca74f0dd11734a38f4de120a13f5a28fa4a16bc886c47f2a1c47572ec37de795a9aa8c943ee5162219171c3f78603e3ffeec37c20fbbd1394eda40b7e9d8a6b863f1ba8bfe778bb98527aa6e65f8d192f1b50b6d9890ae25c1ffc8e0fa432fe93d4cc7cd80d2715722a8e65f811f20176bc92e5cb1845824fc21c65d654e2d5f7d2810bcaefd14b26fb183f48606343fc981b35133d50f125bdc32f7510a7bb866b9f7d57c393ea253834ca0726e00640ebf77cffcd343dd203946443b16f59d43e59dff2e35701bc5852fafa68c03d486e2a4a65a0ef69fe29931828d5ba94ce954f3b21b493db"}) r1 = shmget(0x1, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000180)=0x6, 0x4) r2 = semget(0x1, 0x1, 0x100) semtimedop(r2, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x0, 0x1c9c380}) syz_read_part_table(0xfffffffffffffffe, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="000000000000006c00000000000000000000000000000000e0e515320000000002008801260001000000640000000001", 0x30, 0x1a0}]) ioctl$sock_netdev_private(r0, 0x89f4, &(0x7f0000000740)="7c9b2e60f31b7284c53a671ab0eb3936247fc0a474fa6beabe04abcd1744724c220f4fc574c7ab0b2980cf8be424d4e74b") ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) semctl$IPC_RMID(r1, 0x0, 0x0) getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f0000000100), &(0x7f0000000140)=0x8) 13:46:40 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000000)={'ah\x00'}, &(0x7f0000000040)=0x1e) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00') sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2080021}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x3b}, @FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x8000) bind$rds(r1, &(0x7f0000000240)={0x2, 0x4e23, @multicast1}, 0x10) ioctl$TIOCCBRK(r1, 0x5428) setsockopt$ALG_SET_AEAD_AUTHSIZE(r1, 0x117, 0x5, 0x0, 0x5) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001440)={0x5, 0x0, [{0xf000, 0x6c, &(0x7f0000000280)=""/108}, {0x4000, 0x1000, &(0x7f0000000300)=""/4096}, {0x0, 0x20, &(0x7f0000001300)=""/32}, {0x6004, 0x3a, &(0x7f0000001340)=""/58}, {0x1d000, 0x88, &(0x7f0000001380)=""/136}]}) r3 = syz_open_dev$vcsn(&(0x7f0000001500)='/dev/vcs#\x00', 0x101, 0x2000) bind$netlink(r1, &(0x7f0000001540)={0x10, 0x0, 0x25dfdbff}, 0xc) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000001580)={0x3, 0x2, 0x8201, 0x6, 0x40, 0x1c, 0x1, 0xffff, 0x0}, &(0x7f00000015c0)=0x20) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000001600)={r4, 0x8001, 0x30}, 0xc) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001640)='/dev/vcs\x00', 0x4000, 0x0) r6 = getpid() sched_getattr(r6, &(0x7f0000001680), 0x30, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f00000016c0)={0x6}, 0x4) keyctl$session_to_parent(0x12) write$P9_RMKNOD(r5, &(0x7f0000001700)={0x14, 0x13, 0x1, {0x8, 0x4}}, 0x14) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000001740)={[0x4, 0xf72, 0x7, 0x3, 0x6, 0x3, 0x7d73, 0x8, 0x80000001, 0x0, 0x8, 0x20dc, 0x3, 0xfffffffffffffff8, 0x9], 0x0, 0x44000}) fsetxattr$security_smack_transmute(r1, &(0x7f0000001800)='security.SMACK64TRANSMUTE\x00', &(0x7f0000001840)='TRUE', 0x4, 0x3) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000018c0)={{{@in=@multicast2, @in6=@ipv4={[], [], @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@ipv4={[], [], @rand_addr}}}, &(0x7f00000019c0)=0xe8) sendto$packet(r5, &(0x7f0000001880)="032bc0fbe9d3f527411ee259d4485938b8d6a140c710d04e2d52f536c54338d149c574b65483", 0x26, 0x8000, &(0x7f0000001a00)={0x11, 0x17, r7, 0x1, 0x6, 0x6, @remote}, 0x14) r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x1, 0x4) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000001a40)={r4, 0x7}, &(0x7f0000001a80)=0x8) r9 = mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000000, 0x110, r5, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000001ac0)={0x0}) r11 = mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000000, 0x50, r1, 0x0) r12 = mmap$binder(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x4, 0x1010, r3, 0x0) r13 = mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000000, 0x10, r3, 0x0) r14 = mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x11, r3, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000002e40)={0x108, 0x0, &(0x7f0000001d00)=[@increfs_done={0x40106308, r9, 0x1}, @increfs_done={0x40106308, r10, 0x3}, @transaction_sg={0x40486311, {{0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40, 0x20, &(0x7f0000001b40)=[@flat={0x77682a85, 0x100, r11}, @ptr={0x70742a85, 0x1, &(0x7f0000001b00), 0x1, 0x0, 0x2a}], &(0x7f0000001b80)=[0x0, 0x78, 0x38, 0x18]}, 0x7}}, @transaction_sg={0x40486311, {{0x3, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x30, 0x28, &(0x7f0000001bc0)=[@flat={0x73682a85, 0xa, r12}, @flat={0x73682a85, 0x100, r13, 0x4}], &(0x7f0000001c00)=[0x48, 0x68, 0x38, 0x28, 0x30]}, 0x80}}, @exit_looper, @transaction={0x40406300, {0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48, 0x30, &(0x7f0000001c40)=[@flat={0x736a2a85, 0xb, r14, 0x3}, @fd={0x66642a85, 0x0, r8, 0x0, 0x1}, @fd={0x66642a85, 0x0, r8}], &(0x7f0000001cc0)=[0x30, 0x18, 0x20, 0x0, 0x38, 0x40]}}], 0x1000, 0x0, &(0x7f0000001e40)="16e6a98b4353ccfb2546c0d85a52b1f7af12330d5de43e4f3f27abbaf61c71743728786dd5673c867fd5c37c2a56f3fcb071fe24445212495d4875e7f8d01e30ab2f1977824c7e22952e6fddfb77176c146d8a00a81af84174643864c510b22fcf414142f4dc6c44977c04da165947f4e09ed6443b373b31d30efee6ace99fe5013fb44689a2d81567dfe5359b1d6403846c7ba4a9fb7be8a9e3f0fab753fe5396e3ef4c7d34724e09025816d6417a2cecdd78271fed00895be41c1c86f3aecf708fe5937e7519275bb6a06afea03d45c49bd6f36448d6d8ec8801166a12f471cb1bc9ff16446d5c8ec3e6873c41d996a0a3960a0ad3f382a5032c0eb7cff9019b47528dbc70d611048e6250e96962ef78176eddcd1c8bddc0421140537a93cc8274082460a716546c89c82291b7023f6c5db433efde6ce32a20a55c5917d7a6975f325e79581769fbfa6b4bef23a05884c23c374ff13e608321f4ff8f4aa8b4f3e37d65a0bcb60a5f813e44068bb24ab50532b9fac1cd72fed1e91cfe1128f4b92de57c3cc0674c16dc0ca9ee25f3736737193cbd6cdcc24d8ed556f00fcaeff5006023342dd6b4dae2e62f32add908b83c9c81ac5f04a972d42cec8ee5b241dc94b243945ad1376c6c89f3cbdc147c52e08800fc0c9869429d1fcdfa78bcf64a7ac6ab170207f954473d276d87fa28aec92ff04dba50d237453f0a3fac7b1819a784635c3d061cabcb5b497d62624822ddd1fd118235c4e911423aa63c6d5163663ce35d3c3a6cd83cba39122abaa33d9df19f6ddaf5742b84bb3c8e8fbb07f0bd588947aaa0472a0e8885c68432a94e68d337f79eb5a03564ec11437d65b73f2d4d808b1ced64a643f94f52414157c727f0db49de0cf5320b3c356178ffe9722d73082137474c48c24d1473f20dd865b75129ce4e09c4958bc305790d569fa381ae9c893c8e72f1bd6cd0ce077cdf5c8001093e2d6e4b181247ac3fe5dda94afa7f915e18a39c2676af4345d6d992e0b2d8ee7bd08ba4456b5236dc6ac116bc072712a2d422ff4828d3bbeb5e7c4162c51f70a692eab1dc4442f57a6bda910c9e15ac24c00959d58f5c164cbad867f591cfa3515cc66201c7e8e13d2c32d2d708704f722aaa917b897b40dbe38231ed395aa02c341527f5da52254c079c85be069d08e3da368338110bf87e67265bab87c8635d3b2d454b571c4055bf86cdf1a1f590a7ceb0ba2f98b5d57ba56cdecfad0a1a9c17f9ada7b7844cc9e50dc3cccf4b51836033787ffb2dcdec64b86b47276063e68e1a726ded1ea72b4a99a4389816ca81e5b805bf00d7b2291a65da61dfb9fd8dc79c1193e6bdfb1b76bb70c3dae5a1c5f438cecc57574e37f13092af7db379522b8aa16d0f93ae546eca93bfc52f15aee21da2815114415bd0de294dd643e47f7f97708e1e7ec3cbb64e7142c3e9549e7d47c494c37475a2547493cda920c10b286a7b2e027ceafbfefcb4fca8d563fd229333ce8abbb3be52a884b360086d5c0b94ec2e9b5776b998daccacb4e571a3332d696e3202c0ac46304a4eeef6ebc234ad6ec9771c4aa4fa803f0230ea24a06357d811a6a19aa2b708a9aac29e0713dc9399cb72d35b12e8f7d0440b906857d783d2e961f1967783884a61bd6eb92b79d55efc3a38bb5ca86ca829a0b1a80d87d54580f572e42b5df4e70c0bcf0d693786ed6aab121a308ed2a407ae5f45197a2c42558c350f3c5dcd8297b3b62f80d2ea6bd9098cb9c736dba3bf2285d4b19a78d363bb2306a06247304a11eefd63b8a7b22d45578e4eb27081abfc72cc210df1892dfaef4dca4795abf143cc27810dc85fd7db6fb45b80febf8d4c3a7edaaec590f1dd45c1c0d591dc67d596513489c7d99e21c1971d8068648bda73ab427e0add15015643d535d93d92cb258c048ee40aaeb1277d2c87d83ce9649b1babcb8d82fd258e68047c6275d0d1d33b8167c658a0fa88dec6d48ae0b21b111031bd6e0e2347b3ae3f941ae5099eacbc9c6cfe78ad3c863d9e13094751ffc5529462fc0d700833b72382031830f1030fe33bcd219c9d35c7a4b22be588029c77dc1af1b6861f818dc09d6ca15212c9fb5c1328d3f9d9d9fff54a209952e3053a8fb34b696706d7791d7fa223cb20856c62cb0ce5c082624f513a067fc960dc70e31bbe67b304f880a8b38cd16065f90094bd1f846feaf50ac386b75985d6e4921cbadb95b72e29a6a58b12ad3c40c68daa6550329f848c9a308b6850a197ea4533512b482bb2621d68fca9b63acebff22bd9ee99fb94c521fa23a71c007b1fc3094b5378cd2226cad1a11aa5e60926a7441646bb857910896700315e1ea535d15d159a95e35bad46306f593d41bb886d1bc6aa9daa7bbd6c471960c69aee104ff0c9d66dabaffd3384ce5e583648ea888642d0c6858c52d8b1a3c206481a15a4733b13dfc73d37d87fad5bd5a72709b0546fb4bd29597b9376b76db1ace27b20d3e0e51135eb7050837d948257c09c31b3641148a49fc234218a28cbc37cc893f338118ddb33678ead4521138b996e46a86a092812c51f280e7a589480c0aa137bc0007511a4fa316890094e0c3c0664640625b49e43e8f1dc812fd2d0c11477282238b4eec38b2dfc78bcb26290944dfddb04598e8240b1cfd87d55b2ad9be0001c621c93ebe1906990ce985fcda3a1d0d2ab2a533cd7824acf60a7f22188005609a63899ca3bd15ef8dd9934b4f66a5a25ee39b6a5f3cbc799d4e418b467caec26a3c09e01bf92a22157f292bf7a14ddd4d4841ed32c2aba5c0b47bdd163965314c4ceeb13f55754141992d81b56960c3994b4d9501cfead098d0df1b9383b6dc27ed805dc08ba27909c7650589f178dd159924ebc280f648cc5e6811d133193b0718250d757e5b725a259bcc78baccec159ae2a11fa0c40d82aaa1627104a6099218f489353dfc67b1baaa74abb0626a394f94feaa3ef7b892a5b3112769518b06f8cbb76bd06717ea4faf3552d77433508f8375112dc6703f785133e017869bb42b75e8602e9645ca9debaacae2f9e1fa1d20788f6a41621e9546f445fbf5bac6762597de27c0e5d7d9de7b9ae3265a63c46bc25656c5cc6497e301efa2abc866e1aeb19c25cc8714f0fb3d8a792a4dbbf9f546423b9b6493d576eb183835f314ca1a7459dfdccd402f151e378a8ac99d04948fc9c5c58867337380eecb4aba7ce771087974c6d0647cec879275402185f2853c24950d48857366460a88fe1643e04414befaddec3e5fb2e6ca59a736476f70ea3af0988792cea73d26cfee7e2a021ec62e979b99caed2d220d764b914574ae9c327c997332dc88d226b8fe70cb5c9e5bf3b266d100b811cce4329fa29f8132c7daadf909a4a6877bce921af55c2e32b9ee0c0218917831e8284a9e373e4557d7daf1163bcf02a9e65bf29f09e94b27701ba5e352070f69075a9c4c5806006a6416ebffe3d304d5efc31d7559d5b2b0a485262e41879ab0fc56cf706c0dffc9c2cca923445c602bd4fb9a7af07f7538b36f48c4984e29d25115254550a5ba0de7ec7e8cd2c7bf512d9e3ceb253d16a1484cdfb543520a7ec2e7847d99ae0851d04535ee642eb5f832f44147aa6d8fe291355eb712b7be9f6df748664b5e85dd76d75a909e90ba2cd9202f8ae3832620a03fb041da10b0506ca6879387b977a720861978246aa9f8c0a5b452637ec5c26f27e4e5a34aa7d202d3af860409f03850dcf9fb332f78d9e30ffd6d96cac49eb8362610532f306300368b8e20803edf426aa21984c332dab2ecde44304022ce8d05d758d7f6798745a6ce6cd8498e39c1bf136e75f7ca208070bc175350d1b7c6347e03ea23823a38c73740c5e96927c1c24ba65db9e8cea103ed6b348783d829f152feede2381ae6b7e57c650d9ffdc81da0bad33d951e285d0ad00bd6db51dc1fbd5464bc963aec10c4875ef998e8f7af029c19eb450c6e65934cd47b4cc9fdf601bcf35519f382ac2e8ef3a462d624ccd0b35af83ea9a7963d4b7b05790a2756b417d0bdb5c85463bae927e827a5ea660548b90d94413f37e142006f3a7010955cf9eca157219b45e5d5e8660401e704252d7b26b0fddc8bc1b5c9f44e04f74baad63982e26f943ca733a4f63baec9b8cebda321d67d89d014f9b832aef50dea063bd461f054d829387f99a4fecf00f9af5a9ba47f4bbdfe953f2834d7da3d7415e47f3e098704b3005eb6d4839992743d77a880bafdf8dae23c9cf42c2315cdc46437d5ebc0f6fb92149979df5bb31b179ecdf08c2e66d956ff65a03500196df0f2b1e296ac78b49962e60c413f68c80f9137699285fdf9962e6d11aa3d6e2dcd4423b49c31632de5ff5ad4351f86a72946196370eeef1d271efe68dd16356d91690174ca8fbedcdb9de1250350f6a5e396ef901ee366914ed0163e896ff2ba2b58aab38c6738c3b57ae018b10ac55683b11892999a25dc8d80336848a53745bb47e539b61ee514f21d145fc1c4ec51dc4976e3bfbb8fc3b78ab6db26dbee89fa98de637243141163acb32fd9cf7b17523aa67e6ac10a9c8babfe5f676df6e5ef52953376821f5d849939187d28b7277f5903e807ec870210a7297b634bcfb88480a6d8f3cb24845912cccbd36e8db7d759377ab09ebdc54fc264cc486c619a73ef953777d1c525363f38e3ea06bf2cdc76ea8c03171d24cbfcb3b7c41773e6cbf9c4b993db5d354a6c07d6396c0fb9c42b0e0c734d3540891a86debc6f10e9960738517e57a6d4999c1c9e669523d62874a6a692f2ecc9bcd764bc76ef70a40a485385cafb042b18adc9bf27811ef5563533efcfeacccc1089f63cd2bf00c703871632961c46446b7134963e7d720809163023d36db512606d129d59f92ba079ad072cbc041f4aacdf72de810141f3c2a3a662a4b17af553740bedaffa64d8113edc0daff606e0726401f2615e621c136a794631431de1134e9d872d647451fda8ebf647ac193e35c5ad551a3cf49e7637b28d468d9b497e11456bc0e15893f3bbcb37cf98c7f634d967538b496610e50f94147325c06a546e6400ce178ad5015ba4f40307ca1d8372c14741568ba16e748a8fa79ca63f61e76023f94f39d42dfbf0f9dd7a38d7651294663a6f8a28886407c47fe530fdc40f4c519e700324d8ea573d430ba7863c92e3b5fbefb7704531a1e61bb8f49a5985bf63fc95bedc3979e9d0212318b2cb6b6e2b5c69562a1d1cfa972185396d5369ea11bc73eb03711a8b0ab3923a90a0418225fe409f0f47593d160012956e1ac31e0c4e73bb6d4c6d6722c9dd752060439ccce87540e89929d16597d5c28470b5dc4a9798a41d63f8a42f6516680ffe37ae5f5c19c640ab749c9ba1d76fd0c8fca0c43108b6ff37449b24c05aaf0ee621412f2b4c08baceaa3a25f8ca2553922338deb1822f55637a330aa6928355039d86e139754efa3e1533bcd09a19eac4acee3483111f0032154d8e4adc110f522eb343928707113d6566a1988b3f78a9d9eedcc29bf9fe181d9b8f96450a773d0ce326585d9cefabc3665a4450206372e04ab7cd6fc6837a19eb45b168fe4ef6515bf8dffc5f82f747766d1d6663a1dd424a1a9a6d52ec31457e68fec859d2f97ff840b6e04a038817b11dfd906bf778150e09156ef499579aef0811044dbe1be482459d5d6901a2805d271d96a995ba66807f7bf93c547faf6c6781de1a2df5a55c1ac819a0ad33942c779d2a38c86d10d5084877ba3ffda29148afc1221cb04bcb21d572fc89a2dda73fd63"}) [ 325.251732] QAT: Invalid ioctl 13:46:40 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x10, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 325.271994] QAT: Invalid ioctl [ 325.295579] QAT: Invalid ioctl 13:46:41 executing program 4: r0 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x0, 0x0, 0x0, 0x0, {0xe}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd}, @typed={0x8, 0x80, @uid=r0}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) 13:46:41 executing program 2: r0 = open(&(0x7f0000000200)='./file0\x00', 0x14104a, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000001a00)={0x0, 0x9}, &(0x7f0000001a40)=0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000001d40)={0x0, 0xffffffffffffba01, 0x3, [0x1, 0x80000000, 0x81]}, &(0x7f0000001d80)=0xe) sendmmsg$inet_sctp(r0, &(0x7f0000001e40)=[{&(0x7f0000000040)=@in={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000140)="8e1fbfbf4bd856e2571d15018f46eb2d4625ccf897694dc4c8db6bb912a4a87ac672496d0e6499b49a42b43fad287d277c2a714793528a8538ca0e330e8263d27a9031afde251a1b1ef425aeb9c7f661e41b2a96127f6bac4264c24c57bd409d2f1e52b302ba375db5bdd3d9588cd64b657cb846337952ea5d15e99d49fe1599ea4022", 0x83}, {&(0x7f0000000240)="fbb222974adf5226c6f9ac6fee166053e22e56ff6b0e51bdc6ad5f29fccd028850558903b413cff8d247207c0d6133c59526c275956999a7668064c2b2b364f818", 0x41}, {&(0x7f00000002c0)="595858cdce627c7b405cd3cc5ed8b03977897a9b91adf9dba9644e7f3364cf24d4c6295f2ef523051192f57704c2d169f8562a8fc4440768b1567f9745e9b076606e101364c2ef33299eadeac2ab61e2726a62d3c37de20c8d", 0x59}, {&(0x7f0000000340)="f5d58630826ab5ef4fa5bd10237adff0c511bbdd5da4c7bc726dd933b6f1babc61eeefbcec76bf8593b21ab80964b25228bb706361dd636de4e65326901b9f00993190e91b9f44ac342992a5ba5c21774c72ada5ff5b05289eb5be3ade065bee54204beb67aba532058fdc7602194d4dba6ad3198a7be6dfce183df33702b738474f056ff587cdd89f5d03917aa416099b365caac639fe70e052615c", 0x9c}], 0x4, 0x0, 0x0, 0x2400c000}, {&(0x7f0000000440)=@in={0x2, 0x4e23, @local}, 0x10, &(0x7f0000001940)=[{&(0x7f0000000480)="09b9b0b5c20de9aaee55c1c0084ff9df097c0841906ace7603c24dc727019374fecfc9bb67060a884183e42fe1817b917117a24d4ea38d9478ed9a9e121c8e2f9a42bab68fece7d454d138a87e9fd53297980fd344b7dd7452ccb7dbb8bd80e5b018459edbd3e153bf15aafc7e5dd8e7bbe9ab4b875771af667222", 0x7b}, {&(0x7f0000000500)}, {&(0x7f0000000540)="d2d977553c083480d88564f1244f9a2a0c1f1e2885edc4610dfca32d43ed27fa9cdb", 0x22}, {&(0x7f0000000580)="ba2ce6b462e4ac83834f1be02f817158e5738cea5a1f762d090580200e26e03e6868d85ff8c84442dc41b33367894a8223e489b4c8bc4c440d76ce7b56457c5e4e6750f42f831fc5d4bc46ce19a326cc9d9443f4c038acf87b954aa25b15c21ad7be7d16b1598bd3815a2878a7c61616ef1701eec1cf12c516a63f3278d64318bb23ff067760971fd4da947bdd2aee2c9c314ab6194ec889e8fbf634c955b147bbc849d247f2f7dfebf0ac1582178a5c4bbf858e48c1221931822c73427322c3ea", 0xc1}, {&(0x7f0000000680)="a07d0517eb7609b629d89353d7a324280d01270d221cef239a02ca1f9c5b60ddd2904e6238fef855fb772440ffb396634aefc7c4e7cc7c3799a180c57ac24a928f66581c9393e50ac055f2b987cbe7c31106ab69f6f0284e97213c2ebad46349d6d0defbc0bb1f382a73d8336724d93cc1d62cb127c3", 0x76}, {&(0x7f0000000700)="83294a1b547473cf6700f97937087436b366f4abc114f5f38a8847648a7a80ac20fe1420bedf2f5b6bdedffd0b71c1a474630fd4419297a12c406ba29a971cb0a97e4e5d3f1c70e3499dea6573aad0ac1ded4cb4f280aacdb05e0800263bf16e307597127b08e51912b3c5e94b3350e7a230bda23a2fc30cf4ae575bf4aa5ccb452573063915464f51101cf93aff35b4d2def03aed04903ec77f998be945d27191de9ddb19270958ef83a29f93339171e9a558b41548fa7be4addc92d240b30c8a640c15", 0xc4}, {&(0x7f0000000800)="0bc88f9cf77f648c0bdd585d39cd8f016e4723d80244ab2ba99c29d30d46e192c090648350b2dad4991f78aedd2146858725a41b05e38df8b07fb0e168e8fc5ea1b2fa7b4b52cfb3f8ed08160e7d617017fcabed2074d4e487ff742020917576da9f0e0c967f6baa021e79e488ada83a4ed199e7e47e2b80e785b2cb78ada08a60e56f1cac56cefea5fa2ca233e7f3e42c2f8daa6133ee0015297c3cb305e6af2eec7633c446f4559495fc132c566fc91dc60b2f5a33ed8f65aabc077c1f51e01c97c830b1846d5123e25b148a0727d716611727c2386d780bf8eb991439f47bf1d6e75373206423fd60bd7ace25d0415720796c9e95c7fde622306120fde78fec72c499cd3ee8c3cb96e6afcb9ae2ce902de2c11f23f2a7ff2ea0429f7c43307f745f0f4e0bfbd5033cef0177326fee94e79e86a03fd574d7643e15093dff1816d687dd1afe38896fd4c0af95fe4b474e6877e247c88a685579b283d95810f1d66f193f81057f943a7ab9fcec0755877d850804fcbfcd02cb3f4c34b8ecf67f0b2dcd5aa203b755f3bfb81aef51e961618c9697df41309381ce4448f7a75ac24c2d2907e26aa825b47b1e27fdc8fad93ab733dabe3ec7a17592aa1dd10c85cb35fca5083accf49203c8ba90490eb7f20d5c036aca48a01efba230b854a7780b20b34c7c9a6d081995f8459f8c95e4c12c50dee77aaf11d35373f8d0f6d70be9540be662b7d1e5af9f16e0d29b50c0f3849bca208e779ab308f009ede9e1e13220a14adbfb1f59a779de1eda30a30d82f7fe0debf894de6d66e1dacb1a9f3cc7dd17893d1ad3d0475e7cbcf22a52377bfdc4b319af5bb14413d4e1d5031acd5610dd046e62ac559546add6eb50685a7f38fa481b832d302830634ec643ce9a1517e10958b6d694662143ed2a56ff727ea5af48d23d30fb67d5a4a12002ecb08a145c08e2e9aff429808ae553c5591871bff81b497bb64e3024299c3eb8723ed57848c3ca5a29e9cabfef7732ca7a46d49dcee38a87654cdb18b694323de99917d87d79b0c1994745192744639f478ca53bae5eadb0896e1e431134f8a4724412ada284a22d6f04a5684f86242665a129b05f3a4096a5604b5a5b1e5df2ed31dd8b4ccb7ca4fcc9be96640594f510b8f89337c80c136897649f64783314251ffe58df52800b5db8dccd245ca9f0eae093e8578427d2e1d1b76a8fddddf012e224eec15d8058971e7ddbfa84ac6fe6e95e84f29e2492545355c4e6f075679498d9f3970997277f0233642064c6f8b2bc2efdb568a9988c4b6bca5f59f767551888542c8c62d075b96b3c9553361f4e33fef38b3e4fab73174aa2320dbeacd64aefe1d8379c4efa4a88abdd2589460df9bb5a814dbf89272bb4090b23301fc0f951026a28868d3ebb409bd1d08484274bfba46f1459f1f12cc9145d6f3c0bfa0ad9d364b5401758ae229a613832c09f4b7fc9e17d42e1f5107a38126d5730ac31d6255668740c8a38641314ec676ca9df3f3a8fb796c5441ac460c61c593b6d1cd9acdfb4627a1c822c5de40404c8f9e64b4e36c6cd301d300b4fc5f45281fbd4349fceb93bf9b79170cd4a61792db10666c0b8e1ecf8f34b276ee4e86d8e511809ffcece9a43ebfccd33e2c12119741690d80083022b05ec69153feb7f65347a9a4686f2827d68d3aae88752844a9fd0154d07463cbe82bacd3f1d6a5751eca444dcf7faa0fc00095df7781d5d27065583e929f4bbc97f227becf9a46857e023119c64d904961e8e4df8f6357a2f913f9e014b3d66b689a690e43cf1d37034b25f57ac51fe08e61bac53f9b03495246cc9d1eead31f66689d34c369ff1a4ff74c4c88cabd76ccabfcf69af4537d17680cea408e0efda5966501aa847295006c1b7bcb43f782f0c8a33eba52abca1c71357870a8d64ece93ac53e92dda9760d0b94eed2d9f43c34c3995bd6e91bb822258593da0f4fe05a03ebcbeca854675f8f92b38b3586e8c2b1e18b7379dd7e4749ab40c7dbe203da509b32ab16d64638736e6f2b818e5fe4e1b98e72e8dc6a46c863f1caaec5644e1f3d39c66442962cc4bed7ab889fd4dcff95c8c3cada3d3a4b29377b1c8df55055cd44e8ee85f1c0e0481bf3c01b3accb3879c50c09c1b140e20c6040e7190e28959ac51ee9dcf481a93cb8dad0ddb70f4e32538731121a433a5eb95fcfd712030bdde60b85c0be0134da2098bfc2b41ee34b171c0e6ff9ebacf45154c35ff987fc8db8ddf64f8cbc78339cd8e6d2e959a0121eb2dcb519c016527d10d306a5bd69e915ae136b6aba0e6bb3c4ba5bd9a0cd42777c49e48c28cd4766b15bae94daffbabc82d1ac7e9f84adbfb4f1cda18be1700b75314fe469ec9216a22faca038612a8a8cdb44a9a20f58bf52a56fe8607ae8036afdecf2c84c1a536f8b1ac90ef317f83c469d83f7b6832ab05a77df5beed889b3f92f49d938477b997819220046e7ab031592b56434af705156078f11e89b0060908fa0751b9499ef5ec202736c8c788d026d196ae54a7b9868bda648c71e0ffd5383ca05e679a12ca6c90963e3400908fc4fec6e80f9de636f9fe7b7e2736fcbde0636063fd7696c5557c4ebdda2e55da17c723af57341f1ae2538de577bf11080ff6376ac9ce763345f7d5267f3e13be9d0004fc581278cf151785082998428f775a227572d4696d420b476e580bc768699dbd87546122438185a81d18abf0ffff9048b89d52bbeb2a754069d9bf47e1a41abffe5b7d61e25107553672b7d3656e7c5df1a800195a163f394b45415ddf26ebdbc172947e2a35e66f294a07699e7d8bfdc40f4241fbe60280e18ad931efa7f183304610ac3f804343028fe2f48dafa075028411d3e8193ac98d5034c6dd4f406d76c0e5cb2d54d002e0c43aaf643a6d9af9a01f557feadafaa2c53745416c65015f351322b19e48902c06f8cb6bcdff49ef1f8ab9732c495348c2102582aea044a97ef036b100212fd65a2beef2f52bd643765b4291abc4dde792c9adafd75710ca36567c840fb5ebb84cb7b124e04233a9e7ee0e7641354742e789519f9a576e70177b60669984fa7b1fc9cbad6808578dcd6aad57421a0470f8a68b55f8cb58ccf16ae1281abf10428ac5ec1233401c25252c8b924dadddf4c8cc990a1b1a1d44ade54bbe18b14b0e72bd05fc28e978af37dea9391382956bd5133483666784479f0b925dd5fec197e1422c46eded904c52b132a70a83c956aa38afa8d749c16a8d7a3c29e69f42770d86e4a4ad7cc42f1bf6de7dd9e5bf336048ff193c79e8022c4c24fdfce099e72b6077d8350af985d7efaba443be4cfea7b6292496234393e725a01aeb1d68dcf9c9192d7db6f1fdf21ce522d22758f79de2fb15c48cda2bea30e2ce6b0f504ec8919fe6ec78b578654821e814a6f320b8dc477622a62b4347cd240874bcb46f79e4473102fbba6be6ae40b5e2e842d5aa75a3e3748bb7aec1ec848fabcfff7c300aae9a4b2f35219a679e2620efe58f819e848a12373c74389efca0a9d2b6078d0a5c10653e8f8f1817528dca5f1fa31939256f99e670cc1059212bbebc9fae16c6123414af1f219a5af6bcd316679a572824d160adecebcab39483ae5fba3b0e7e9d1d25353b696ba7d4526820eb88b86b660a90883e37c49a201363490e0a3ac9e77ca53a3df7456d470aff7cc224c15c4f1ecab83a4095832f2be787c0dce09b43d8c50c25c7a5ba0db954b5abb811bfa6696deb2cb2e2be4a3af2d4081d324d4736825e867b4a40afcda866b215860dd20b4cedd8eb8b88f9bf30a4d2fa18844714756b954acd01415052c805777f9e66f6d146a4395c1d5f40d711be9c009968990e4acf2e0a047e305488b69145deb986f15cfa6b7816ebaedc0ba7314633c364cd46e1246247153dd6f0159d91deaaf767d3afa70b797eec12c5db3f6de5e78e77f1733d37beb16345c32c9855a11b0bff6c7b108c7c83107be359f260433b57117cd312185546e1318c548208a789b9374279e94eb666ec03b32e5d45be678ef3083875156ed33496f9b4e31d6f4c4de42a82dc02d7cb1d09c014a366eea23d0c5a058cf1c72b39aeb1dd6b1590441b228677b341e1e3f458972cb93ef56454e6321b48a9c03b231fb2076865326784af6a60b2c76e3dacae424ddd76fde608164572afdb362c3d7e7da37ab042a8de37b8ff7c706e1b2d6ebaa5fe4099cbe4adc3449756413f32672f095c7ffcae2c26e976b95eedd2ea3fa4d77f23e4c4a6ffa7d460b499fe0054d02c600e8da9e50bf88928f2874f89fa8a5f8e81d80fadf2223f95564b2e60d4549a85b411c85c192fa0352abc4d5d32453f5da3043c673b358e15782aa2a3006172db91e4ce4e8f4ef10cb115f6efb3e794e18d64b7eef8c7d19200a144304b235748976b2e017564d549cf369992f036a7cba930a461fd034b1d37f9939f34715b6bcc8abf03ebf946d040854bd99968edebeab3ad69515ef0e25a16344c14431fe524a500f4dc246adfe2cad49e6d2ebd42314caf0dbeed62a51f0e793c2870660f39c51cb0c1508507330a6213c53f5a8415f41b6deb5d80a4377e2770e21a72b6bee70339cfd9752655a07c3206704d3caac632318aac64c0fa0ebb7b50f2ba5e8df6f01093d79360e8ad592fa527ca44e456a11f51a143572933d8a1520001df2de7cfe1f4965b9bb2b58c067293f09b1f1caad7a7e85daa39a8eca1e6e9d7853b5d8b2ec335a0072c63d97fafa793b90e54489b9470725353c653cde0c98425bf375c1fc1a76fdc0c7e8e56f52762c42d7ff9a5f2e8a10d07819adf551dcefc6dc53ba4ce7914d799ba0a0f838d64bbaf08e2d080be0b5f2686667d66edebf693736ce5abcb473f99c002370043a164a48c33f4fc159a7f4db6fe6a982212dab27e9a933740ca657deb2c83fd3d14ccfddc03280bc7dd76cf5e4410c5a2aa701459103df46210c2851b7280070fd3b1ac223be96bea221fe790c49be50ed8b26e114ae29ceb5e2c2f37ba69bd9dcf315b73fe075605876e9714ebd8ad48a17a878c35d9d7511eb3c54460475bf7ff4278f8cb7ca5382eb1ddf2e7f4367cef6f97ce49d1c01da2bc980c922c46bd69fa6aff038ad5989554a12a632d4fdb08a247b73a53931e9965dba2504e573f5806fecfe54e41013cc5283adf62ab90ad16d5f5db12d4921eccc955decd24957a7201a92d76d95c8e8c023c5d0a71f568f5a07d57721f71cabc751c751a64facf785b4b6164ad7d5e48e0ddf14e5b578b39cfd28da958d15e6ab6e749efa03fedbc0b56df9796825d015f118a60f459a8e157bcdfee2151971dfc1a38de79b38e9523c2c3619ce4446bd8ba6787c426f4f856ad16170ed6c905e9bb2f31caa2510aff1d1e08cffe917e3ba874e3da23ac09f67723c057dc0dba78f928b01707ccb76fa2fa203658f55531edb44261cdaebd297b319b561b5f84515a24ee6483b89936caffd47d25dd9cca5387e21f011cf6f05a10966268f97e02fb5a08551a20ecf8e8d78bf5d675c298b343a24e591e85edcdb1d9e59d9def7bb54152f69b2bcc3380cc83fb323d5875b6f6c4b6fc1ab5cf8cd8f1ac7a64bbf0dbbb0db205af7749e819ebe292c51e83c8e955e3e91f8eb0b76b230c1c5a6ac66f34e675bd1cb8b9c9777f91fade65eb50c69e0c6f3c5b8146faae11ab5af7bb69200ded581558ea3a8d5fad2db1bea462989ecc64a922088fa76e2ce323dd2bdaf267ca668b99848aa2132ca85517bce725c753dc7d03889ab0564999630f69", 0x1000}, {&(0x7f0000001800)="20eff0aae5faa02f873552dd18bd0aee53c278e1117fe0ee82471a7b70a46ebb52357e5be065659d85783a461515f609fc3d3626ab80ad9bbfdb510cd485bd4580ee327769ee62679ce9d79193edd30751f795a7792ec2aedc138a3a07f9fa9f994d9c977db9495611134e7be163aa77cee5", 0x72}, {&(0x7f0000001880)="7c518ca09deed56407e33d821ff685b5d216ad8942cf05e653090be8baa7f62e833cac0a7bf7a0c0d31641953cef1d5e9605ac2448e283a5a6d1df7622d4f2ad94db4c12b0c7a8bac91deb3487e13d05afbdd40a9f375c3319749203564db5d541acacd178ea26db197dfc999bdd046d6af455ec8b2b04bb1c294dbf56a05b6b1133fae58b120cfe05d6c6074198885a683247d8a79bc320f4c7", 0x9a}], 0x9, &(0x7f0000001a80)=[@init={0x18, 0x84, 0x0, {0x6, 0x80000001, 0x1, 0x401}}, @sndrcv={0x30, 0x84, 0x1, {0x1, 0x5, 0x9, 0x4, 0x9, 0xfffffffffffffff9, 0x0, 0xb2e, r1}}], 0x48}, {&(0x7f0000001b00)=@in={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000001d00)=[{&(0x7f0000001b40)="480bc512af559f7270989fd506510efb867f428d9a50ceb27e3ab929ecea023f9e16e6e0c669791683c0d200405c5e2608a7a0df050f31837f3e90540476659bb4c1ddeb0f6feb49c2385d38e6f8c77ba2ef07727918d67e4f083c5fb18dd4e74f3db1c9dda06a4e6f5b2738ef", 0x6d}, {&(0x7f0000001bc0)="b3cd979eef2d8f3e97966defc56f61e6b9298ebbd88d007246f5f273f0039e0adb0e5924e391c4f5c4f1fe5dc5a4e335449d1acf551643f2329e562c4102b579e121ba82f32596ef32def7b190ef67e84a04602a4b430d60f7a5decd273ff6996ee0b15faa0aa91cc9673a0b270c9b9d2951d0d0f520d216fd61c3f4e1ba898659d7de2390bc37ef9686bd0d95aaf1ad87ffc0832b62d1", 0x97}, {&(0x7f0000001c80)="d86096778e91eba3eb2a774ddb18acb7adb5cb104e4b32ad2bc23b3510aa048b0e3fe6326bf171167fd5422e0563ed1453c0d448ae55bbaf21cea1b4ec450dba45894ea40fb2374b3f97346581ff", 0x4e}], 0x3, &(0x7f0000001dc0)=[@authinfo={0x18, 0x84, 0x6, {0x8e}}, @sndrcv={0x30, 0x84, 0x1, {0x7e89, 0x80000001, 0x8204, 0x7, 0x681f, 0x1000, 0x0, 0x1, r2}}, @prinfo={0x18, 0x84, 0x5, {0x10, 0x4}}, @dstaddrv4={0x18}], 0x78, 0x8000}], 0x3, 0x4) r3 = syz_open_dev$evdev(&(0x7f0000974fee)='/dev/input/event#\x00', 0x0, 0x101002) write$evdev(r0, &(0x7f0000000080)=[{}, {}], 0xfcf2) sendfile(r3, r0, &(0x7f0000000000), 0x100000001) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f00000000c0)={{0x7fff, 0x80000001}, 0x0, 0x9, 0x8000, {0x101, 0x8}, 0x0, 0x2}) 13:46:41 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x10, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:41 executing program 4: r0 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd}, @typed={0x8, 0x80, @uid=r0}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) 13:46:41 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x0, 0x80300) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000280)={"b61d3bbe52d75028290785806c026a89b9b1f382d910b3a4aa7b7a3be01627489bc78960dc4a8d8006367a195b9537b7da7acbd83e0c7d61ff9ee151c07b4a894822001e51c79ea8d975f519bd4c83773fab6d212d3bc009fdbe498bc54a964bc215400866865357fa8e35ef56474dc150404bf29ed0456914aa67901bf3d7bb3ba29e324fca8bd4a0b1b2bd278ea3a0576d82c8ae7d8e1fa5e723eee2bb10337bbd3c66f17e7948f81d8da2527dde4a2cd834303701ba103fd94a0c993fa9b5aa87cac21aa20bbe3c531f3c9e8669beca073b815e7c537fa9be19d59d746dda736ce163d030baae4f0950b5b23c7075cf9d19230bc6bf00eb1f130720d75a0f79ba1dd1d46a35bb539fc1d8a9393157a475375c53ed18909358365b478f1fbbea0a1ca9f467747ffb219a8c84c16bc5eb0f2799ef3bb223983ae829346b4f97dd22a040076fcd796b6c96b69b772fc9647ccfb451421195eab4dcec01a0ae5cf1eeb88cbf60a9a58a252997574fa4d3fa15bd5730bcb6b3dcbd030a02b62adf0c5f9b866d768f638248db923b0360cb0ebee0377228f71abe62f9c8b381f7d43be979417a721d041799eaddcaf7f92ffc2b207469251cab19ede5712a340c7c809ae5071851eae8307e464c4c9f04a6be73b0131401cbead4c9772e1bff9a75610e5ef0f22ea700bdac176d1d303bc4fc45f1a80cf38dd8cc2040c0fdec25243ab41e2d5b4371e25c4374926e7ef808821f05ff339ceca62ad91e010389279989f4146fe45ed09b80d32bce8176eeb5b00ef3c7cc5594f59d0dc9e48a4744f6d380ffb7dd8a7f662c1487e78c6941dd35a8d17c29d2c6905a770da057b33ee6e7a03a228ba26b3b9d703548ee6b2a680ee570919d73055421056009ad7f97409b83769aa2be3cbde957d65ea0396d045ad838d993ead88f01649a9c0e868ca9ee0fdd32fe11d1d18fb37bb61537f83680a80aa67c3a7b1bc26025b0286042bc453c3487fabc7d173a4edc3cb978f55cbdcc8d84d85dbaff93970e623f235b40485ca6ffdea0d56c9b87879fbcbea0f1e3e3d70d6d804d4de7e09bfa292d63b68139abe327863c86f559c3933ddc3651fd6fe5552e1654b1bca74f0dd11734a38f4de120a13f5a28fa4a16bc886c47f2a1c47572ec37de795a9aa8c943ee5162219171c3f78603e3ffeec37c20fbbd1394eda40b7e9d8a6b863f1ba8bfe778bb98527aa6e65f8d192f1b50b6d9890ae25c1ffc8e0fa432fe93d4cc7cd80d2715722a8e65f811f20176bc92e5cb1845824fc21c65d654e2d5f7d2810bcaefd14b26fb183f48606343fc981b35133d50f125bdc32f7510a7bb866b9f7d57c393ea253834ca0726e00640ebf77cffcd343dd203946443b16f59d43e59dff2e35701bc5852fafa68c03d486e2a4a65a0ef69fe29931828d5ba94ce954f3b21b493db"}) r1 = shmget(0x1, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil) setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000180)=0x6, 0x4) r2 = semget(0x1, 0x1, 0x100) semtimedop(r2, &(0x7f00000001c0), 0x0, &(0x7f0000000240)={0x0, 0x1c9c380}) syz_read_part_table(0xfffffffffffffffe, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="000000000000006c00000000000000000000000000000000e0e515320000000002008801260001000000640000000001", 0x30, 0x1a0}]) ioctl$sock_netdev_private(r0, 0x89f4, &(0x7f0000000740)="7c9b2e60f31b7284c53a671ab0eb3936247fc0a474fa6beabe04abcd1744724c220f4fc574c7ab0b2980cf8be424d4e74b") ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) semctl$IPC_RMID(r1, 0x0, 0x0) getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f0000000100), &(0x7f0000000140)=0x8) 13:46:41 executing program 3: r0 = syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000140)={[], 0x0, 0xfff, 0x3a9}) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x1, &(0x7f0000000040)="153f6234488dd27f2a6070") accept4(r1, &(0x7f00000001c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, &(0x7f0000000000)=0x80, 0x80800) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x3, 0x44100) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000100)={0x0, 0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000000240)={0x0, 0x80000}) ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f0000000280)={r3, r4, 0x6}) 13:46:41 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x10, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:41 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f0000000140)) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x408200, 0x0) ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000340)) r2 = socket$inet6(0xa, 0x0, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)) r3 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) clone(0x210007fa, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r4 = gettid() ioctl$TIOCSPGRP(r3, 0x5410, &(0x7f0000000000)=r4) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000200)) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x401, 0x1, 0x7, 0x48, 0xffffffffffffff24, 0x100000001, 0xa19, 0x2, 0x1, 0x0, 0x0, 0x3, 0x0, 0x9, 0x3, 0x83], 0x2000, 0x8000}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000040)={0x0, 0xb1, "c081b8bc02865257a03ea30c523d5642e57e0ea9194bd30422a39464a83599f21483b08bc85ad5bec0ace2a7ebc12b96d0b9f2fd8bbc9d9268f2f54bb8cf6204914056a77e9a99e99b060c84fc71af083e9f0f5ebf57cc04bffa951d9abcbeadc9e201c5aa1158befd5eeeecd4d8f29738122012f1594d2dc9f324d593b936ae264e592e452eae0ac4b4b9ed5aa1ad6def7682d8a021178adf89022a0d1fb749c78b5cb76ba2b95eb3c29794accf7581b1"}, &(0x7f0000000100)=0xb9) setsockopt$inet_sctp_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000240)={r6, 0x6, 0xe7, "403606d7aef27df9cc5e554f9928a7c84b7f69f777913e51c7c097c96bb9d95e35e629bddf8da547487e808f73422c540b4a581f12758e7e6f51fe957fda5b92ed2f54579bb4262d332be3c524587a5081014f452f2b1808edc2ba717b6874122332c8a2416f3439970efe100196d7644deed772082c3fd0e2abf08262c8b5701f56ec51078b92d0dbe1ff9828e6ee6339e7161ececdc3c78522113105f471c8bf96c9bbeb0836c54b35b94f6cdfccc44325f8efdadd0d86297879543bfdfba927d53cc7ec84a944edde30613c8bfb598b2e59e53dbdc2bc66358b9937a0c58a99f7e7f2bd8fc2"}, 0xef) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000480), 0x4) ioctl$FITRIM(r3, 0x80184151, &(0x7f0000000380)) 13:46:41 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x9, 0x19, 0x6, 0x4, 0x0, 0xffffffffffffff9c}, 0x2c) r1 = syz_open_dev$vcsa(&(0x7f0000000500)='/dev/vcsa#\x00', 0x3f, 0x41) ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x7ff) io_setup(0x7fff, &(0x7f0000000540)=0x0) io_submit(r2, 0x3, &(0x7f0000000800)=[&(0x7f0000000600)={0x0, 0x0, 0x0, 0x2, 0x1f, r1, &(0x7f0000000580)="c0b3d421ccee7709b6eba54f4b21b152e5ac180c6cb97e317ddebbea1721be7f2634ea48775c727f4bc1f89d1d2398b2f0b90e87e3bf8e976213f37192c7726732edde0db41308864109eac451c170df5190ddff2c51c0c8f5a00a38", 0x5c, 0xfdc, 0x0, 0x3, r1}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x6, 0xfffffffffffffbff, r0, &(0x7f0000000640)="285613637991caf65d8e1a3fd14cdff9acca115088b22c3a158605bc930afc71ca5f7aa14a4ed6c121f985915086db09542608eb09e67cf0f20157d6158bc1d9799869c1b607df6f08437ed894a141e0ce4bb63dedd9b36b8aa7f055736d66e212fade", 0x63, 0xfffffffffffffffd, 0x0, 0x0, r1}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x3, 0x20c00000, r1, &(0x7f0000000700)="3d146611a66aed401061ed30f66c75bd507aafedc30eeb32addd75317f700f29d54a1a3c5346869e6871e98db33b06008deb8de1a2dcef2834b1696258ac8f91b676458b427d8d721f8fe9029e924697eca0d89228c4cac8b0bd5c6af5b6a9b211b8fe9fdb8e1c3c7ba9b4ce46aeddce5353802b9f97f787b5fbee7cd2a47f5d2b4c2ffd4327b2d7e3e42bd5b493f3333751198b66af43b20f65e76763efd5c2f4ba9c524b1439dbab006c539008105b17cc3e54", 0xb4, 0x4000, 0x0, 0x1, r1}]) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000140)="1bcf9903bfc4c1d0c81a9f1c25df7da9bbc782aa71678f76", &(0x7f0000000000)="eb925d4a0f29282a6401d491"}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000240)}, 0x20) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x100, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f0000000380)={0x1, &(0x7f00000001c0)=[{0x0}]}) ioctl$DRM_IOCTL_DMA(r3, 0xc0406429, &(0x7f00000004c0)={r4, 0x2, &(0x7f00000003c0)=[0x2aa7955, 0x2ac], &(0x7f0000000400)=[0x3, 0x9, 0x3, 0xff, 0x520], 0x10, 0x1, 0x9, &(0x7f0000000440)=[0x1], &(0x7f0000000480)=[0x1ff, 0x8000, 0x2, 0x8]}) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000002c0)={r0, &(0x7f0000000180)="05d24b3ab1ac607dbd56d39074ef2c85df614b209c655d71", &(0x7f0000000200)=""/159}, 0x18) ioctl$sock_bt(r0, 0x5411, &(0x7f0000000300)="4ab01d0f2ae9ecd8a6a4a54abda84cd2d6746de9ff724532fb8bda7962e3d068c8bef5f62c0116b94ccc559ad429c3780236b2e71907594c241e88e2fb0dd140fb8c86af70eae54dd375055ea5") 13:46:41 executing program 4: r0 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x100, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd}, @typed={0x8, 0x80, @uid=r0}, @generic]}, @typed={0xc, 0x66, @u64=0x400}, @typed={0x8, 0x15, @u32=0x4}]}, 0x100}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) [ 326.001257] syz-executor1 (10493) used greatest stack depth: 12504 bytes left [ 326.008592] syz-executor1 (10488) used greatest stack depth: 12408 bytes left 13:46:41 executing program 4: r0 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0xf8, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd}, @typed={0x8, 0x80, @uid=r0}, @generic]}, @typed={0xc, 0x66, @u64=0x400}]}, 0xf8}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) 13:46:41 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0xfffffffffffffff1) ioctl$EVIOCGKEY(0xffffffffffffffff, 0x80404518, &(0x7f0000000440)=""/210) mlock2(&(0x7f0000b18000/0x1000)=nil, 0x1000, 0x3) mremap(&(0x7f0000aba000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000972000/0x4000)=nil) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.threads\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_NUM(0xffffffffffffffff, 0x4008af10, &(0x7f0000000300)) madvise(&(0x7f0000a62000/0x1000)=nil, 0x1000, 0x10200000008) r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0xf8, 0x8100) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000100)={0x3, {{0x2, 0x4e20, @rand_addr=0x400}}}, 0x88) 13:46:41 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:41 executing program 2: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000200)) clone(0x2fdc98bf4c05bf2b, &(0x7f0000000100), &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000680)) r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x401, 0x410000) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f00000000c0)={{0x3800000000000, 0x7}, {0x7f, 0x1}, 0x6, 0x2, 0x1000000000}) 13:46:42 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x800000000004, 0x20011, r1, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x7d, &(0x7f0000000340)={0x0, @in={{0x2, 0x0, @rand_addr}}}, &(0x7f0000000000)=0x2c2) 13:46:42 executing program 0: mount$9p_xen(&(0x7f0000000880)='filter\x00', &(0x7f0000000e00)='./file0\x00', &(0x7f0000000e40)='9p\x00', 0x0, &(0x7f0000001080)=ANY=[@ANYBLOB='trans=xen,cache=loose,pcr=00000000000000000000,uid>', @ANYRESDEC=0x0, @ANYBLOB="1100"]) syz_mount_image$msdos(&(0x7f00000002c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141046, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r0, 0x10, &(0x7f0000000200)={&(0x7f0000000440)=""/152, 0x98}}, 0x10) write$FUSE_ENTRY(r1, &(0x7f0000000680)={0x90, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}}}, 0x90) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x7, 0x204000) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140)) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000005c0)=0x3) r3 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000240)) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000b80)={{{@in=@dev, @in=@rand_addr}}, {{@in=@loopback}, 0x0, @in=@loopback}}, &(0x7f0000000c80)=0xe8) getresgid(&(0x7f0000000cc0), &(0x7f0000000d00), &(0x7f0000000dc0)) accept4$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @rand_addr}, &(0x7f0000000180)=0x10, 0x80800) fstat(r1, &(0x7f00000008c0)) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000f00)={{{@in=@broadcast, @in6=@dev}}, {{@in=@rand_addr}, 0x0, @in=@multicast2}}, &(0x7f0000001000)=0xe8) getegid() stat(&(0x7f0000001040)='./bus\x00', &(0x7f0000002100)) stat(&(0x7f0000002180)='./file0\x00', &(0x7f00000021c0)) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002500)=[{&(0x7f0000000600)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f00000007c0)=[{&(0x7f00000008c0)}], 0x1, &(0x7f0000000800), 0x0, 0x80}], 0x1, 0x0) connect$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x2, 0x0, @link_local}, 0x10) sendfile(r1, r1, &(0x7f0000000040), 0x8080fffffffe) epoll_create(0x0) sendfile(r1, r1, &(0x7f0000000380), 0x1000000020000) 13:46:42 executing program 2: r0 = memfd_create(&(0x7f0000000140)="74727601746564764c7f786594743000b8479954b66937612a318d787589b957b2758f4903bdf098c94d7b607d3e97f632d8fb55b9cb67847fea52cedd313f98fb51de807c2c54828d4fca9b662cd83165df03327e5feca4a249b3dbb3038218c847854d3b5ff5fa4b7909a3850818b9493c0b46521bdf5d5d0fd60b", 0x8000004) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r0, 0x800442d3, &(0x7f0000000040)={0x1, 0xfffffffffffffff7, 0x8, @empty, 'bond0\x00'}) 13:46:42 executing program 3: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x400, 0x0) accept4(r0, &(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, &(0x7f00000001c0)=0x80, 0x80000) ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000000040)={0x2, 0x2000000}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000080)={'security\x00', 0x3, [{}, {}, {}]}, 0x58) listen(r1, 0x0) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000100)={0x2, 0x4, 0x7, 0x3f, 0x5, 0x4, 0xa1e, 0x3, 0x8, 0x9, 0x1}, 0xb) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x42dc7cd6, 0x20000004, &(0x7f0000000840)={0xa, 0x4e22}, 0x1c) setsockopt(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000100), 0x0) 13:46:42 executing program 4: r0 = getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0xec, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x8, 0x37, @ipv4=@broadcast}, @nested={0xd0, 0x19, [@typed={0x4, 0x26}, @generic="01ff880571dca691c9018e7d18ccfd0d85d7954aff7bff8a863094bb67765708c8c48fa39ae730ce71dc9b7e6b18eb662ca186bd995039610921552a315ea8784ce04d994ca007fb572ef36bae1d2cfe81fb1457241472c9431282ebacee254b76e7bae00f8d771cd4dc3d18f9042cc80c82ee2d11cdbe", @generic="453f8a6994c62b40a3ad807e2ea6f85a4e5ec8f19943eaf1460a934356d6de31d0e98a09b258850808eb05222280ca22bfe74058533cbf43e7db01d4916cf6", @typed={0x8, 0xf, @fd}, @typed={0x8, 0x80, @uid=r0}, @generic]}]}, 0xec}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) 13:46:42 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet6(0xa, 0x3, 0x80) ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d5c6070") ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000440)) syz_read_part_table(0xa3, 0x5, &(0x7f0000000340)=[{&(0x7f0000000040)="ac9c175e630cdee70fb11cc9eee28d996b2df258cc7b6c19350445ccf5541b035154d5afd7", 0x25, 0x100000000}, {&(0x7f0000000080)="0e9c50b0c3b357ab214a51d0fad248589f7426fa4c8c75b700b02225e16600c3f0624a9651284557af95bd3e307b1ca7cb2e62335eecf4ad53adb4f5b341d167a902b940d85b04f76516ac47489b6df9886fb85ed09b4d79886a7417f36a0600bce61aefc7180f1c053e8426e7406e45f81e47475a659b6a3ff8981ac34c38506ed22bb5b045a1464a7a517866f9a3a0a1768b139dbb8e709562de38ff5f8524da24c9fc5d59c35657b05be01c69d69ef428aca89de64a6698515dfdbba0c09d59b4ffd281a1b25c50b1072c0c8d7c", 0xcf, 0x5}, {&(0x7f0000000180)="5f222b4d56fc866ba2836b2fab88a66b846bf7e8cd8ca10ecb46b8a3252c066cf1353c232115744d10742db0a59335a3fa8d79b36755e53674ed258209b693d6ad3578934afc2e7f3ca446662e5e002e8971db5fb157ac604f019d9518064b8f3dac695500aa7f40dd0ad7c29ad7f1af66a39b17bba027611f46982873c96aada51f33b95c32e5b00c56863babbe5e5d87da5b2b476440281b70631593a9807e8e", 0xa1, 0x5}, {&(0x7f0000000240)="cf584896b08ddf", 0x7, 0x1}, {&(0x7f00000002c0)="e2740a95bb6489d567c1fea0e626086db4e2a2576ee72568e2f00f0f9b35f9d5c0b45b73a1acc9485a89a5f3539ad80db7ff4d0274a8bb9fdbd43864f2fe01a1afcb05a805bda3d494765c4eae9bc64107b88ee83a076b46733e6d9d76c5962dd961", 0x62, 0x200}]) close(r0) 13:46:42 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0xffffffffffffffff, r1, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:42 executing program 2: r0 = socket(0x2a9fbd2ed29d30ed, 0x2, 0x1) fcntl$setstatus(r0, 0x4, 0x6000) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x4082) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000100)={0x2, "7665746831000000000000001100", 0x4}, 0x18) r2 = memfd_create(&(0x7f0000002b00)='/dev/loop#\x00', 0x0) ioctl$RTC_EPOCH_READ(r2, 0x8008700d, &(0x7f0000002780)) pwritev(r2, &(0x7f0000000340)=[{&(0x7f0000000040)='\'', 0x1}], 0x1, 0x81806) getsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f00000029c0), &(0x7f0000002a00)=0x2) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000028c0)) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f00000002c0)={0x62, @local, 0x4e23, 0x2, 'fo\x00', 0x1, 0x6, 0x4b}, 0x2c) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r2, 0x4c01) gettid() r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$HDIO_GETGEO(r2, 0x301, &(0x7f0000002980)) read(r3, &(0x7f0000000040)=""/92, 0x5c) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f0000002a40), &(0x7f0000002a80)=0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) close(r1) socket$inet_sctp(0x2, 0x5, 0x84) ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f00000001c0)={0x7, 0x1, 0x4, 0x3, 0x1000, 0x8}) 13:46:42 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x1110c0, 0x0) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000200)={{0x88, @rand_addr=0x9, 0x4e21, 0x3, 'lc\x00', 0x2, 0x7639, 0x17}, {@broadcast, 0x4e21, 0x2001, 0x8, 0x1, 0x5}}, 0x44) accept(0xffffffffffffffff, &(0x7f0000000040)=@hci, &(0x7f00000000c0)=0x80) syz_genetlink_get_family_id$fou(&(0x7f0000000140)='fou\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x0, 0x0) write$P9_RXATTRCREATE(r0, &(0x7f0000000340)={0x7, 0x21, 0x2}, 0x7) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000180)=0x1000, 0x4) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000100)="bf9aaa48747efa01960d87472aad3c96016216f882", 0x15}], 0x1, &(0x7f00000000c0)}, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f00000003c0)={0x0, 0x353ed4cd, 0x100000001, &(0x7f0000000380)=0x10}) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) connect$bt_sco(r0, &(0x7f0000000300)={0x1f, {0x1d, 0x5, 0x6, 0x6, 0x3, 0x7fff}}, 0x8) 13:46:42 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x8, 0x37, @ipv4=@broadcast}]}, 0x1c}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:42 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:42 executing program 1: fchmodat(0xffffffffffffffff, &(0x7f0000000b40)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x2, 0x200, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$NBD_SET_TIMEOUT(0xffffffffffffffff, 0xab09, 0xfffffffe) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000800)={0x0, 0x800}, &(0x7f0000000840)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000880)=@assoc_value={r0}, 0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000800)=ANY=[], &(0x7f0000000300)) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffff9c, 0x50, &(0x7f0000000540)}, 0x10) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000200)={0x0, 0x1, 0x6, @local}, 0x10) mount(&(0x7f0000000240)=ANY=[], &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='nfs\x00', 0x0, &(0x7f0000000000)) socket$inet_sctp(0x2, 0x5, 0x84) r1 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x4, 0x980) ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000280)={0x6, 0x0, [{}, {}, {}, {}, {}, {}]}) r2 = syz_open_dev$dspn(&(0x7f0000000380)='/dev/dsp#\x00', 0xffffffffffffff81, 0x90941) write$P9_RLOCK(r2, &(0x7f00000003c0)={0x8, 0x35, 0x0, 0x3}, 0x8) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) getpid() 13:46:42 executing program 2: socket$l2tp(0x18, 0x1, 0x1) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000000)=0x7c, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000080)=0x1, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x0, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) shutdown(r0, 0x1) 13:46:43 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x40) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:43 executing program 3: r0 = inotify_init1(0x0) r1 = dup2(r0, r0) ioctl$TCFLSH(r1, 0x540b, 0x8) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) ptrace$setopts(0x4206, r2, 0x0, 0x0) rt_sigqueueinfo(r2, 0x12, &(0x7f0000000080)={0x0, 0x0, 0xfffffffffffffff9}) ptrace$setopts(0x4200, r2, 0x0, 0x0) 13:46:43 executing program 2: link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000080)=0x80000001, &(0x7f00000000c0)=0x2) r1 = open(&(0x7f0000000100)='./file1\x00', 0x551b83, 0x8a831eee8c7fc057) sendto$inet6(r0, &(0x7f0000000140)="9c8306a10267ab83ab1058017b57a13551370fb24d5662116ccb550eca401cf093878ca27d99", 0x26, 0x800, &(0x7f0000000180)={0xa, 0x4e24, 0x40, @remote, 0x3ff}, 0x1c) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f00000001c0)={0x1, 0x1}, 0x8) ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f0000000200)) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/attr/exec\x00', 0x2, 0x0) exit(0x8) ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000280)="3b2738a39cdf6bdefe7721c88885523044358493d3ed322dd565f6b5f60b09d425243fb91aa4e9fb6160dade62d88b19978a5d760220bfe0e639bba051e38621cc086bc10f1a85ff38c8ffb759b1868da3ece712c4a14228a4b726d6b3b7b6a89cd0058d1dd9d9d6a83c2c443c03d235c6cc2c9fb985e1381790bb71cf89a02e2b5a07d701432848d24923250632878c2587017e401941b2ee8a45102a02348efe7eb043eee1725052a717aa3709e7798c67b704abde2d1a46d498d8c81253ea5ff1508258e3f595bd6392f609bcc12a4d1444c5ff7141af6e9180d5f0b280584402afb32f470cc828c65daaadf69d020b9dfb31e300647e0ab4f41e453f35b1") write$P9_ROPEN(r1, &(0x7f0000000380)={0x18, 0x71, 0x2, {{0x80, 0x0, 0x5}, 0xff}}, 0x18) ioctl$NBD_SET_BLKSIZE(r0, 0xab01, 0x6) chdir(&(0x7f00000003c0)='./file1\x00') r3 = getuid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000400)={0x0, 0x0, 0x0}, &(0x7f0000000440)=0xc) write$FUSE_ATTR(r1, &(0x7f0000000480)={0x78, 0x0, 0x5, {0x2, 0x2, 0x0, {0x0, 0x8000, 0x400, 0xc4e3297, 0x20, 0x0, 0x6, 0x8000, 0x8, 0x7a43, 0xfff, r3, r4, 0x80000001, 0x2}}}, 0x78) clock_nanosleep(0x6, 0x1, &(0x7f0000000500)={0x77359400}, &(0x7f0000000540)) setsockopt$packet_int(r1, 0x107, 0x12, &(0x7f0000000580)=0x3, 0x4) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000005c0)) readv(r0, &(0x7f0000000b00)=[{&(0x7f0000000600)=""/143, 0x8f}, {&(0x7f00000006c0)=""/159, 0x9f}, {&(0x7f0000000780)=""/65, 0x41}, {&(0x7f0000000800)=""/163, 0xa3}, {&(0x7f00000008c0)=""/147, 0x93}, {&(0x7f0000000980)=""/109, 0x6d}, {&(0x7f0000000a00)=""/46, 0x2e}, {&(0x7f0000000a40)=""/18, 0x12}, {&(0x7f0000000a80)=""/72, 0x48}], 0x9) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000c00)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000bc0)={0xffffffffffffffff}, 0x106, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000c40)={0x4, 0x8, 0xfa00, {r5, 0x8}}, 0x10) ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000000c80)={0x2, 0x0, [{0x40000000, 0x8, 0x3, 0x20, 0x6000000000000000, 0xff, 0x1}, {0xd, 0x3, 0x4, 0x8804, 0xfffffffffffffff7, 0x200, 0x80000000}]}) write$FUSE_BMAP(r2, &(0x7f0000000d00)={0x18, 0x0, 0x4}, 0x18) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000d40)=0x1, 0x4) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, 0x3010, r0, 0xc) getsockname$packet(r0, &(0x7f0000000d80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000dc0)=0x14) connect$packet(r0, &(0x7f0000000e00)={0x11, 0xfe, r6, 0x1, 0xffff, 0x6, @broadcast}, 0x14) sendmsg$xdp(r1, &(0x7f0000000f00)={&(0x7f0000000e40)={0x2c, 0x1, r6, 0x18}, 0x10, &(0x7f0000000ec0)=[{&(0x7f0000000e80)="9b7180a7696f77e1fb51731d1da4a86e8297d6bbc3a5042336fcf569aeeb1795f9a7dfc20cf4befccfbe200572ea7e53ba1c692521b38b2c4eaebec312de81c8", 0x40}], 0x1, 0x0, 0x0, 0x1}, 0x4000000) getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000f40)=0x2, &(0x7f0000000f80)=0x1) 13:46:43 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:43 executing program 0: r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000340)=0xfffffffffffffb9b) clone(0x102502001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000300), 0xffffffffffffffff) setrlimit(0x7, &(0x7f0000000000)) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x400000, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000080)=""/226) write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0x0, 0x4, {0x7, 0x1b, 0x2, 0x12, 0xffffffffffff482a, 0x38000, 0x9, 0x8}}, 0x50) r2 = gettid() sched_setscheduler(r2, 0x0, &(0x7f0000000240)=0x80) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000200)) timerfd_create(0x0, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f00000040c0), 0x1000) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000280)={0x50, 0x0, 0x1}, 0x50) 13:46:43 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x3, 0x4, 0x4, 0x1, 0x0, 0x1}, 0xe) clone(0x800000, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000000)) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000240)=0x5b4a) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000040)=""/156, 0x9c}], 0x1) r2 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x5, 0x0) ioctl$TUNGETIFF(r2, 0x800454d2, &(0x7f0000000200)) ioctl$TIOCSLCKTRMIOS(r2, 0x5457, &(0x7f00000001c0)) 13:46:43 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:43 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:43 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000590fa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00001ec000)="0a0775b0d5e383e5b3b60ced5c54dbb7", 0x10) r1 = accept$alg(r0, 0x0, 0x0) io_setup(0x1, &(0x7f0000479000)=0x0) ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0x81) io_submit(r2, 0x1, &(0x7f0000738000)=[&(0x7f0000f73fc0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f000079a000)="16", 0x1}]) 13:46:43 executing program 0: syz_open_dev$evdev(&(0x7f0000072fee)='/dev/input/event#\x00', 0x0, 0x2) socket$inet6(0xa, 0x1000000000002, 0x0) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000740), &(0x7f0000000780)=0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() pkey_mprotect(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0xd, 0xffffffffffffffff) mremap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x3ff, 0x2002) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs={0x1, 0x0, 0x4e21}, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x3}, 0xa0) fcntl$setown(r2, 0x8, r1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz0\x00', 0x1ff) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x2, 0x1f}, &(0x7f00000000c0)=0xc) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000480)='./cgroup.cpu/syz1\x00', 0x1ff) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000003c0), 0x4) ioctl$RTC_PIE_ON(r2, 0x7005) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000540)='/dev/loop-control\x00', 0x101000, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000180), 0xffffffffffffffff) keyctl$set_reqkey_keyring(0xe, 0x2) request_key(&(0x7f0000000340)='blacklist\x00', &(0x7f0000000380), &(0x7f0000000700)="6b6579f2696e6700", 0xfffffffffffffffd) request_key(&(0x7f0000000100)='user\x00', &(0x7f00000006c0), &(0x7f00000001c0)="d13ff3d776", 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) getresuid(&(0x7f0000000440), &(0x7f0000000600), &(0x7f0000000640)) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000240)={0x1, {{0x2, 0x4e24, @rand_addr=0xff0000000}}}, 0x88) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) r4 = mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8010, r0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000000)={0x1, 0x7fff, 0x6, 0x1}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r2, 0xc018620b, &(0x7f0000000140)={r4}) eventfd2(0x0, 0x0) 13:46:43 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x0, &(0x7f0000000240)) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000080)={@loopback, @dev, 0x0}, &(0x7f0000000180)=0xc) setsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000340)="7bd251d129a984dfd29a5149d24cf5f441110d7f50db9807acefa5681ebcba9a452ecea426cb29147dcd98eca84928792095dcf02e739f7f6903bd43a508b20f8d00d64a3bd53005a3afa6e06d2c78c94387699fd170be4f19dbdabb7c20dfebdb07121d18ae4585dfd59219a1c1f7afb7de4fc324bb85e193b45e0c412968c885fafad40d0170e9da8de21551c74608abf16e137fdfb94848e6d0631771e499ec921e12921874bd80d82f3ef5440370679d0ff3190b12e1f29b", 0xba) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f00000001c0)={@dev={0xfe, 0x80, [], 0x21}, @mcast2, @remote, 0x50, 0x401, 0xffff, 0x100, 0x6, 0x40000, r3}) setsockopt$inet_buf(r0, 0x0, 0x19, &(0x7f00000000c0)="18000000020001000000be8c4bff8c88580000110203000008000000000000400a0033d898056bf748bb6a8807567e59db01f81947b3550400000067a1e20059fc21e3e000000000000453ff1f00080000000000038ebbff06281c2a6be33e7a0fd9b0c30100000b01000000b121ad1474d722f542002700ec008b000800c500000100e9f57406aa010b000400264a64d2078a1864c84310abea04aa56da2d55aee65d7299865d1294333e162eda00b776b553502e0a7c731dc4e94a1ee130b2", 0xc0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000280)={0x1, {{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x11}}}}, 0x88) 13:46:43 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:43 executing program 3: r0 = socket$nl_xfrm(0xa, 0x3, 0x87) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000080)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000200)) write$cgroup_int(r2, &(0x7f0000000040)=0xfffffffffffffffe, 0x12) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)) r4 = accept(0xffffffffffffffff, &(0x7f0000000040)=@alg, &(0x7f00000000c0)=0x80) setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000180)=@req3={0x0, 0x7, 0x1, 0x4, 0x0, 0x9}, 0x1c) r5 = semget$private(0x0, 0x2, 0x5) semctl$GETZCNT(r5, 0x4, 0xf, &(0x7f0000000100)=""/18) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x40}, 0xffffffffffffff37) write$binfmt_elf32(r1, &(0x7f0000000240)={{0x7f, 0x45, 0x4c, 0x46, 0x9, 0x2, 0x2, 0x200, 0x81, 0x3, 0x3f, 0x0, 0x304, 0x38, 0x2b0, 0x30000000000000, 0x7, 0x20, 0x1, 0x0, 0xbfb, 0x7}, [{0x7, 0x8, 0x7, 0x7, 0x9, 0x0, 0x6, 0x7}, {0x4, 0x3, 0x80, 0xffff, 0x3, 0x3, 0x7, 0x9}], "1d8de27c15049f0972eb2519ba0897aeb02274fe6b333f938d6caa24c3a10c1ab10289797391c67d31d61d4ed93cb688b2025c87465ebbe253499f5bb15f0993eaf1fc1987b405daad02925a8e0915df66d69b7a99c8df8f3178d1a88173f192fed54e309e73c2015d9f6f7c74c29b6de4b7cf6ba5b45a3b71ede3d414b5cc8232b8da2cef378932940eb6d7a574fef95bd48760ae1d4e75a1f7dd63c1bc4e2f80d8750de06f7179e322c5914f24438251bd05fcc074b7a1bcfd0e5e184426fbad5e63590c06611d9d519fe84aad04af28e5e45a7bcf36aa8b1b010bd8b01cc360b774fac5ca788a8a7b264a8a", [[], [], [], []]}, 0x565) 13:46:43 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:43 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x5, 0x10000) pwritev(r0, &(0x7f0000000440)=[{&(0x7f0000000140)="71bee2c204ea99e8b5beb816442d4a0448a6d743728d26f0abada90ae0ef3dd93b04bf38887437ae8bcb554137917144", 0x30}, {&(0x7f0000000180)="9a842799c031341da4cb6f52413e72c09a0c480b18bc18407357a2f377ec1d2ea8f0c4b03cabc11eb27cf59e83adeacf9cb74f36d6cdcaf42a18189308c50c99a3bc945beee2f13df440a27e20bd5ee20000ddd4b874bdc8ac5c311cc68f6c673d3022bd6feb7b79f152ad41ab02535044138ec438875f061e97ae696a9eb6dd5377a7522128d67093348554f4d6bb8c51bfc8626d0ba2c122af85822095505c6f36877160cfa7e208d9475f5667edd54fc1ee23b799443c73f1e0349e829e3aab1cc9375e226db9176a76a82965774fc514effa1f882643", 0xd8}, {&(0x7f0000000300)="ec4a1fba616c8410f5b29899cd6b8eb753f6c5d1969891eb1a05489eaa4bb7b504233e33fa001002960f8e79c15f531429c54aadc552932bbdbcbd5fd564956bc8886f99323def803ff2c2f6c8b1f099dacb55699d8221ccb3e4d7dbbb2c36c69fa2b704042cd1ab114bdc17c9d642b7859444c8c2b73317224d3b983c12f13bbdec0353d9b9443a69a8487befb8c72e68b9581932c346758a6d93dd", 0x9c}, {&(0x7f00000005c0)="46bb39f41dcf950e81e294d7b7b38c860caced2bee19b6f3e1a02428d8a1d8dc893bf470610a7e801490f51d9e6fe5e9b7d34b50d06f9d0aa80819c93f1ec4032aba7c730c9544d258c4df7a3e4960a9edd69e4c6db6d0a4c3a8f96b172bb5e72896ad9c50f5a28031581f403bb26f67995baf5dfd3c2960c9856878a494e35c360c193281ad2f59c9e209d1b3d9a0ded012e8729c9f81786dcd40fdba257b81154417e09be481d9dc61b2ed9f1ef7928b9b3946515c37288869f4b07b0c0dde3a9d23712cac101048bc5f9181e59c1c739fdba6773d8ca009599c1731590167b3fb618b1c6346dfcdd85381583d0781447dfb5fc4eee501505225c188ef475bbaa554d787c22288f6b1362eb28fcdfd51ca6823c3b987e54458b05ecce1cba5191471fac491d54a4fcf831665cce17b5baaf95353610a5c55cd05b3e64bcc16067e62b7b80da0bfc818f3954331717145d6bdcfc350a9d296904c3e805de10f135874542ac12d77f7e5d0d0dbaa5f3b3b1c6d6928a1b56ae39f63c1025e62f5e9b9f100b96d72b1d22a55105bac6e2abc8c740607d06f1d7c807c4e0e26ca81126e9586ac48bc4aafcbefadb7d28ff1293faa8e2f61f970d3fcead930b809947fd6bbf4a7bee1481d3b018e7de79bc4323162f408c53dfb2a4d05fd3bcc9d512196dd0fa1784e8f3618e816d991ac159178460e516ff6719c8a95b257bcd27349cded959202de664142151c8939dfe03686fbbd7409e3ef3bda8812eadec6939cf4826d27f08a32f69034c727a223832aae593abc7cc5ed6c9c0b1b5278be1c3848ad4c2c0ca645c5fd1581a29f12fa7ebfd67ce97c53154935abd1e54ae4b82c7ecbda9f595e2bb42a6803f10ce3edbb0183626ee0b50e181c0ea971b487e9762f8dce73a621cafbd9bc0231e7481ac8350ac16f57771bbaecf4952f20b099e438ff809c4ba3c8e25bfabb976fd0b857b1bb023d7ded80f2a93607d86db9b888d7dbfa84d2e12ac9f33c268ca01fa2f02f33b930d11eabcd85b3a5236043d1d14c63e4a2381e06de331fb8d7dcab6d6409097aae22f0bb5c7616a33c5512c15aa858e2f3d249d3d34f7735d14e4f5e0e82133ef2c92a67cf35f3912896181a7d59f8286a84192cac9a6c0af886fa3a32789afaaab490938c92a86621290ad67f8c39759d035b93c6c01d63595af9029a34a7723b120df698ebbe9e71e9facda0d2965d3f0c044ac680645d61b347368294a18f94273ea384658834e4bdb2fc022cfb48f4442b04de9c327376522fe3937082e02f7e037697018ca34dfdfd4e992becc3ce10163f33ae8137c6a091f56fa108c3d0461e39592e9a7a18787ee411cc05e5c46bf4e465c37912b137a8f5d5f640039c3a3dc4c92cb43f84ef96095be12fed26a383f1d523960f51918b005d45526bb511559b865a812edfa15dbedbf990b6c26b6d9f874c24cd75cc473c0105368843ec421dcfbd28a8eddae3ce34c977bbfcd41147a2d0c47078c35b4b4be04e00eda780447ab198a7d795d81cd110873b72f843c7ac75a881f7cd3f9b4ec69a8be59474f81d5b7275202bcd43cf87c9397419784e38ae0748d851c930539b900b6723fc40254f924e3c2746e42a0502c97f1f5a3434b92cb0d70741dcab5b67b7c5ba3197a0e9b885ec346f682b41bcafedd5c3c974ad822e425ff77b0e6fa8d63f22256075df7f6682aa58be733b7ca81c2f72d263c1318b87fb6539e5952f73c5797a0d01736deac739211f2463c4b4aabd04399d862ee626cc095e3e66a29f449dbe3eddcab8c52f022a6f385cc5efb758d937f68115199db05ab56f97fccd33afeb5f48be53fc3a2f84d013dc00bb5b24170b100ce3b5490d7cd3fd6782a78d1b7fdfcd5676e7d1bc942d97afc5f0380cae5e78996a6f8482023c25da8b365e62b4a03ec218e4d70a8f9943a7a88e5d2e674847949044c46f8adbc6e3c6bc039e8048842b4030def06b47894bc4fa8f814fa8db91598ad43762785dc4ffac7e10b3e6c6dc1f4dd9e1ddc068e5d105ba204ef757be4d11dfe636099cd3b3f8c1facc5cb4324bf4183c2d984ea4cde7e3446cebe0d93ce01acae0db5315ca11cf5bd2f637ecf615493af86866e0dd24b8f07e58a933e7e33cf71cb48fa744f432ad349c3a2a2a7ce4241aa28a2b2971af5bddf2ec5e027e65c1f79a11411f9636d591326691fb2d911c956b81757cc13828945123c1d10534e2245ac653e09cf598e9e138c54b67a4df17d8b42c54a84a110d55036365c8795cbcf173ea1a7a028ea835b8fac84a11e241de36b6914ea2cb013cec62908eb01e46909e7a30eb7ba04b3705703d7e1ea73ebea53d9fc39015e52219499cb9f33a3cb728d84cb2a210c6c95a7339301fad533389e40071a5c1d8605b6f5e161b197d2c870370b7992f186b53ca336e3dad290691660c27113a49040abc7a2345e26d8033deb0350bdf84923a7327790860ae0ae055de4a31298f06af649dcd1d8a16a3c3ce98a2dee9881e4261b9d317ac5f48f54c5631caf676a849bd596cdcdb9f281233026993d4bb52d16bc58429be7f6ad68ee93cc5a9a8f5f4971d8329f7567a00b0e8423bb23595c590ac983e550149bd8b078a5af9d1876767ab7233ae3e553e57cc9946094fea1fbb2895caa3ccf54e39dad1d3dcc69fb6ce1366fb6b97b0753284c4fe8d2b4afa405fcabe35ee596d9e358b1092ab5c43e825868c9a7a3c2628e42dde0ff4b3788f306e758767d366edc985be506e3e63c5e2beb322ea790e141b5fd45a62162274543521aab2c1d42f92cde501786000e40ef7ddc788efe9572310c69282ce304aec5914b029f6ccf7d840b75a88602394fdfcb06ad90ccfe0025d5ae51056e3cfb277affb4b7f8895d353c32ce1e0dc907398b94db6fc1ba844182b96522bdb95b171a90974edcde01ae5adffc09c2c0e4cdf4e0a99d380a09fb897989fe0e2eaad66bd225fbd5bded4a033b90bdfc9ac74e98f5b0990f1017f3a388f950bb191e38f964e51c88168c87bf424fc3b48213a8e56c13ede366dcf10a7650f2c30b2fca48290d71825f1f4bdec92df4f0ccc4593ade38fb5ad4e3b2b23fa73e4218f50c965a3722f697bd12f3eeb65f816de57aacb3279dbbd8068cb14668627382b0ff3a0f400202f9f62bd2bd5964e79b2030454673b513c041b0d6d31387dd03d632d9e1c862e2c891ab325acb59b17cc04e094506752cf18a97a507d23e2d35dc51da9049e62f0d051a71f32456cc641e5ce902d28d283f84c6c83dc9835ab0ffeb045e354476328d05652759b5de856b8f653168aa7cc7d1625c43292fa105387543ffd157a285fead1e2269f4f4580b8cbf1d4c5238bf481b38abcd74e4183808b95efa3fedc48324a30af37dfc80bfebf6b357764fb83d15b4fb076cda70ea6644cd62c146c1faa95b94f5b03c44d36269cd90bd7c90e342f702228a4e0b86484e8af2c4c40b5d99524f582db4bcc018478a3f9b187351418398dd684b33e73224e9728c71497523ba7da053df64b920b5f37a57553b464604b5620918fd87dc13a42c1a9f0718f2b9f198e7c65f6c3efc71958ac5711b6f9c31a5f2e2b483b7967fc23cd3f989e68cbbfbb87a7b61b7840937dac770c2f2602814967e01a76077943eefc0215c6326efb3d981aba07dc77ced23d9e863896e8d543cba8d5b0cca77d0d569fa4bdcd804c92b58f0e5038bf1909e55b2bbc45b6f27d821ef8f768c73c544eb85e4745e06c9cb3dfb41c3ad94cecbea721605ee183db13747a7ca7c9df23444416697e5b104da3dcf4edf46fe6a9adb50cd8412e592f3dee72b4f448fb9666b69eaf67e87b01f25054a1f4dff2401e4dc0ef1124ba00336d2f5c97d2c96c7a194fb0093c35c91ea6eecdcae48c765e35e3a8f9a1b60736eff2f0149b3650ca67477151f32aa62c5ed46c2ba4c9f86ef72b9cb32613fdaf0cb6bf29933a49c1272840f4e52812750c82f206ace1d7e14ea863b2cf52e6f4b2b7aabc6d40b4ad4cd9c95afb99d0c21ae31fcb6eb5942a001d223364a7780dd67de7a5f9fefdffc7b9395d439e715a98acb5441d0ed0dc6f491f0e4aa42f6513542bfa3c5d7bfab5add2db77fb5e43c404c68895ef0fd74705cbcb2278a248c3dd64611d2d934fe77777b3d37ce1c3692d70d0be5387efc25a3c2eb0ed0b5df664482df28461d20ca0ddba68cda975bea63ea5c80d1f225a38523a23bfca4375d1df37e482f11d66800a20c15c9ac93e6ceec8cd4a2d68feeaab00b9b202712d4c5319a010a1e27edf796248fcbacc8326188ceea60e1ad99b76e1731bce86e5c25854dbd1153824d1c0c1a8a8ef497c0d3a38cd8cebd0f63c407a82bbadc6b480a4409ed5a8eb78a1e30b8cd58fdd4044c209f312b60761b03a14b11c2b5f9b98a4590e305e849c9049c24df223de039a6dafbf51aa54117db2fd78a2cc9ca2d4261d4040dc10740eb2eacd052bd71c2fcd6c8dba09f206e5d3d55cc0633f5d3a0b3fcb83eb11ed0d373ac75f11bc03cabadc30f06b32d51f0e6088174889981af9174ecbaa27948027bc7b43a39a6b479c0846fb69bcfdc8e593ade550c76db50e05e21d5cd881a27d32a6c073a9f7910bb983d041983ec7deeca49c700e43bb13b8a7f18e727f686806100656de651a41c2004abd56ee5720a7bc783aa83f371a6088840dc5b988035e5d750e1fdb86b738471bef63f813e2e57ca9dc5c78d8a50d013a07051fa7457caf4cda54b4814a88cd1433ddcf219a85c2940b7fcf30595e3f44dc1e4ed2012d3e5849893307c44922069f56af39436fd54ba12f95c3c300e90913d27d527198268a18d91f95dbd3fe18212bb8d8c0823cb4f9de8fc6eb3aac416756ccd040cf6e2d837d237c067af560adec2e10419be1406de739ea70b3da2eef32ec0f7d51fefa71e1364d5e16261ea71a71b38e7261aaa9b7ee9741d965c2f61f69d0a35c8e0c2914cc333ea4f4f1f5a3dd4c6e9fab490936875bf328e617202910b57ab269855fd93bb48cd10c2fe151ccbc9619f41b644c43ae483347611dcaf6cc12887565eef84f7edce36ea7a768fd0bc2271e27b884f0babd9cbb383855e30334a44216721bc867a172572fa306efcaa7fe2fb1be07a0089beb996ef7b2bd4884e3817d618fa5e7bd48044e5eb5bac5b475490dde2e4b8c5c9f1a383ec32770faeb17c5941e3dcffc918cd5d9090ebeccf453d350cc59c4d579a8a7039acc9ce44d57cc91392251cfdf4c6349c80607e4f2eb998c1e16c8d614aa53e44a7c77d28e8d041f7182a79a3004858200af9e0df5f3ca9614b55c6b9f57032e1c28239e5c778c81c5e6bb03cf936fb4fc043da6001df14b864fd7730a27e003e2b0148635febd050c01413824195249f6481e1503c9b10ff8f335ccda9db65675d1f478115c97b6d094dfb68e2eb11e1b92db5fbf6ec62c5bae5e83bf00ca80280a7a3d69e791d1b016fb73406dfdd1761dc2f0d840b224b6d6dc204864e5a1226e58d1b80585902322e2ca9b3657c5e509ddef405cbb26a0c6bf4845cd1213173ebd2412eb582cbab403c4a3ba099c37d70a567794f4220df7e2dcfdcb94dbf9b1543b7b402e27054ea44da38edc84d2bc6721a7e1634b616a7cb00f232982989b0835234a3422c025da11f81a49aa9483bfe7a8d92f34b43546a7843917580052213633800ba3b6aa902f69b7792fe7f5e9a5db11716a118bd1f6b010fbc581cc450c142da06f6f035552686ad5cc31f2f1b067756ba53ff771f41252098435", 0x1000}, {&(0x7f00000003c0)="13fd3b934545524cf3f945d1c7296066d9bc054ea567d5b91b5024d088ec3538eecb97daf88fec0278b0f56d5d74791ae9b2f1c8580c09245a578d26e12c9774595da08b606b63ae2c7845376ede0472c5d46ad2d3d26a1511fd5321bcb21c6665a54ab3761ea3a2b6ed747a102300e5", 0x70}], 0x5, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) fremovexattr(r1, &(0x7f0000000000)=@random={'system.', '\x00'}) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f00000000c0)=0x10d060000) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x11, r1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = creat(&(0x7f0000000580)='./bus\x00', 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x2f2, 0xfa00, {0x0, &(0x7f0000000280), 0xfffffffffffffffd, 0xf00}}, 0xfffffffffffffcd4) 13:46:43 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:43 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0x0, 0x8001, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @local}, 0x1c) r1 = dup2(r0, r0) write$FUSE_IOCTL(r1, &(0x7f0000000040)={0x20, 0x800, 0x7, {0xfffffffffffffffc, 0x0, 0x0, 0x400001}}, 0x20) 13:46:44 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:44 executing program 3: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x0, 0x0) openat$md(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0\x00', 0x80001, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0xd, 0x2, 0x7}) fstat(r0, &(0x7f00000002c0)) openat$random(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom\x00', 0x400000, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r2, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) write$apparmor_current(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="7319db29dd93bbabb87469636b200052dcd1c15f30f84021a4eca700000100f04db386080000003df82999860100006f5903b2094e94e806b026a0581ca6800a9a24a38cc442382fa0d32be235e14c"], 0x7) [ 328.356940] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 13:46:44 executing program 3: socketpair(0x1e, 0x5, 0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f0000000140)=""/220) prctl$setmm(0x23, 0x1, &(0x7f0000ffd000/0x3000)=nil) 13:46:44 executing program 1: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000000c0)) capset(&(0x7f0000000080)={0x19980330}, 0xfffffffffffffffd) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) socket$inet(0x2, 0x80000, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x48a440, 0x0) getresgid(&(0x7f0000001b40), &(0x7f0000001b80), &(0x7f0000001bc0)) pipe(&(0x7f0000001c00)={0xffffffffffffffff}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000003040)={{{@in6=@loopback, @in6}}, {{@in6=@loopback}, 0x0, @in6=@local}}, &(0x7f0000003140)=0xe8) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x5, &(0x7f0000000000)=[{0x2, 0x7, 0x5, 0x20}, {0x7, 0x7, 0x4}, {0x1000, 0x4, 0x7, 0x9beb}, {0xa10, 0x10000, 0x5d, 0x3}, {0x5c, 0x6}]}, 0x10) getuid() getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000005680), &(0x7f00000056c0)=0xc) stat(&(0x7f0000005740)='./file0\x00', &(0x7f0000005780)) open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) rt_sigprocmask(0x0, &(0x7f0000032ff8), 0x0, 0x8) preadv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/246, 0xf6}], 0x1, 0x0) write$P9_RCREATE(r2, &(0x7f0000000180)={0x18, 0x73, 0x1, {{0xc1, 0x2, 0x3}, 0xe76f}}, 0x18) getgroups(0x2, &(0x7f0000005800)=[0xee00, 0xffffffffffffffff]) accept$unix(0xffffffffffffffff, &(0x7f0000005d00), &(0x7f0000005d80)=0x6e) socket$inet_tcp(0x2, 0x1, 0x0) 13:46:44 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:44 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x10, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:44 executing program 0: syz_open_dev$evdev(&(0x7f0000072fee)='/dev/input/event#\x00', 0x0, 0x2) socket$inet6(0xa, 0x1000000000002, 0x0) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000740), &(0x7f0000000780)=0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() pkey_mprotect(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0xd, 0xffffffffffffffff) mremap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x3ff, 0x2002) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs={0x1, 0x0, 0x4e21}, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x3}, 0xa0) fcntl$setown(r2, 0x8, r1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz0\x00', 0x1ff) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x2, 0x1f}, &(0x7f00000000c0)=0xc) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000480)='./cgroup.cpu/syz1\x00', 0x1ff) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000003c0), 0x4) ioctl$RTC_PIE_ON(r2, 0x7005) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000540)='/dev/loop-control\x00', 0x101000, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000180), 0xffffffffffffffff) keyctl$set_reqkey_keyring(0xe, 0x2) request_key(&(0x7f0000000340)='blacklist\x00', &(0x7f0000000380), &(0x7f0000000700)="6b6579f2696e6700", 0xfffffffffffffffd) request_key(&(0x7f0000000100)='user\x00', &(0x7f00000006c0), &(0x7f00000001c0)="d13ff3d776", 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) getresuid(&(0x7f0000000440), &(0x7f0000000600), &(0x7f0000000640)) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000240)={0x1, {{0x2, 0x4e24, @rand_addr=0xff0000000}}}, 0x88) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) r4 = mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8010, r0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000000)={0x1, 0x7fff, 0x6, 0x1}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r2, 0xc018620b, &(0x7f0000000140)={r4}) eventfd2(0x0, 0x0) 13:46:44 executing program 3: socketpair(0x1f, 0xb, 0x5, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, {0x40, 0xfffffffffffffff7, 0x5, 0x6, 0x1f11, 0x1}, 0x35a, 0xffffffff}, 0xe) syz_read_part_table(0x0, 0x1, &(0x7f00000002c0)=[{&(0x7f0000000500)="cf2263e321617e31b93aa34f08faad2829e173c5d2e7697dd6bcad96c1c71e16f6a334acade9c6c6690900760018a2ecde2c8b61a8a440c5e706fb97becf725ffca3d6a6c9330eef06db9091d92a91bfc856ac29345aeedcffcfa2846a1e0bdd75c31b7de5f9064c428255809016535fc1418a1a7df24931029a591a7eed93272ff6250859e0e077500b47888c057179cec09221610b7c737d582d5f304923fcb7b7da72ae749246afc2ca7cba4dd0beb7b192c4e21a7fd60f01b6db21af7bb51c0f8d6c92aee28957ee3d227ba0bf7f3132810b8c56b3eb94daa7a393c209fb03a7cdfc2fad2f1466b5fc6328d43d6c95e9666e437b960adedeff379b8e3e3df85f9290237e7666d0486a9fadd3763d771588349a482ed04c6c069f04698a4b2c0fd4adff162244d446453b3f1de8c9a5960d100bc69b1b0dfbdbcaf1ebd78798b46d4b7be91cb12f3d1a4e6b1517e06d25ee80985574815ec86c7623510b9e6c5f8c0a30a14fb83199521cc0dd84a06e5bfd428556626555b0a1dd03078b8af52b7963ccc21f2b7e3df095d1d8895898d962f3861651cc1e503de64719b27561f371008401ee5ecdd73cd26165e9c4bc0055f9b3bde5670979f3409569956fa715ed19a1ac3f37ff2be31f14d579ed97cc9a437e37bef0a53bb83f11da42d28b1fe7052da346a6e882ec9ef95973c597e25e7f9ae984fcd5e55d59303034bef5136939dc24b8b61c4e8b9cdbcc765a6a64c629b68ff10bb3fa35dd473e9bdada1d863a66634af56bdc054f6dd050cc41e2b25e4cb191a273ebd21e19160ce32510485126c9b15e4b8b11c1a2b9921e924b22bc891e33385013da62f2d8f2e702d10910e217872dbc02177570d07a357fe0245ef2991e2575de3013e4dff37b44a208aa2c4c1dcb6e5526a2f6a5f469b6808c21080d88063279d5af65433785fc6e802c27940658a7aee21711d8d87bcc0d1ca65b73dded2e705ca7f16c425e88d87e3af2b90927e95ff98457e9c956b032306b0ceadd42d25846620ca8fca8e4bdd4f4235eae0ffbecc44444825411921e404910aa17c4ff15e11de81d552b7c71540df32c2f34be9f6118a600efeb6f87d84c545bfbc7b7d229ad4c5781936af8d058d8991948faf01cb07d06becc0c5b281290194edfd0137f991176cb54740edfe20b7cc6f758704efaf35782a2cc8c7e8ccdbcd48f3d4ac3ad50e0f68a7d24db453b00850381bab2873669166afc8b06a35811e7d39ac3a11bdefb1ca644538d237514def36bba1a6f31cda8981152b31470c8672ac74a20178dce2d8c1e23cb070b25beb8434cc841c47d23a5abeaef18819b166520142505691d7645da58184c47aa2c0f86808c1c85750db0b9851b0491551e5fd78b3dfd8ce273be822996fd2e2b155b7fc2ee173b9600958246b15a0b752acd5f39d30b5df7f7b504041fc54afe09e49c3be84382d1e2122bd16a07cad89339adb2e0f7813c6f97015da179f89392faf39bf23d82c545195f053b4e909789bf84b22f2d8bc0d94aebf36056b6d7bf3661bdb179f2843c6336d38d79cb8f789bdcb6c97e2a281578b636c65bb08573f0ddc9e79e79c63b61ee434e92d52c0c38feb697fac6d143f08782c56c06a30653af9f120fec2fc85d89f7b2dad506b751df3dd934863eb1cea959a3d9dd2127b3b6d80bc2d11fecbfd840df54263e5e0ecb1eafba1ab7642676b4fad12f08c9d367388a96d5e352f625feb70ae666d0a1eeb69471fb78f15253c1304750af218db5fe2d33a3804c293e0f4a9e0ab73248d55472545b731bfc040273d8ef11cdd27b4150e4e43672c4c321aa7a3928eb3754f8e3d9afc52f6aeaa90c5dc1d4007d98a73637e04b9320c932c9ad64d6d565533afdffe67f6e29d633f95fad3fa685ac49f674afdfd16c692c3d7101cd9bbe4c43db999747b0b8d58be081a6fbc4363b3ece707f191485008f821ab6ac4d2bc3077634f6fa59a659be9c272cef7406291a671401849d504cb09555855582d7662f382385b8833d6c68d9bd569bfe0fc12d38cd8c09e17e5a28e57196b2b164fe7a855ba3c7a969e4b3861a54ab42dfc87ea5e523302160b17c5753e317dc639608546892f28a9749b3222c1fc55a3c5c0926c53ea41103a406d6a010b7dae8d7d516ba01d00d6a4d0a1755c4c86f76959d9537d17f18c6e6f31bf4740577ede6a046b9025b7c4c1cdb6ef225653871b8e114684fbd76e8f005ad9eb2df34d808d5a5c31a5409154a5f2ff8d97a32542842523995e614f170878e04d4d80c06bf7f54546ba795d67088f2876f0ab137fa34865d6a7959db8a3f93ab593a3572e91b3550adefb015e3a1097bad49a741c6b545f9f93b14b9ab950d2dbeb5aef9b95848f2d5dbcf8944ad074b2c458be49518a82aa8c11bba10fae2a44dcf37dbc68bac62f5a28297b4208396f60aa38f2de519fe22df2897ad32465c4661e3409560796bb66721a9e277e95ef6ea6a8c02a91740975a50138efc8df833d6163979363dad04ef72ba5c48e0b3c2376a91c0e398e7d9ed8fe5ab2c5f3d9422d63b944458afee35a58f7ae1c54afd3dd8de2570361c9d5451a24bd3e65458f50626284c5210e14110c9aa204dfe4ed46de9d736094843677d482495fd39af0cc207a99a96adacb0e218f4e3607e16a1aa88480f64398bde6b58f71a032bb05b42062fde0e36239ae44485979d547f5ab7cd1a1f53169b400f7948ad4f6d5282aefb7bc4b42b786864eaeca5f4bb6c653b5a42b0cdf8d1a64738b6811e0819c804d82770b23f72587af045f07b88a01106721994fc2b7c09278226373a394344356696a4190ff97c8582564a59724bbb670c5bfc757bf054b86e5a78cc6fb378c1d1bb3bcd9df81b97bc7c67b9e49431e6d867b103cab6e56dcce242b97666749c680b453e3cae835773993147b4e8d6019fba392a7ce01095570bd234a862daa16fe779d9c90f27eb9b556d00051ab331632f4e1290b4f344b4cf80c15db528bc44bfedf10a1851d2cb523bebc2021f8258a53fd2672cc477c90c10d8d4838d8f91298fc96694082a8834650c2890e8cdfbe744475ef49982d44a33355034b333c0a3bfe26e6aa55659d977a529e784d7d63dcdfd49118c5ad5727ba9c993796bfada970439a0667db7c0a8098e13caffff0dadce1db9cc340430d89cd5c3d583ef8e4fe4a91a2c1f0b2330b3e782ea85fc1cdc9d134a0d35301764771828f9b52065a3ee4a56c0defc1c61c3f9b43f5c56e96465765f14d5a8b75f0c07b4cb0dac631314f86c397c22ed66d9b0810903ca4e2444611bd71a05a6e08d8e15cc1697ff33a5e1e402ba78cef5312a93cc66a319ffba71235f3b7a97e36633dc30edab996dfb168027aea0fdb034849420ba7c2858d4caf8a8377df7b1797fe4d85a169cfdefc09dd253f2aad25bd6125c6bb40260ac67bbe5aa765c1aba651d970ef5483955289f04632df597318324a19d0af7ad0726d5e8ed7aeed7b15535aa8c8171d37aa9faf4a54fb8d3f9bf6a3e01b40a3ed090180cbf74d1c3d3b9e955d12fdd1be4f1b79e10ba9bce2c1b2f7aa39d0fe16680e929a667b8739d056a31e500c0d008167caff822d60b1fe47d6354f8d0339bc0f19df8947e3b6addc2b91884c79ba4d7ceda041b9932e8ac18ba3e27405f3e900293bba359279f1cf4b6709a6e68343edda059704f0052d84a7cd9719374af96369c7114f09b64e5a3549d21dee69db38dbb1cb8e150c8fa65c209545d9c37b2fbedf491e3b6269bf83089c5c26794834d501cd0ae3f656255e6771550c77ad0d133295fc5df7bbdb0b3cc532edc29bb8ea781ffe45c20d4194efb3e435aca0a1ce3b833adb7f4e7ace1e65df7e8b82078a7b340b6d999b374b70231c0433ba76e72beb15f90a77d4df9d02b43d4a565984394f3dadeeb64a1b651b874247ad88b3a735aeed11f61cf623b475df250d0253f837fdf5d9c858a410823cebe1a1aa3d6846b9d7fd5b35de95e2e8fd56d3c276e54b93c87c97da8c1b8253195b95da303de35f33507ab819ca9cd77250959bd229fded30d0f220679b38c770c7b7e4b13d170d5c6187bd2ff9d3f1582be055614988d76b495182400ab8786445cfcc76263d317ed587cc6726e6d677195a4eb780fe1f7bc66a7a4fcfbd8ea07c8af5b6855c3b03ccd7b2e6c7d7649f5a85ed38babf854f6090e891657e552e84e4c1bca2118e34a8ffc0506f994ac3f714a31ca84b5e3e23b8908665d0eb5ccb2b0c9af25abf22f597d8ccfce9f2fb004d879c1646884ba66badab9aed28bf03b604b42b9f00e944409fcb0ab99f1c94d19dcee6768f1205543036d6c32f4641825b813ba725691b2d12f16c279f74968150e48253d3e963f40f15f9d686d60668548e6e3267c1040b3d379f19640168670fbb4be7a0320513726253ab8aedda6f2836389575171137953ec7a745d7f22f82e4435a77cf4aa96de26f86e73b143afa24ea817c9e09257d13d8472232a1c2bd7cc7dfd05009a70360599afcda6029838a61c690997d95b5e159769401e45a650b4d9a4c3031518f708de11ebf88cdefa449f9c93b8dbac63273836ccef9bdb0837830369ab44f4be0f5a5731e4f26d37265b686c097d34ba912c2075494f0001e67fd4ea5892ae6403e41e66aa80d50ba3212a47ff77176da60cdcafb4abca07cc429d4c2e695d58f7efeff4bbd369fd9521151fe6080124eaca641aac8591cd6c54714cf0452789314883bd32f0d687ccfa85cde6148c39c18ae13c12c6fec8dcd9bd056875e269243165babaee12aa6e0eac4c22812099626c97aafeaecc3206e369b5eef69dbb5c1048327899c5ceb3b0d22751a7087f3c558844e0ed6a1ef708e59e925e3a198a62b607dc87c02fb60171320dab1c0ddfd210d5d600bfbad785f07619b9e0d511a20f76bc9d91b92125ae6bdc7ee8189548f394a9fde2f393d2165128d100ac0eafbe7a28ec623e6c0a9bf1c1270b662d7cc2c8c788dde647075224d3b12230b56916283ef9aa6957a93010b8d3c01ae17a2d140f0853", 0xdfc, 0x4}]) 13:46:44 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:44 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000480)={0xfffffffffffff801, {{0xa, 0x0, 0x0, @mcast2}}}, 0x90) r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x4, 0x4400) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000080)={0xdaa, 0x0, 0xfe5d, 0x0, 0xcef00, 0x80, 0xffffffffc28452a8, 0x0, 0x1, 0x0, 0x10001, 0x7fffffff}) 13:46:44 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x10, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:44 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) memfd_create(&(0x7f0000000300)='\x00', 0x4) accept$inet6(0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000380)=0x1c) accept4$inet(0xffffffffffffff9c, &(0x7f00000003c0)={0x2, 0x0, @broadcast}, &(0x7f0000000400)=0x10, 0x800) socketpair$nbd(0x2, 0x1, 0x0, &(0x7f0000000440)) r1 = open(&(0x7f0000000480)='./file0\x00', 0x200, 0x2) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000540)=0x0) migrate_pages(r2, 0x200, &(0x7f0000000080)=0x100, &(0x7f0000000140)=0x8) migrate_pages(r2, 0x7, &(0x7f0000000200)=0x1, &(0x7f0000000240)=0x5) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, r0, 0x0) read(r3, &(0x7f00000000c0)=""/91, 0x5b) r4 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x9, 0x400803) write$cgroup_pid(r4, &(0x7f00000001c0)=r2, 0x12) 13:46:44 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x10, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 328.986544] loop3: [CUMANA/ADFS] p1 [ADFS] p1 [ 329.001266] loop3: partition table partially beyond EOD, truncated [ 329.023084] loop3: p1 size 2454553910 extends beyond EOD, truncated 13:46:44 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:44 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) memfd_create(&(0x7f0000000300)='\x00', 0x4) accept$inet6(0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000380)=0x1c) accept4$inet(0xffffffffffffff9c, &(0x7f00000003c0)={0x2, 0x0, @broadcast}, &(0x7f0000000400)=0x10, 0x800) socketpair$nbd(0x2, 0x1, 0x0, &(0x7f0000000440)) r1 = open(&(0x7f0000000480)='./file0\x00', 0x200, 0x2) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000540)=0x0) migrate_pages(r2, 0x200, &(0x7f0000000080)=0x100, &(0x7f0000000140)=0x8) migrate_pages(r2, 0x7, &(0x7f0000000200)=0x1, &(0x7f0000000240)=0x5) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, r0, 0x0) read(r3, &(0x7f00000000c0)=""/91, 0x5b) r4 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x9, 0x400803) write$cgroup_pid(r4, &(0x7f00000001c0)=r2, 0x12) 13:46:44 executing program 2: syz_mount_image$jfs(&(0x7f0000000300)='jfs\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000001880)={[{@gid={'gid'}}]}) r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x10001, 0x400000) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000040)={'mangle\x00'}, &(0x7f00000000c0)=0x54) 13:46:44 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:44 executing program 1: sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) r2 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x0, 0x1) setsockopt$inet_opts(r2, 0x0, 0x9, &(0x7f0000000280)="60545c68d3638f08dfcc54daab566c2ef7f4788a7bb6cfa4584641a73408c4bb40db9701534ed4e199f98efef93849b9b950c5c10d7d56a6394676476e612d5faa2090ea15fcd738386fac5e98c7c4f04094c56dca9e94379aabc1f56716bafee9533b004c5abf151c8381792a5cdc405cc3f7480ea381d7a660cafbf9d06d050236a9fc207b8336c108b06f47e9ca72ea033e9b07a96c4a21e197aa9a03c757ff1b09ecf41ef3b2df3a16c6d350b7e94b2d76f77094a4c922ad1a5dec914521d85279162d4f44725be889100602c851fd6a5ff8ab5bc9c0ddb42d71760ee8056a6743f6f5f7bc6f0374eb3c5d92276071603aed7bcd22bb9cafaffdf099b6b518ecc467871f41d94625ccf81cd105221b6112998990dc945eac303076ffb8c1cdd3ab6f79642784ad2929b5454ac0ff360cc1dd33ff5627d1f027d51c55f4fbb656f95bb8deebe4c70aedbca84ac05912893894413853711c44ee00951e6220d056cbf2aee25a62067c61c6397776a4989e39cd31dd1871076e4adce2237e56286942f78764fd5fbd5b57edef93da5a5c18d3b44f9ed9b1ed53e739898bf3fa4f747b3f999abaf5c8b9ba9b243b058adbc39d383f854e2f713057dd6d16b40366c4789e4f90ceb24381df4e88623bca1ce812a88b3a0819ebb585af50f9b9773517079a3da9aedee5ef967e481bc1b49a9dbf31a17d121e5b6b71c7c3a8c26377d5cbf21e1859dab2dcf939c3b43ba536b560945ead6e721426876dc9aa80c6d0c5637a20be6264085d79460188aa610e044fb519c8cb1a7135792aee8978bc85164b3f1fa2dea0f59eeb5a39b5de43e5994066ead9ada67f1918e46d93bd21ad6ef20cf7d041333d711e9956024d5a1449e046a87d86b2a8472395cffd33b67f30a08c1b06bfb16a956d43152bdc38a6ed2b5074de0b36a534a2c64e1df2847bec03e8b026d6122199b27f014e7c348f14e245dd2dd255a189ae21b2df39eede16c4ea93fe9a6bb2f2a981394a5710c65d0d8641d16874120e7dd81ef5673e00c6e433230f71c9229c24cc981b6ba47a73b30e43a9f4d0bf7d9930821072c1d0a48ab3509530f259713244177b920d90edcc3c87c3e17b87cd3ae6cb09d614f8b0cc8ee3a320ca5a9e368e7091fb7e3130be0ed5ea7e401935ceef55ea8e14c951fa44add537cf8f5d71d6bd16e9ea1cbf04c60c425e7a4fa49cdcf4f06af730a900c8862bb3f3cb4c1234b672b6d982c0087b9cd365a0e06da195990fc41a2ec0b85aabcf0234dbd2fd69e08ffc69c2400dd48c722d91a1926b89980927938f9f48e42e60c2d24193f04b100f76050eb48144200498f2561099489e646f4c8b5a069028388fd8d10350e7982883d28d17e4f6c8ac70a2dafdcf8ca5b8a07f7a095494ea3e3026cf6afc6d6cf950c456d37a34d1fcc15e1d09d5ae578c16ba19f6b34ca9fe9fbc897a19be6b879a4d856eddc9399ec4a122b04f9f5bcb7ef9d2088b1ccd557625fd661bc24806d3f2fd0b5857c8ecbc0b7fdf4d87872a08319638cafbb884c9642fafb4160b179e28b288839bc2c0f4933a0024357f807960bfe8b222df661d105749de5f913096a1ac903d5f76f49ec81953badbdf3639879ee63a2839ff386efd59b4a31e4370d21e7d76d12276e9736a54fdecf2584b81800e802d766a1223308deda43e764d0c2ccf0632bedc0642eb59775ddfce30247401c079156137d56374a9f04aecbe84956ca1ae0eafea3820f59820e5ccdf02022ea400fd875dda374740e4b781f1476ca55ac973f574d65a72304a8a5e7ecbb059bc2a5ba70ee2f7d089d6fdd3c0a5cefb3b91797b534146389ccb9da5767864495870c8d40a7793cc3289e9b2dc4557df8fcded36ca89337a3f3ab8af45d4b9e13e7b673ab6dfa7a4ace6a2f2ce83a449470ea4ac5489e1c8e037277ed86fcc3c3cd330f2b24e046c453bb0128e0a4e8c2539e5c1e1a4de912fa96867448e51781e210297bff96650e12a6cdbb56ab75cf40f13b84052a4cb490a8dac58392418c223a6594579d0dc2bba02dc42684185d58d6fd5e562c7cc6ae294a96d7db62d988c5e71cfd28efd8e2ed096a7b3e47c7c5d4d7b011843040a43ff0f06ec444dc64c7d10e3c60a1e5e79afe136a243100231722a19ff6da3d0d9eedf1580e6b58a892a35c8b66a4abe415a01648c7f329edc2ff39a65f39118283a6d204c00d58c63c909532544972034f3207804904840201c3876e4746259d7418a31564fac74790b1e5c99f330e7ab3308749ba8331510782898d4e87d520472b8ade7795895f00c4368de03fa864bbec1cc5ddda9067572f593d5fe540ca0072f0b6013daa8f28f5ce6de0bf95478b03c5a4199a9d0e70ebfa23ed9b3d76955740c4ba38257ac94dd1c6f0158e255212bd40ac2a7b484e39bec807af411ab3a7c3c0251f4a7b4f38ce63daca62bfb122a4b1a0df48d0f81fc3ae92549d96e640a1d46991fa5b65d85e9ff72f8a7288770e12569ba1fe8c367844d1b070a51d1fb63b7b0c33d799c854d498d5a470f4f3beb4250ede748653077b40fe2a89d0f8b25d88e40abb43e67c8fed99d826314f9f1b6b8a1839b12b442741adcb70501d2227b3235483da87a12ae2cb547115932d19efca976e76f80f5b60c237a720ab1d425f5645e71b8870b90a4715350d8335e7ce3b5ea0f6c6084af179fc524f1353a30a73619ce4a7c6d27a231ddf652e3746240a2a7952859e51a594b340c28f5111323d8253721c59e49e285997a5c23f8b194eb90fc58e866fd38e28f0ad3fa9ba146ff7be57696e9f1edbf30c2bdc9878b8e762e8d75d431c4cfdc4f946257b99c932c168fa640f6a039077345491974d5a38e2fb86e9dd88dcbbc0234d4dfaa053e2bdec54209e0552946c20d2d1463a53c8650ad4e81e81515f73cdbb8bdb8a16fe87946ba340206b29d107934b73e0a540a9df82f407f0c02e3e082721ae535047eee00acf67a4d92795666e63775658b3466bb67c1798051fd8e35f06eb3b8538632a01d38365f01ca65d5746e3e535794418d6452ecfe22bc9a8ebdf87f5e517019b318bf85c84637d4b8446939cb79e7563606c061e28afb091f80843ac40fb51cb2b485f3d84a41f667159c91b94639e89d5fba9986c635890c33090a720a29dc9d3fc1c769f7bf2e4ecb9f58784b4d74eedb0a6ce745fa6037f1c9299a653669bdea5cb33dbe235400d1bd9952466313244e487fcf541170c9ba56641857fb3bc3958b0ddae6ae112460a8e96dadf2b0c2602f895a493bf2fd896a16b499e43a433a34bf94bb41f34e0603d8c696fcf8fb43f41e284f8b0c748351fed82af9c1fa7d183ff104aa0b67f253404ff02367b168304495559cca27624aee2629c9ad0340b50b07da980cde70dbb003a53bce97d094ec4641aa6874609a46cc94024880f42c50c59ba41fae87afae3800d40b2c685b34a0a5fe3cd58b66e56b00c224ffb0196e8e97d10c62525222376d859c8c33a93cfffcc5b40119e9c1871ea5aaa1246b4b3df81a86613f9186ee27f43848fdc470de09bde31f8305d0ffaf651bbe6b48310e1923f0b21a662c6a3d0ccc9217cf770d88f2307cf6e2d0bd2b6c9b35e9ec926254ed8bccecb208f903e8f794abfc8846bc76b8e41ffb4a306c29d726594920771a79fdafc610f5a52bc771b0186cf98e700bd656a6bfa06bf2ac8c9e3c3994572fc3d0558ef826a16759b22f9856a60aad06dfe0479d587e7bcfe9a9ba48856edc17a9f83cc5ef2aac7976fc8528ca20ff1674c59c297d20ec1f8188ccd39a9fe451239c2c9ea49ad732fa77c0743853a97c2691c96de5b3b6eed5b822e2a8c619fb65230c01cc70a0677d8cc02a99c08b2507fcd1050a75bda025b9c469083dca619a2870583d181b60320ef310696dfa92a8445abff0d75e41a75107838cb715dd762889bdd049e7069b227fcc2abc0a22427137552a3b1f59bf80170ba8c24e7f594518879c17f61409faf083735997defabed5f7241222df85375572658006eac483847774957de117b331c63166717ab1ee79f0ab5adb95855b0dcba9b7b2c40ba7133f12e7cf06d0dbe7bb08e9689f8c8bacf3107d9ca21c48bba5308cb8bf2b4089310b06702b924ad844a3cfa9ce153362537a880ee7bcb13144bd8662f2657bc974ef131de41bc57deafbe92af0c6a6ed2a77ce94982d7890ff653dfeb5e419e509bcd5d61e9f3de96778fd63e423c76efb27f5394e6abe42cc317458980477d88208afb08c38f64eb0af49e832d6fbc2b624d11a64e0273b44d605121a4130f309f7f0ac6a6d10ac3c2332b552b3018e6e28d10b0c054b3bee5bc28d168594c3598c98c0bce5f329540ba4870280732fd90fbbbda1b52e653bc06c731e3f3a505be54c065b2783fbc6506e3de9094889547724fa999f82fb62d44b89622dcc55a55ae867a8279d2b85d931a9e240028ae4fc3d536a3cbac77a1e5dd7f46b783eb4ec13669436c84443ebec0270a44a3cd361772f4852eb93f9bbbe49a77edb4457f8a6508097d51d2ad22d9138480c3a69e0e1bfa98357fe12422aacfb45549e14cbde2846c8c5ce360a1344dd952bb73d8838a5bfc75a866ed555140ddc5f8c5d25d36fb04aefe60cec308acd5da0a056a2f4cf321504c9e950949a0bcf02996751fc0414dca09b7498808139ab0a9dd8bcaede812290f354023d2d1a76c0025bdfc9398998c676d5aee6e894135799cdce4a38e676aa5c3291d506222bf0cb6df12a1befb0a93fcfa9bbff1c629afa4033438daead2f06887d664cb31193055a9e5e2a96bb1f4f261edf6ecbd364217fe17a4127293fa9d34728b00328598926fcf3515d652c3d3bd3b53bd1b2416f62c60ff3ebcc8c3ba9c4f1d6c7f428c2b169df5846fc83b1c55f2d38fa96f7ccefb2d43bd6dca5a1c6e184f29ddf5b4b4d51afe890846a1307fbabca3986f248af926881448e836afec2c3d26f1e1f5cc244f9633709a09e2a3e7e232a403eb207e634ba2c617c33a3934e23f0482615906abfd9eaf792efc4d37a8460b2bd2c1135e594318d6ca001b296366552901459ae93cc7ebf0bf76c52652151e2e4bb2a511917a347da92a749077eec0cebd9a27d7fd770dcc45b0c7b7908dd1deda7f03f0c8efb17ecee16d4bbd5404d56a3f230dfadfbbe596b2aba33b8ffb5a0022e2caa6a2fe2f70daae9acf5f35f97bdad18a236271a5293b478cf2a3176583399e1b995078bcb67fea747d47b0b039d54afcc6a1b6ec7528c1802dbe00f7d7c39d56479f8c9f7e68610e88f66c6eb9d26d71a7c6373072a7af88b67339f6a40488aa41a244a4ce43164d29f35b1c4a634c3f8fdb80dd2c756ebc53376ba5af2be397341b6239d995ae88725a2068495abad37b452017fa606d125866bfd838ff6712a695c42f5a431ef7f76cab551d1f8ef5e2c5cf65ba3aa14f674cb910ace9c91545294d8467accc16672fdb06e41e1fdc0ca62932ee77fd8d4d4db8dad427b974db1ec75a5adaba01685d7dfb754f8ec43216a9cb261869656f4814aea2e60a00f61d08cb1ae6e67e84e2ec0b8fce2f8653303f658ccbb90d141084af9648cf85188acd17784258a7ef2562242c525c3fda945b0cb9a11b9a66436150543d0973d7b174b754fd0f265b6ed7415d81b98fffa3417181e05657fb463cae76b7ea11941a5a21cda71a2a98f8f8c29913c3cdc027f508887b8e79fa3527720276c43b6e3c944487c8b48c28c289f7d0b5b9e92ba3d3ad463f8872182bb99d274487fe9", 0x1000) ioctl$ASHMEM_SET_NAME(r2, 0x41007701, &(0x7f0000000140)='.!\x00') symlink(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') setsockopt$sock_void(r1, 0x1, 0x24, 0x0, 0x0) r3 = getuid() setuid(r3) sendmmsg(r1, &(0x7f0000005fc0)=[{{&(0x7f0000005680)=@sco={0x1f, {0x0, 0x0, 0x0, 0xfffffdef}}, 0x340, &(0x7f0000005b00)}}, {{&(0x7f0000000000)=@l2, 0x80, &(0x7f0000005c40), 0x1f4, &(0x7f0000005c80), 0x3a00}}], 0x38c, 0x0) getegid() sendmmsg(0xffffffffffffffff, &(0x7f0000007780)=[{{0x0, 0xffffffffffffff16, &(0x7f0000000200), 0x0, &(0x7f0000000240)}}, {{&(0x7f0000006cc0)=@nfc={0x1e}, 0x80, &(0x7f0000007080), 0x25c, &(0x7f0000009d00)}}], 0x2, 0x0) [ 329.170092] loop3: [CUMANA/ADFS] p1 [ADFS] p1 [ 329.179704] loop3: partition table partially beyond EOD, truncated [ 329.202573] loop3: p1 size 2454553910 extends beyond EOD, truncated 13:46:44 executing program 0: clock_adjtime(0x0, &(0x7f0000000000)={0x53, 0x0, 0x0, 0x0, 0x0, 0xf5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) 13:46:45 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:45 executing program 3: r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, &(0x7f0000000040)) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0xb16, 0x101000) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f00000000c0)=0x9) dup3(r1, r0, 0x2) 13:46:45 executing program 2: r0 = socket(0x15, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x271a, &(0x7f0000000080)=""/1, &(0x7f00000000c0)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuset.effective_mems\x00', 0x0, 0x0) ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000040)) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r0, 0x800442d3, &(0x7f0000000100)={0x9a55, 0x9, 0x7fffffff, @local, 'bond0\x00'}) r2 = getpgid(0x0) syz_open_procfs(r2, &(0x7f0000000140)='net\x00') 13:46:45 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:45 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000580)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0xbd}], 0x30}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r1, &(0x7f0000009940)=[{{0x0, 0x0, &(0x7f0000009780)=[{&(0x7f0000009300)=""/15, 0xf}, {&(0x7f0000009340)=""/153, 0x99}, {&(0x7f0000009400)=""/159, 0x9f}], 0x3, &(0x7f0000009840)=""/234, 0xea}}], 0x1, 0x0, &(0x7f0000009b40)) ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000000)={'veth0_to_bridge\x00', 0x4}) [ 329.444234] handle_userfault: 13878 callbacks suppressed [ 329.444243] FAULT_FLAG_ALLOW_RETRY missing 30 [ 329.518975] CPU: 0 PID: 10807 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 329.526403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.535772] Call Trace: [ 329.538396] dump_stack+0x1c4/0x2b4 [ 329.542055] ? dump_stack_print_info.cold.2+0x52/0x52 [ 329.547268] ? kasan_check_write+0x14/0x20 [ 329.551533] ? do_raw_spin_lock+0xc1/0x200 [ 329.555800] handle_userfault.cold.33+0x47/0x62 [ 329.560505] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 329.565110] ? mark_held_locks+0x130/0x130 [ 329.569364] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 329.574927] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 329.580316] ? select_task_rq_fair+0x34f0/0x34f0 [ 329.585087] ? reweight_task+0x130/0x130 [ 329.589183] ? print_usage_bug+0xc0/0xc0 [ 329.593269] ? print_usage_bug+0xc0/0xc0 [ 329.597352] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 329.602921] ? find_held_lock+0x36/0x1c0 [ 329.607005] ? graph_lock+0x170/0x170 [ 329.610830] ? __lock_acquire+0x7ec/0x4ec0 [ 329.615103] ? _raw_spin_unlock_irq+0x27/0x80 [ 329.619614] ? _raw_spin_unlock_irq+0x27/0x80 [ 329.624125] ? lockdep_hardirqs_on+0x421/0x5c0 [ 329.628729] ? find_held_lock+0x36/0x1c0 [ 329.632833] ? __handle_mm_fault+0x45dc/0x53e0 [ 329.637462] ? lock_downgrade+0x900/0x900 [ 329.641637] ? kasan_check_read+0x11/0x20 [ 329.645809] ? do_raw_spin_unlock+0xa7/0x2f0 [ 329.650255] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 329.654882] ? kasan_check_write+0x14/0x20 [ 329.659141] ? do_raw_spin_lock+0xc1/0x200 [ 329.663408] __handle_mm_fault+0x45ed/0x53e0 [ 329.667873] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 329.672750] ? graph_lock+0x170/0x170 [ 329.676573] ? print_usage_bug+0xc0/0xc0 [ 329.680661] ? graph_lock+0x170/0x170 [ 329.684483] ? graph_lock+0x170/0x170 [ 329.688329] ? handle_mm_fault+0x42a/0xc70 [ 329.692590] ? lock_downgrade+0x900/0x900 [ 329.696757] ? check_preemption_disabled+0x48/0x200 [ 329.701801] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 329.707617] ? kasan_check_read+0x11/0x20 [ 329.711790] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 329.717096] ? rcu_bh_qs+0xc0/0xc0 [ 329.720659] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 329.726131] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 329.726154] ? check_preemption_disabled+0x48/0x200 [ 329.726184] handle_mm_fault+0x54f/0xc70 [ 329.726207] ? __handle_mm_fault+0x53e0/0x53e0 [ 329.726227] ? find_vma+0x34/0x190 [ 329.726250] __do_page_fault+0x67d/0xed0 [ 329.740888] ? mm_fault_error+0x380/0x380 [ 329.740906] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 329.740924] ? graph_lock+0x170/0x170 [ 329.740951] do_page_fault+0xf2/0x7e0 13:46:45 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x2, 0x80) ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000080)) ioctl$TCGETA(r1, 0x5405, &(0x7f00000000c0)) ioctl$sock_bt_hci(r0, 0x800448d4, &(0x7f0000000040)="fd6ffe") 13:46:45 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b700000003ed0950bfa30000000000000703000028feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000005504000001ed00001d040000000000006f460000000000006b0a00fe000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000100)='EPL\x00'}, 0x48) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cgroup.stat\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000140)=0x4) [ 329.740970] ? vmalloc_sync_all+0x30/0x30 [ 329.740990] ? error_entry+0x76/0xd0 [ 329.741008] ? trace_hardirqs_off_caller+0xbb/0x310 [ 329.741032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.787667] ? trace_hardirqs_on_caller+0x310/0x310 [ 329.792719] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.797599] page_fault+0x1e/0x30 [ 329.801076] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 329.806716] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 329.825623] RSP: 0018:ffff8801855277f0 EFLAGS: 00010202 [ 329.825639] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 329.825650] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880185527890 [ 329.825660] RBP: ffff880185527828 R08: ffffed0030aa4f13 R09: ffffed0030aa4f12 [ 329.825671] R10: ffffed0030aa4f12 R11: 0000000000000003 R12: 0000000020013004 [ 329.825682] R13: 0000000020013000 R14: ffff880185527890 R15: 00007ffffffff000 [ 329.825724] ? _copy_from_user+0x10d/0x150 [ 329.825752] evdev_do_ioctl+0xb51/0x2180 [ 329.838405] ? str_to_user+0x90/0x90 [ 329.838426] ? graph_lock+0x170/0x170 [ 329.838446] ? do_futex+0x249/0x26d0 [ 329.838467] ? rcu_bh_qs+0xc0/0xc0 [ 329.838484] ? rcu_bh_qs+0xc0/0xc0 [ 329.838516] ? unwind_dump+0x190/0x190 [ 329.898075] ? find_held_lock+0x36/0x1c0 [ 329.902166] ? __fget+0x4aa/0x740 [ 329.905641] ? lock_downgrade+0x900/0x900 [ 329.909811] ? check_preemption_disabled+0x48/0x200 [ 329.914887] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 329.920702] ? kasan_check_read+0x11/0x20 [ 329.924879] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 329.930168] ? rcu_bh_qs+0xc0/0xc0 [ 329.933728] ? __fget+0x4d1/0x740 [ 329.937198] ? ksys_dup3+0x680/0x680 [ 329.940929] evdev_ioctl_handler+0x144/0x1a0 [ 329.945348] evdev_ioctl+0x27/0x2e [ 329.949356] ? evdev_ioctl_compat+0x30/0x30 [ 329.953688] do_vfs_ioctl+0x1de/0x1720 [ 329.957609] ? ioctl_preallocate+0x300/0x300 [ 329.962026] ? __fget_light+0x2e9/0x430 [ 329.966009] ? fget_raw+0x20/0x20 [ 329.969468] ? _copy_to_user+0xc8/0x110 [ 329.973458] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 329.979005] ? put_timespec64+0x10f/0x1b0 [ 329.983163] ? nsecs_to_jiffies+0x30/0x30 [ 329.987324] ? do_syscall_64+0x9a/0x820 [ 329.991307] ? do_syscall_64+0x9a/0x820 [ 329.995302] ? lockdep_hardirqs_on+0x421/0x5c0 [ 329.999902] ? security_file_ioctl+0x94/0xc0 [ 330.004327] ksys_ioctl+0xa9/0xd0 [ 330.007793] __x64_sys_ioctl+0x73/0xb0 [ 330.011692] do_syscall_64+0x1b9/0x820 [ 330.015592] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 330.020967] ? syscall_return_slowpath+0x5e0/0x5e0 [ 330.025903] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.030758] ? trace_hardirqs_on_caller+0x310/0x310 [ 330.035776] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 330.040796] ? prepare_exit_to_usermode+0x291/0x3b0 [ 330.045834] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.050710] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.055902] RIP: 0033:0x457579 [ 330.059102] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 330.078009] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 330.085725] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 330.092996] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 [ 330.100269] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 330.107568] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 330.114882] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:45 executing program 3: r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setreuid(0x0, r2) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/2, 0x80000002000, 0x800}, 0x18) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000080)={0x0, 0x53, 0x30, 0x6, 0x3f}, &(0x7f00000000c0)=0x18) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0x5, 0x1, 0x1a, 0x4, 0x0}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000240)={r3, 0x10000, 0x100, 0x9, 0xff, 0x100, 0x101, 0x9, {r4, @in6={{0xa, 0x4e20, 0xffffffff, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x17}}, 0x3}}, 0x0, 0x761, 0x0, 0xffffffffffffffff, 0xfffffffffffffff7}}, &(0x7f0000000180)=0xb0) 13:46:45 executing program 1: prctl$seccomp(0x16, 0x0, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{}, {0x0, 0x0, 0x0, 0x9}]}) r0 = socket(0x1, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) bind$xdp(r0, &(0x7f0000000200)={0x2c, 0x1, r1, 0x19, 0xffffffffffffff9c}, 0x10) io_setup(0x8, &(0x7f0000000000)=0x0) io_submit(r2, 0x343, &(0x7f0000000080)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000080), 0x121}]) 13:46:46 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x40000) syz_emit_ethernet(0x1e, &(0x7f0000000080)={@empty, @broadcast, [], {@can={0xc, {{0x3, 0x8, 0x7fffffff}, 0x2, 0x1, 0x0, 0x0, "9730c3ce9cb01776"}}}}, &(0x7f00000000c0)={0x1, 0x1, [0x473, 0x417, 0x6e7, 0x64b]}) ioctl$INOTIFY_IOC_SETNEXTWD(r1, 0x40044900, 0x200) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000280)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000000), 0x14) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) close(r0) 13:46:46 executing program 1: r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x1000002, 0x1) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x9, 0x200}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000100)={r1, 0x81}, &(0x7f0000000140)=0x8) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0x8010550e, &(0x7f0000000040)=ANY=[@ANYBLOB='u/ou']) 13:46:46 executing program 0: r0 = socket$inet6(0xa, 0x1000000000005, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xd, 0xe, &(0x7f0000000140)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fdffff79a4f0ff00000000b7060000000000012d6405000000000065040400010000000704000001000000b7050000000000006a0a00fe0000b7000000000000009500000000000075620000000000000000007d128a90599b2df77223f8a708abce49cf71e27cd541e82e2ffb67b10a01253466feabc3ca64edaeca93ec19e8d85134296924f10d99d250bab3200c31c96a27"], &(0x7f0000000100)="47504cd2"}, 0x48) 13:46:46 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:46 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:46 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)) r0 = socket$netlink(0x10, 0x3, 0x9) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e24, @broadcast}, 0x10) readv(r0, &(0x7f00000003c0)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1) ioctl$PPPIOCGMRU(r1, 0x80047453, &(0x7f0000000080)) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x4000, 0x0) syz_mount_image$msdos(&(0x7f0000000500)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f0000000540)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000580)=ANY=[]) r3 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000240)={0x0, 0x40, 0x0, 0x10001, 0x8}, &(0x7f0000000280)=0x14) fchdir(r3) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) inotify_init1(0x80000) write$UHID_INPUT(r4, &(0x7f0000000980)={0x8, "7c70ee3800d5ab5f2036f872e0ac57cbd592bca0d671633f50a3102066d6e765f5a64731e3fb8d90d250eda2cc33b60a7ff98074cdc3f1dd1a2df26a381d95974e0925d521c6b48c3dee0d430d398884316091aff6adb6153dc3c92549957d3488efc02d6f6fb172524b095c30c1bd35aae04236bdd42694d613eb54c0b65a338c48dc4c8bad70754fc81d9928e4a1b81f9c77075258a0805b4494867247966b24a023311fd91ef3754b98d3acde6f2ef0617f123c22fccb81c11389fdfa2e21c2365aabfc8916e02151d8643ae21cab7fcbec6142186d3bb57546c106484bc4c28a48da2b75dd82aabe99464558e60cd101f6b65856fabee614d271741a68dd550c8772f06a93cf8e5c0de549c3b75a72f8a590bd50b2af5f64009c969ed7596f0192b0f98b1afac0e8c5f4c653f611b4a71776400a9ae3f18e75f856788c97195749042510735880b9bb0ccb23210832a4f1c6f134d68f8e299837c426e0c9a45d5d2c959446cc363f370c67cd01a063c91254d692fe35abee92fabda4f66d93228c979ebe036c5c2e0028ec76562d67d0919ca28258fec0ed60603142b5c57c4cfb1ea1e892d0fd2f33970142b179c415d6bea344fbcc82d133052e848a885160737c69eb02ca9f544831c8e3ffcf40cb7b415d24795fc8aaeb8e76bec262aea5e28fe5d6495c4b5895a612b1cc2122286add66356f3ecd309f970634f1b09da1507964d35575167317f13c7fd9f11af27ceea86e9a5b3494a27ba98ba38dd1fb72ef2c6163664fd8f7c946935cd4833121f505ff277c03d959d9a12f3389e9eb6701a8b29f72c20c6abb7bd8349dd2e120bdd59dca9f1a2a877f1677b59d7920ddf29b9d94f7c6879b78e31cf1b65b60fe349ef9d4976f46609ee34e33f647aafbf64f6323d18598905f2e73af75661397595b8f9c1e9a4e993946820da5378ca5b363560e95edce316e99bac6e6250efcf1cb58fdcf94c7557c2d7f763a688543462d54b64e178c2e64c6ebba356894973051907fd8de8ba908e822168b171c1707efcd9ac827e64313721876e2ff26ac34e88557a4a0dfde08eda81cf0c1465a89b68429e48966044c767563e1121db48c9b619fd7362afd15ec6aa19b28759d7977be4fbcad0cf8dd5dc5362259bd5cb5089a9d18db969afe1192571f5fcc0c4d6be281d23b9c1f9f32873c058adfa1bf57a3718686957edfd6e4b58aa959541127696d59fb2810d042ced227961eb19a424e4cf45bc6243217bb7561b7ee11f8c0b8f39480343a26f2da5fe79d5e213c01ea47155ffa91e7d7ba0bc8ccb018bd69cfe71dd8565a645d678b404a295397e83ae69dbf8505f6947a836b44823a92861124330fccd4bc4a2e20d9047bd919d82c89623caa87eb09bd584d58f42b35ef55fddc06dfb3957f3f507e5ca9b8b98947cc5bb68846755527ddf32ffa444e1c7a5654d4d377e04a9f22e1069804fdcdb251acb6bd6b32d100feb44286991d779d2b3e2b7f5cc5f8eb3ae166a3b6fb9df11e1867989a6f9b2028e4c73b4d418b51f6e870713cadafddb47a48c9a97283da214f02db3326d42438d9a7db580693ad1887f99d86bb5fafd6d07c2647fc80c2c5a1ed9ea3b95be65ca422080ddefca5b49ccd538f6bc67390f892d9e416f7e835f76dd90edc56256348d20560caeea05c0922cab60dbf0b57ddaaed6ded5a336e01485fd571dc12050461271cee347c31ac245bfee9128630dfcc43b6d88b5ba9937a6f6ab70b7d256784ff72297cfcfd0ffacd09b55fb832bf60f04d87c48c74972b9f18fa178ce4880b025d1c1097ddb929e8f7e02f1c0e03012bec0fa61a49eb1c2a50a45fc0d98b6649de325184006938e421321e8b366649d9b6ebadf77509c9d48844e80f7752fd7daaa5c938b946feaaac0d871203270a747035c7e2f697c84e792a55cbce76c0a25360f7acbeaab60627aa9c37064af75b67f46732844eb2f6b37226004afe451a9fbfbbcf7e72ade67b017e9209b5627fbe16789abd90326751a1fd1d93efc59f2650f979ba71938d784064922bee2874c4b76d5f26e39ea0a98cf175950137feff9456c88c6a295830183fae3a9c2312c25f3d81708d73488d15a587e7e7cdde3b77917eef29c8b5965c916a65c3c5a53b7313c3115d0a8bb4e16f6b80ff6f78adb756aba94ced86047562a2cd2fb25e9a4656f6359c3f2fde8b5ab38852853cbd7221cb4d59b7f0e79bd37f9ade073f62b75edbe63c13c0d02bf076d88f5b750ea640aad47ce97d6a0783398dd3fbb63734ed969470cf45200235650532224fc28caf1e36ca6b402ec4c978add40fc59f2113485875682139f8aa9aeb48d09178de919370b0cd0ebcab5e60e1b0a2fc153db0dae8e50b48561622a677d0f1afc149676f832e016e14007fb298dcb96f11a92a1ac8bd4cc7b34d659d6cd2c9817b586585e72080255b083bc84512277ffb7f561c6a7a08cd128bfe9b525da531f0bf04f11d3de102b3538835807ac0b2f4325fc6765d02d692ec82f5b338c8257029136fcd3427c09874ecc7492becdd6608eac4adf1abc3f7e08868a72e57ce4dcfc288a25af73d19f1118a9254963c1548cdca5fc7c921a7f218f8e71edd7969dfb35beae1091d7530e32236397fa9fcd232b441ff1b0177829468c198d659d247ccca4fbd58c625501e4368075d0e5e69a6f90952f5bbe48e85a303131dedf7f1a513b291598a545784e1013521877c25d6069d3a855652a4bad5b2df2e4da2de756a20e790b756dd2925ce824561e5892b5e064c7c7b996acc4e29597e0cd00956e9c57ec374714f846be7632d3075e38bead499163498810886c78a2cc73fb64fd48e186083ce911e0751b4dc63476859c2824fa532a4b1711c244619e702eeab19380aeb7b17f67fade3dcad8ddddd893a526cd5d04d8ae982c88029ec71bdd0772fd74adbdb378fc204ca411a2d8a50331516a28552be78f9725f32d1b3a6c7bdf3277c5f7e385c7ebbacc419ec7ca3c5b8f46dbefee59b6422a6b22d60527edc012f852077d925619874f7709f283e01678fed36528003a696ee431a817f34f453c143dc56b70e1f810a5380a555cc8c4fc6522ab544ce5d715caa302ebdd0aa8286b7ef5dd6dd48a8ad9566818f7509daf02db0b98b432f57f1d107ee95a86228728cab4062e27922381e1e2ee351af5e2ea0fd6d1cea70b3b8f4a50f0776fc9aa2a7d2dff6e1ea3769864104f09137b99960b69af13895d842649eacaed8ddf183beba3323640af8deb52b902c0974d685d19fc87c93eb80ad5d28e54363705ad39231d989522e94f000256bc8d93af138a45d67dad3e21fa9fb31d9327c6e71f61956d9daf4f97333112704136d3d1bf6fe0e4c002e10b684d2344300ec70fae0b50532ebace58f0e8318354a172cceacf27d01ff41cc8fef42443f62b0e15b5fcc0728630b96fb2c2b59634f4993bb1ce2eace6fb0f53e5f84bc5f58b1b66d59e3c75a98670496f105a703607211aa9e882e72f13e9fe07f0767ad4e5ac5c732b65301d8ceab36b5ff2f71958fb1b51d2e703ac506e68d4026160fd3f60440b8b8f554f1feeba5d53f71cbe60d143620f8fa779acb94c965b729207a5ab11f4a51b694c31606171da44a28d80cde296dff5724ff718d6377eb8534e616cff39af943ee4ce87b4fadded30c702d370a71072ab3e20f19b8c1b73fdbbb9c675352bb73ee85e22597fc0c439a33f5febe1629bd084af7193f8d1a1415b02ca54706711505cbae11ec6411b012cc3a3eddcfb002901b6e7565b9fbf4d605c147031888ceb590c14697d00970ce9095c6f7fee41ec6a15d7ef52dfedfff2a0d3dbb387b61232aee6ca202787038021e6aabda18e2adf6fd89aa491e65f9813d73412fbfff089752d713d7efa690ec4fc254b56908d3057f65997acf81aea589e272f8fa852849e488f1e0c0cb6cdb5f46ca92e36d39224e704850056d2e9b91909aed0f55d054e274415ecc39b8958335a14cfb0a42d7f26ef8e82592dfd03b3550b5193fba077994c682951968869574fd94976760d9bd9b334353eeda836cc8dab244e72095cc46833f02bb2f6df35601b3085664261abb67fc9ab9f27210e6827cd15ce16c55f0f7f5b8ab401f24032b19a53a9299b62ebf4a8cf7f4753d95126f008a8ce349036666de66bcaf40b27fa875efa98873e1ef9302e2a24bfe07bd1054bdf9ba9ad1b1075402f26d682833b947c762513ba5f07537bb712473184a60e04ace5adb8d982d6153b011ae0b2034adc0ff4a64e2c6561c2e0840cdab2120bc916cde9b7a92c4d332d0f83945fe55e3c8f4d93f22e7759c20241d92cca0ae5a3d06a127e5614df708cea1ad3b2f231c81460ff4c3f349c67a87135a4b67589ffce311832923f71796276e81f0537e265404c0ee06d5ed98a5ec5f8ad62db589eb585fc4627173b51fd4e897a3e8d2acbb82ec2996ac3a6823368a1e12a0536a9d1a7b2d31d80c46c292ff51395481d4f65c53fab867e27bec9156ee189d245d94877a1405dc9e1e996822ad47071a9ab36c9bfd02c41ea5ba21591793053b1b64758bae0addfcd69d169849bc1ee6ce5c08f0d3da5ecc1b6ab31e13af2fa5ce4d921163270901264a88ac6350e8fb6371663dd04146932238597258b123a8036250c190fbb3cfc6ebbf9e06c4a9053e8332c95c91a890a3d35ddd35f47e7ab606f3e345e12560e6d52243883da7b8910834042ad12e7fb3f08a0b14ef6aee22251999e6079be2ef5666d7d5ae00d161720262761da3f378c63cb151f4e94d034e9de949dfe796b905804ca555691023c30ea7cf0cb276e1e3ba65793291f8287d1064606bf5787421b9b9bfc05e9c5eac750de92519fe9e2592cd34a2ef6ec18efed5e7c13bfcfce47327cbecac358bbe6d44164849308cf91cd5ea87fa4b02ba4939e28141c7dad42714b019470d91808a8f46150677b6c90f267ecb39ef42afc95de0cbd016775c89d8213ec9d4e061e6493f237296f91abfc64176c0e885ef54af4136a724fadfe89a25d7599998acebc4a27f8fb5b26936bda5c3d5fec3373dcd9a0e99fc939641c50669adc54119582e8835575d1c57fa955cd29d870360620f91c3ff90d264013816352317ae226f7d7bad5db711f8973382f6cebd63cd519ddd08e1772649be75f64f4acc15f828dc0b305584b6dd2213194603c44e2964358d305aa97fb08568a0a955ad7a6f8d042754b4bbf2fb3414052719fd9841bef8360d1d3195c69414be882115c2c64fecdcbdaed3a2e943fdfef9a13520e41d32a787bcfe4f61e2b378d35aa70784a772cf8ebcaaeb105e4627516db2ababfcb8c11f224c3a48c86160d34d0ee59f02c31648ae4b0309b378f0bf63266967dcfb4f1cc1902f613c6d0d48915a9cf28a52b106544cde1b38ff2e2a1275fd0d3899ce7f7c6653c9017f7ac4aaa35bcb2811a8f9dbb56746b45475350e7c13d42abb5692377da7a4045ee644ce00f8699e3251d75621c82cd659ea3add277affe3ff792f7d24a3d0979ef82cfc0d409697ae2e8598854a8327f46974c901d309dc6dbe31913c59d821aa50c0fe95cc822e8f07bbb00e9a09bc9a570b9778d29308740bc336a41258d209c206f87a709aa43415da0096f7d177e509a7d625645fb098ccc45367d82235e952670ac5f82f8ced3f59fd9ee20ac75be609cc832417e807ddc40630cba4c91e0785edcb5f20b9e6dedb1ec172cd16fc034f410e9ce375ea855144aa3076317f649cf4efe4d7abf244984c4e", 0x1000}, 0x1006) write$eventfd(r4, &(0x7f0000000300), 0x8) write$P9_RMKNOD(r2, &(0x7f0000000180)={0x14, 0x13, 0x2, {0x0, 0x3, 0x1}}, 0x14) fcntl$getown(r2, 0x9) r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsetxattr(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="7379bbf99e56b82e"], &(0x7f00000002c0)='/dev/zero\x00', 0xa, 0x1) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(0xffffffffffffff9c, 0x84, 0x8, &(0x7f0000000340)=0x7, 0x4) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000240)="480000001400197f09004b0101048c590188ffffcf5d3474bc9240e10520613057fff7e07900e0fe5f0028213ee20600d4ff5bffff00c7e5ed5e00000000c8550000000000000000", 0x48}], 0x1) 13:46:46 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 330.567013] FAULT_FLAG_ALLOW_RETRY missing 30 [ 330.572515] CPU: 1 PID: 10870 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 330.579903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.589262] Call Trace: [ 330.589294] dump_stack+0x1c4/0x2b4 [ 330.589324] ? dump_stack_print_info.cold.2+0x52/0x52 [ 330.600725] ? kasan_check_write+0x14/0x20 [ 330.604980] ? do_raw_spin_lock+0xc1/0x200 [ 330.605009] handle_userfault.cold.33+0x47/0x62 [ 330.605040] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 330.618513] ? mark_held_locks+0x130/0x130 [ 330.618532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 330.618555] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 330.628330] ? select_task_rq_fair+0x34f0/0x34f0 [ 330.628347] ? reweight_task+0x130/0x130 [ 330.628384] ? print_usage_bug+0xc0/0xc0 [ 330.646557] ? print_usage_bug+0xc0/0xc0 [ 330.650627] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 330.656177] ? find_held_lock+0x36/0x1c0 [ 330.660246] ? graph_lock+0x170/0x170 [ 330.664073] ? __lock_acquire+0x7ec/0x4ec0 [ 330.668327] ? _raw_spin_unlock_irq+0x27/0x80 [ 330.672862] ? _raw_spin_unlock_irq+0x27/0x80 [ 330.677391] ? lockdep_hardirqs_on+0x421/0x5c0 [ 330.682002] ? find_held_lock+0x36/0x1c0 [ 330.686098] ? __handle_mm_fault+0x45dc/0x53e0 [ 330.690704] ? lock_downgrade+0x900/0x900 [ 330.694908] ? kasan_check_read+0x11/0x20 [ 330.699090] ? do_raw_spin_unlock+0xa7/0x2f0 [ 330.703520] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 330.708121] ? kasan_check_write+0x14/0x20 [ 330.712387] ? do_raw_spin_lock+0xc1/0x200 [ 330.716652] __handle_mm_fault+0x45ed/0x53e0 [ 330.721094] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 330.725949] ? graph_lock+0x170/0x170 [ 330.729752] ? print_usage_bug+0xc0/0xc0 [ 330.733868] ? graph_lock+0x170/0x170 [ 330.737687] ? graph_lock+0x170/0x170 [ 330.741538] ? handle_mm_fault+0x42a/0xc70 [ 330.745795] ? lock_downgrade+0x900/0x900 [ 330.749967] ? check_preemption_disabled+0x48/0x200 [ 330.755018] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 330.760834] ? kasan_check_read+0x11/0x20 [ 330.765006] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 330.770306] ? rcu_bh_qs+0xc0/0xc0 [ 330.773877] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 330.779349] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 330.784921] ? check_preemption_disabled+0x48/0x200 [ 330.789965] handle_mm_fault+0x54f/0xc70 [ 330.789988] ? __handle_mm_fault+0x53e0/0x53e0 [ 330.790009] ? find_vma+0x34/0x190 [ 330.798675] __do_page_fault+0x67d/0xed0 [ 330.806292] ? mm_fault_error+0x380/0x380 [ 330.810469] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 330.815515] ? graph_lock+0x170/0x170 [ 330.819348] do_page_fault+0xf2/0x7e0 [ 330.823193] ? vmalloc_sync_all+0x30/0x30 [ 330.827376] ? error_entry+0x76/0xd0 [ 330.831114] ? trace_hardirqs_off_caller+0xbb/0x310 [ 330.836156] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.841021] ? trace_hardirqs_on_caller+0x310/0x310 [ 330.846074] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.850943] page_fault+0x1e/0x30 [ 330.854423] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 13:46:46 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RATTACH(r3, &(0x7f0000000000)={0x14}, 0x14) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfffffec1) getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f00000006c0)=""/4096, &(0x7f00000005c0)=0x1000) splice(r1, 0x0, r3, 0x0, 0xffffbfffffffffff, 0x0) ioctl$BLKBSZSET(r0, 0x40081271, &(0x7f0000000080)=0xffffffff) recvmmsg(r2, &(0x7f0000007100)=[{{0x0, 0x0, &(0x7f0000003f40)=[{&(0x7f0000002e40)=""/4096, 0x1000}, {&(0x7f0000003e40)=""/228, 0xe4}], 0x2, &(0x7f0000003f80)=""/50, 0x32}, 0x9}, {{&(0x7f0000003fc0)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000004400)=[{&(0x7f0000004040)=""/237, 0xed}, {&(0x7f0000004140)=""/34, 0x22}, {&(0x7f0000004180)=""/234, 0xea}, {&(0x7f0000004280)=""/160, 0xa0}, {&(0x7f0000004340)=""/4, 0x4}, {&(0x7f0000004380)=""/93, 0x5d}], 0x6, &(0x7f00000016c0)=""/199, 0xc7, 0x20}, 0x7}, {{&(0x7f0000004580)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000004680)=[{&(0x7f0000004600)=""/96, 0x60}], 0x1, 0x0, 0x0, 0x17}, 0x8b5}, {{&(0x7f00000046c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000004ac0)=[{&(0x7f0000004740)=""/99, 0x63}, {&(0x7f00000047c0)=""/204, 0xcc}, {&(0x7f00000048c0)=""/249, 0xf9}, {&(0x7f00000049c0)=""/149, 0x95}, {&(0x7f0000004a80)=""/46, 0x2e}], 0x5, &(0x7f0000004b40)=""/129, 0x81, 0x1f}, 0x400}, {{&(0x7f0000004c00)=@nl=@proc, 0x80, &(0x7f0000005e00)=[{&(0x7f0000004c80)=""/11, 0xb}, {&(0x7f0000004cc0)=""/66, 0x42}, {&(0x7f0000004d40)=""/4096, 0x1000}, {&(0x7f0000005d40)=""/192, 0xc0}], 0x4, &(0x7f0000005e40)=""/4096, 0x1000, 0x8}, 0x1}, {{&(0x7f0000006e40)=@nl, 0x80, &(0x7f00000070c0)=[{&(0x7f0000006ec0)=""/17, 0x11}, {&(0x7f0000006f00)=""/228, 0xe4}, {&(0x7f0000007000)=""/154, 0x9a}], 0x3, 0x0, 0x0, 0x1}, 0x1f}], 0x6, 0x12123, &(0x7f0000007280)={0x77359400}) bind$bt_hci(r0, &(0x7f00000072c0)={0x1f, r4, 0x3}, 0xc) syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x8001, 0x5, &(0x7f0000000480)=[{&(0x7f0000000140)="b1786c5d538011bb46edd6fd1c94c5f8cb93aa265d90094b3e31336a41bb821d479a98936b6827d8841bcf9d8d5f3b289f1ece759bb76ec617b1dd458d17c030d025471000a974fe5fc73df49e373f3f1d112a22ef61d0ccc973659294c792b190b0d25e21b8076c36a89687670ca9f60ec91e39d886403e4ca99bb9532341e6d2662757c386c811559394300949eafffb715b08edaa031ab7a39b8a8b3355733d9b064940289b89d7264bb5102c09f82b", 0xb1}, {&(0x7f0000000200)="efda0a54533e21791a24d294ef8e40e1553725feebc2e41946d99b414fdba9e85991cbd6", 0x24, 0x6}, {&(0x7f0000000240)="6490e803ece6d38d51830ecbeb31d581143fe08e18c2f4ff8fd6fbd6ae66ef5507b5e57e0222299f86df59aaffa5a47dd8e746955fe123511240320920c90ea0b43e025abf9b82ec0e2a48c7d9a69c469df996916f4aca5fa618ae4a384282453db324b0e33e4fa11cfb10306c4c44276470b66077c470d72e6c951e5aa87f9dac1b1ccb56f042f7824462abdec36827e1e851577477cb2b795b18c9274778a7eab25f6a0ad156da7ffb4b687716559bf2a3dfeb76d40aa8dad3a057ec5c220df42aeefa770ff0e901dde67f6467f9297bafc2a30f6d7fd543fb4a0a886a6d5d897f1f296b29cb956ca51112234a", 0xee, 0x84a}, {&(0x7f0000000340)="009828ed9ded0e22b1bdccee3378b32cf8cd44a8d134d666bdad5f5ae669bb15767fb39bcf9d3bd6a749a6de3adc8d59ed3ea08fa8fe20a37613e6afe92a9599c58ee04fca3b879097c1bf97c9894b47431fdaee47", 0x55, 0x5b}, {&(0x7f00000003c0)="f54badd0816907aa1557d2a5fdfb3c806b0cdfb0e8e5697a44fac48ebe1469a498b8e669e4c2e1e4b8a17be48171a7649a6df4c3328deaee53a6fb3c2568098723ad383ec77ff3795bfc934a1029dc904769b9d89640684615ed43a1202582bcae9c6896bc7b399d5d669b9b18dd4b3e12fe471113e074fe8645fc55fabbc3ea74837ec86f980f153a58", 0x8a, 0x1000}], 0x2085011, &(0x7f0000000500)={[{@compress_algo={'compress', 0x3d, 'lzo'}}, {@fragment_metadata='fragment=metadata'}, {@barrier='barrier'}, {@noinode_cache='noinode_cache'}, {@compress_force_algo={'compress-force', 0x3d, 'lzo'}}, {@nodatasum='nodatasum'}, {@nodatasum='nodatasum'}, {@rescan_uuid_tree='rescan_uuid_tree'}, {@discard='discard'}], [{@obj_role={'obj_role', 0x3d, ')'}}, {@mask={'mask', 0x3d, '^MAY_READ'}}]}) 13:46:46 executing program 1: syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) syz_open_dev$binder(&(0x7f0000000640)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x9, 0x8000) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000040)={0x0, 'vlan0\x00', 0x3}, 0x18) execveat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f00000006c0), &(0x7f0000000740), 0x0) [ 330.860077] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 330.878996] RSP: 0018:ffff88018239f7f0 EFLAGS: 00010202 [ 330.884377] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 330.891651] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff88018239f890 [ 330.898939] RBP: ffff88018239f828 R08: ffffed0030473f13 R09: ffffed0030473f12 [ 330.906212] R10: ffffed0030473f12 R11: 0000000000000003 R12: 0000000020013004 [ 330.913487] R13: 0000000020013000 R14: ffff88018239f890 R15: 00007ffffffff000 [ 330.920787] ? _copy_from_user+0x10d/0x150 [ 330.925051] evdev_do_ioctl+0xb51/0x2180 [ 330.929142] ? str_to_user+0x90/0x90 [ 330.932884] ? graph_lock+0x170/0x170 [ 330.936708] ? do_futex+0x249/0x26d0 [ 330.940436] ? rcu_bh_qs+0xc0/0xc0 [ 330.944000] ? rcu_bh_qs+0xc0/0xc0 [ 330.947569] ? unwind_dump+0x190/0x190 [ 330.951812] ? find_held_lock+0x36/0x1c0 [ 330.955916] ? __fget+0x4aa/0x740 [ 330.959389] ? lock_downgrade+0x900/0x900 [ 330.963560] ? check_preemption_disabled+0x48/0x200 [ 330.968605] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 330.974415] ? kasan_check_read+0x11/0x20 [ 330.978584] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 330.983888] ? rcu_bh_qs+0xc0/0xc0 [ 330.987865] ? __fget+0x4d1/0x740 [ 330.991350] ? ksys_dup3+0x680/0x680 [ 330.995103] evdev_ioctl_handler+0x144/0x1a0 [ 330.999539] evdev_ioctl+0x27/0x2e [ 331.003106] ? evdev_ioctl_compat+0x30/0x30 [ 331.007448] do_vfs_ioctl+0x1de/0x1720 [ 331.011376] ? ioctl_preallocate+0x300/0x300 [ 331.015806] ? __fget_light+0x2e9/0x430 [ 331.019809] ? fget_raw+0x20/0x20 [ 331.023288] ? _copy_to_user+0xc8/0x110 [ 331.027285] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 331.032844] ? put_timespec64+0x10f/0x1b0 [ 331.037029] ? nsecs_to_jiffies+0x30/0x30 [ 331.041205] ? do_syscall_64+0x9a/0x820 [ 331.045201] ? do_syscall_64+0x9a/0x820 [ 331.049203] ? lockdep_hardirqs_on+0x421/0x5c0 [ 331.053817] ? security_file_ioctl+0x94/0xc0 [ 331.058782] ksys_ioctl+0xa9/0xd0 [ 331.062264] __x64_sys_ioctl+0x73/0xb0 [ 331.066178] do_syscall_64+0x1b9/0x820 [ 331.070082] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 331.075475] ? syscall_return_slowpath+0x5e0/0x5e0 [ 331.080430] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.085306] ? trace_hardirqs_on_caller+0x310/0x310 [ 331.090341] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 331.090373] ? prepare_exit_to_usermode+0x291/0x3b0 [ 331.090399] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.090423] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.100449] RIP: 0033:0x457579 [ 331.100467] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 331.100476] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 331.100494] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 331.100503] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 [ 331.100513] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 331.100523] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 13:46:46 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)) r0 = socket$netlink(0x10, 0x3, 0x9) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e24, @broadcast}, 0x10) readv(r0, &(0x7f00000003c0)=[{&(0x7f0000000100)=""/72, 0x48}], 0x1) ioctl$PPPIOCGMRU(r1, 0x80047453, &(0x7f0000000080)) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x4000, 0x0) syz_mount_image$msdos(&(0x7f0000000500)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f0000000540)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000580)=ANY=[]) r3 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000240)={0x0, 0x40, 0x0, 0x10001, 0x8}, &(0x7f0000000280)=0x14) fchdir(r3) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) inotify_init1(0x80000) write$UHID_INPUT(r4, &(0x7f0000000980)={0x8, "7c70ee3800d5ab5f2036f872e0ac57cbd592bca0d671633f50a3102066d6e765f5a64731e3fb8d90d250eda2cc33b60a7ff98074cdc3f1dd1a2df26a381d95974e0925d521c6b48c3dee0d430d398884316091aff6adb6153dc3c92549957d3488efc02d6f6fb172524b095c30c1bd35aae04236bdd42694d613eb54c0b65a338c48dc4c8bad70754fc81d9928e4a1b81f9c77075258a0805b4494867247966b24a023311fd91ef3754b98d3acde6f2ef0617f123c22fccb81c11389fdfa2e21c2365aabfc8916e02151d8643ae21cab7fcbec6142186d3bb57546c106484bc4c28a48da2b75dd82aabe99464558e60cd101f6b65856fabee614d271741a68dd550c8772f06a93cf8e5c0de549c3b75a72f8a590bd50b2af5f64009c969ed7596f0192b0f98b1afac0e8c5f4c653f611b4a71776400a9ae3f18e75f856788c97195749042510735880b9bb0ccb23210832a4f1c6f134d68f8e299837c426e0c9a45d5d2c959446cc363f370c67cd01a063c91254d692fe35abee92fabda4f66d93228c979ebe036c5c2e0028ec76562d67d0919ca28258fec0ed60603142b5c57c4cfb1ea1e892d0fd2f33970142b179c415d6bea344fbcc82d133052e848a885160737c69eb02ca9f544831c8e3ffcf40cb7b415d24795fc8aaeb8e76bec262aea5e28fe5d6495c4b5895a612b1cc2122286add66356f3ecd309f970634f1b09da1507964d35575167317f13c7fd9f11af27ceea86e9a5b3494a27ba98ba38dd1fb72ef2c6163664fd8f7c946935cd4833121f505ff277c03d959d9a12f3389e9eb6701a8b29f72c20c6abb7bd8349dd2e120bdd59dca9f1a2a877f1677b59d7920ddf29b9d94f7c6879b78e31cf1b65b60fe349ef9d4976f46609ee34e33f647aafbf64f6323d18598905f2e73af75661397595b8f9c1e9a4e993946820da5378ca5b363560e95edce316e99bac6e6250efcf1cb58fdcf94c7557c2d7f763a688543462d54b64e178c2e64c6ebba356894973051907fd8de8ba908e822168b171c1707efcd9ac827e64313721876e2ff26ac34e88557a4a0dfde08eda81cf0c1465a89b68429e48966044c767563e1121db48c9b619fd7362afd15ec6aa19b28759d7977be4fbcad0cf8dd5dc5362259bd5cb5089a9d18db969afe1192571f5fcc0c4d6be281d23b9c1f9f32873c058adfa1bf57a3718686957edfd6e4b58aa959541127696d59fb2810d042ced227961eb19a424e4cf45bc6243217bb7561b7ee11f8c0b8f39480343a26f2da5fe79d5e213c01ea47155ffa91e7d7ba0bc8ccb018bd69cfe71dd8565a645d678b404a295397e83ae69dbf8505f6947a836b44823a92861124330fccd4bc4a2e20d9047bd919d82c89623caa87eb09bd584d58f42b35ef55fddc06dfb3957f3f507e5ca9b8b98947cc5bb68846755527ddf32ffa444e1c7a5654d4d377e04a9f22e1069804fdcdb251acb6bd6b32d100feb44286991d779d2b3e2b7f5cc5f8eb3ae166a3b6fb9df11e1867989a6f9b2028e4c73b4d418b51f6e870713cadafddb47a48c9a97283da214f02db3326d42438d9a7db580693ad1887f99d86bb5fafd6d07c2647fc80c2c5a1ed9ea3b95be65ca422080ddefca5b49ccd538f6bc67390f892d9e416f7e835f76dd90edc56256348d20560caeea05c0922cab60dbf0b57ddaaed6ded5a336e01485fd571dc12050461271cee347c31ac245bfee9128630dfcc43b6d88b5ba9937a6f6ab70b7d256784ff72297cfcfd0ffacd09b55fb832bf60f04d87c48c74972b9f18fa178ce4880b025d1c1097ddb929e8f7e02f1c0e03012bec0fa61a49eb1c2a50a45fc0d98b6649de325184006938e421321e8b366649d9b6ebadf77509c9d48844e80f7752fd7daaa5c938b946feaaac0d871203270a747035c7e2f697c84e792a55cbce76c0a25360f7acbeaab60627aa9c37064af75b67f46732844eb2f6b37226004afe451a9fbfbbcf7e72ade67b017e9209b5627fbe16789abd90326751a1fd1d93efc59f2650f979ba71938d784064922bee2874c4b76d5f26e39ea0a98cf175950137feff9456c88c6a295830183fae3a9c2312c25f3d81708d73488d15a587e7e7cdde3b77917eef29c8b5965c916a65c3c5a53b7313c3115d0a8bb4e16f6b80ff6f78adb756aba94ced86047562a2cd2fb25e9a4656f6359c3f2fde8b5ab38852853cbd7221cb4d59b7f0e79bd37f9ade073f62b75edbe63c13c0d02bf076d88f5b750ea640aad47ce97d6a0783398dd3fbb63734ed969470cf45200235650532224fc28caf1e36ca6b402ec4c978add40fc59f2113485875682139f8aa9aeb48d09178de919370b0cd0ebcab5e60e1b0a2fc153db0dae8e50b48561622a677d0f1afc149676f832e016e14007fb298dcb96f11a92a1ac8bd4cc7b34d659d6cd2c9817b586585e72080255b083bc84512277ffb7f561c6a7a08cd128bfe9b525da531f0bf04f11d3de102b3538835807ac0b2f4325fc6765d02d692ec82f5b338c8257029136fcd3427c09874ecc7492becdd6608eac4adf1abc3f7e08868a72e57ce4dcfc288a25af73d19f1118a9254963c1548cdca5fc7c921a7f218f8e71edd7969dfb35beae1091d7530e32236397fa9fcd232b441ff1b0177829468c198d659d247ccca4fbd58c625501e4368075d0e5e69a6f90952f5bbe48e85a303131dedf7f1a513b291598a545784e1013521877c25d6069d3a855652a4bad5b2df2e4da2de756a20e790b756dd2925ce824561e5892b5e064c7c7b996acc4e29597e0cd00956e9c57ec374714f846be7632d3075e38bead499163498810886c78a2cc73fb64fd48e186083ce911e0751b4dc63476859c2824fa532a4b1711c244619e702eeab19380aeb7b17f67fade3dcad8ddddd893a526cd5d04d8ae982c88029ec71bdd0772fd74adbdb378fc204ca411a2d8a50331516a28552be78f9725f32d1b3a6c7bdf3277c5f7e385c7ebbacc419ec7ca3c5b8f46dbefee59b6422a6b22d60527edc012f852077d925619874f7709f283e01678fed36528003a696ee431a817f34f453c143dc56b70e1f810a5380a555cc8c4fc6522ab544ce5d715caa302ebdd0aa8286b7ef5dd6dd48a8ad9566818f7509daf02db0b98b432f57f1d107ee95a86228728cab4062e27922381e1e2ee351af5e2ea0fd6d1cea70b3b8f4a50f0776fc9aa2a7d2dff6e1ea3769864104f09137b99960b69af13895d842649eacaed8ddf183beba3323640af8deb52b902c0974d685d19fc87c93eb80ad5d28e54363705ad39231d989522e94f000256bc8d93af138a45d67dad3e21fa9fb31d9327c6e71f61956d9daf4f97333112704136d3d1bf6fe0e4c002e10b684d2344300ec70fae0b50532ebace58f0e8318354a172cceacf27d01ff41cc8fef42443f62b0e15b5fcc0728630b96fb2c2b59634f4993bb1ce2eace6fb0f53e5f84bc5f58b1b66d59e3c75a98670496f105a703607211aa9e882e72f13e9fe07f0767ad4e5ac5c732b65301d8ceab36b5ff2f71958fb1b51d2e703ac506e68d4026160fd3f60440b8b8f554f1feeba5d53f71cbe60d143620f8fa779acb94c965b729207a5ab11f4a51b694c31606171da44a28d80cde296dff5724ff718d6377eb8534e616cff39af943ee4ce87b4fadded30c702d370a71072ab3e20f19b8c1b73fdbbb9c675352bb73ee85e22597fc0c439a33f5febe1629bd084af7193f8d1a1415b02ca54706711505cbae11ec6411b012cc3a3eddcfb002901b6e7565b9fbf4d605c147031888ceb590c14697d00970ce9095c6f7fee41ec6a15d7ef52dfedfff2a0d3dbb387b61232aee6ca202787038021e6aabda18e2adf6fd89aa491e65f9813d73412fbfff089752d713d7efa690ec4fc254b56908d3057f65997acf81aea589e272f8fa852849e488f1e0c0cb6cdb5f46ca92e36d39224e704850056d2e9b91909aed0f55d054e274415ecc39b8958335a14cfb0a42d7f26ef8e82592dfd03b3550b5193fba077994c682951968869574fd94976760d9bd9b334353eeda836cc8dab244e72095cc46833f02bb2f6df35601b3085664261abb67fc9ab9f27210e6827cd15ce16c55f0f7f5b8ab401f24032b19a53a9299b62ebf4a8cf7f4753d95126f008a8ce349036666de66bcaf40b27fa875efa98873e1ef9302e2a24bfe07bd1054bdf9ba9ad1b1075402f26d682833b947c762513ba5f07537bb712473184a60e04ace5adb8d982d6153b011ae0b2034adc0ff4a64e2c6561c2e0840cdab2120bc916cde9b7a92c4d332d0f83945fe55e3c8f4d93f22e7759c20241d92cca0ae5a3d06a127e5614df708cea1ad3b2f231c81460ff4c3f349c67a87135a4b67589ffce311832923f71796276e81f0537e265404c0ee06d5ed98a5ec5f8ad62db589eb585fc4627173b51fd4e897a3e8d2acbb82ec2996ac3a6823368a1e12a0536a9d1a7b2d31d80c46c292ff51395481d4f65c53fab867e27bec9156ee189d245d94877a1405dc9e1e996822ad47071a9ab36c9bfd02c41ea5ba21591793053b1b64758bae0addfcd69d169849bc1ee6ce5c08f0d3da5ecc1b6ab31e13af2fa5ce4d921163270901264a88ac6350e8fb6371663dd04146932238597258b123a8036250c190fbb3cfc6ebbf9e06c4a9053e8332c95c91a890a3d35ddd35f47e7ab606f3e345e12560e6d52243883da7b8910834042ad12e7fb3f08a0b14ef6aee22251999e6079be2ef5666d7d5ae00d161720262761da3f378c63cb151f4e94d034e9de949dfe796b905804ca555691023c30ea7cf0cb276e1e3ba65793291f8287d1064606bf5787421b9b9bfc05e9c5eac750de92519fe9e2592cd34a2ef6ec18efed5e7c13bfcfce47327cbecac358bbe6d44164849308cf91cd5ea87fa4b02ba4939e28141c7dad42714b019470d91808a8f46150677b6c90f267ecb39ef42afc95de0cbd016775c89d8213ec9d4e061e6493f237296f91abfc64176c0e885ef54af4136a724fadfe89a25d7599998acebc4a27f8fb5b26936bda5c3d5fec3373dcd9a0e99fc939641c50669adc54119582e8835575d1c57fa955cd29d870360620f91c3ff90d264013816352317ae226f7d7bad5db711f8973382f6cebd63cd519ddd08e1772649be75f64f4acc15f828dc0b305584b6dd2213194603c44e2964358d305aa97fb08568a0a955ad7a6f8d042754b4bbf2fb3414052719fd9841bef8360d1d3195c69414be882115c2c64fecdcbdaed3a2e943fdfef9a13520e41d32a787bcfe4f61e2b378d35aa70784a772cf8ebcaaeb105e4627516db2ababfcb8c11f224c3a48c86160d34d0ee59f02c31648ae4b0309b378f0bf63266967dcfb4f1cc1902f613c6d0d48915a9cf28a52b106544cde1b38ff2e2a1275fd0d3899ce7f7c6653c9017f7ac4aaa35bcb2811a8f9dbb56746b45475350e7c13d42abb5692377da7a4045ee644ce00f8699e3251d75621c82cd659ea3add277affe3ff792f7d24a3d0979ef82cfc0d409697ae2e8598854a8327f46974c901d309dc6dbe31913c59d821aa50c0fe95cc822e8f07bbb00e9a09bc9a570b9778d29308740bc336a41258d209c206f87a709aa43415da0096f7d177e509a7d625645fb098ccc45367d82235e952670ac5f82f8ced3f59fd9ee20ac75be609cc832417e807ddc40630cba4c91e0785edcb5f20b9e6dedb1ec172cd16fc034f410e9ce375ea855144aa3076317f649cf4efe4d7abf244984c4e", 0x1000}, 0x1006) write$eventfd(r4, &(0x7f0000000300), 0x8) write$P9_RMKNOD(r2, &(0x7f0000000180)={0x14, 0x13, 0x2, {0x0, 0x3, 0x1}}, 0x14) fcntl$getown(r2, 0x9) r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsetxattr(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="7379bbf99e56b82e"], &(0x7f00000002c0)='/dev/zero\x00', 0xa, 0x1) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(0xffffffffffffff9c, 0x84, 0x8, &(0x7f0000000340)=0x7, 0x4) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000240)="480000001400197f09004b0101048c590188ffffcf5d3474bc9240e10520613057fff7e07900e0fe5f0028213ee20600d4ff5bffff00c7e5ed5e00000000c8550000000000000000", 0x48}], 0x1) 13:46:46 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x200000000000000c) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="1f00f70bf798cbf6dd9462f5130e7eb939dd00000203190000000700000006", 0x1f}], 0xfffff75) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000180)="1f0000000203193b000007000000068100023b050900020000004042020058", 0x1f}], 0x1) 13:46:46 executing program 1: mount(&(0x7f0000000340)=ANY=[@ANYBLOB="8f248c624e6d3ed5012415dfd86c4acd11fcd8bc172e1a82294a183bf685b2afcbaf3ec95ab5f5385a482d4b18e78263582fd1cbb72e93910d17f86bd7425c6c4295dd8714a8de972bac530c7437a7efb16481a6daa1"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='dax\x00', 0x100000, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) mount(&(0x7f0000000500)=ANY=[@ANYBLOB="2fecf320641198dd3000"], &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='hfsplus\x00', 0x0, 0x0) r1 = msgget(0x2, 0x100) msgsnd(r1, &(0x7f0000000240)={0x2, "8f792e3e4fdfef048b7f2bcbf0a115bdee40458aa3c86658a42b10ae8a1a97cd4cf2b3284e294ed4c7b9c8c8cb2f0719d1998a3f010b36e69a046f3835d96cc4e45034ae225950045aba2537d49d8a65a7ab7c2383f9e4a7ebf8cc79ee474f6c05f8d7cb0c93476d94f5a714bfbff00a6a948fc551aae7e47ac6779dca2b6c635cc5862092b9c21163850c836bc0a48bdb10ee3f6178e4a1bb59a3cbfe2250e5cb3bf7aaf25f400b555bd33d1dd39106be59fad31a1071580f8c06f579d046485622bf92"}, 0xcc, 0x800) fsetxattr(r0, &(0x7f0000000100)=@known='system.sockprotoname\x00', &(0x7f0000000140)='hfsplus\x00', 0x8, 0x3) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x0}]}) ioctl$DRM_IOCTL_RM_CTX(r0, 0xc0086421, &(0x7f0000000200)={r2, 0x2}) 13:46:46 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0], 0x2}) write$tun(r1, &(0x7f0000000280)={@val={0x2}, @val={0x0, 0x2, 0xffffff7f}, @ipv4={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @multicast2}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}, 0x36) 13:46:46 executing program 1: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x2) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000004679424fbca2df3921251814e8c1522b8fa87589a8f9bff3"], 0x39) [ 331.100538] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:46 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(0xffffffffffffffff) 13:46:46 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:46 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f0000000280), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=@getrule={0x14, 0x22, 0x401}, 0x14}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2(&(0x7f0000000300), 0x4000) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) connect$netlink(r0, &(0x7f00000000c0)=@proc={0x10, 0x0, 0x25dfdbfd}, 0xc) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000240)={0x400, 0x0, 0x1, 0x1000}) ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f00000002c0)={r3, 0x3ff}) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=@expire={0xf8, 0x18, 0x1, 0x0, 0x0, {{{@in6, @in6=@dev}, {@in6=@remote}, @in6=@ipv4={[], [], @broadcast}}}}, 0xf8}, 0x8}, 0x0) 13:46:47 executing program 1: fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000001400)='trusted.overlay.opaque\x00', &(0x7f0000002500)='y\x00', 0x2, 0x0) fadvise64(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, &(0x7f0000000280)}}], 0x1, 0x0, &(0x7f0000003280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_flowlabel\x00') preadv(r1, &(0x7f00000017c0), 0x1bd, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) write$P9_RGETLOCK(r0, &(0x7f0000000040)={0x35, 0x37, 0x1, {0x1, 0x3, 0x4, r2, 0x17, 'trusted.overlay.opaque\x00'}}, 0x35) [ 331.338436] netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'. [ 331.387327] FAULT_FLAG_ALLOW_RETRY missing 30 [ 331.392263] CPU: 1 PID: 10918 Comm: syz-executor5 Not tainted 4.19.0-rc5+ #261 [ 331.399651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 331.409025] Call Trace: [ 331.411645] dump_stack+0x1c4/0x2b4 [ 331.415325] ? dump_stack_print_info.cold.2+0x52/0x52 [ 331.420559] ? kasan_check_write+0x14/0x20 [ 331.424820] ? do_raw_spin_lock+0xc1/0x200 [ 331.429130] handle_userfault.cold.33+0x47/0x62 [ 331.433835] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 331.438455] ? mark_held_locks+0x130/0x130 [ 331.442716] ? print_usage_bug+0xc0/0xc0 [ 331.446801] ? drain_local_pages_wq+0x40/0x40 [ 331.451310] ? lockdep_hardirqs_on+0x421/0x5c0 [ 331.455912] ? trace_hardirqs_on+0xbd/0x310 [ 331.460260] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 331.465738] ? print_usage_bug+0xc0/0xc0 [ 331.469819] ? print_usage_bug+0xc0/0xc0 [ 331.473912] ? __free_pages_ok+0x915/0x1660 [ 331.478253] ? __free_pages_ok+0x915/0x1660 [ 331.482592] ? lockdep_hardirqs_on+0x421/0x5c0 [ 331.487190] ? trace_hardirqs_on+0xbd/0x310 [ 331.491527] ? __free_pages+0x149/0x190 [ 331.495534] ? graph_lock+0x170/0x170 [ 331.499368] ? __lock_acquire+0x7ec/0x4ec0 [ 331.503637] ? find_held_lock+0x36/0x1c0 [ 331.507727] ? __handle_mm_fault+0x45dc/0x53e0 [ 331.512327] ? lock_downgrade+0x900/0x900 [ 331.516508] ? kasan_check_read+0x11/0x20 [ 331.520677] ? do_raw_spin_unlock+0xa7/0x2f0 [ 331.525103] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 331.529701] ? kasan_check_write+0x14/0x20 [ 331.533959] ? do_raw_spin_lock+0xc1/0x200 [ 331.538223] __handle_mm_fault+0x45ed/0x53e0 [ 331.542663] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 331.547521] ? graph_lock+0x170/0x170 [ 331.551335] ? graph_lock+0x170/0x170 [ 331.555159] ? print_usage_bug+0xc0/0xc0 [ 331.559239] ? print_usage_bug+0xc0/0xc0 [ 331.563318] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 331.568887] ? graph_lock+0x170/0x170 [ 331.572708] ? graph_lock+0x170/0x170 [ 331.576551] ? handle_mm_fault+0x42a/0xc70 [ 331.580807] ? lock_downgrade+0x900/0x900 [ 331.585000] ? check_preemption_disabled+0x48/0x200 [ 331.590040] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 331.595861] ? kasan_check_read+0x11/0x20 [ 331.600034] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 331.605333] ? rcu_bh_qs+0xc0/0xc0 [ 331.608897] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 331.614372] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 331.619931] ? check_preemption_disabled+0x48/0x200 [ 331.624976] handle_mm_fault+0x54f/0xc70 [ 331.629065] ? __handle_mm_fault+0x53e0/0x53e0 [ 331.633673] ? find_vma+0x34/0x190 [ 331.637239] __do_page_fault+0x67d/0xed0 [ 331.641317] ? __switch_to_asm+0x34/0x70 [ 331.645446] ? mm_fault_error+0x380/0x380 [ 331.649611] ? graph_lock+0x170/0x170 [ 331.653443] do_page_fault+0xf2/0x7e0 [ 331.657270] ? vmalloc_sync_all+0x30/0x30 [ 331.661439] ? error_entry+0x76/0xd0 [ 331.665172] ? trace_hardirqs_off_caller+0xbb/0x310 [ 331.670212] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.675074] ? trace_hardirqs_on_caller+0x310/0x310 [ 331.680124] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.684996] page_fault+0x1e/0x30 [ 331.688469] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 331.694111] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 331.713059] RSP: 0018:ffff88017f85f7f0 EFLAGS: 00010202 [ 331.718414] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 331.725672] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff88017f85f890 [ 331.732938] RBP: ffff88017f85f828 R08: ffffed002ff0bf13 R09: ffffed002ff0bf12 [ 331.732955] R10: ffffed002ff0bf12 R11: 0000000000000003 R12: 0000000020013004 [ 331.747503] R13: 0000000020013000 R14: ffff88017f85f890 R15: 00007ffffffff000 [ 331.747548] ? _copy_from_user+0x10d/0x150 [ 331.759055] evdev_do_ioctl+0xb51/0x2180 [ 331.763145] ? str_to_user+0x90/0x90 [ 331.766883] ? graph_lock+0x170/0x170 [ 331.770708] ? do_futex+0x249/0x26d0 [ 331.774441] ? rcu_bh_qs+0xc0/0xc0 [ 331.778006] ? rcu_bh_qs+0xc0/0xc0 [ 331.781563] ? unwind_dump+0x190/0x190 [ 331.785477] ? find_held_lock+0x36/0x1c0 [ 331.789579] ? __fget+0x4aa/0x740 [ 331.793057] ? lock_downgrade+0x900/0x900 [ 331.797225] ? check_preemption_disabled+0x48/0x200 [ 331.802264] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 331.808074] ? kasan_check_read+0x11/0x20 [ 331.812245] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 331.817540] ? rcu_bh_qs+0xc0/0xc0 [ 331.821113] ? __fget+0x4d1/0x740 [ 331.824598] ? ksys_dup3+0x680/0x680 [ 331.828346] evdev_ioctl_handler+0x144/0x1a0 [ 331.832778] evdev_ioctl+0x27/0x2e [ 331.836339] ? evdev_ioctl_compat+0x30/0x30 [ 331.840690] do_vfs_ioctl+0x1de/0x1720 [ 331.844609] ? ioctl_preallocate+0x300/0x300 [ 331.849036] ? __fget_light+0x2e9/0x430 [ 331.853033] ? fget_raw+0x20/0x20 [ 331.856498] ? _copy_to_user+0xc8/0x110 [ 331.860501] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 331.866053] ? put_timespec64+0x10f/0x1b0 [ 331.870225] ? nsecs_to_jiffies+0x30/0x30 [ 331.874405] ? do_syscall_64+0x9a/0x820 [ 331.878397] ? do_syscall_64+0x9a/0x820 [ 331.882391] ? lockdep_hardirqs_on+0x421/0x5c0 13:46:47 executing program 1: r0 = open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = open(&(0x7f0000ddd000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f0000000000)={'syzkaller0\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}}) fcntl$setlease(r1, 0x400, 0x2) socket$can_raw(0x1d, 0x3, 0x1) [ 331.886999] ? security_file_ioctl+0x94/0xc0 [ 331.891428] ksys_ioctl+0xa9/0xd0 [ 331.894907] __x64_sys_ioctl+0x73/0xb0 [ 331.898810] do_syscall_64+0x1b9/0x820 [ 331.902829] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 331.908230] ? syscall_return_slowpath+0x5e0/0x5e0 [ 331.913177] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.918048] ? trace_hardirqs_on_caller+0x310/0x310 [ 331.923083] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 331.928119] ? prepare_exit_to_usermode+0x291/0x3b0 [ 331.933157] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.938021] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.943220] RIP: 0033:0x457579 [ 331.946431] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 331.965344] RSP: 002b:00007f8bf7b46c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 331.973076] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 331.980356] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 13:46:47 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000340)=0xbdb, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = memfd_create(&(0x7f0000000000)='\x00', 0x4) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000240)='/dev/null\x00', 0x0, 0x0) getsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000140)=0xfffffffffffffff9, &(0x7f0000000200)=0x4) ftruncate(r1, 0x1000000) sendfile(r0, r1, &(0x7f00000037c0)=0xf10001, 0xfffffdef) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000380)={0x2, 0x400, 0x0, 'queue1\x00'}) ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000080)=0x0) write$FUSE_LK(r1, &(0x7f00000000c0)={0x28, 0x0, 0x5, {{0x1, 0x2, 0x3, r3}}}, 0x28) connect$netlink(r0, &(0x7f0000000040)=@kern={0x10, 0x0, 0x0, 0x10000020}, 0xc) 13:46:47 executing program 1: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x40, 0x200) ioctl$sock_SIOCGIFCONF(r0, 0x8910, &(0x7f0000000240)=@buf={0x99, &(0x7f0000000540)="b928e1a9ff015a3b14f1e9c4a5c62e877957091e4503639b1d25f5d68f9dca0de4dc6ee607c51d20e442ebceb641f6b9d8b882d84bf4b74f08866610ab77ee382a72eb2fc64c6838e5bb385a2a0a5f634d2f5196c5bd7f9b3ae3b4d9ab9ca7e4b7f9cc7b43a3fe61246973dbfb3a16f524e9547165c9d0f5ca935f3198581e7fc9e9bdb16e89ca87ea8e495c71c211381a17a1ba113fe7ca9f"}) setxattr$trusted_overlay_nlink(&(0x7f0000000340)='./file0/file0/file0\x00', &(0x7f0000000300)='trusted.overlay.nlink\x00', &(0x7f0000000280)={'L-', 0xa26}, 0x28, 0x1) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000100)={0x3, 0x3, 0x3f3, 0x1793ba91f69f4cb0, 0xf0}) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="9000abc24cf7c845a1ab8bb7c4e94cb1c0aed92dfd6e614889e53d644562dea9ca2d4209c4112f4da65f0aaa077938d1cd6e80330bdefe2bc7dd08ed82942037aa51af9b4c6754973976d6fafe98d618bab998d4c0fc2b9398"], &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='nfs\x00', 0x0, 0x0) sendmmsg$alg(r0, &(0x7f0000000180)=[{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)="bc92d978b4ab3c8c5b083307ae37714d9ce8a16d945fdfd3e9c1cfb697cdb93f3a86d86610075ea86cf1d987d323859cc6f62404c789ea9558f03b8b88b09265855d5a4e5224164c5b50c45c9f000f52119f29bbeb55e35fb42b2d19a1751fa14ad0678b20e37cde3c0d3891cba18991a564ed8a32bc57d834caeb43f73c152ca12e3950ae5f313a9ca3b1b7f0a3f85c3216a7b31aba", 0x96}], 0x1, &(0x7f0000000440)=[@op={0x18, 0x117, 0x3, 0x1}, @op={0x18}, @iv={0x80, 0x117, 0x2, 0x67, "31a0dfcfeca2beb4bec090824d8b67ee1df6cda6edc91d53a527d44f7a66c06bff582f32f584420b03224786c5b8321092f5ca77ab4e713eb549b8f8e6554efd5f790d4e66c95d8055a20813fe8c228f35b0c0cffe8659823551b2b608ec9ff0c342d91b7ccb5b"}, @op={0x18, 0x117, 0x3, 0x1}], 0xc8, 0x1}], 0x1, 0x4000000) 13:46:47 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='map_files\x00') getdents(r0, &(0x7f0000000200)=""/127, 0x7f) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x6000, 0x0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000000)={0x0, @multicast2, @multicast1}, &(0x7f0000000040)=0xc) getdents64(r0, &(0x7f0000000140)=""/181, 0xb5) 13:46:47 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_void(r0, 0x29, 0x1b, 0x0, 0x300) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x145000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r1, &(0x7f0000000100)={0x10, 0x30, 0xfa00, {&(0x7f0000000040), 0x2, {0xa, 0x4e20, 0xffffffff80000001, @local, 0x10000}, r2}}, 0x38) [ 331.987656] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 331.994946] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8bf7b476d4 [ 332.002235] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:47 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) syz_open_pts(r0, 0x101) 13:46:47 executing program 3: r0 = socket$kcm(0x2, 0x5, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0xb, &(0x7f0000000540), 0x2) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000000)={0x0, @speck128}) sendmsg$kcm(r0, &(0x7f0000001d40)={&(0x7f0000000740)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000001bc0)="01", 0x1}], 0x1, &(0x7f0000001c80)}, 0x0) clock_gettime(0x0, &(0x7f00000019c0)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000004480)=[{{0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)=""/177, 0xb1}}, {{0x0, 0xfffffffffffffe89, &(0x7f0000000b80), 0x295, &(0x7f0000000c00)=""/12, 0xc}}], 0x2, 0x0, &(0x7f0000001d00)={0x0, r1+30000000}) 13:46:47 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:47 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(0xffffffffffffffff) 13:46:47 executing program 1 (fault-call:7 fault-nth:0): mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:47 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000000)) getsockopt$packet_int(r0, 0x107, 0x0, &(0x7f00000001c0), &(0x7f0000000180)=0x7a) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x40001, 0x0) getsockopt$XDP_STATISTICS(r2, 0x11b, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x18) [ 332.423952] FAULT_FLAG_ALLOW_RETRY missing 30 [ 332.431920] CPU: 0 PID: 10970 Comm: syz-executor5 Not tainted 4.19.0-rc5+ #261 [ 332.439333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.448696] Call Trace: [ 332.451317] dump_stack+0x1c4/0x2b4 [ 332.454976] ? dump_stack_print_info.cold.2+0x52/0x52 [ 332.460190] ? kasan_check_write+0x14/0x20 [ 332.464453] ? do_raw_spin_lock+0xc1/0x200 [ 332.468722] handle_userfault.cold.33+0x47/0x62 [ 332.473454] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 332.478056] ? mark_held_locks+0x130/0x130 [ 332.482312] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.487892] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 332.493282] ? select_task_rq_fair+0x34f0/0x34f0 [ 332.498057] ? reweight_task+0x130/0x130 [ 332.502153] ? print_usage_bug+0xc0/0xc0 [ 332.506234] ? print_usage_bug+0xc0/0xc0 [ 332.510313] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.515896] ? find_held_lock+0x36/0x1c0 [ 332.519979] ? graph_lock+0x170/0x170 [ 332.523803] ? __lock_acquire+0x7ec/0x4ec0 [ 332.528057] ? _raw_spin_unlock_irq+0x27/0x80 [ 332.532573] ? _raw_spin_unlock_irq+0x27/0x80 [ 332.537088] ? lockdep_hardirqs_on+0x421/0x5c0 [ 332.541696] ? find_held_lock+0x36/0x1c0 [ 332.545784] ? __handle_mm_fault+0x45dc/0x53e0 [ 332.550394] ? lock_downgrade+0x900/0x900 [ 332.554567] ? kasan_check_read+0x11/0x20 [ 332.558737] ? do_raw_spin_unlock+0xa7/0x2f0 [ 332.563164] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 332.567764] ? kasan_check_write+0x14/0x20 [ 332.572016] ? do_raw_spin_lock+0xc1/0x200 [ 332.576280] __handle_mm_fault+0x45ed/0x53e0 [ 332.580716] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 332.585576] ? graph_lock+0x170/0x170 [ 332.589417] ? print_usage_bug+0xc0/0xc0 [ 332.593509] ? graph_lock+0x170/0x170 [ 332.597347] ? graph_lock+0x170/0x170 [ 332.601184] ? handle_mm_fault+0x42a/0xc70 [ 332.605441] ? lock_downgrade+0x900/0x900 [ 332.609603] ? check_preemption_disabled+0x48/0x200 [ 332.614662] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 332.620467] ? kasan_check_read+0x11/0x20 [ 332.624610] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 332.629894] ? rcu_bh_qs+0xc0/0xc0 [ 332.633452] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 332.638899] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 332.644428] ? check_preemption_disabled+0x48/0x200 [ 332.649453] handle_mm_fault+0x54f/0xc70 [ 332.653517] ? __handle_mm_fault+0x53e0/0x53e0 [ 332.658091] ? find_vma+0x34/0x190 [ 332.661634] __do_page_fault+0x67d/0xed0 [ 332.665702] ? mm_fault_error+0x380/0x380 [ 332.669842] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 332.674877] ? graph_lock+0x170/0x170 [ 332.678685] do_page_fault+0xf2/0x7e0 [ 332.682473] ? vmalloc_sync_all+0x30/0x30 [ 332.686610] ? error_entry+0x76/0xd0 [ 332.690314] ? trace_hardirqs_off_caller+0xbb/0x310 [ 332.695349] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.700194] ? trace_hardirqs_on_caller+0x310/0x310 [ 332.705225] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.710083] page_fault+0x1e/0x30 [ 332.713532] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 332.719148] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 332.738039] RSP: 0018:ffff88017f85f7f0 EFLAGS: 00010202 [ 332.743400] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 332.750672] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff88017f85f890 [ 332.757945] RBP: ffff88017f85f828 R08: ffffed002ff0bf13 R09: ffffed002ff0bf12 [ 332.765202] R10: ffffed002ff0bf12 R11: 0000000000000003 R12: 0000000020013004 [ 332.772461] R13: 0000000020013000 R14: ffff88017f85f890 R15: 00007ffffffff000 [ 332.779737] ? _copy_from_user+0x10d/0x150 [ 332.783984] evdev_do_ioctl+0xb51/0x2180 [ 332.788039] ? str_to_user+0x90/0x90 [ 332.791747] ? graph_lock+0x170/0x170 [ 332.795542] ? do_futex+0x249/0x26d0 [ 332.799263] ? rcu_bh_qs+0xc0/0xc0 [ 332.802806] ? rcu_bh_qs+0xc0/0xc0 [ 332.806336] ? unwind_dump+0x190/0x190 [ 332.810220] ? find_held_lock+0x36/0x1c0 [ 332.814279] ? __fget+0x4aa/0x740 [ 332.817725] ? lock_downgrade+0x900/0x900 [ 332.821880] ? check_preemption_disabled+0x48/0x200 [ 332.826908] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 332.832692] ? kasan_check_read+0x11/0x20 [ 332.836831] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 332.842130] ? rcu_bh_qs+0xc0/0xc0 [ 332.845669] ? __fget+0x4d1/0x740 [ 332.849121] ? ksys_dup3+0x680/0x680 [ 332.852831] evdev_ioctl_handler+0x144/0x1a0 [ 332.857257] evdev_ioctl+0x27/0x2e [ 332.860803] ? evdev_ioctl_compat+0x30/0x30 [ 332.865126] do_vfs_ioctl+0x1de/0x1720 [ 332.869026] ? ioctl_preallocate+0x300/0x300 [ 332.873427] ? __fget_light+0x2e9/0x430 [ 332.877397] ? fget_raw+0x20/0x20 [ 332.880859] ? _copy_to_user+0xc8/0x110 [ 332.884833] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 332.890398] ? put_timespec64+0x10f/0x1b0 [ 332.894541] ? nsecs_to_jiffies+0x30/0x30 [ 332.898685] ? do_syscall_64+0x9a/0x820 [ 332.902660] ? do_syscall_64+0x9a/0x820 [ 332.906643] ? lockdep_hardirqs_on+0x421/0x5c0 [ 332.911223] ? security_file_ioctl+0x94/0xc0 [ 332.915624] ksys_ioctl+0xa9/0xd0 [ 332.919076] __x64_sys_ioctl+0x73/0xb0 [ 332.922974] do_syscall_64+0x1b9/0x820 [ 332.926867] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 332.932239] ? syscall_return_slowpath+0x5e0/0x5e0 [ 332.937176] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.942031] ? trace_hardirqs_on_caller+0x310/0x310 [ 332.947055] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 332.952080] ? prepare_exit_to_usermode+0x291/0x3b0 [ 332.957112] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.961951] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 332.967129] RIP: 0033:0x457579 [ 332.970314] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 332.989203] RSP: 002b:00007f8bf7b46c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 332.996918] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 333.004201] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 [ 333.011460] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 333.018716] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8bf7b476d4 13:46:48 executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, &(0x7f0000040000)) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) read$eventfd(r1, &(0x7f0000000040), 0x19e) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r1, 0x9205, &(0x7f0000000080)) tkill(r0, 0x1000000000016) 13:46:48 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000240)='./file0\x00', 0x20) setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000280)={0x8000}, 0x4) accept$inet(0xffffffffffffffff, &(0x7f0000000600)={0x2, 0x0, @broadcast}, &(0x7f0000000640)=0x10) r1 = socket(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x178, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, &(0x7f0000000000), &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'syzkaller1\x00', 'ip6tnl0\x00', "01616d61000000004ab2cec800", @remote, [], @remote, [], 0x70, 0x70, 0xe8}}, @common=@nflog={'nflog\x00', 0x50, {{0x0, 0x0, 0x0, 0x0, 0x0, "339ebc4bb0c0fba43162d5c302d891b307544d821a0dcb492ba4aa23baaca6e53f392b79c58e0581db804208237c3df1c60b6b34da2747cd3200fbb384511226"}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xffffffdffffffffc}]}, 0x1f0) [ 333.025978] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:48 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000640)={0xffffffffffffffff}) clone(0x2102002001, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) socket$inet(0x2, 0x4000000000000003, 0x0) 13:46:48 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000140)="6e65742f6465765f6d6361737400c087ea55011e14c9e347dd1f55a6026a1cb7e067f3c577981c0994a1e80d90d49d68bdbc91fab9c1c7f063e676e83c740e2d647534a1045850a23665d81ca07270193f5d003c10e34239844c5b6e8d1721c0b53a91c2f6ec1e5484645db3df") getrlimit(0xf, &(0x7f0000000480)) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000200)={'rose0\x00', {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}}) r1 = syz_open_procfs(0x0, &(0x7f0000865ff5)='clear_refs\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x9b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r1, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000002200280b27bd1f000000df250a14a001020000000000000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) bind$inet(r2, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, &(0x7f0000000080), 0x0, 0x20000801, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) vmsplice(0xffffffffffffffff, &(0x7f0000002680), 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)="766574683100000000ffffffffffef00", 0x10) io_setup(0x80000000, &(0x7f0000000840)=0x0) io_getevents(r3, 0x8000, 0x9, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000600)={0x0, 0x1c9c380}) sendto$inet(r1, &(0x7f0000000640)="46808aff765f9dcf4077e11deb1fc23951e4c19684f79193585dbf988901bb83b331cad4576d9a73b0da6fc30afa1114f8ad767483985ae02c4fdbbd0db4a58d8b1842ce2ab241d2a543170ee5f32ca436cd325c85c641dfb58f5d02ccc103c88b0e7010f6e9324c408101c2bdbbd1c237a4cf38202dfc7a45cbfffcfc739bd3590cc7028e05d98bb5ffb7113f220714bde098c954d73951e19cafca01fd088407edf0e4be3cb5c8280a4ef683dd777116c8a1353b72cbaad3a0147b5b99f8e257c5bef9a00ef856d7531e96e9516814d33d2374bb7371c366b995ea1435fbeea031e17ea912b0756f5259218f55a6934f17aa0427451408a82482bbb80241", 0xff, 0x4000000, &(0x7f0000000040)={0x2, 0x4e22}, 0x10) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) sendto$inet(r2, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0), 0x6) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000400)={0x0, @multicast2, @dev}, &(0x7f0000000440)=0xc) socket$alg(0x26, 0x5, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) recvfrom(r5, &(0x7f0000000180)=""/255, 0xff, 0x20, &(0x7f0000000280)=@hci={0x1f, r4, 0x3}, 0x80) openat$uhid(0xffffffffffffff9c, &(0x7f0000000740)='/dev/uhid\x00', 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, &(0x7f0000000000)=0xf, 0xd) 13:46:48 executing program 5: r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x40800) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0x290943, 0x0) ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000240)=0x400) getsockopt$inet_buf(r1, 0x0, 0x15, &(0x7f0000000080)=""/234, &(0x7f00000001c0)=0xea) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_DISCONNECT(r3, &(0x7f0000000180)={0xa, 0x4}, 0xc) 13:46:48 executing program 0: socket$inet6(0xa, 0x3, 0x3) unshare(0x28020400) mknod$loop(&(0x7f0000000ff8)='./file0\x00', 0xd001, 0x1) execve(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0), &(0x7f00000000c0)) truncate(&(0x7f0000000000)='./file0\x00', 0xfffffffffffffff9) 13:46:48 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:48 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:49 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x8000400) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f00000001c0)=ANY=[], &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='mqueue\x00', 0x0, &(0x7f0000000140)) exit(0x0) creat(&(0x7f0000000040)='./file0/bus\x00', 0x0) r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000002ff0), 0x10) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000005ff0)={&(0x7f0000008000)=ANY=[@ANYBLOB="05000000110000000000000000000000040000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000010000000000000005001a00fe8000000000000000000000000000fffe8000000000000000000000000000ff00000000010000000000000000000000"], 0x88}}, 0x0) 13:46:49 executing program 5: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000900)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) ioctl$HDIO_GETGEO(r0, 0x301, &(0x7f0000000000)) r2 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x0) [ 333.424179] FAULT_FLAG_ALLOW_RETRY missing 30 [ 333.436768] CPU: 0 PID: 11014 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 333.444174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.453546] Call Trace: [ 333.456181] dump_stack+0x1c4/0x2b4 [ 333.459847] ? dump_stack_print_info.cold.2+0x52/0x52 [ 333.465094] ? kasan_check_write+0x14/0x20 [ 333.469364] ? do_raw_spin_lock+0xc1/0x200 [ 333.473634] handle_userfault.cold.33+0x47/0x62 [ 333.478338] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 333.482946] ? mark_held_locks+0x130/0x130 [ 333.487202] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 333.492761] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 333.498147] ? select_task_rq_fair+0x34f0/0x34f0 [ 333.502919] ? reweight_task+0x130/0x130 [ 333.507011] ? print_usage_bug+0xc0/0xc0 [ 333.511098] ? print_usage_bug+0xc0/0xc0 [ 333.515186] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 333.520751] ? find_held_lock+0x36/0x1c0 [ 333.524840] ? graph_lock+0x170/0x170 [ 333.528687] ? __lock_acquire+0x7ec/0x4ec0 [ 333.532946] ? _raw_spin_unlock_irq+0x27/0x80 [ 333.537458] ? _raw_spin_unlock_irq+0x27/0x80 [ 333.541972] ? lockdep_hardirqs_on+0x421/0x5c0 [ 333.546576] ? find_held_lock+0x36/0x1c0 [ 333.550670] ? __handle_mm_fault+0x45dc/0x53e0 [ 333.555270] ? lock_downgrade+0x900/0x900 [ 333.559452] ? kasan_check_read+0x11/0x20 [ 333.563625] ? do_raw_spin_unlock+0xa7/0x2f0 [ 333.568054] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 333.572655] ? kasan_check_write+0x14/0x20 [ 333.576925] ? do_raw_spin_lock+0xc1/0x200 [ 333.581303] __handle_mm_fault+0x45ed/0x53e0 [ 333.585746] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 333.590606] ? graph_lock+0x170/0x170 [ 333.594429] ? print_usage_bug+0xc0/0xc0 [ 333.598512] ? graph_lock+0x170/0x170 [ 333.602330] ? graph_lock+0x170/0x170 [ 333.606175] ? handle_mm_fault+0x42a/0xc70 [ 333.610432] ? lock_downgrade+0x900/0x900 [ 333.614601] ? check_preemption_disabled+0x48/0x200 [ 333.619652] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 333.625488] ? kasan_check_read+0x11/0x20 [ 333.629657] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 333.634952] ? rcu_bh_qs+0xc0/0xc0 [ 333.638515] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 333.643987] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 333.649550] ? check_preemption_disabled+0x48/0x200 [ 333.654601] handle_mm_fault+0x54f/0xc70 [ 333.658703] ? __handle_mm_fault+0x53e0/0x53e0 [ 333.663308] ? find_vma+0x34/0x190 [ 333.666898] __do_page_fault+0x67d/0xed0 [ 333.670996] ? mm_fault_error+0x380/0x380 [ 333.675182] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 333.680217] ? graph_lock+0x170/0x170 [ 333.684044] do_page_fault+0xf2/0x7e0 [ 333.687889] ? vmalloc_sync_all+0x30/0x30 [ 333.692066] ? error_entry+0x76/0xd0 [ 333.695801] ? trace_hardirqs_off_caller+0xbb/0x310 [ 333.700841] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.705727] ? trace_hardirqs_on_caller+0x310/0x310 [ 333.710777] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.715648] page_fault+0x1e/0x30 [ 333.719122] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 333.724760] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 333.743674] RSP: 0018:ffff880180f4f7f0 EFLAGS: 00010202 [ 333.749068] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 333.756356] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880180f4f890 [ 333.763636] RBP: ffff880180f4f828 R08: ffffed00301e9f13 R09: ffffed00301e9f12 [ 333.770930] R10: ffffed00301e9f12 R11: 0000000000000003 R12: 0000000020013004 [ 333.778211] R13: 0000000020013000 R14: ffff880180f4f890 R15: 00007ffffffff000 [ 333.785529] ? _copy_from_user+0x10d/0x150 [ 333.789789] evdev_do_ioctl+0xb51/0x2180 [ 333.793893] ? str_to_user+0x90/0x90 [ 333.797628] ? graph_lock+0x170/0x170 [ 333.801462] ? do_futex+0x249/0x26d0 [ 333.805200] ? rcu_bh_qs+0xc0/0xc0 [ 333.808767] ? rcu_bh_qs+0xc0/0xc0 [ 333.812330] ? unwind_dump+0x190/0x190 [ 333.816246] ? find_held_lock+0x36/0x1c0 [ 333.820337] ? __fget+0x4aa/0x740 [ 333.823816] ? lock_downgrade+0x900/0x900 [ 333.828004] ? check_preemption_disabled+0x48/0x200 [ 333.833056] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 333.838886] ? kasan_check_read+0x11/0x20 [ 333.843059] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 333.848357] ? rcu_bh_qs+0xc0/0xc0 [ 333.851935] ? __fget+0x4d1/0x740 [ 333.855422] ? ksys_dup3+0x680/0x680 [ 333.859166] evdev_ioctl_handler+0x144/0x1a0 [ 333.863599] evdev_ioctl+0x27/0x2e [ 333.867158] ? evdev_ioctl_compat+0x30/0x30 [ 333.871501] do_vfs_ioctl+0x1de/0x1720 [ 333.875418] ? ioctl_preallocate+0x300/0x300 [ 333.879870] ? __fget_light+0x2e9/0x430 [ 333.883885] ? fget_raw+0x20/0x20 [ 333.887355] ? _copy_to_user+0xc8/0x110 [ 333.891352] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 333.896915] ? put_timespec64+0x10f/0x1b0 [ 333.901071] ? nsecs_to_jiffies+0x30/0x30 [ 333.905232] ? do_syscall_64+0x9a/0x820 [ 333.909225] ? do_syscall_64+0x9a/0x820 [ 333.913214] ? lockdep_hardirqs_on+0x421/0x5c0 [ 333.917814] ? security_file_ioctl+0x94/0xc0 [ 333.922258] ksys_ioctl+0xa9/0xd0 13:46:49 executing program 5: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000384ff7)='/dev/ppp\x00', 0x101002, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000b94000)=""/246) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f00000001c0)=0xfffffffffffffffe) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f00000000c0)=0x2014) write$P9_RFSYNC(r0, &(0x7f0000000140)={0x7}, 0x7) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000040)={0x0, 0x1c9c380}, &(0x7f0000000080), 0x8) [ 333.925737] __x64_sys_ioctl+0x73/0xb0 [ 333.929647] do_syscall_64+0x1b9/0x820 [ 333.933555] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 333.938944] ? syscall_return_slowpath+0x5e0/0x5e0 [ 333.943907] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.948789] ? trace_hardirqs_on_caller+0x310/0x310 [ 333.953836] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 333.958905] ? prepare_exit_to_usermode+0x291/0x3b0 [ 333.963951] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.968826] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.974047] RIP: 0033:0x457579 [ 333.977249] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 333.996164] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 334.003883] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 334.011145] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 [ 334.018422] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 13:46:49 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000140)="6e65742f6465765f6d6361737400c087ea55011e14c9e347dd1f55a6026a1cb7e067f3c577981c0994a1e80d90d49d68bdbc91fab9c1c7f063e676e83c740e2d647534a1045850a23665d81ca07270193f5d003c10e34239844c5b6e8d1721c0b53a91c2f6ec1e5484645db3df") getrlimit(0xf, &(0x7f0000000480)) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000200)={'rose0\x00', {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}}) r1 = syz_open_procfs(0x0, &(0x7f0000865ff5)='clear_refs\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x9b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r1, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000002200280b27bd1f000000df250a14a001020000000000000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) bind$inet(r2, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, &(0x7f0000000080), 0x0, 0x20000801, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) vmsplice(0xffffffffffffffff, &(0x7f0000002680), 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)="766574683100000000ffffffffffef00", 0x10) io_setup(0x80000000, &(0x7f0000000840)=0x0) io_getevents(r3, 0x8000, 0x9, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000600)={0x0, 0x1c9c380}) sendto$inet(r1, &(0x7f0000000640)="46808aff765f9dcf4077e11deb1fc23951e4c19684f79193585dbf988901bb83b331cad4576d9a73b0da6fc30afa1114f8ad767483985ae02c4fdbbd0db4a58d8b1842ce2ab241d2a543170ee5f32ca436cd325c85c641dfb58f5d02ccc103c88b0e7010f6e9324c408101c2bdbbd1c237a4cf38202dfc7a45cbfffcfc739bd3590cc7028e05d98bb5ffb7113f220714bde098c954d73951e19cafca01fd088407edf0e4be3cb5c8280a4ef683dd777116c8a1353b72cbaad3a0147b5b99f8e257c5bef9a00ef856d7531e96e9516814d33d2374bb7371c366b995ea1435fbeea031e17ea912b0756f5259218f55a6934f17aa0427451408a82482bbb80241", 0xff, 0x4000000, &(0x7f0000000040)={0x2, 0x4e22}, 0x10) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) sendto$inet(r2, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0), 0x6) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000400)={0x0, @multicast2, @dev}, &(0x7f0000000440)=0xc) socket$alg(0x26, 0x5, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) recvfrom(r5, &(0x7f0000000180)=""/255, 0xff, 0x20, &(0x7f0000000280)=@hci={0x1f, r4, 0x3}, 0x80) openat$uhid(0xffffffffffffff9c, &(0x7f0000000740)='/dev/uhid\x00', 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, &(0x7f0000000000)=0xf, 0xd) [ 334.025680] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 334.032948] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:49 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:49 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b3fdc)) write(r0, &(0x7f00000001c0)="4f7ad0c9edb302486f1748144523c0c253773eda2d369a9a9f14fc66228e4bb45e5d1500d49ba39063e2432e8de58f5930fd07000000dcf50bbc54b70c0ea17b4728dde5f9eedfc811ff1f75642558334444c9fe3d139763115bb81f4911afc763a0db1909d8f8a6e8ba1e92e36db4230ed7b58d9d9d933716916bd499b0d55d2031bcd6e44794087534e13f7a12165738d7b20ffdff62091c565141324f2e1ef2796e2ed9", 0xda) r1 = syz_open_pts(r0, 0x1) sendfile(r0, r0, &(0x7f0000000000)=0x5c, 0x7) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000180)="10", 0x1}], 0x1) bind$nfc_llcp(r1, &(0x7f00000000c0)={0x27, 0x1, 0x2, 0x3, 0x80000001, 0x0, "0299e4191394f9ed1eb24fed1b23834861a22e6e11a8012139166dabead731d1f0c112ece38095066a86b64b018b9c3a3086f687b069fa41d23b0facdb9006", 0x1}, 0x60) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)) 13:46:49 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40049409, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:50 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x0, 0x8, @ib={0x1b, 0x0, 0x0, {"8420e139ff841b4126b7f193d36af535"}}}}, 0x90) chdir(&(0x7f0000000000)='./file0\x00') 13:46:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket(0x2, 0xa, 0x9) getsockopt(r1, 0x114, 0x2713, &(0x7f0000af0fe7)=""/13, &(0x7f0000000280)=0x19) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x3, 0x240000) ioctl$LOOP_SET_CAPACITY(r2, 0x4c07) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x200000, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0xa, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}]}) ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f00000002c0)={0x5, 0x1, 0x2, 0x0, 0x0, [{r1, 0x0, 0x3}, {r0, 0x0, 0x80}]}) ioctl$sock_bt_hci(r3, 0x400448e0, &(0x7f0000000180)="4552d67187c909b0fcf82d2eb4f3d81f0417c7da67173e1fc1fd8c898d5f07325ccb477e3ea3ce5b10ee260eae8a34928c647f32b8177b670b45ed160628340ad05c9b4ad8bcd541fd30d2ef151b16549806e060732b52e2097f7bf7c99d1225") ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r3, 0xc0305710, &(0x7f0000000200)={0x1, 0x8, 0x80000000, 0x7}) ioctl$DRM_IOCTL_GET_CTX(r3, 0xc0086423, &(0x7f0000000100)={r4, 0x1}) 13:46:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xfffffffffffffff9, 0x101482) write$cgroup_subtree(r3, &(0x7f0000000080)={[{0x2b, 'io'}, {0x2d, 'io'}, {0x2f, 'memory'}, {0x2b, 'rdma'}, {0x2d, 'memory'}, {0x2b, 'cpu'}, {0x2d, 'rdma'}]}, 0x29) syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x101, 0x440000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000100)={0x7b, 0x0, [0xc0000103, 0x8000000000000]}) 13:46:50 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 334.580304] syz-executor0 uses obsolete (PF_INET,SOCK_PACKET) 13:46:50 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80084504, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6(0xa, 0xfffffffffffe, 0x3) ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") sendmsg$nl_generic(r0, &(0x7f0000018000)={&(0x7f0000000000), 0xc, &(0x7f000000e000)={&(0x7f00000016c0)={0x14, 0x1d, 0xffffffff0000000d, 0x0, 0x0, {0x7592da1f}}, 0x14}}, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20200, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f00000002c0)={{{@in=@remote, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@loopback}}, &(0x7f0000000240)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@loopback}}, &(0x7f00000004c0)=0xe8) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x1000000, &(0x7f0000000500)={'trans=tcp,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@uname={'uname', 0x3d, '!proc'}}, {@cache_fscache='cache=fscache'}, {@cache_fscache='cache=fscache'}, {@cache_mmap='cache=mmap'}, {@posixacl='posixacl'}, {@cachetag={'cachetag'}}, {@debug={'debug', 0x3d, 0x5}}], [{@subj_type={'subj_type'}}, {@fowner_gt={'fowner>', r3}}, {@fowner_eq={'fowner', 0x3d, r4}}, {@obj_user={'obj_user', 0x3d, '$@trusted.selfvboxnet0'}}, {@smackfsdef={'smackfsdef', 0x3d, '\'\\nodeveth0'}}, {@appraise='appraise'}, {@measure='measure'}]}}) getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x44, &(0x7f0000000100)={'NETMAP\x00'}, &(0x7f0000000140)=0x1e) getsockopt$bt_l2cap_L2CAP_CONNINFO(r2, 0x6, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x6) ioctl$RTC_UIE_ON(r2, 0x7003) 13:46:50 executing program 3: socket$can_bcm(0x1d, 0x2, 0x2) io_setup(0x80, &(0x7f0000000000)=0x0) r1 = socket$inet_smc(0x2b, 0x1, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x0, 0x0) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x1, 0x3, 0x4) r3 = eventfd(0x0) ioctl$SG_GET_REQUEST_TABLE(r2, 0x2286, &(0x7f0000000280)) io_submit(r0, 0x1, &(0x7f0000000440)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x1, r3}]) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x8000, 0x0) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000080)={r3, 0x6, 0x5, r1}) r5 = inotify_add_watch(r4, &(0x7f00000000c0)='./file0\x00', 0x4000800) inotify_rm_watch(r4, r5) 13:46:50 executing program 5: r0 = socket$inet6(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg(r0, &(0x7f0000002fc8)={&(0x7f0000000000)=@nl=@kern={0x10, 0x600}, 0x80, &(0x7f0000002000)=[{&(0x7f0000000700)="5500000018007f5300fe01b2a4a280930a06000000a84306910000003900090035000c00060000001900150007000000000000dc1338d54400009b84136ef75afb83de4411001600c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x6, 0x410301) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0xe0, r2, 0x10c, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x40, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0xffffffffffffff71}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0xe}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x1}]}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x19}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote}]}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x895}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syz_tun\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x7fffffff}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_DEST={0x20, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@local}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x40000}, 0x4) 13:46:50 executing program 0: r0 = socket(0xa, 0x1, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x0, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast1, 0x610fd5e9}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}}}, 0x108) [ 334.812933] FAULT_FLAG_ALLOW_RETRY missing 30 [ 334.817556] CPU: 1 PID: 11082 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 334.817569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 334.817576] Call Trace: [ 334.817608] dump_stack+0x1c4/0x2b4 [ 334.817636] ? dump_stack_print_info.cold.2+0x52/0x52 [ 334.817659] ? kasan_check_write+0x14/0x20 [ 334.817682] ? do_raw_spin_lock+0xc1/0x200 [ 334.817717] handle_userfault.cold.33+0x47/0x62 13:46:50 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 334.858993] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 334.863700] ? mark_held_locks+0x130/0x130 [ 334.867954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 334.873526] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 334.873548] ? select_task_rq_fair+0x34f0/0x34f0 [ 334.873564] ? reweight_task+0x130/0x130 [ 334.873595] ? print_usage_bug+0xc0/0xc0 [ 334.873614] ? print_usage_bug+0xc0/0xc0 [ 334.873630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 334.873658] ? find_held_lock+0x36/0x1c0 [ 334.905575] ? graph_lock+0x170/0x170 [ 334.909405] ? __lock_acquire+0x7ec/0x4ec0 [ 334.913658] ? _raw_spin_unlock_irq+0x27/0x80 [ 334.918175] ? _raw_spin_unlock_irq+0x27/0x80 [ 334.922690] ? lockdep_hardirqs_on+0x421/0x5c0 [ 334.927297] ? find_held_lock+0x36/0x1c0 [ 334.931402] ? __handle_mm_fault+0x45dc/0x53e0 [ 334.936006] ? lock_downgrade+0x900/0x900 [ 334.940180] ? kasan_check_read+0x11/0x20 [ 334.944351] ? do_raw_spin_unlock+0xa7/0x2f0 [ 334.949137] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 334.953773] ? kasan_check_write+0x14/0x20 [ 334.958016] ? do_raw_spin_lock+0xc1/0x200 13:46:50 executing program 0: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") syz_emit_ethernet(0x4a, &(0x7f0000000000)={@link_local, @random="a29ab0893fde", [], {@ipv6={0x86dd, {0x0, 0x6, '?:T', 0x14, 0x32, 0x0, @remote, @mcast2, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000004c0)={0x0, 0x4, [0x0, 0xde7]}) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) [ 334.962283] __handle_mm_fault+0x45ed/0x53e0 [ 334.966725] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 334.971594] ? graph_lock+0x170/0x170 [ 334.975416] ? print_usage_bug+0xc0/0xc0 [ 334.979495] ? graph_lock+0x170/0x170 [ 334.983312] ? graph_lock+0x170/0x170 [ 334.987155] ? handle_mm_fault+0x42a/0xc70 [ 334.991415] ? lock_downgrade+0x900/0x900 [ 334.995586] ? check_preemption_disabled+0x48/0x200 [ 335.000639] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 335.006450] ? kasan_check_read+0x11/0x20 [ 335.010602] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 335.015896] ? rcu_bh_qs+0xc0/0xc0 [ 335.019455] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 335.019476] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 335.019494] ? check_preemption_disabled+0x48/0x200 [ 335.019520] handle_mm_fault+0x54f/0xc70 [ 335.019545] ? __handle_mm_fault+0x53e0/0x53e0 [ 335.030535] ? find_vma+0x34/0x190 [ 335.030561] __do_page_fault+0x67d/0xed0 [ 335.030590] ? mm_fault_error+0x380/0x380 [ 335.030607] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 335.030625] ? graph_lock+0x170/0x170 [ 335.030649] do_page_fault+0xf2/0x7e0 [ 335.030668] ? vmalloc_sync_all+0x30/0x30 [ 335.030687] ? error_entry+0x76/0xd0 [ 335.030705] ? trace_hardirqs_off_caller+0xbb/0x310 [ 335.030729] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.086933] ? trace_hardirqs_on_caller+0x310/0x310 [ 335.091987] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.096870] page_fault+0x1e/0x30 [ 335.100349] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 335.105990] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 335.124903] RSP: 0018:ffff880184a0f7f0 EFLAGS: 00010202 [ 335.130284] RAX: ffffed0030941f34 RBX: 0000000000000004 RCX: 0000000000000004 [ 335.137561] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880184a0f998 [ 335.144829] RBP: ffff880184a0f828 R08: ffffed0030941f34 R09: ffffed0030941f33 [ 335.152122] R10: ffffed0030941f33 R11: ffff880184a0f99b R12: 0000000020013004 [ 335.159398] R13: 0000000020013000 R14: ffff880184a0f998 R15: 00007ffffffff000 [ 335.166717] ? _copy_from_user+0x10d/0x150 [ 335.170975] evdev_do_ioctl+0x540/0x2180 [ 335.175057] ? str_to_user+0x90/0x90 [ 335.178790] ? graph_lock+0x170/0x170 [ 335.182603] ? do_futex+0x249/0x26d0 [ 335.186330] ? rcu_bh_qs+0xc0/0xc0 [ 335.189905] ? rcu_bh_qs+0xc0/0xc0 [ 335.193454] ? unwind_dump+0x190/0x190 [ 335.197377] ? find_held_lock+0x36/0x1c0 [ 335.201465] ? __fget+0x4aa/0x740 [ 335.204936] ? lock_downgrade+0x900/0x900 [ 335.209096] ? check_preemption_disabled+0x48/0x200 [ 335.214131] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 335.219942] ? kasan_check_read+0x11/0x20 [ 335.224101] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 335.229394] ? rcu_bh_qs+0xc0/0xc0 [ 335.232968] ? __fget+0x4d1/0x740 [ 335.236444] ? ksys_dup3+0x680/0x680 [ 335.240185] evdev_ioctl_handler+0x144/0x1a0 [ 335.244635] evdev_ioctl+0x27/0x2e [ 335.248182] ? evdev_ioctl_compat+0x30/0x30 [ 335.252520] do_vfs_ioctl+0x1de/0x1720 [ 335.256429] ? ioctl_preallocate+0x300/0x300 [ 335.260848] ? __fget_light+0x2e9/0x430 [ 335.264848] ? fget_raw+0x20/0x20 [ 335.268322] ? _copy_to_user+0xc8/0x110 [ 335.272326] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 335.277910] ? put_timespec64+0x10f/0x1b0 [ 335.282070] ? nsecs_to_jiffies+0x30/0x30 [ 335.286233] ? do_syscall_64+0x9a/0x820 [ 335.290220] ? do_syscall_64+0x9a/0x820 [ 335.294208] ? lockdep_hardirqs_on+0x421/0x5c0 [ 335.298806] ? security_file_ioctl+0x94/0xc0 [ 335.303232] ksys_ioctl+0xa9/0xd0 [ 335.306705] __x64_sys_ioctl+0x73/0xb0 [ 335.310620] do_syscall_64+0x1b9/0x820 [ 335.314552] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 335.319932] ? syscall_return_slowpath+0x5e0/0x5e0 [ 335.324881] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.329740] ? trace_hardirqs_on_caller+0x310/0x310 [ 335.334769] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 335.339799] ? prepare_exit_to_usermode+0x291/0x3b0 [ 335.344836] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.349713] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.354911] RIP: 0033:0x457579 [ 335.358114] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 335.377021] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 335.384767] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 335.392046] RDX: 0000000020013000 RSI: 0000000080084504 RDI: 0000000000000004 [ 335.399322] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 335.406597] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 13:46:50 executing program 0: eventfd(0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f00000001c0), 0xffffffea) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000180), &(0x7f00000001c0)=0x10) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100)={0x20}, &(0x7f0000000140)={0x8}, &(0x7f0000000200)={0x0, r3+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 13:46:51 executing program 2: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x181080, 0x0) pwrite64(r0, &(0x7f0000000180)="7a3f3506e94286be63ae2ba36c23683c6755857747a2bb97f6ed0c8adbf7b59154a5f33f0b94deac608f37f167cdd113be15648ea7b0d88b10aad06d36164416f4826b4501692d72e88ba4fc05128e15c24e7ce470208c9d7e5ec0f4028438b433f03f761367c51b8b04c6026df2cd75d4f62597993607ce6f659092c1751efcebcf720274e06d9bb89adf2cadbbb7e42f45b677c4c226a96ea3486f4a931451f6f9675ff7e7e729960380d578833a95831c2f45adb1bea3a60197ac3a1e6070d1443dcdb0a18dfcabc12084a848012e4770", 0xd2, 0x41) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x4000, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000080), &(0x7f0000000100)=0x4) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$netlink(0x10, 0x3, 0x8008000100000004) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='personality\x00') ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r4) writev(r3, &(0x7f00000000c0)=[{&(0x7f00000002c0)="480000001400190a20ffff7fffffff560a113b850e1de0974881000000fe58a2bc4a03049164643e89720000de213ee23ffbf510040041feff5aff2b000000000000070000000000", 0x48}], 0x1) [ 335.413880] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 335.441139] netlink: 13 bytes leftover after parsing attributes in process `syz-executor5'. 13:46:51 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000000)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7050000020000006a0a00fe00000000850000000b000000b7000000000000009500040000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={r0, 0x50, &(0x7f0000000140)}, 0x10) 13:46:51 executing program 5: ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000240)={0x6, 0x0, 0x4cfd}) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, &(0x7f0000000000), &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000008000000000000000000000000000000000000000000000000000000000000000000feffffff01000000110000000900000000006475846d5c30000000000000000000006c6f0000000000000000000000000000726f0000000000000000000000000000467dac2e895fc5d400000000a85f001a4b0000000000000005000000aaaaaaaaaa0000000000000000007000000070000000a0000000415544495400000000000000000000000000000000000000000000000000000008000000000000000000000000525600"]}, 0x1a8) r2 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1, 0xd}, 0x1c) sendto$inet6(r2, &(0x7f0000000300), 0xfd90, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendto$inet6(r2, &(0x7f0000000300), 0x0, 0x0, &(0x7f0000000380)={0xa, 0x0, 0x0, @loopback}, 0x1c) 13:46:51 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x4}) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000001000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x47) socket$nl_xfrm(0x10, 0x3, 0x6) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCSETA(r0, 0x5406, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x9b4b62b, 0x0, 0x6, 0x0, 0x0, 0x5}) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17}) 13:46:51 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40044590, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:51 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:51 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80040, 0x0) ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) setsockopt$inet6_buf(r0, 0x29, 0x2b, &(0x7f0000000180)="9ed958fb08a5e11ada1a7d74e0844181b17fcdfd9a759a7153c6e391a51df152dcee776c9226c8a5b5062472960b44d5e30f8631f9b93c20804f9c13c0333560e1eb05fc3b7340365b676a872eb44c5130853e39f5f9a6836d3d3b20054aac255ee81a58b3fe43ca5272a23d1b2b12d07623af7ac621a8dadded5f746473562473387d6529ee2bc6468770e355a7899ffdd9cb92ce933e3b3a8b13a21bc68c1abb8067b5f4ac96497db275b4c4e53e5585641e6bbf86d120253e08603520b3681d82d014a7d06d8df4328741aeda442ba494941c29b3e2bc97fcf47731bfaf8e34fd97e88c0512bdf1db2bbe6aa48667664fdc77", 0xf4) r1 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r1, 0x28, 0x2, &(0x7f0000000140)=0x400000f3, 0x8) 13:46:51 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = memfd_create(&(0x7f0000006fd0)='/dev/urandom\x00', 0x0) io_setup(0x200, &(0x7f0000000040)=0x0) io_cancel(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x361e, r1, &(0x7f0000000080), 0x0, 0x8, 0x0, 0x1, r1}, &(0x7f0000000100)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x11, r1, 0x0) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000000), 0x2) 13:46:51 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:51 executing program 5: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x5, 0x0) ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, &(0x7f0000000140)) ioctl$sock_inet_SIOCSIFDSTADDR(r1, 0x8918, &(0x7f0000000080)={'syz_tun\x00', {0x2, 0x4e22, @remote}}) r2 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0x0, 0x200000) ioctl$UI_SET_PROPBIT(r2, 0x4004556e, 0x18) sysfs$1(0xffffff1f, &(0x7f0000000040)="c77070703000") sched_yield() 13:46:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x0, 0x0) setsockopt$bt_hci_HCI_TIME_STAMP(r3, 0x0, 0x3, &(0x7f0000000140)=0x400, 0x4) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r2}) r4 = eventfd(0x9) ioctl$KDGKBMETA(r3, 0x4b62, &(0x7f0000000500)) r5 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x5, 0x0) setsockopt$inet6_udp_int(r5, 0x11, 0x67, &(0x7f0000000180)=0xfff, 0x4) ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r1) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) timer_create(0x5, &(0x7f0000000340)={0x0, 0xb, 0x0, @thr={&(0x7f00000002c0)="f71d78cf436f29bd9d7870fa9e5bc7376e8848638f851784194728de277d8f53a587254fce4fb8a2fd961c19d4b567", &(0x7f0000000300)="20e00e2e"}}, &(0x7f0000000380)=0x0) timer_settime(r7, 0x1, &(0x7f00000003c0), &(0x7f0000000400)) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000280)={r4, 0xfffffffffffffffe}) getsockopt$XDP_MMAP_OFFSETS(r5, 0x11b, 0x1, &(0x7f0000000440), &(0x7f00000004c0)=0x60) ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000000)={r2}) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @multicast2}, @in={0x2, 0x4e22, @broadcast}, @in6={0xa, 0x4e23, 0x0, @ipv4={[], [], @remote}, 0x9676}, @in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e24, 0x2, @local, 0x1}, @in6={0xa, 0x4e22, 0x8, @loopback, 0x8c}], 0x84) 13:46:51 executing program 0: eventfd(0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f00000001c0), 0xffffffea) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000180), &(0x7f00000001c0)=0x10) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100)={0x20}, &(0x7f0000000140)={0x8}, &(0x7f0000000200)={0x0, r3+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 13:46:51 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40044581, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:51 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = memfd_create(&(0x7f0000006fd0)='/dev/urandom\x00', 0x0) io_setup(0x200, &(0x7f0000000040)=0x0) io_cancel(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x361e, r1, &(0x7f0000000080), 0x0, 0x8, 0x0, 0x1, r1}, &(0x7f0000000100)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x11, r1, 0x0) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000000), 0x2) 13:46:51 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 336.011293] irq bypass consumer (token 0000000067ecd765) registration fails: -16 [ 336.040604] irq bypass consumer (token 00000000379efce2) registration fails: -16 13:46:51 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/mixer\x00', 0x18000, 0x0) r2 = request_key(&(0x7f0000000000)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x1}, &(0x7f0000000200)='/dev/mixer\x00', 0xffffffffffffffff) keyctl$setperm(0x5, r2, 0x8) connect$l2tp(r1, &(0x7f0000004900)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x1, 0x4, 0x3, 0x3, {0xa, 0x4e22, 0x8, @loopback, 0x80000000}}}, 0x3a) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r4, 0x0) setsockopt$sock_int(r3, 0x1, 0x1, &(0x7f0000000080)=0x8, 0x4) connect$inet6(r3, &(0x7f00001cd000)={0xa, 0x4e22, 0x0, @ipv4}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) r5 = socket$l2tp(0x18, 0x1, 0x1) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r6, 0x80045301, &(0x7f0000000080)) r7 = dup3(r5, r0, 0x80000) ioctl$DRM_IOCTL_IRQ_BUSID(r7, 0xc0106403, &(0x7f00000000c0)={0x2, 0xfff, 0xffffffffffffffc2, 0xff7fffffffff04c5}) sendmmsg(r5, &(0x7f0000005fc0), 0x800000000000059, 0x0) open_by_handle_at(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="e65e309a48b1aaba2f643c0d67f8f6123e677654c286dfc629e6829b08b1f1ffee57fe6078524bcb36d4d4cdd628020efeccd39dc8c4803643316c3e59024c499c39e8c4ca247b7f2fdda7a5674097ae6ad1094a4b5d75007c"], 0x1) 13:46:51 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:51 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r1, &(0x7f0000000000), 0xa4, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000003180)={0x0, @in6={{0xa, 0x4e20, 0x3003, @mcast2, 0x1}}, 0x3, 0x5, 0x9a67, 0x1, 0x6}, &(0x7f0000000100)=0x98) getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffff9c, 0x84, 0xd, &(0x7f0000004d80)=@assoc_value={0x0, 0x10001}, &(0x7f0000004dc0)=0x8) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000006140)={0x0, 0x3}, &(0x7f0000006180)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000006240)=[{&(0x7f0000000040)=@in={0x2, 0x4e20, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180)="d137b0cb2ec041e62b6b1c19ecfed9dc3e5bb4f88f909b559de20cf766d12f16d7de70d329712be668a23f3f3c02851ca8ad70ca4538e4333243b59946d63b96647a0e957a810ed0301dad382237957c1f7ace46febb1e71d29658e531c8aa110ccad591fb7e60c70759a46572a9eeb8a5f96daa65bd5a7538b0c46263f21544adb99b2c7af479f4aa0b278d1873a2e206b5da7062b1d680fd90b3617bfc8e7a2a3358767dd00e0e795dcddd040fb7a0ca04fdecd1833a14bae1d0eabff560d7a1175b67bff31282f9915ab629306b04bff908aa5272056b421c00d924eb81a604aec2d12c66ec22ba8e6fd6ffa25b6263a60dd3bafb9bd6be09298173966c4d874957fa2664c2a3079e4d1c3b5dd3b74adbde7e02efe968345ea9ab4f293d80ad122f8a63910d49f83a4b03bc777ace96318480700e8901ea534312443fac22f9740390ce7f0293f574cf5c4bf40cbaad4f7c211baac74aa69392e74fd8cb828dcf9a144f40080a84629d322c6076f37f5f1ece39a7517fe91650f939d0aef628d7926c71387fcce79429eafc6d5ae49121af73f249f54f32b4cd59fa09065e5df3f5f7ca6a8b769e7c22dca4d9e654e27becf1d848a82fe93c0dab094ff5de7fbbd506839652466ee839ff5b331dd0b81b5326ba6d230aa071609e2652ee097c30f4a60519aa73f48a80905f3b6f9aee2d8cea4fbcba92a9e0de3d25b74558f880c0e2892220cddadfe938af87cdf770aeea12e70724bac138e147a92b5bfdc5068982524c3e2851d00dcbaaa5f319a6dda7f76252cc3f2a8c162a0ce84e3ef91b522dfe00c217abe5627b7e804a232d3cd1ec7149d9c82d86285d78dd0eddf15e1babe15c91f3b5c3ad7fe628b409dd42c729a4eb95a5ed915903045c774ed1ef32473f658db92229558cfcbfec56a398a2d7a4566cb2109d2e70c03804bf5f9fb629f40119256ddfedf0908f8625d82b39f3b3e8dc5e0cf66153a54febf31eb80de86f390faf898ea17f55f7089bd8ec653bc4de0b8bf6324a9df27177ca8a5448ce1a3461ce15c7ff7812c835f4be57a05657dc99a703a7ebfb8cedb699cd47a30aba5dca34f077bee24ddd580f5df56d9265c336dbafabc9a82d105e6f0fcb16aa05fa891d4b1cef0b7715301af7cdb0dcf458b7814452aa31b62b4cf8c769aed35e4f7587ce996215cd674ab1e507ef0d299ad78120d566d512eaced16c8536f85033ece1667ba363bb4b9559b8d0dc1d9acac5c5515e6ffca923a9621c0dcd2bbab2348edf3994167b7e2a0d7f5670a256c866780c653b9acba8e1e6cba7297157a7e96126dff97964ccf3b10fdcc0d2d4bc4bc0b800c73cc85b1213f5723f8934bbf361c1aa298eb31b426a523c86468fc1b9f9c6d987db4f03ed30736a59d77344abf31f201c470a4d5609ec39c73b170f839483e220f982182792e7b34f6ac0e3523723258490d573429815ba397c53638db370fd22c83243bcd7ca32fcf028b80aa5c4e9ab25dc4ae1178b63f1d11729042a8eacba155e651ead4beb73b6f59fcbab0bc5e2096d26c53b255454fd9018e11e68add788cd12c04331a5e9782f4a67b160090d165ddfe13e8057971eff74eeae1a48c24c8f16485a6042522f6ad9f216955e2a19a19c3c503fc304307d87f25e1af664a1fec9bc2329d2846fa318e0125d6fe1b91a16cc0e239d939aba306f17e84e3d725673aae50f2a87a12f65af0183657fad657d65ef56bd9ce474c961e1f21bae2dea2a69145a8484c5ab1d7bdb231c65849a3c5a91c91541fd2de0f6bb904d90dd7f0e0cb5a8a363bc3c3135f07370d2b189083effbe21a702539d425f2e857829e0c166605022a2a8b563121641127c78bf3bde94c4306ec1cf344301d70e869d9654156b6bd3310c0579f719f18d25ccde935add05eb41cb928e46ce53f6c06ff723bf9382c95f0f5b5a4dd1962690256626221d399f384f3c6626175d2ab23b26bc4ff00997029d1889913acb0a533a61c0313f28101e4787215a37683f90e145ee9403baed97637ff30fc0f87d0b3108497ba22a18e0ae097b9900e8c445f3a3e8e839945a95e3cda711d6928bb2f8bdeccc63b5ec48226cf42a005ff36228d00edf82fc23e85696a957411a87312aac1538e96bcb27da8e129588405eb6302c7c232539f28699a516421c9b8ac6f5aa72c01b926975377988f1eef03bad9b0d9b1c3372feaadbbe46fe030957142c45232bb89dd669326a6f5dd9efc9edcc7bad6b52fe1d07e1067a276222f45690ebed5d01a4330e491c880d7afc1287a7e405264190545502afe5c66af4d88796e239bbd54dbb45b372e80ebdcfb9eec26822fdec50358f6107470cea00084f8e8607d4da53fb681ac61db320e68520b2a0806d7c2b9cc614e753cd66fc4b48fe070b29b9580eeb277b6112776dd005d944c98cad47149110f8712dfa09f6daa3d3852768902b789558bb552c1e55d8410f05472ca5081cb2fc5e0bc05f8a0c04c50c5f1f46015366de890771377f282ff3693862bcef3acbf26e25f3f72218d147f88b46c2cc8d40c9142e2a6bd8fc1d685457d0461a0ba59d2889755470e81219728b72f00ee31ea51f28f11eb885fe57af37853d219c144fe54a80f5554d8709d63f3567401b34c2fc36b8b0b2d2d59ff7a206a508f04b7a517981ebcec310b02305e5633857a99ff144f4f06d016757499a0cf7f064fb1784ff50cf4c31aefd47b6c21dbef75f954a48e3f986a5e6e29b7240ad84076d93be36a5ae0c52fe45fa5d72686c6859a22d22215dbdba3f21c79eab82b81d4682c933a89efdf66cff66e6c54c8063cd771f898a24bc3101602275310093c8911eeaf62136728f3a0141456f3dc450a4d4579673fff06b52f25910190ddd64d259ee4900ee43b031796f0b637a9c9e44468c6f0eb73d15bcba2f321fa058b05ae8dbebc0b61dd1b90935b80dbc8e3d7899c729e968b699b921f8f58896d9657ac7fc6043784fe231148f99a35064fc2b27e56d8bdfac867a042cfb7828eed9c14b0419d14277a77c48601335701a4069d46b406abc986ad1accc5678e40d1415ef9ef54e4c049a478a830237e36022ce6a745def19bc19ad5c6999b5e024a0fdd9bdad6ad84f1790d3409d1774bcce23f6a13932b835b337046c3beec6be6f173e699816f9e4549d78dd9cec67c86b8f2f908602618dc05e8efd5337fbdce16a1583098992744bb70834fcc92c68ad8faed10adca6562430ba6fbe710c03d837f7a2bd92be48ee725e1b136927f805e0346b65b7d1f41cf5fa061d53780cad97b57386790492e0e841e197c34a19ed08163e0709168f5fe0bf50625d16d94139d6a488897375bb5ec680183b89e93f4403cf6e98c2a17fd69a4df256928b2fee994dd864aef77dcd738f73be45b52fa3d5792f84aa3f9410d1a030594f7bc0dd915de194daa5ab8343373f4787c72cb935188f1406d103f1f7c2083f597f7571b3b5f55344674422839c9f01f6fc5962fa0f765e1daa25b78876464220640848746f2224017c46645a0a519f261d670f08835d8984fb4cabe613e993dccbc383142fe0564f933bbea645c070f5f33b77b55e670310385b2d537b75aa4e33d6404ee577b8e9f9556a2a18e126dd745c7b6519c31a4f79881039fcc79621453f87a9671304b5c7601b5ce1cc6ad3dbda24b63ffdaa353693400bb612975613aa0bf20c5f3d7ca5c9612205c09f22667d16916c18887adfc8adb8d6992518eebc98324dd05cdb73d2f945a6b06cf330cf757b085b90a1c3b338fca5ae1317f610177fc03ae5a27bf89e4589aeece88cf35aa5bb464a4b735ecd7c39bfd520ec41f4b6965b0863e8021781906559a355aa9d562141d4ffcae1494f7f14c8f0cfbda56614e1b8d5c5276e179cacb65d60cddcb4b4dadfbd6b4df230b18236ac3b3357aefed1a98e1e42d72ee94accf4fe9a2ef7721efa136840982740faa09596f1153463c93f5328c92f6ef093e9661c56cde287182fee9d3059d66606a8e44d8b9be4fd30bdffa31601edd5e92e5e8dd56e17306a75917626ef19af18c747b446efa7c0c8901f80ee9c7507803f0003a359ddfde90594a1d584d0e076cda3fb9d75b94effd7d0685126c8cb40c11d1ecff0039804a251f768cdff63f92979a0c785e90182602282acf5199468f92c04fe275586ca5075015cb8efa8e7c4c52ac6cafe2d45babf06d2244d947449bf603145c4242e1da9e3be9d6573e6f8e5d34444ea2f85efcc7d9855d8c23e5a7e1f73931e96998bf769d6f80f48f5fb321d3d5f399649b48468ee912970f809fdd9f4686f3d12d87b920f3a9a3728a44c69704ee3edc66361588ac434c742f09deef8ec25aac1e6ea78df51a6b433b34e6f64cb3d04ab1aab34018a6428052dc64b5d941e4287b4b84b4ffd14d769c5fa2210ea9df886b909cd34cc34d9200ebb832bfb4d0ec3d8c87aae4118eab1ce72d644f23e55b6d2fee90b009cb20654410076028f7c694f5058788b23906262065ca57858179dba6ab213c4afcbcdcc0453c47ec4e7acb797b6c2b7ab2c2bbf0dd710f134b4c447f63e627ebdb0470a2a4341583717b5bf9987b48afbe7b98d377bf86392958109907cdc044315e0d929b549c04d46bf27b280b594fa86d555508f36f254597b3b06f0081b81bd35de882677e21b80e09528e3356bcae94519f63fceaafeca4576c17daa90caff91ccfaf707c76f24c2c52e43a1d943498f32c05b935f00076396ac11e6f7ed526b91131b4b198017e46886f827323be75eb269faa20b93f0eb15d3fb237ee75fa35ec49450085cbcf299214a665c0d2f7ab5a4ac98605f164e160091aa1c32abd318eac9a326795784a46f2f43e266a35aeba2cd9b5b00bf3a68f3675966610cbec0efdbcbbda8c28d2e3090a12c74c79314814a426c3e8d77cc38855337be2c6c2cc2b130eeee1eba58e8ccc3335e347deb05c7b8faa637ee8628ebad7d553ba8d7ab066cfcfc9738d201f949dc673c3e597af13b32c2cfa6e2aa5f75cf28638002594fb68c791fa9f13d63a8f8c36981fb094ff17610603b9f9bfa0783ff3e320479278592cf2de7ef5a801b0f04b1f8779f3f3bf1f6f5148f43c698799c81a30d5133eeb2f599925b008209f53fe34e9eae517b85afcacb69d1758950a234f15c8b5e621148a5c966a8e235bdb60f03f0c834e334f6231f53f2ac0e9a234f2018a39d98be0b21fc388fe0e250d1665f21884f95e12b25712fd971b9a70a6cd12136ff62ba9d8774f2b442656e3dcbd2b8e300c569b62f7b96fc655dd60694d64e98ac468f7b01663f46e6c76b2270fade0307a36f43a4f1b942f4cc60e56589beeb7cca477710863fdfa177d10db79eaf34517fc4149951a28514bef9a7350943ac3f6f00196e863e996c1621fc54228dd96a41eb403e66a02fa0e166a80b73ac3e4ba7288ec520d5275084036ab9cb6a80728b17285036786b36845f25e48b212ce8ff8937b61dc70ff85a930071d6f49c8826430b71d5994b099e8bb374c2d6c4263497068f5ff34c07e0543ae74ee79b5a0961dc8e1b8ae4527300bd48dbfee8cffc5259b8e84e96938652e3b281e17337fc98c56fb7a94975d8d0a23cf7733dd46916f80f8ef82800a3f58e691e3b1bd90af5aa899d47eed7c14ccde129974d33092226a8c99ce162c16a0680497afa300da5a5ca1867d0f002fa17f589e4a8a72e1cc7c74961e885d733033f502b8c87d8cb07b17979a73907d8ddcc788d8a000f2886a2c88233274132c13a4a8a", 0x1000}, {&(0x7f0000000080)}, {&(0x7f0000001180)="3bbec4eca4d54d6880e53e0a592f09fb974f6df2d33f9b25f77874f7454e5f7c4c48c1d5cdda3f13907771ec6f87ae60233771b512ec9c643d0513681bc158de98c72684c783f68074304453149f62b56213fcf40162f43570cc26b59d44f7422ffbee548adf926cecc80f20edd88fc37d760a006177b2b5bf7b3d23c0f2486d472c142f0d22d487c0d31462e9f23258cab82c536b18b3f0daa6c5b95918e0c3785f6db25045297fc5aa997eeb539b74ef452a2395785cd1d1f1cc3168ff4546fcbb49effde4b92698ed1793ef19c6a202a748b341d461771711343d885a4139f722d2a12ce29fd561872aee4275537ca42ebc0ca744a4b0845c8e5069c5580139c4e890fd47c79789e237d37e27b0f4d081a58c58c646474783ede1799cd4fbb4d9443a52b9a424e4e3f53e3ebd5fe6bc2be938a6db92ddc2c4c9f1b184210003a94c2faeba22a5a7ea4482683530df1d32343da6c4d7180e4e9b853f55ddc85692b3dd5baa6d68e1ae17cede2b091718564b7257f4995ed76c3b9b381529c53ce8ac8f5f875b3ed7ec643dadf8a9653457246fc20d94aa7c5d5b3ba5f56308f216c1cadf1f8c76c79fcdf95060a83fb7c5664d068a2d77676104a2dfc7e2b7fed4989e2452c038cfb9c0c884c1b82e94924fcf42e1973a070c24142cb4887e4c4c1d2084e31059eb55e59d54806ad03120227597bb4bbe107c6035e4edfef0c492057e597425cd47d2909772906d219e1a27a9fb03c711128413457923f1c85ba172a8876fbccf2cef2a1bfe41641e5c9c5e1b6d56f9f54f716acd09466fd8606364f01184a70a6b4cc4d8193726e98336d08d626ff56c3035d9f031f6c66b9ee11ed812f32c58fe4d58f4b549507418c385871df6d064e055a55d1c3ea75560d92b194c960729d64959aa22e6764cfdad9dbf7cfceb9943eb557fff05d7422d5adcecf2b88e08dbc0b170da07aac61bee0ac32cd454fd42ed546a3d48a3d73ba519f12d98f7193f7782f17a6f8b5f2d09d4f915d60880b30ddd81bbcc2e005aa8c25cf11668580e1c6e0d065e0d523778a0893838d4ebffb00f3fb63444e32f9ed273bbc03b1068aafa4c897f61ee36efb69bf6b645f7be1303f896b8d669dde70a248eb42a60fe2917025e40c6f46fa355b37ce8e7d4e1612db276407a5b412e3e8bfd0d2c5a7c7a5fac435cc213061d700b34b5342c67f99d2e9d723960ad6bc7cdd42a077e4e67085717e1ea96ed436e769e593b73dbeb2fd2908a44054d5cfdd741c21ab447d694e41a7b2464814911d2f4de73caee9f3a0a2f44e779f649dd4c7a9ea19283886ebdb42fe5f474619782b0c9d19d577746f0c6b8d00058cfcc656d9a3c35ab5abb33954760bb2e871870e5c6f7cf867a12ba07a334c748da9934817114e06c184b8b79643262577f17846986c1e5b5695713036966ff68f9427fa8c5ae9b8acca95fa05e74fba896ebd8fee838a2716d4cda136b3660c3ce8ddaedb6ee15b17fdc87b94fe76afc2cb74c0526ef326c233e43b7e6be12418dc4d9978d41d22ac6fe8133e010ab7c64a4d54649cc3dd6ddb0449a424d87a60c9bca805a827cfef79010bf0b94d77ad515c2d19c3b190262ac827b09a9463860ecf5e65b28686206072d14f5a8a0a2ac786b2e3ab76a25b2a49e2a8a5485c7e53a22569be9df16b3775441562d6ab0c6d740bc6f0ad1c75c799fb47a9b84d69239aa76dc21cfeab06bfb3a162de8c4dd57ea5c3dff1d8a51b7d8713d9cc09459a06407edefcd18df2535a17ef03274e69a15306c0b58cbc2974a9051a65fbc346c093df88f9ca666da321aad2f82ed73bc6f53fcc2f189df36e6a84336afa1c1871971f602781af45fc6499eca646998c8a2b1f636a2238e009754e74f4113be89a9626e7efd4edb3144a2c439f58be116fc116b7841823906b5b677c33f4a4ed75f96815934e7d12939c3fb3084765ca79180c651418f02ef27c8957571bf84f9a376fbfd39431a650ac241fd19ea8d1468dece2f09c990b97d6d8e51e9cfe13775785b9434e5855fe7fbed9d5aa238f16ed78bc750d8b4e115c67bb6dbd67793ab6ac3ee5939d0b491809f1189c84409d803b250fdba1983fc857e1c7b45c1b598ac77f247f31f35d25496a11e0aa52c95437bb7de6c53ea547988f7e67c523214b3d2ff8fe139804b7a76451ac054b61cd30e95e614ec57a0ebeaae8851bad92a098f316d4b4512cc2d08fe6436b9326ddf68c689f22cae666a7e65133e03cc4914c6d6a3ba6e1a7afb864aa6c12b43f32f23533367a6ee34ae09c3a2eecd61bec1c006030d2c99a6142a736bd63626d647ce24cba234ab3da4fa5bf452033795486fdb02c06b8aa877af00729e76d1ffc9662d6a5d815e1cf181543fa6ae67abf51fa05ad0c811ec5d7d39cd4d73b67dbe44996b1295c9f929487544673e0271c95a07c64869c4a0205b5330b0ec396548a5ddf1bce6532f9b29e649e9b43af0342c1ab303c14797f12e1fbe27bd2ce4d264e118fa97bd605ca91b690344c882302c5ace91e4a82caaa6f3a8ac5392ef84bea4c7ec5bd834c616fa1cadfafe2df9f5de80967fe891b718d37265a8a5356809acbcbf031d8309cac993bed71e3a5bcf36de6918614fe45bb1daf9d818fdb61f1fa26652b9aacba2e607da2d3580ebbec0fa9a41d909e1de8bb116ab3db5ba84b190e2441341e94ada152d5d4f97cd4a463ebf01faf5db6f5ec58c1ba6e98c7f11ff91c103df90c6f114302720336d48647c458ec600e02b76df21bcaa78176e612393d67dc86420bd841b25d24dff1879813c3bcf8df55acdeba00ecf82371a9b97c937918c3696cc13b5aa8fb06045df210b21f015719843d0d7fe1c18be6436e443bd3eb4254318ee9f5e33a53f6799c79e5a7fb84efa03bea1f5b3a00df87d338272f96ea76081ca1f40fffcb37218dd97a0ec58d4d79fc260b6d302df4af29999197c6d10d39318341b4052ac5b50a0dbf4d5721aabe8d339ea6c62b512ada232536ddbd8dc422d2d2cecccd0b5af01dbe69d332111bca65b914a088f81a4d4e6f2e2c4f49066dc6cefd54645ebf2fdd5f511404ae8ae11cf5fca2f0093d3396b6d67657341829dc85965bbaf6223cc6dab3cfe65da6db33f741a4f56c17bcb2234c27409a4ce65ad827a6c391e716f4f2d7c91f2d78c93ba42fc1a1c23e41bb5e7797388504e1fefd8a418f1131c5c0354e0083c37086b8986a959168eaf3ca3693de296c6d8ea7e3ea912385ebe06ac55aa9c325f10656156dcf2e9d9d2ab5d6753a800c33e6bfca3667cfa15bec59c47131acafa9132b659a547a29064d4c3ebcf8882ba2189779ba7072ef9fdf65be1b06e9b2f92bad560ff13b78e734b389855321b3514ec17016d9d8e10e13e86da7f1782cc84ef80bf1b718b747c9b5cb41a64491c2e6aa05abe44fd6d013b54ce8399dcc803cc8511243e50f2a7b100f2781b0b137b6de8ed9a25fe36723c52cdbd4cc1241c7c75e1561bdbcf04891e265607a14be148e174f5060d16bb160dfb3ea4539455e410ea3835f0eaae54b3626e66dcccedb9f109d9ca646362a31cafdc54e3e716da3b96c130980312ae1e063371ce2e4b3993aab916a17b0af5ca696a1e0e0da6f9a629b7c180998251dd2a1d0ebcf0e32b8b34a3db0a635a0ee72cf54802cdafdf7acc269e9696ac87fd2ed44ab0960d47dc4609068c81b16ff5b4004120c68af88794b3656b64dd40b39995d6b1b41d311909053f7a505511a5b750a32c1ff3b6e1cba27b950c4364b1804926780497a42f80bccfe4a352143b490cef3be9de8f21745c9e8ef0069b55d03c936d6fe037e7c663d099a19282a6d56593c6f4e6b45855505038acd9a48fbfa89628035149a962ae26d08ad0e06fbc5a77195df23dd92b7d8487b2eba208efbf3234b971c2d3e6317d20e3e78349c5a3b84e8bddbc19bc38da5d389ccd11841550966684df33a1517193bbd080595a05984b3be18aadaef910d71d462d298cde73c2dc72537b2195f0dff208d27e5abb0fe648849d6d884ebfffee7f0ff6609f7d9951ed9fb71ee418b2b3f3afdcdd361081b80297cd85a020953cbe55d932979707f8b0093731a6ebc4296b8a965e36c835c11a7f88f6fbef184cfcb279f96051676b8af05948479d9053d2e0abc59a13210a364dfed5c75f5f487716ff0bd18fa95d72552ac87b8b978be7617c063fd8c2ff2ab697e7d91a5f0deccb1bfb0780c8dbe1feb6c5f2df601aea607f0fd72a63adf2d209c5d3399b4d252d948a20a49347c8939798707bf288ee3f708c889cfa3786f6d3f8248270c894e776c2e0afcccaf8c6aab3e13710d074ef9acfd0d674b2e3fac08abc2c409845eea6b062a6e42d83c3fea2b40727933454296731310818c1833eb45686db8d46bc34edc098dcd30275a74752b22361929bbfd3b58364af2b2935784e7c1cc56211b50f4e053fccf19541879c429b9f3288be4351a5a4adf15632eff22785467b49b4b36cf2b919eda5b32bd10653725be4de6e42631f164a04bc80e6de333cdbcf0f7f0f4aaa2f51129307dc54e011b86ccb004cf2553455f9e9dd2de6f075cc9bfb12dcf18ce03043bf9d26546bb41e91826b9f34a0bc91c2ca594087eba47e9ce0c836502efa522252c694b8dced616176a17a5c8d72d6e907f436fe6bf9244410ad1ff60bdb6e6dbc37c8be23034b3bbddb55a6a3b27f501bfa031ae3ea7504ae4265f9dac6fc8c5c6fb08db61178b5ab01287c04d76a5dee7c273cba12353c43e99a65eb79da946a7032776ac3109081d8a60f23ba901b31e021b0ebc02fa320d4234ce9e88e5fca86eae238ec45bc6bbaa89a4121569e443b987460e2cd5b159db7138217016d78c8e0d11a8d18faa370c3533b3db75b2e01ebd1f4d28152457eecdbb40db60223a099999226ecb7ad45909103acc61f98342871909f66919f629854eb063e8d2a90c9f1105cff62f932da12b2a65fb939bb8d3ea06867988be2bd06a02aadeb0a11f6d0dbbd852a617bdb575a644750f71a25f3005404616c483023b900c800b1827fce8a525ba04a5085e2f535920654965127cb10ce6636c55c1e8184b136150dd96434ce4af413866dc8a7cc99065130a94cdadc3e0d3fcca5bcc3cc6a02f65ef71ac4a952a6c9cc85959d7170ae8c8ff2a23fffab8652618772da1b803acf131732815fafc972f1ab98fecce24fe987b32a7a7ddbec6ccd608cc8c5e45541f842bf079437f6c346cebf2c439b3f21ce4fbc5f614a4de86308a0263db35ea281b40e33876e4025fb02508bdf36eb7b721db55ef438a1c7fc4bd05df44208a63476c411c32725d5f0083d01dd5d707c1db84e388ba5b3166525932ca04c13e40bc1e0b1fc4d4507cd45dc1deb2f696cf1f0290db78d94a971c68687ac77db58d46e0605b8c0cf61b93a86580ff9b2dede69704356ed57b2274112c3267951a47aeabddceaa251d2d6fafcdb13477b8f5695c509b36a2bbc49d69bc3faefeccce5e885393b3db5aeb929322f9ab571f72c5d6313e9ed6253e8c290700cde2ce5554d15a58b3a6962a8082b25596b9c34d32efa1df6635e0cd8eb855ffb593fbf9a146a3bf33286ed954965633322d3d16934fdd13cd17be05dacb93907d805af5446b97f70f1cb258e732b5ab659e43ec4319fce622a8e154947eb391a3f0172655455a1a3b1a35c6f968cf1b49386443fa9d6a7de1e3dc28c048b54034bd5385defd2db50864824dab860d1e3fb7b15d0ddb6b3334e92c4f3a8fae9d3ed52", 0x1000}, {&(0x7f0000002180)="8350f96f3ada3a02c9324ecb100f8145ffa56c4a6031f90e268d969d2443a7d079cc43b9e7898d3af4b822dfb30c32b98a2543822d338fdd9a2688fe528d852670838fddcca698a131000a4ae706f2d9e9da3d9caafddfdde232f79b67f476fae8b56f8937b2d9cbb8c6021233c2377d192574f1712ebec68ab0d79081a90e3762c868ea77e47aa19252f901ab7068e6ef467900725392510d31ce351832c983f9a624e39a4765f3492ba9b56494a2f685b82bf7442dad004d46daf128f856f7b2ff7e2c9d80c1e246b81c6a2888268fced37c8f1e71bdfc5f51d60ad57f87feb06aded5e284914c31cef0436da488194e33259d6eac2c7adf9e84429dfcc9df103d2174738ec64434da20bf68c427bae978889b3637250a60bd75567245854556c2cd9120503a361003ea071a42fbf5080571f7d04cae2166940536c4bfce136b87728989fa796cfa8656f16a437eaf34281024873d6c1e28dd78e6a2bb75f9dfa29b0dfe64386636f22caa79455de63e3ea3c63c5ff3eb8ede4054b7aeadf45903c7c5c44729baa19df7531fd73fd341153393a7c1ba15648c42e5ce9059ee202a842eae2c7cc580a8e6402c458f2c97e2938636830af6635509d69bbae2b79c10f29459ec36d925a7b27626fb265014a963dc39766b474241125c29c29d90cbc206037cb3bb22609274a9dc3eb384d0ed3c59b540304a8538a6f5f3c1ea4199be24f1c3fc1f57d496f76981622d69ae7367b089bdd5b27e4e192231cd197d5b8c292cf7a5ceb2fc1551fb9ab1ee5bed35e10b54ac55c58b134ebf407731cdd1598bb91baa050ff24a8f804b959c84c69ed5054d7da37456ce73a8fb6fce01ff2d974bfec140365176a989f52300759f4bedfb3ff7725ef3cd8f51ed2016d7b282f88a50ca99e7a4b1bdf461e968381a9d86f4f95424c4e12a9c49e1a5feb057d1f3ff3a4062eb166fd729ecc16a42c85ec72e2c8e0a5ff778434d34a34077e2066ccb39104ec2bd66683d99d237fbdd100263c317b2c089fd383320343389197c94dac0b318fe993b43bdcc91a88cd645c279570e04c9542ec78ddca5c2ad2bf4d0d6a11b337a752eee0b8a95b770f9c5b5681f71fd6d9eaf882062d759e0692c9f05304a9f1c6b9bb841ab575de751d81c479db5a12d03d220267a22b09ec6cc0ac38fe5f986947b56bc64c8917f01f6f6f9654824e5ae778d2d7c1574adc1e712499414c1d74e778ddc6d232ab87988c8cd8324cba0f3c6cd1cce7b6956376ddd0d4c792e8262ddd4aa93e9161fdc2479c8d7feeb007caae781b32ffcd3bf8d2610ef72c01f4a381c078d5f5432d867f57a3ca75f8bc98f557ae461bb4ae5636bc69264f440522422bd93928a7fb685cca92b2cfcdda1fdba20eb46c791ffa5d5c6abedd2545e8150570b6008749f4d103c9c7bc87d8bdb20124e2680c8b75a7371a5d3d485713a6ef4d36bd1598fbf7b0759ac1197d07f0489c56c4c5480ec5a0f55554b23155026ae1b88286e8acc09d87c9c92e15e7df7e20449e728a957dc99fb59d701bf787cfc652ea6808c0225c004c0307ebe3b70497d4f092a3e25e8baf5859ff97ca5e00e8faa7f232129989b0669c63f266799bfaa86a08644a3b4c07351d6c8b644c268cebcd7578b197832baa13fb996b19d1421c4b6e77868dd9572dd0ede4b0b2a331650b3c3719493748d92e716eebee017775c6153606fb3f33b7dddb00173184b9ee5d65a96d25eaabe05c3e70de27510ddaa6a3d01af101c73c414a08f5ef11c09537ee22e859acf1ad0b1b47efbcb31fc0a105f46924c4b7cfe67dfec62050dd3b96848277f89a0ffaf33cbfdb488a39713e3b35ffc8ab417a86ecefd39bd9d5cfd672a6483501d260716d4204d8447e34e1242eb1ea7c98c949a2b1ca13ac474add5be6d6cd034a8ff222b30870658a227dbd1755cd9c7db373ba6acad46fbde35bf03eff48e072cf3f33ea904c642e6e98be850c12fc8e6a68631dadfa94517076ef15e61eb5275147eda9ad66b3d8a7e5b9e2396dd0818b328d335ec6d02ddb244b8de6f6143dd97c2bc56d839a7488bfe75ab83dd27884f69358e7c9a4e3ba214dbdc293d3617071dd177cf8fe6c6083c0ec873dfab24ec8726c5e28c09faf4c947617b77e81b5fc5904a77e0a54b06273d6f55968942dbeffbec9b035990513de9c73b0c89f2db8a306e42dde96f8e034dab92451b05f3f085f020711c3621939a392ca5b6e1138510cbb859a8e3238e67cf3a4afb0af95c745670a590a7ecc3b18ffb5a4344541125073db489eaf4768d19e1dd76087c8593669e7bd9c474806b91f0633273edce0b26b1360c672b8940ef4903e45d7716098fd0b2e1cb0e5715b4599aab647887e4afd2c1ad8efe3018493bfae6ab4d163e5217d3d06b31ffe7a04857e1c94831e70ea636eb51e6dd82dec62957c97d913e6237e7c851c7af1f9e431fe4914f8e8f9c273b44d4db28597e90eab088eecfd41639375da39e5fc82741a69a4c63a61ed863f6aecdb1db41af3f11eac52a3e109c75aaf7f5ffca98d202c9231b29f2deb9cdb37bb5f2a59d597b2f4806d08c8ba3878d7bcf46e999200a3c0420c9dbfd6866314fc7a05f94494a49187af5b4156ebdd463fc6205bced6a0965cbbcaddb7021a1a29ab84b0944db46d742ac34fe880c4a8742533c9d0da282dc263b488248ef4213eca828e0671ca47bdbe2bbcc45e34e9309cf56edc33f672aeb734c36571318952fdd5042345c232640ffa4a486ea96365a64bd9d841a6fa2e6ce7946c5596f75f7460375447910321804efde9455a1152010e9cd776dce564abdbc3b432879cdb2ddafffe0cd0b068a1781696e466d524c43cd86ba6ae35fc506c86aaa8176c2dcff3c825e0449be4d7537db0a4565d4601269bab01082ef8288e794e9d51cf283f374751caf295272855e805a541bee1dcacd81c796b2465024a1035b336d54830b54b10d00b560f0a8efa1e0f46f2b4490e7c010c13265784086ff8c4f63206a249f751183f34b40bbb79976737a32f3d7a11344516439b3ccdca34066f6ba1645a1e82f53be87d016c138a3ba0c79357f42620c0dd2858f61f287859e8c32b7973626280e3a722448e7a2a6fda4bf82f28fe03e8e9f687b5225ace23a73812ad0f1d77f6190771e6b62e0e5403233ea78b29465a7ac8420e710158fcb610841a950d8177b512bcd60c64b0bf50a45dc09f364597a79707f12fc303b30f4fb517c5b17c2b4508faddc441b817d52e2f3dce7dccbb5e612077f5c46814130b6ba3e944780da684c6d14c749cbd09e6eba321313b83c93bba10114fba89598f0c945244c12b1473a351ff8b83d929111f2e3d37cf2b39a02c497c6c704d7a23ddc1fd297ff21acf88fb65022753646592034bc7178dba70f743299716629ef30249875fa8f73996b0a3f58802acee2c50000dfc1f36c57df50ab14299ed40ad41994148cac55264c7b437661455a028994bd5423903273062ed12358c3479f3e78cdfcd3bb8566e114af50adb92dc2b6d4676dff7a013eb6b366eeabd027541fdb12581ab00a238867dbb456f9de5e6bd7979714187ea53c9e19971e5f238b39232d4c27c07da0b96f24b6821bd2664e5f0f1ae0313256375d26220a74f0f34928f6512b56dbe8fe17f65ef09b225651c6a40b0cb44e31b309294f0a72459e504c6a32f3e1c3421ed2226a834115e8e53397ccdeb6f5110d40fd89a23ab3556d112e6532813c72e877fb72d10d69ab034f45d983a782112e80764a39f89129ca4c95a9d921a12d1a94d3b3f3c582170cfbf1193c9141bae98fac43b3b4982366d054b2edc2a8cc4888404cf41e0e004e650155254edfbb9e8c014302b0a87a6cad343266a6837eb3c2e66b99cc3e7a921619e1402420bf19adf1529114afe7d9fb76509d5238890ecd759f9165dca1899f1e7465278290b2e9596339f4861115030ebdbf2253f1c98486bc3d1b03e30d2cb20d8bb65fe51b0b94d099bc8e53901f51e69942c2aa75a2c006084ba624ddc2db8bb7d3036009e6280ceebbfd2b98fa177d2287057afe14cf745bff7c8b7a5a3fce8c6d5b34c230ce53a6b3351039618fae8e930784bee985190b208c954849f80b30e8674f7968d341f4133e206541e48d5a5e10ce7e4247c016099600e3fc60a86115b55dcf1ba9ce5b895e72e1511f3d2ceed87bef098864804645a91649a4d1a5a15cab91df4e0751cbc14bdc6e37985447fbd74a54dd24b838f7019ba06aa5aa424e92f2e65b57d2c2bb6f9e2b8c1471b4be8bc95805727c60f675e7d9db374309a918d9b9e19f3d666fb0ba1eb3ab21bb4dcf0bf560bba893f60fa6d358324df295591f9ba8de8085ba425cdb2986c9101c41faca5c4289c67f4428f88d50609b80795ddb906bd7309fc500ef1af53bc1f78cc7e49b7e06cc1a68032f912c95a12d421818abedd37e8bb6aea7a7668f090d14a3e6e7516e781a8470487b6fdfc1ea3ee2e50b8f8dfb13d5be3f9b24620cd166676fc6c4dd176a8fe7094df041a98fc3d7a79251335ba8e74c4d2f538a2558d32ff2862c10707143a5791dfef422ffe5bced932b9e349bb3ba44aed653e21345238c522015bb76c49a2248bb40d6582a58c19f161d4a62c14e304944c74c706827c69a4f1d54dac76a8f45c9a5b26fa71b759cb92615835c453c8cc8faecd6f1a01906d5bd4c66be15bc73d9fa0076ec5c0d39626c500e63bdda05bfd9d170491b060641aabeff4d5875bd69aae9cf35efeb1ded5639ae58409e482aa299248e46d27a22d0b3d128641f647f1dbe52a9752047d4738cde306c11ed514ee892f6c79fd5e808d66299e361b5321ceeef292038b7800efdccaaa4c22f15b1a26b5fe0a2eb14da3420f1989aca52f8666cda4d8f7cb480da43028afe87707746238ed8a71ced51afe622428b1cbbc0e5591a03fe462de04581aba53527ac91fba6bdcf42069e4b2acae3fdb350dfbebb318cadf6ce473354dbdc067eafa31951a4d66d9f82b520b44a45beaed9ab597ca93f83d094f5d97cc6bb1989cd71b77e2e5eb1a3da1cff6cbe99a5e90e3169579767d1ef2158a17e97432c4d55c720f5d8c0403932f19b6352aa032880b00127646230775ed804662e9d79e58a2e1e6875998df45e9a4d4dae95321cd68b344cb1fe482772b88940648b4618ca853b6a8d5d9fd6dcef686a9c8403c4433b43e442b2926f7e556ec319be740ce77e423830e9f47d7b41478d42f4a331128fb1321bc83b710ec3447af920e0b28f0614eff233bee80e82819b4346321b2a1c12a5893ca68395ef6cdc6595cae9f2abc5cefafd01eb4fb5a6facaf2f420a4076d7b3a89a2dbd2939a5f00892298d8b3eb8f2199fc74bbab5e9de4c2e6546ef14ca8157c7efff1b511c99b9793ed0164d0b24fd9310afda4664bbf6c343687c293b664eb4c44ce78519a1f79de54bf61137d9cbaf4230f3613174332667408959e781f3082e0504f3bfd25a0da4d6c47fd718f8b29cac77b2cde2d982dbeae2fe18d10900e2aad84afd1a9f4d2bee5d0780a3e52174ffd2f05f0fe7a48baf1c586b156ea6bd838484077cd5a5e09831c0db32e5db998b128146d10713432759267126d1fd5116ad27af5e68393eb5cb529d5c1619bb694de7615a25e404532acc46699685406bd810f5fcbaf571f6c7905a59b50db7c6c9ec6ce7548f67f1c0e99b4f81b36b86b5db272a56eb4233656a9d8db1a2c8eefacc7ba509823edebd11a57696f2879293c86a1a06ec16dc4e638", 0x1000}], 0x4, &(0x7f0000003240)=ANY=[@ANYBLOB="20000000000000008400000008000000fe8000000000000000000000000000bb18000000000000008400000007000000e00000020000000018000000000000008400000007000000e00000010000000020000000000000008400000008000000fe80000000000000000000000000001b18000000000000008400000005000000000000000000000018000000000000008400000000000000030000000100ff0f2000000000000000840000000200000007000200ff03000004000000", @ANYRES32=r2, @ANYBLOB="20000000000000ffffffff000000010000eeac92808444f6d10000000001617d"], 0xe0, 0x4000000}, {&(0x7f0000003340)=@in={0x2, 0x4e22, @rand_addr=0x5}, 0x10, &(0x7f0000003480)=[{&(0x7f0000003380)="ddabfb1434acb81f288b18a069779001dbd40a890d6e1d1fdba1e9770bca6d1752c4383e30f625ebabe3cf739b5baf5d47582dc059d1da61df8dea54defe5e47ca9eec98b1fab2eaf56749a0c6b3e788c4a1178c3a513326c1db314bb3f3ffc00d8b275837fbaad7cae8d289ec8ad68bc1acdd70b98a591fca8db6c7155a6d914428ce3e272dddd9b5daea8546645195f8c4160effe67d79a4a5a1b506e31f0d3ede06be6d6ec9e16fb1da9d1f0764cafcbfce8bc1b9a73a9f1dd6d15118c9791380e31e596227ebb75fcf7daabdc41c12fb38060261984710e848a49d4103cbc4ca65335170bbb7f1ce9aa0d033208ad98ff47774ed05d2d233fb", 0xfb}], 0x1, 0x0, 0x0, 0x4008004}, {&(0x7f00000034c0)=@in={0x2, 0x4e20}, 0x10, &(0x7f0000003680)=[{&(0x7f0000003500)="c2b95c89c91c5dd6853aef9b402deb59873d730e1e56e9a468d0511f6e3c2f117779379cb905", 0x26}, {&(0x7f0000003540)="b868638ca511c67182e5487251c21cca706671b5e974fe028374a7d179fa34fc7cdcbd4a263dcd2119c848c9201b767e60b7665976df2e15b80a09a37940f2f6658f7c27128859dc57512795138436e324f422895f5e87aa84e0507f238e0ebc9c0d2a7013f1a4fdacae37c93cc98ea0d7fd7776ad077fe7a9f56b81dd7347620640d400e9e36978041e9f267d41857a1462f44667585b55374d0fe21b012b60c37bff8f46288be81c05b5c52d1577d71b5e48d50e7c289e94fbaaab3b7fb1b8f21a63d96660f90de6f18b16b682b017b6e95ea7e658fdea3d8a912e02fd34796b9d510ecda2a36d6faacaf418fa3dc6d361ff0c4f6e", 0xf6}, {&(0x7f0000003640)="eb1042491e87257a8ab0910660cdda4c26c9bd8a8821947bfcd979eb7a283726112754fca981", 0x26}], 0x3, 0x0, 0x0, 0x7994531d5245267d}, {&(0x7f00000036c0)=@in={0x2, 0x4e24}, 0x10, &(0x7f0000003a80)=[{&(0x7f0000003700)="4b3c3f38a3e9b3972641ec78092a92b510243ba4b6ed72eddb4da6c3d7d455d2e22ab7b831b580686234426cbec176f70f815d6fd5b7c8c354c1a425d2cc879f2bf630d37013fb887d81a0970b029e053e7b9280bf5354675fd239920181de599cf3d124e92ddc4556e0e8a5a61c15a67f88331003e9cda1478fb25974c3a65528726595a95b66e31b5af6299c27dccde99768766a5c85d89eb81cbc1623a8f222b2b52191a9ec87d4c8e130fcdf8a", 0xaf}, {&(0x7f00000037c0)="112941f1fd80a8f23d87b04c47d3a40505b6bab23dbd987fca9f25c97282c094bcdddddfdceaeeba45056440857dd5bbe01ff8fdb9a978474b71cfd6b91517bbd5bbce028d44ae70be8177b1d7d7bf6106456bb990c09e9e9b28bde57dad3688", 0x60}, {&(0x7f0000003840)="f9d35700f7920be7465aa32c8a5bd75dbb304ce493b5094f7ce51c436510002b83779d33d39ab421a73574fa92f504404fb2fdc0d09e616ff90955c144be799d902f7106de3907f181e2cc1bf6859c233994465dc461", 0x56}, {&(0x7f00000038c0)="0a3736f445f9bafcb112297bd40a2f057a9c5003", 0x14}, {&(0x7f0000003900)="2677db5de49ddcc987b44a52d5209d5fe624f583f2586e9f4a2e5cb5928cd4f848cfcd3ba5f9f1bdff06116a26d155470eea7201e82bd5766437e55ae9ad200b5df229e06c6e3c16f675d2bcc00aba7ce8c8b494b4dd137534459b2154906688185e8da2e1d4a9dfcaa07e8bbcac6c35af8069c12f31aa19b52fb6ff544667e9d000c2be190d108f45537b442f0bd1", 0x8f}, {&(0x7f00000039c0)="ce8772009b350d54a2ae5d74c08fa0175a7d7b81439ceda6287e79b02595e84452e0608f8f833af70e546a763854272cf81a923eddd1d3a5de1eb53592372a6816a94d4e57f3c3a85591007d6263512756b2f35743318436f3f1569b3b8996276f94038839890fe6ec62edac76ae3a6514476ce792cba6fc891ead733e3b57eacc9d010970a85127e04183a990b15a6ea276248a63703d506cd747124c284caf2e9f7437fb739b59a3043c4bba8224544152e9", 0xb3}], 0x6, &(0x7f0000003b00)=[@authinfo={0x18, 0x84, 0x6, {0x8}}], 0x18, 0x8000}, {&(0x7f0000003b40)=@in6={0xa, 0x4e23, 0x3, @remote, 0x200}, 0x1c, &(0x7f0000004d00)=[{&(0x7f0000003b80)="022e3289cbfbc20ef1fd46bf9debcc87bcc23141dd3e1521365432a35f2d89a4bae216117d8858e750a8b5fba0bd5cd618f7804ae5c68376414c4d51122564a89014376b3a51a06c8a0614c380e683226a7c", 0x52}, {&(0x7f0000003c00)="a9234f91bc992cd25f663c4f0eca2a25443be26cda69d914b68fa9ab643f25fba04cc8ea07b445750c3c7171dfdd414dd45c36a9284d44fe3e898c27637d4c2ef8f7bae20b034a0dd7b56f2b2a5173eed8fa26d899e7e1200939011af61c13b2b38ded54ab9d3c637869b2a6e825fffd4621e0cb7581af2b7ce5530a6b635de33686bc930df30129f00f7dd28f974a3505b734367ebc26f4bed76c285bb9d6128ad781b45d1e57708f69b5089e7365c0b6993ad84fd668f97cc469aeb7c1bf5dc34391dc2ca23fb15aead39827e90296244d0094383d5e78d592c08a15cbc43289e64b1131142338b7b4d1a9d5b88b0562af4b2bd6002b65875aaa43b169c8d1c36afff92de7e96c5fb024a0f63890cacd58a3b953ebcad6eb1596f24f6210910f153ca42af476e9a3fbe224f0934bf6352500967179b4e0aa1a91141f3c5202dc75749026a3cf879a2b30b4a6dc2e72c3e03c0cc36c93d99011ac7d7f95c8ab4200261ff22c26bff2dcdfdf39ac51a6eaddf603fef8eb93573c120737e8a361609849367e68d8f25d011b46fbc1fe996dccad2b27117b3ab3fff66a357d44c1e4401c487deaa3b9c064d4f646082d154ee2c24e525f27c718e0919649221df6711008dd4f7461cc6aba14d585ffd30b850ff3c07ba1d93a24f544779c6335bc1948a141e722cb306a619c76f8a3c6743c62e585cbc5da0638740070eef80f3e1b467a2f3b62dda4a0da5cd9763b34c394d25cfc40ec85d439e66de7d23715cee0ef8ff8ebf64af8608fcf780960e099eaf766e559269534457a14daa53b79127aab674ce3c38bda4552aaa54c8a77a4a248007aa5ea23b50bbc96ac980474d8951272f9a6ef3ef240cd61bb48a9bb0de7256c0188cb40dc4e9c88431f5ea7f2f3b2c8fdb8436ef8d0c9adf2e5793577bd96417184c266167ce9287fc448f0f79028afb92f721f53f0232b20bca86b1dbb0b18b6305f0bacf2c17eca125abbe1a23c376eeb8ec2a031cb8779bb481f631751dc7d5eff9fdeb1bec48039e2e2099241a301b47ccbca4aa2c8d30ee7983a734d7f1ffd0e178907d789f730cfb6504cbe1743a422356970ee7c9ee354b8c5d8561eca06a45b5a690988149a3699f70726ae899f809edfbf0c7e94d0d4ce3a1ce083c7354a6f208a2019e444cd93697f350998f97d5e4ce81723ea933040dcc1c5d73d4d0e281334ef965c0e145c3a0ea1422d628f5683652f5d8ce529cf423139cbc6e471c62a07d6bfb01e593aca2223c997f6ffb4e3d731c078d76a55dd17f34939766c23191261ddcd2e387b12ec32276715534a0141ac9ecf5bf3bab3d8cc347225c24caf659da1aab68454ae1de22a0be2561efd89d2a1b7776400a6bf99403566d7221add44d3bf615eaa7ffb61885be537f2fddfcd05c042387b50d63f6dcb1330b77eca400dfe5153a87d7b9096fd0aa1c7d7eddbcdcf005de404320f0c69a2cbea4e490184c5c0014b29d6e0346d3e6770c6147ddf0e136d421f07fbe7292a78bbc3d504841bf80591e783bd226bea017ad981279712880a41d0cb65bbd45dd48397c1e88712e2a36f5c223cf5139f2ab3c8ed91c80c9843d7f00c6b9e831ae7639069d3162fc4faf8b031c032b7bc2f6926b9d74ec811fef225c2890823bd8b33fa5eec0c66b3517dcf897f3f2dfd0246686bbd062958a5dc1e5aedaccc51380855bed85936d4d0cc50c64bc6da6263b48c7cc658e95471913bd389e4b3d622326d991115c0161f56f3598796f878d5cff2e48a36b93897d668163dd20d1e4c4d6ee6074cc908322f0c7885f89c3d3283a7a1f561c9a6bc7064889447c75c154dba996ca6df29bc3f87406a7df7f8656c1c19d17a400ee065627bb35e936cdd452284d9fd18f1f577d461aafc9ba6f54305669ed793029140043502dd2079018a81b00a1fc8e13e5b8e8ee3a85ff6923df4853e876b669a6847b34106fbb8fb851cd176a56242313ade16baf43d03b8c7239de768e70492351491b58868012b50f447d3bc9295a468725acb2102a11bd81c1281d6a096f42d3e9560bd8d3b26167b580219153eb4e0ebc09d1a0f5ba8bb6e851b643e60a312fd899111aa4b288dbc623c7676428f3cb45f9d21dab28b060a9f5a8aed2b6cfc6ee7a2c10d659ceee253c15864f1b4a9c39a3da4e760684d8f1a85d7a8bdc3e507d9adf81d5f89e2e94442a0174dfb6a8d46b39f291d7b13d78c3a241e432a62fe20819fe4ce1b7f4a60ed90dc9eb95f61c3040e44ca5edb24f089993f506d464e13cf750fcc5d740d46739c28e6ab0ebc95cc00e7c140d9785d7eda1f26c5438e9d9b4c4b2be1e087f50a04476cb2c43e28e7ae446328c29a9ab185b8d0845042d9fde41eb6bf7b9d27210260ed957ab8d2b32072697c05d11bdee5449dd77434d8169f7ed625b399059994b8430650507a8a745cb7efee040d200fb15815a5ec565e2035f7bf3925419c4b2938585444bdbc49cddab54e4793b105887535b4fe3d67c1de65e58664f6abc13d3fa83c85ed27cfbe10ac055a9f5aebb00aced204b0470af62068be0c6773bcab798913ab529f875a8014155faf9c2cf489df363e172a66764c50e8ade9a2fb3a3d9a1ebc85b67918b99e0d63d496a7c8737421769e96112c9018cdc22c3c53a1717f7abed30b6bb34150041603a73c43e5570f9750dc935dfd0ffa72e4045e04dc654d84f81b9345b098fdf9586f4a1228d11440f1877b1b22a84b477398c976ae4858b2ecd6998a14f9c5e23bffb405f12e9aafbbafd39a74f4feb5dc3ba6c783f866031781759610131938d78c05fb53ab4e049181862c583d0cc07ab28351e393f4bca74a9b24edbee3d60ca9844fbc6d6de5fa46244bf82baa951b50449b2cdda80fca5e6a62fa3e0298e6cc4c58326de7d1e6aab40be426275e5db8702965eaba92a1ca56669fdcd64428ccb11c4e8c879d3d634ad3820ed0789b26136f83c59395db38051802525a8708738f26a73a08055e47c4dfb5a88061252cfb997c1d37bcb4427e7294dea7e74703e511655787546bcc28cb3c23394859a3bf8a3e50e5554aef06b1d810e686ad0822a22e3e636d0597ff626030e25de7e84ce9cc8732d845ffcb457afdcd3bd00dd719e4f4966c8162e666e889070b55d8289bb0ffea307cbb9794da4d6c5b33b75acc8dc686039e63cca177f09a0e43dbd472ad18ea76ec40c5e9551bd7a771006b54d634d5ceba8b6952e3695b0bf70f0971e536263f981ab88ec7fdfdc6740095e172a01180256add4088add707327a858f5e82bd625c5b076cfbd32a357f6c6ac83f0ad711f0c2ff4d26d80218e073f5ea75a2d1445986312589d1556429a1ae88a538c4d1fd9c176bfe89b75133c9b1cecfe3c0f62c2e06d48bbb031fbc11dd06674f21e704be399fdb53ea0f5b03ae5f9b7802daf3f326a9df5283e8e58698496a758efd80b0665201c1becf28a843603c4dfbe9247fb0b9006d94b7f48eb1bf5deefed06f572c5b5d47bff97824af49995eb36a77ed1528b6eca00ab3921b0ef2bf963a0c101995a3d5bf505f91bb3632da4a7f1f31a87d3974eaf27e8deefc43c259dcfe675ce791a0624b3f3b771a9c2fe6c2a454167e4ba94b970bac15fba07fe6e1ee6cb42d82c5b3d9011bc818dad9a428019a00ed54a1e6af933876d83bac874fe3e28760a90794a5e802be4d5c33c77f5b8ce6ed0c09af0ec264c3b158e287cb8a7ed12950336770b46e3cda664d478f3067ff11a901219d1e7f21e33bb6b5a7a0e03aebfab31960d82c3b42f122e1c3b25b24d87cb19712db0c1ffdec2216403e3ec7a9b8b0ca1e0ff9f51c0ffe0b693586c968a55c49c643b8cfea9a45535a30e85e666281cfbae3f0272edc95aab213eec9c03a052f07fd5d3514a021b31f36a0b8524cf035faae731d5a5ed815e12a13c1f1a68a5b6d588234ea75954850171e9309ad1bd2d2dbcb77bb84769b9edcc9add6e55fdb325816555b0e329b68248abafe0753b4a1703347c5fa8aaf639d86008f7aee21e7915ce855df61dc428cce3c78deefb0298b68aa23f02523738fa9ccdd7b80ae06a5535695823102810bc5deca576815a61eccd6a9e87e2120e6430c99274dfadb714950af7b78ce6cf90da787be80085418a30f7f66f9191102a84c35be25e898cc43f47b4dc933d285b2a94bb17eca7886d1f795a0bd676fc66f64517a0d15f4bfbd829a54d4cf08064cf1c8f15dad7d8ff4869ece5b3b7f8836bde92165a18bcbc1f78f7dfe7dae714d8da41424148a0aacbdd08da3fba7135c4a98a4cfd91b8046bc87cfedd596929166c3b3645a84159be27038717e6dcfc7d8947642d2c7618c8ad4a982470af608250a1ea55853570760efbac29d13553ab271eba85d68348c413a8591c5bc73b61ba4643a3f81794d931a3029e0fb74354b75edc9e12fb77a64eee5490221dbeb905e7dddcced411c6df3c468f4a6d621432a73a300205334c77628cf60108c9b708e5edb27fbf639622a881fa1cf07f9fbfc28a5309c8c8e7b4a2ced48fdf48a08f63d53cad09b8a9151af15488e5f6ca0b554608d8cdc4a834f772888f2ee9899b585e17ec962fc98e8e89c63ff6f055e9ac913fbcbfdb0d7c2558302db60c221b79c3ac579b70703e8b15fc1300996250956ab37f0972aa9a9f3a3e339e5db0502486eede8147663cc85da570b1c5cf90c1ffc2a9d3ce5867db58bcbaf552d2d3a1546fcb6b888ba676a53355bf8bfc95f104dac56b18c1c00106de2d3b40e8cfe6121a20cdb51e6a0129a72f0d034a8c12fc0a79703ad3808af787af71a083ef990bf9cbdfa2e35e96580e8deea88c276bd5910240497787c2660d0193190204b7e284470539afac201d832fd968d2aeb7d80c2b957df8f418b65622e9e4371daebd9cebb0436b26c704f61d7a6c0678377eb5a6f24f21f1382b19753543e37f71e6907ac58b2f36cce98496e35fa31c0037fbdef13b2ab1360b6095c0c178c1c1bd268146f0c303dbb6f950483adf8e0dc84d392bdac8251b1e43246e2b3e1d7872123bdc28ebf4a665a13aaa94a2c80105d62ada59611b8a055e35d570d24eb69cd79b992c38454d8f00b54e613174f9fb6d2c877af183865e802a6a88664dd8325d8b7026f5da9a40c14f630fea630cd3a3c235398d8b68de831048136f75b268a44bd33e51d707a2ee549bff29cb53b6387fd498503de6bac8bdee71093e01b16ad672c6486333fc3742653e4010bf3db9078fc95d47f53c695a5b4b2328e25bc013b06eaf9bf6b6b61d663eab95fa3cd088635682598b673713cc3371ee46143d99b8c91e5e47c77576d759769ab9a1e895ae020291c3b2ea8d509a6898f9b2a7ab42976dd3433028610550814b5c14c6ef4a2eb575c2b046c898e8ca43534a7556e1d4efd3166fa7391b38368353715ad000845de3772ef4c014242ffb2618e27c5aa3d7ff95403545363b6a8eeff6499776a6a86dad8dacc6b1608cab38a65308acf7b97ca9726180c3cce8fbb89bb166fe2ab18504c8746fad13501ef9fbb22519ab6645e91e4f34d617b421758502781a2ba63d3fb45de3b77ed2cb2fb38193f8604ec6e32a108849eb06fa32ec76c5ef4486596a121972834e0e3632d96e76bcae335e71ac6b765da5c74614fcd5405e93ef3a938e5637bdea2e3491f3f8a03b56b518a189f515cc485addc3e7267de33050e0c454d9089fe95e3e7d3df8fddf4dae22af56d2c3f63349106105ee4d293b8b7689995302454c7e2ff8e9007722b5558c8ac8cdb12", 0x1000}, {&(0x7f0000004c00)="1b218e1679603d6280e2fd4dc8cfea7a", 0x10}, {&(0x7f0000004c40)="c106b3fbb1accfbb5e82fb730302311e7d3b785551e0af5d5f616befd2c4c0677808839ba741496ddf50190fe8a7385df8ed3652cd49afc96dfbbf1da517", 0x3e}, {&(0x7f0000004c80)="d8fea2f57fab5f31ef44feb6114d0269c8e8ab6e04b374424b5b8566ace5d20aba45260e3bc30699c44e8e3ccc69ce0091ee9e3c51563547b00a038df3c9067f6ecd52f109a3b518c726db11b09d69ba3a04a299c3cf4bcb389cd2b89beb938a87eb07ae6dd81d2e226e7b571fada63cd488b949bd37a47e39", 0x79}], 0x5, &(0x7f0000004e00)=[@init={0x18, 0x84, 0x0, {0x80, 0xcd09, 0x5, 0x8}}, @sndinfo={0x20, 0x84, 0x2, {0x5, 0x800b, 0x0, 0x3, r3}}], 0x38, 0x40000}, {&(0x7f0000004e40)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10, &(0x7f00000060c0)=[{&(0x7f0000004e80)="672885039f2dabd3a7b1558a85e2356eb5697fa594112e5c1bf4dbf7d345b5f76edcbd441d4e8dcb153c34843443225b207e2853dc2c8aad811eddd9686ef760743244b0179f74c7130667a5c30708c7a501047466117e497524cb01e7159072b0cc1941c6319a58d00d8668d4786e41847f99bf16aedf76611ae6a33d91e9b0e9fd28cab06cc0bb54f168012aa8c2982c", 0x91}, {&(0x7f0000004f40)="10eb13152d414edaaab2b659a60f9a2d5357c7e6c2d874277b5e3f281de9dbfb94915e49cedca850d96f66e1a8c45063ce6caad0226fa8b174fca8efed3d67f7128417168329af36b00837764a35f25746c5579acca82ddb06ae8d798e25f74518e3c6d95da81952662b88c46958422069f535078d7c08060d5a07b7f49cba8b13fd117d666069be231b125ac37d4c7e332519a188704ca3a36021c84264ecd865ab65062c529eb5673191eb2a0bf9aff31bee91607dd08aa823cc795ce83546e2361db03f695848542167693295d3c835cd8a87cd10cc0d4a55f5e08bbfb5c0792329888e23dbd0189de56a01a124b19bc327b7750310654e9cc3d8f5e8b33918b2d689a300606db59feb0df3b21b8bcee3f6ce5a5450899eb04c7aa8344c6797215759d46115c67eb1a6f0322076cfc49b10cd1720cdb2f38f872e0883d601013827e5d4c5096c81bfc7e08bbff502e3a50f9f018ad81d0ece375ae4c58d1104ec022b2385f2ea12aa2dc6e5e68bc03803bd5a1c16e167221f9e6c3169fa19e3cd4ec17a57d63ef6976de7aa895f714f2598fc3af3d88c921d87a669d0a4d24acb3c567cd85e5bdec029c112ac3e5e3760d5081172747cada19d544a63a00f551cb48fb83c95bc6520b534a2e1ebd4738e09c46295f3dd2a8a8f1cd3b13a68da6429a67ba8089f53004c63bd4903d20f07ef3fc4c3a70f143bf805e92af501de2671a9d652dc78d345fd380a3999cad88d7ae98f0ba52375bd66910ef726819d4d2c6bf22555379f2e23fc47c1751299317928665bcae93eecf32a6fcce08d7da41271e8fdc30b44dc3f712b304e866ec1f37bd73dc734144458f4956aa906eef7ba3ce1506582d0c428dd6a7ff3e168cbd2c50497ac6e4951d24aafc1e12051974d8b37c567bad68901473082ccc8868e9d703122094a3b9e875a24118171f5663c1b25ea298895ca93d2dc5b28ea98a26508ffa9b4640a6c39b7e609f15742fe3933b12bc5dba8356506ad8d840a058b23420cc142a3176cd8a9d05c6dffd2840c7024cb5316f83de552991f306e8df305b116c84babff75c88fc7aa22697e740e1c9163790e41a6262311e2dae81cccb8d126a6dd859ca0bf5a20407f7c01f53dba53e753fa45dc269926e2c05c4f27d5fa7bbe32a08d940fafbbfd82ef36c2ba084b412ce2872457f4cc947d7c51a55c8775f86311a808b5355ade696739444b977c37aa7cd3ff514ca6b0f677e9e4c5159131d903331c3fd011b6e68b02c024a727195e2a1ff042046b2690a6bc626565ac05785a4a5eb709cb0784cd01ad7471363b8f8a09027f131a1a14641705053da6fe073857cc2577986a6c2cd69acd888df294c60e37321f9d72ca2a5bff5956499292e7fa47a2976fa7a767d7534c9d9ae2ff393a8453833330cdbc246a814663fd58e53480e44e233df17a39c949818a75232a6c2936db3b05095ac9547d208e06e026b0defa7087b1f22f04d15c700ebb6342a651d5613b0b15f30a0bba9f4f47c57e85d4f8f94b614b9ac078cd50a2835e86a0d9f8cdf8bfd092f626027eccf251401d802a401fc1965ca2c24e32da52713757a540c06ef4a941f4b42edaa3215b1f393a906044cd3193c5164fb73ae66979325718879287c97fbd7ce88b03f1039d17121ab2d14bb40e4bced44d636f10bc3789cfe23a1a8df28ff4294baefd6fa3ce62f7157ec321025bd241e78e0b81d7fd7fa98ff78c4bd4f8a960d1203a60de18e182e1e07f931cc1a98b901bb14d6870fc8ed31a3b702df575c47ec0a32c3ad8c2df7894b4a1c3236086a6318d86edb0c852c1a94b27891c9fd2492b3fd92e96a6e01ce52d5d4b5803872f4b54e1885c15e4a8fe0bbbf7ba28136831515f7aae7efba5bea90ae778167cdf6ba25dbebc6a2792197bcfd88ec52ae418ee2f5dfb6969bf771a284e07054294e1450192e643a33b22f9a9b2285a9475d8b7d70ed717ff6001ee70aa37316e81c2f71ca0fb5fd4b743052981ba9a10cb766d86f70e4106d3841576ff42778434cd2fd48bc16f07e7464ec705b4a7564945c681b9c4edbf2ac0a381c737da8ca583597942a320ae9dc5743b0be620e7d219680fb4f33c4fbb45dd174e941d5187eb7f657fce5ae5ed0870264f7e260f3895940b97c7280659da9e0971db6ae6fbb94f2e363d58d5f993a919b8c8299e2ca538c5ddb9d540ea2b1578fe24ea275f3bbf05e865c9c57e8faf57b94bb15ad1c2dd3bdccffead5450a572934a07c6ad4a318b9aff02022ed68b662f52f95ddfdcc388923fa1b94bcf0af609a2d747b5593c199c863144a4c58074f2a38425d09ac26cb170e1b42bed1529ae8485cba3313bfa7e5fac793b6b16e17ab6f1d1bec88876a275f4591f188e9feaf988ebb34fd4f326d1060ffe9354a76d2544f651261e6ff20becaf26a8dcab6ac802d9309cb7fdd95f04ae2d1e69e5757b65b430c7de78b27d3381f26bf708002136d821b983e1410c0cc4e1420e5cd4ca7da95479ef1c7d92e90db639bc7e711e527472a7a6504321970a40736891986604b595f828f3fc98346d54bcb4ab758a0a102c382610c25c6364377676ea71a884bc489a9c9d1dc9e8aba5fd22cb1962d74276820f46acd85dd1c790c1d368080f868750776b645cde7b97e2774f8a8fd8a08e6d62b0395b91626297f79413a8742172f4336bb042674e29d222cccdf62bb470257b4ac8c7558ab336a90ce4d797eefcf490b6a9fd5a5237e576fe5a9132d03c612647320d9d86729be8672eb0246c04a27e32ee903ac58619bba3ae7267d8d89628b15636af27d220528fd3c55c78b2e874c5d5f05f64af1c8f141da7eae77727e47f741251ebc5f79578c39b32024e8e3f7af08312e048f6b90e9e4c4fb177844e7adeec9ad0530501c13218749bb93929601530e0c1cbe4f52fc872f3a938ef726b961d47d233c9f7bf929672dc299447db04ffac1faa148ec57f8ff90ca8c7001c6c78aed5b31624724940710fd80a8ea70dd5deb7ac669932aed3ef0a3fd67eada9bc32d80e40fc3017b32e0545c732406a0e9b7c8d780ff6b9fdd0d45d32fa1bd07907e5ddd92adc177f50fd764e605719c774aada59a93c57ec9d44382d7f2ab5abff8928c34ba65053ee12ad00e9b986d4c6e8557d91f10905f7dac641bb1bb920d4df8a078eae47339738729a02d92237ebda14e74901135990ffa9ede2f224826a9bd0c5fd09ca0f78a8af009e86f5686c710453977f724b86e6512382664bf69211739d9e2733e342a0d895f34085ca9cc07930b06c8a35f2a538713702bf1ade0ee035ca6aab2d272371176725e9ca9e393e2ad1f8e1c96e9395ac7689e710c38e61b971638ffc384e8697e47eae5585650f6f9495909cb4e4b67f5ad1c9a4df1f2b14f73199b288850368ca7b45de2a8695c3ec71bb21c35b3d6bd8f59cce73d2f20463819e3dba186ff9d018e4b824ade300a5433eeec1c67f86940d2f77993c3a9c2c124566722495b099e3869427966ca012d63629f47c7f0fb02214173629804d12a59a7e276acff9ac6b5d206efeb1add35ba472e7085deee4cba077c19e10bdf42ed8aa478cf439a48bef7fd5a18047c3579afddfb409d647d09392eedf0cecbbc52f97b88a88d05571f685bc192a2e414c999bbc1a360046497735f26ee1cbc08431e6aea48dac360df31e7f8d2a6f4ae71195159f4b5596db383bb56331d3a3959313ccbd22d526660df9f10c851bc710afdfadafd2d412c36a4826d96b1031c7ae04386e1ee0df7002a966ab032043c0a48c5cc17475d460988cb05d4f8d827f072dfeedf08446dcf549ed1de780c9e210974a62e06f153d90938ed7c30872ee84b0fd9ad00e2ea2e20e2f45a3d3cedbe53471b1fb145d42a0b96c35d668d12a89642e3944b24f1b31af93c4a29043cba26a52849dc9147ce565064cd8dc89eadaf56f5e56be45fe9315219cf8bafa4b1a75ef80ba73635937ef08fe65cced14ab890f8cb4f38fcda55a7b445d9edec5cb27717ecb43eb0f91cb644720b8dd887f31d42fb439d96881620f06562acdd3dec2e65792709e5b8f5db94f53287915f6893dc49fe9dc8c43a4acbab7c95315e11af91de0a53c725d9f0a64aa2342faf3f27f8545c615978e07099f0a1c7dbbfda1aa70df55e29e8ae0b846e0cd8beeeeccb0ced9dc9bbd2b37c6ee882185644876c1949a660e2dedb8d84fd658e359de49e6d0fac5edc39316f99e47589e028b3895b4192bdff747c22d5b599a05688e6eba741ac590a321ca3f02f9c3d98c4c4dbf6ba51ca8eceaa48286c80511e1095d82c17d6de1f8350913ea4c7d20c8d99cbcefe4ebcc75762d525b3825cc3fb28c9985305357eaee5e85749e77a2233da0058f9c6516a3e5db83fb916f437943f391407777af492f00ca16f5f41482fb673a321d99057ae0420120c34a58a57e264fda9136fc8eda64ff3a9717801312d63e479be6ba701e3284b9a7738e83ad99a482ee361632f719b93593ec70dc96af0cb6858c0f8ccc8076ea6bcaa1aea2ab45371c1562d6bd096ee2b62bb49c84036bfb2470b7d3f8e19bf8c22bb719781433e469c1cd1b27dec55d6a9d6993388cf9b8a50c88580cb9f064af79204c07c3a6b394f89be1a1ad6d307b9d5ba9f5eb302feaee262930d1288f8f7b42e1ba4a3bb0f0ecf99d36d7c26a0792e8227953bf633193ab728bc4e1d6f2bf6ca479d6368dfd128daf83a572f52f0700b174243e95998e96f8a35b945cdd70a22b886bd94941ec814753799f258bd53be6e396772f0a8bf494ae364ca2f37fdeee786bc590f06297989002def9dabe96731a6ea6094ef490337de3626406842b2c9d2163f33a2ab45fca9a76e15786385aaa1e1870c5da45a7fe5c61daed7075f00e6adfc1f05ff590eedc86cc15399e80718903d7a8bb70f2337659c20b2f40aa26c1c70be500fcfb78a49b53c11541983371321489a6332bbb31437081ac985c85b8113e7ebaa4165f1559fa812c351eeeb1338508779726c259f44efd078c4976a6b9090b85ab5160f7c0b1b114df8a577cded516ff1ae6560e2698c2ebecc76b5f24ba281f563e898463292f91c1f7dc0e8a4fb9dd0ad471b000cc90346f8e202f98585a2931b7c2e35d8d1fb7fdee7948d77f66e9d86becd6ff682b9db644436658f59dec842a9ec121991f1347b78a345aaa7bbdd80dc6e25e161ea7fd49ffb4f3d75da5df7e92035801dca8a869cca3b0ff5951ce993b4d9608519bff7c4d3c5f8fe8752375a7c97356ce02f27057489cfc5af5dad6d3effc4a176ede1ca6c063940ea5494b5633b0f0d98b435281650963f29f701b2efc5e42c65098ee32d8f3214a9fd92a457466d65cf2892f0c926f97cb8e467196d600c5c423dbd8c933e94f9b6b4d542f313caa7ab2a3104ce1a1dd7ac358a333fcef83dc682e589f8a604896e41a41c51b6c91362c7e25536417c9c6b17763f779e912a24fdec9ba83c11f4854beab82dfe17c69ebde657a505e824680526289eb73ec096198b738b4f8c86b5f860e43ae4006fb13bf309803ca8988485e0fef809813588cb7c08ec1c157bc096c5bb338d78d1d1f58726d3d498d65f39d83d9275f35717ed430d5a5edf2ebdb992212da7322dd8c81e212c56b6a1bdd0ad2acf46c66d5acf06adb1cd88d5ff28e6ad8b2e9d708aee1f98b4cc9b2889ed9c72fb998b77404b7e074e459438ea6fe3ab5a5ddb6c8ffaa430d4a48b9fb9046d787a64f5446d1e29799eb535ff7c01f344d1da316fe62a34c61", 0x1000}, {&(0x7f0000005f40)="0a0c5d81cb88f347d9ba5dcad114ed87de76bfd048ce50b0981e0161c9d29fe9efca0fd673088bed3dcf8904dd65a396836ac8d77951736a3ed86dcc7bed09ca96e07b8105762edf83f534540b345a6907f2d2b3594a9c2401e9ecef33178a0ec78546dc1d694703f1e8da2b8fbdbdf2a8df86e89352a9c7a51a8394cf18107a35c7dddd0cb30568c28dae79a10696a4b797", 0x92}, {&(0x7f0000006000)="37b47eec6e6d4e78ac2553dbc44685f812439fbf94d1c5496bba08569f07a994cd8e8b791d647b9f36c6544a3700544c36c8077e06f8e1ae7f242757681d6bca87bb74601d6d838325e3b3955d3f39884bae2f51c87bf87f6dda312f1f06eea1fafc1d563941", 0x66}, {&(0x7f0000006080)="e8ae55d196f2244a67bb84dc7f4a0cc4601a375457b4b47c79ccd31c0dde30da77df264e92edcca7111600310c3339bdf3ea88c8f554", 0x36}], 0x5, &(0x7f00000061c0)=[@sndinfo={0x20, 0x84, 0x2, {0x1, 0x200, 0x4, 0x6, r4}}, @dstaddrv4={0x18, 0x84, 0x7, @loopback}, @authinfo={0x18, 0x84, 0x6, {0xffffffff}}], 0x50, 0x1}], 0x6, 0x2000c000) setsockopt$inet_int(r1, 0x0, 0x2, &(0x7f0000000140)=0x3, 0x4) dup2(r0, r1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000000)) 13:46:51 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = open(&(0x7f0000000200)='./file0\x00', 0x14104a, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000000100)={@empty, r2}, 0x14) r3 = syz_open_dev$evdev(&(0x7f0000974fee)='/dev/input/event#\x00', 0x0, 0x101002) ioctl$EVIOCSMASK(r3, 0x40104593, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f}) ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f0000000200)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb900}) write$evdev(r1, &(0x7f0000000080)=[{{}, 0x1, 0x74, 0x2}, {}], 0xfcf2) sendfile(r3, r1, &(0x7f0000000000), 0x100000001) 13:46:51 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40044591, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 336.266531] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 13:46:52 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:52 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80044584, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:52 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/rpc\x00') ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r1, 0xc0505405, &(0x7f0000000240)={{0x0, 0x0, 0x3, 0x2, 0x4}, 0xce, 0xfffffffffffffe01, 0x10001}) setxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)=@known='trusted.syz\x00', &(0x7f0000000100)='/vmnet0\x00', 0x11f, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x4e16, 0x0) unlink(&(0x7f0000000200)='./file0\x00') mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x20000000000000, 0x10, 0xffffffffffffffff, 0x0) shmctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/96) fcntl$getown(r0, 0x9) 13:46:52 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x11, 0x4, 0x4, 0x400}, 0x2c) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000200)={r0, &(0x7f0000000180)}, 0x10) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/raw\x00') getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) r3 = getgid() write$FUSE_CREATE_OPEN(r1, &(0x7f00000000c0)={0xa0, 0x0, 0x1, {{0x1, 0x0, 0x5, 0x40, 0x80000001, 0x80, {0x0, 0xffffffffffffffe0, 0x7, 0x100000000, 0x5, 0x0, 0x401, 0x100000001, 0x1, 0xfffffffffffffffa, 0x6, r2, r3, 0xff, 0x4}}, {0x0, 0x1}}}, 0xa0) 13:46:52 executing program 2: timer_create(0x9, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={&(0x7f0000000040), &(0x7f0000000080)}}, &(0x7f0000000000)) clock_gettime(0x20000000000000, &(0x7f00000000c0)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x0, r0+30000000}}, &(0x7f0000000140)) timer_settime(0x0, 0x0, &(0x7f0000000240), &(0x7f0000000080)) socket$netlink(0x10, 0x3, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x8000, 0x0) 13:46:52 executing program 3: socket(0x20000000a, 0x80000, 0xfffffffffffffeff) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) setxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)=@known='trusted.syz\x00', &(0x7f0000000100)='/vmnet0\x00', 0x11f, 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)=""/189, 0x2) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x101040, 0x0) 13:46:52 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:52 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000000480)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000200)=""/28, 0x1c) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000400)={0xbf, @time}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x2, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r2, &(0x7f0000000080)="946db455cf927c9eba3c98286cc4dee637acefa6a4b738f280911c598fdab890707b7f69ffd5485615d2c8597d421663007daf1d50d13aa56c492d0d61014b640f79ea1abd8f57b0fc14f25a904d44e4b9ec5cf2dcad2ef16e0b28ff2fb606dfde8aa65b4bdd9aed576a68d41ece285a7519417a53859976f7b78565d6c4c4787629b87c0df54e5997191e51f447ffc4daa90f6d1fb8a2e49eebc7045762d8a78e1aada398606435189cc05ea0761f56996ffebd5ea18d40747c9658a9df69dbdf54e0673c9c665852", &(0x7f00000002c0)=""/46}, 0x18) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x408c5333, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r3 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, &(0x7f0000000180)) tkill(r3, 0x1000000000013) 13:46:52 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445f3, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:52 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r1, &(0x7f0000002d80)=[{{&(0x7f0000000000)=@alg, 0x80, &(0x7f0000000100)=[{&(0x7f0000001480)=""/4096, 0x1000}, {&(0x7f0000000240)=""/147, 0x1f}], 0x2, &(0x7f0000002740)=""/218, 0xda}}], 0xf9e1221a8413ff5d, 0x0, &(0x7f0000002e40)={0x77359400}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$bt_BT_POWER(r2, 0x112, 0x9, &(0x7f0000000600)=0x8, &(0x7f0000000640)=0x1) recvmmsg(0xffffffffffffffff, &(0x7f0000006340)=[{{&(0x7f0000002840)=@l2, 0x80, &(0x7f0000002dc0)=[{&(0x7f00000028c0)=""/220, 0xdc}, {&(0x7f00000029c0)=""/214, 0xd6}], 0x2, &(0x7f0000002d40)=""/47, 0x2f}}], 0x1, 0x0, &(0x7f0000006400)={0x77359400}) sendmsg$nl_generic(r1, &(0x7f0000000340)={&(0x7f0000000400), 0xc, &(0x7f0000000300)={&(0x7f0000000140)={0x14, 0x40000000042, 0x105}, 0x14}}, 0x0) r3 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x0) readv(r0, &(0x7f0000000580)=[{&(0x7f00000000c0)=""/2, 0x2}, {&(0x7f0000000180)=""/75, 0x4b}, {&(0x7f0000000380)=""/112, 0x70}, {&(0x7f0000000200)=""/50, 0x32}, {&(0x7f0000000440)=""/15, 0xf}, {&(0x7f0000000480)=""/23, 0x17}, {&(0x7f00000004c0)=""/164, 0xa4}], 0x7) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) dup(0xffffffffffffffff) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000040)) 13:46:52 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/pfkey\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000240), &(0x7f0000000280)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) poll(&(0x7f00000000c0)=[{r0, 0xa}, {r1, 0x2}, {r1, 0x80}, {r1, 0x4422}, {r0, 0x1}, {r1, 0x2}], 0x6, 0x321) r3 = socket$inet(0x10, 0x200000003, 0x0) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="240000002d0007031dfffd946fa28300cee60a0009030000000000000002000000000000280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) fsetxattr$security_ima(r3, &(0x7f0000000140)='security.ima\x00', &(0x7f00000001c0)=@v2={0x7, 0x1, 0x0, 0x9, 0x1b, "876e4c33edd18afd81c2891e058525894793aa5dda16ab741a7e82"}, 0x25, 0x2) ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0) 13:46:52 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x7f, 0x7, 0x5, 0x1}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) bpf$MAP_CREATE(0x4, &(0x7f0000000880)={0x3, 0x0, 0x0, 0x0, 0x20000000, 0x0}, 0x2c) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x10040, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x0) 13:46:52 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40284504, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:52 executing program 3: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000000807031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000200)={0x0, 0x4, 0x8, 0x3}) r1 = dup3(r0, r0, 0x80000) ioctl$EVIOCGABS2F(r1, 0x8018456f, &(0x7f0000000240)=""/203) ioctl$SG_SET_KEEP_ORPHAN(r1, 0x2287, &(0x7f00000001c0)=0x4) getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000040)=""/18, &(0x7f0000000080)=0x12) [ 337.179222] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. [ 337.220421] FAULT_FLAG_ALLOW_RETRY missing 30 [ 337.231502] CPU: 1 PID: 11241 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 337.238898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 337.248254] Call Trace: [ 337.250865] dump_stack+0x1c4/0x2b4 [ 337.254521] ? dump_stack_print_info.cold.2+0x52/0x52 [ 337.259738] ? kasan_check_write+0x14/0x20 [ 337.263998] ? do_raw_spin_lock+0xc1/0x200 [ 337.268295] handle_userfault.cold.33+0x47/0x62 [ 337.273006] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 337.277609] ? mark_held_locks+0x130/0x130 [ 337.281876] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 337.287410] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 337.292785] ? select_task_rq_fair+0x34f0/0x34f0 [ 337.297556] ? reweight_task+0x130/0x130 [ 337.301658] ? print_usage_bug+0xc0/0xc0 [ 337.305752] ? print_usage_bug+0xc0/0xc0 [ 337.309849] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 337.315438] ? find_held_lock+0x36/0x1c0 13:46:52 executing program 3: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0x80080, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000000)={0x0, @speck128}) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x0, 0x10000) fallocate(r1, 0x0, 0x0, 0x10001) connect$vsock_dgram(r1, &(0x7f0000000140)={0x28, 0x0, 0x2711, @hyper}, 0x10) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0x0, r2}) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000180)}}, 0x20) openat$cgroup_procs(r1, &(0x7f0000000100)='tasks\x00', 0x2, 0x0) 13:46:52 executing program 3: r0 = socket$inet6(0xa, 0x5, 0x105) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x1400, 0x6558, 0x42424242, 0x42424242, 0x0, 0x0, 0x5}}}}}}, 0x0) lsetxattr$security_ima(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='security.ima\x00', &(0x7f00000000c0)=@v2={0x0, 0x3, 0xa, 0x1f}, 0xa, 0x1) [ 337.319530] ? graph_lock+0x170/0x170 [ 337.323356] ? __lock_acquire+0x7ec/0x4ec0 [ 337.327618] ? _raw_spin_unlock_irq+0x27/0x80 [ 337.332128] ? _raw_spin_unlock_irq+0x27/0x80 [ 337.336644] ? lockdep_hardirqs_on+0x421/0x5c0 [ 337.341254] ? find_held_lock+0x36/0x1c0 [ 337.345343] ? __handle_mm_fault+0x45dc/0x53e0 [ 337.349955] ? lock_downgrade+0x900/0x900 [ 337.354137] ? kasan_check_read+0x11/0x20 [ 337.358308] ? do_raw_spin_unlock+0xa7/0x2f0 [ 337.362742] ? do_raw_spin_trylock+0x1c0/0x1c0 13:46:53 executing program 3: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$inet6(r0, &(0x7f0000000200)="8190e2b180b2e9160f8fab58f37d7fc95953350553f5f86d2144d9b788cde28bbfe41fd7cfeb66d2a836003077f7d08144db1d41fa7f1255dff1fe48d081fadc68a93a7adde602d9d01034199ebd5e4b0ed5358a454cc0916d6c0d3f00a7064305ccd46be9553b978243ab9b8e6108f50d9ce98a064592b4a1e4c65d178ed27971639ee2611147ce5f1a3f1ddf213fe4dbb0e1a9e4f307b80ce853ead942049f8c56dc2b880eb0e9e66c679e2b5c2299bd20b39433033ae7119fc61baaab9e67a2d1b24c8f416f2da9a7324e456a1230efeade28f89d03cdee5d867d155e232bb8447512e4a9baee76fd436acd568f285e08fede7e556b7e6f674c34bbc115ec3d94d3928a47ef03ac3e29a0bdb3d5d9eba7bba7d9fd25e76daee480f39831fabbeddd3cd2291d11ba8a2fdafd0387919e2930ba5e91552811b3b90252420a6608fbe93ead3ee66a9283ffb109b32059a9e2fce77fffefdfb7d99b6a61887e320bc019d2463c1a665088be9ca6b9f8c2fe56e5b861cd6f4897a1386d294c73e1c5350ca74b43280f898a30cac1ec91ead092123de6f2b6e9165da84ec60f1c682d7288a75819779f6b071dbf080beee6408268e876adf49fa41231bfb907755e1f2a9ea159b1c09032e797046139547c0fb88167a7780d689106e0303a2c1c9f057776b4f7bd62064f72ae1a080e39e5a1d467f774298f755f64c451f9e01aed896ed84ab1ac72b1448bef1495774573f30131f3b02a35f74222430271b5b1246cdef5b7535f3d32d5ae315d2a0a8f3485d07c257d3f3da00ef2a276db61537e8e0b520a1b1c069d13682a73767ead8a83904873eff3b427f7c2fe6e59196aa2e98b947c996816fe6f62328fe8e052d88641c56dc83eaa3bab293f46698845b7a71e2db4a4c89f187e97d2af64f9ceb8bce27707275d98070187d3004bbcc8f9940b0cef24e9cb87fa4a77470b245a2a3d63fccdf318abe40c78471e660f4ef3b315ed513eb24476e34fadc020c2fd82fa08b4a5e6eb656275f845af9234b3c5dfad9ae378ee466d83d024bf527911f74fe7215aa7fe756eeea25d885c0caec53b7dfff006251375e2c703f0ae1b79d80e3d030b4eec9484510aa699bf34dee845a64ec0342058df9f7471896c64e6a10e4b07ed55562d2c905b2b47bc4d364779fbe260ce382db49d525c70cd6b8ab1868ce9d060879b75045f9de6348c6aea1e5722d2bbdef660652063bb212ef2554aa5326d79be5083ac53e325281adb0dc5637e9897e64f64c5db043d4af11ae4e1d7d88b46f9f0b0cb389924f26f60d6b3a52124450ec82b8a0038dcb36c1572dc90f38bef14c8836096b5d8cf8a5766ea5735420a0d7ffb6cca15edd85fd14d4a98ce4f1eadfbdb181bbdd60c94a3c3b707b0ffe80efbefeda5c3079c231f8457f1eb81d52fd85dcb2b1febce6ee23f69d88e79741e9ee1750c6166934bf3ef48a466769dfac5b788d602bcf7237a9902adde5dbc0f7dc66ce90e08d314b0eda1c70ef5394288e9e57fa5acb68903ec1885fffeaab75c7c9f3e763356f533d71be0f3578a5eae8d1362a45550e75913205ed69b7dd238df01f474335d7aff5eeb504bd3fdf1d63983a822b471d2535f333f5d86cdb7f12531deb00e30b74e60de4288fcd7d5865e576852e09f9d6fa8ef33e2f3a84c960419f6ab0fa29ffae466fb191017f935bfed886e92f61d0ffffe700d8cf4051338e693259eb92263dda7b0c5fe81b4492a25ac117f761d16786b774d7217bec57a73eacb22d0db4c5fa52e0ed75d8116fc76c0a60fc4651db38f63e10f6aa0b7d2a742732b1029991fa265a581921f03aa59bc2ac875e23fa70435f6a429e270a80735d4a77ef5a574a1b752c5492272f2bfb199a03c86da909b3caa87e480b00bb90a3ff826c78053d339dfa7fd20254b1ffcc6d34004ba6f89b383ad20da44b109bb551bffff0000d490541c525271cabf6750246a248711568ae9a78d33683c6344043a1180f355d076aef4318f19577362aa3b2db2ddfae381815d256c5c66fec75cc0a35734058924b1b3d91f4b296af634d804427a43c29b64b7dce09b0d89183c88ced4ef0e5a9adf504490c1e87259a531de864b4489bf8bcab84db89430294126485ce5d1190f0629e95b709001f8504403946c086e90b20c0fbd9131b1ff05c75354e525aca0fdaf9d5a7bdad7f94482efd124332418685d1b43b6678f8477d8a8af8e121b6f756faa0228462f8940d385155224be88c4c40ce13b22b85d7c51b73ad344115f9882b935c45c0a328286bd7fb6bcdd7b37d9f50d670807ea2b62b354c69c019b578163591e33f40213bc926ef341555ca3dad84a75eb63c2142f81273405d8c273f7b06148182a040b132f4ac27c3eb6f654a1e7181d438ce7aa3ad86a3a77", 0x6b1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f00006a7ffc), 0x4) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/vcs\x00', 0x404080, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000900), 0x0) sendto$inet6(r0, &(0x7f0000ba3ff4)="d0", 0x1, 0x0, &(0x7f000056dfe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f0000000900)={0xa000000000000000, 0xd000, 0x2, 0x2, 0x9}) sendto$inet6(r0, &(0x7f00004b7fff)="8c", 0x1, 0x0, &(0x7f000048ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) vmsplice(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="cfe08588653b15a73aa8c78b8c334394046a247e13b41dcddd675ee9e021e59bbae73bd254580736fb3ee51b4d2bf413a1e084431bd940278aebd6f03ec244cab5e3eb441ab4293298e25839eb89", 0x4e}, {&(0x7f0000000100)="e28eacfd86c3e1bfb91656c2e6092a20c0101165bf9b766089fd059f95cac7e4c56870cd688c8af9454177bb3693e04e6727165bc3fd26c90ef413b1c5fd59b969656c2ad87c5f1564972aa9dda1437b0e49639f50d72b1b6d3504b7032ec0e796050d650594b2f5c45dc480e01e245d10301de32a6dab7288ea118a028d50287682fd309c2e7ad181c6309f397f3d204ad3e124d65a4c3beee7703a01ef1b1ef15a5832737bf4631dbfcf11757cb286523156a1ebcf7cde8bc6c07e3ce3c42da2d5d4904d8a62d4c4309a5955df18b0f479bd37e7780028592f7aed0609a1", 0xdf}], 0x2, 0x5) [ 337.367342] ? kasan_check_write+0x14/0x20 [ 337.371605] ? do_raw_spin_lock+0xc1/0x200 [ 337.375874] __handle_mm_fault+0x45ed/0x53e0 [ 337.380319] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 337.385182] ? graph_lock+0x170/0x170 [ 337.389001] ? print_usage_bug+0xc0/0xc0 [ 337.393087] ? graph_lock+0x170/0x170 [ 337.396907] ? graph_lock+0x170/0x170 [ 337.400750] ? handle_mm_fault+0x42a/0xc70 [ 337.405005] ? lock_downgrade+0x900/0x900 [ 337.409187] ? check_preemption_disabled+0x48/0x200 [ 337.414205] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 337.419994] ? kasan_check_read+0x11/0x20 [ 337.424136] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 337.429456] ? rcu_bh_qs+0xc0/0xc0 [ 337.433017] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 337.438491] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 337.444081] ? check_preemption_disabled+0x48/0x200 [ 337.449123] handle_mm_fault+0x54f/0xc70 [ 337.453197] ? __handle_mm_fault+0x53e0/0x53e0 [ 337.457810] ? find_vma+0x34/0x190 [ 337.461350] __do_page_fault+0x67d/0xed0 [ 337.465417] ? mm_fault_error+0x380/0x380 [ 337.469568] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 337.474612] ? graph_lock+0x170/0x170 [ 337.478427] do_page_fault+0xf2/0x7e0 [ 337.482233] ? vmalloc_sync_all+0x30/0x30 [ 337.486411] ? error_entry+0x76/0xd0 [ 337.490148] ? trace_hardirqs_off_caller+0xbb/0x310 [ 337.495177] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.500013] ? trace_hardirqs_on_caller+0x310/0x310 [ 337.505036] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.509893] page_fault+0x1e/0x30 [ 337.513351] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 337.519013] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 337.537935] RSP: 0018:ffff88018d8bf7f0 EFLAGS: 00010206 [ 337.543310] RAX: ffffed0031b17f5b RBX: 0000000000000028 RCX: 0000000000000005 [ 337.550575] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018d8bfab0 [ 337.557864] RBP: ffff88018d8bf828 R08: ffffed0031b17f5b R09: ffffed0031b17f56 [ 337.565131] R10: ffffed0031b17f5a R11: ffff88018d8bfad7 R12: 0000000020013028 [ 337.572408] R13: 0000000020013000 R14: ffff88018d8bfab0 R15: 00007ffffffff000 [ 337.579704] ? _copy_from_user+0x10d/0x150 [ 337.583937] evdev_do_ioctl+0xa8f/0x2180 [ 337.588007] ? str_to_user+0x90/0x90 [ 337.591732] ? graph_lock+0x170/0x170 [ 337.595528] ? do_futex+0x249/0x26d0 [ 337.599247] ? rcu_bh_qs+0xc0/0xc0 [ 337.602806] ? rcu_bh_qs+0xc0/0xc0 [ 337.606356] ? unwind_dump+0x190/0x190 [ 337.610258] ? find_held_lock+0x36/0x1c0 [ 337.614319] ? __fget+0x4aa/0x740 [ 337.617794] ? lock_downgrade+0x900/0x900 [ 337.621942] ? check_preemption_disabled+0x48/0x200 [ 337.626959] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 337.632747] ? kasan_check_read+0x11/0x20 [ 337.636908] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 337.642187] ? rcu_bh_qs+0xc0/0xc0 [ 337.645768] ? __fget+0x4d1/0x740 [ 337.649222] ? ksys_dup3+0x680/0x680 [ 337.652967] evdev_ioctl_handler+0x144/0x1a0 [ 337.657398] evdev_ioctl+0x27/0x2e [ 337.660962] ? evdev_ioctl_compat+0x30/0x30 [ 337.665291] do_vfs_ioctl+0x1de/0x1720 [ 337.669175] ? ioctl_preallocate+0x300/0x300 [ 337.673587] ? __fget_light+0x2e9/0x430 [ 337.677562] ? fget_raw+0x20/0x20 [ 337.681009] ? _copy_to_user+0xc8/0x110 [ 337.684995] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 337.690541] ? put_timespec64+0x10f/0x1b0 [ 337.694682] ? nsecs_to_jiffies+0x30/0x30 [ 337.698842] ? do_syscall_64+0x9a/0x820 [ 337.702866] ? do_syscall_64+0x9a/0x820 [ 337.706866] ? lockdep_hardirqs_on+0x421/0x5c0 [ 337.711470] ? security_file_ioctl+0x94/0xc0 [ 337.715903] ksys_ioctl+0xa9/0xd0 [ 337.719397] __x64_sys_ioctl+0x73/0xb0 [ 337.723304] do_syscall_64+0x1b9/0x820 [ 337.727199] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 337.732557] ? syscall_return_slowpath+0x5e0/0x5e0 [ 337.737481] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.742334] ? trace_hardirqs_on_caller+0x310/0x310 [ 337.747365] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 337.752415] ? prepare_exit_to_usermode+0x291/0x3b0 [ 337.757450] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.762293] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.767473] RIP: 0033:0x457579 [ 337.770656] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 337.789563] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 337.797284] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 337.804555] RDX: 0000000020013000 RSI: 0000000040284504 RDI: 0000000000000004 [ 337.811837] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 13:46:53 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r1, &(0x7f0000002d80)=[{{&(0x7f0000000000)=@alg, 0x80, &(0x7f0000000100)=[{&(0x7f0000001480)=""/4096, 0x1000}, {&(0x7f0000000240)=""/147, 0x1f}], 0x2, &(0x7f0000002740)=""/218, 0xda}}], 0xf9e1221a8413ff5d, 0x0, &(0x7f0000002e40)={0x77359400}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$bt_BT_POWER(r2, 0x112, 0x9, &(0x7f0000000600)=0x8, &(0x7f0000000640)=0x1) recvmmsg(0xffffffffffffffff, &(0x7f0000006340)=[{{&(0x7f0000002840)=@l2, 0x80, &(0x7f0000002dc0)=[{&(0x7f00000028c0)=""/220, 0xdc}, {&(0x7f00000029c0)=""/214, 0xd6}], 0x2, &(0x7f0000002d40)=""/47, 0x2f}}], 0x1, 0x0, &(0x7f0000006400)={0x77359400}) sendmsg$nl_generic(r1, &(0x7f0000000340)={&(0x7f0000000400), 0xc, &(0x7f0000000300)={&(0x7f0000000140)={0x14, 0x40000000042, 0x105}, 0x14}}, 0x0) r3 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x0) readv(r0, &(0x7f0000000580)=[{&(0x7f00000000c0)=""/2, 0x2}, {&(0x7f0000000180)=""/75, 0x4b}, {&(0x7f0000000380)=""/112, 0x70}, {&(0x7f0000000200)=""/50, 0x32}, {&(0x7f0000000440)=""/15, 0xf}, {&(0x7f0000000480)=""/23, 0x17}, {&(0x7f00000004c0)=""/164, 0xa4}], 0x7) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) dup(0xffffffffffffffff) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000040)) 13:46:53 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f0000000200)={&(0x7f0000000140), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400000052001102000000000000000000200000"], 0x14}}, 0x0) recvmmsg(r0, &(0x7f0000006740)=[{{&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000000c0), 0x0, &(0x7f0000000300)=""/152, 0x26}}], 0x400000000000110, 0x10002, 0x0) [ 337.819106] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 337.826365] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:53 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:53 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000002c0)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, &(0x7f0000000000), &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff010000000300000000000000000800756d6d5c307f5b00000000000000006c6f0000000000000000000000000000726f736530f700000000000000000000467dac2e895fc5d400005a56c71a5609c2b6ce65650d000000000000aaaaaaaaaa0000000000000000007000000070000000a0000000415544495400000000000000000000000000000000000000000000000000000008000000000000000000000000000000"]}, 0x1a8) r2 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1, 0xd}, 0x1c) socket$inet_udp(0x2, 0x2, 0x0) sendto$inet6(r2, &(0x7f0000000300), 0xfd90, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendto$inet6(r2, &(0x7f0000000140), 0xe, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) 13:46:53 executing program 0: bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(tnepres)\x00'}, 0x58) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000002c0)) r0 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000380)={0x28, 0x0, 0xffffffff}, 0x10, 0x80000) r1 = accept4(r0, 0x0, &(0x7f0000000000), 0x800) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000640), 0x0) sendto$unix(0xffffffffffffffff, &(0x7f0000000400), 0xff26, 0x0, 0x0, 0x22) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0xc0000, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{}, {}, {}]}) ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140), &(0x7f0000000180)=[0x100000000, 0x8, 0xff, 0x0, 0x0, 0x80000001, 0x2, 0x8, 0x68], 0x21, 0x3, 0x9, &(0x7f00000001c0)=[0x20, 0x0, 0x3], &(0x7f0000000200)=[0x2, 0x100000000, 0x1, 0xe1]}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x3ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sndmidi(&(0x7f0000000300)='/dev/snd/midiC#D#\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000280)={'ipddp0\x00', 0xb000}) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100), 0x921b527a62bfd8af) r3 = memfd_create(&(0x7f0000000340)="d3a104af29fa10a41e9e81f01905a900001300000000", 0x200000004) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xe, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d03010000000000950000000000000071260000000000006706000002000000bf25000000000000620500000e0000007365000000000000bf540000000000000704000004faff003d4301000000000095000000000000005d54090000000000bf250000000000000f65000000000000070500000e000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf25000000000000070500000e0000001f6500000000000007050000040000000f65000000000000bf5400000000000007040000040000003d3201000000000095000000000000004d54000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) nanosleep(&(0x7f0000000080)={0x77359400}, &(0x7f00000000c0)) perf_event_open(&(0x7f0000000180)={0x5, 0x70, 0x2, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0xed59, 0x0, 0x9, 0x0, 0x8, 0xfff, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0xb54, 0x7, 0x7f, 0x0, 0xfff, 0x0, 0x0, 0x3, 0x0, @perf_config_ext, 0x1038, 0x0, 0x4, 0x7, 0x3, 0x4, 0x85c}, 0x0, 0x3, 0xffffffffffffffff, 0x3) gettid() ioctl$sock_inet_SIOCDELRT(r3, 0x890c, &(0x7f00000003c0)={0x7, {0x2, 0x4e23, @local}, {0x2, 0x4e22}, {0x2, 0x4e22, @multicast1}, 0x10, 0x1, 0xb7d, 0x5, 0xddbe, 0x0, 0x2, 0xffff, 0xfffffffffffffffd}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$inet6(r4, &(0x7f0000000040), 0x0, 0x20000001, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000040)) [ 337.967814] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. 13:46:53 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80084502, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:53 executing program 2: r0 = geteuid() lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000300)='./file1\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) getresuid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440)=0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = getgid() fstat(0xffffffffffffff9c, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lsetxattr$system_posix_acl(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f00000005c0)={{}, {0x1, 0x2}, [{0x2, 0x0, r0}, {0x2, 0x5, r1}, {0x2, 0x7, r2}, {0x2, 0x2, r3}], {0x4, 0x2}, [{0x8, 0x2, r4}, {0x8, 0x3, r5}, {0x8, 0x7, r6}], {0x10, 0x7}}, 0x5c, 0x1) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha384\x00'}, 0xfffffffffffffe20) r8 = creat(&(0x7f0000000700)='./file1\x00', 0x4) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r8, 0xc0505405, &(0x7f0000000740)={{0x3, 0x0, 0x8, 0x3}, 0x1, 0xf6b7}) lstat(&(0x7f0000000640)='./file2\x00', &(0x7f0000000680)) lsetxattr$security_smack_entry(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.SMACK64IPOUT\x00', &(0x7f0000000100)='hash\x00', 0x5, 0x3) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000040)="0a0775b005e381e5b3b60ced5c64dbb7f966978f900b5e197d4feb03b83b148477384db874eb93333d0aef6cf7bbcfd4e8a324854f5f2a215ace394b7577d5ebcdb36488f6fd5c3b6891cef7bd527fe8ff25a6cc745abd8c7f3c17f83ff0278ea9542687069d22", 0x135) 13:46:53 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:53 executing program 5: sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[]}}, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000000000000000000105000600200000000a00000000000000000500e50000070000001f000000000000030000000000000200010000000000000000020000000005000500000000000a00000000000000ff1700000000000000000000000000170000000000000000"], 0x80}}, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x400000000000117, 0x0) 13:46:53 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000000), 0x4) getdents64(r1, &(0x7f0000000100)=""/116, 0x2d) lseek(r0, 0x4, 0x20) 13:46:53 executing program 5: socket$kcm(0xa, 0x2, 0x88) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000003980)) socketpair$inet(0x1e, 0x5, 0x0, &(0x7f0000000080)={0x0, 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000580)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000340)=0x13, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000e00)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000480)) socket$kcm(0x29, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)) openat$tun(0xffffffffffffff9c, &(0x7f0000000240)='/dev/net/tun\x00', 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_dev$loop(&(0x7f0000000300)='/dev/loop#\x00', 0x5a0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8946, &(0x7f0000000100)="6c6f00966fd651b159a9c84a2c60d29800000020") 13:46:53 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x200, &(0x7f0000000280), &(0x7f0000744000), &(0x7f0000001880), &(0x7f0000001900)) mknod(&(0x7f0000000100)='./file0\x00', 0x1040, 0x0) set_tid_address(&(0x7f0000000000)) execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000540), &(0x7f00000006c0)) r1 = gettid() timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc)) r2 = syz_open_procfs(0x0, &(0x7f0000000340)="636c6561725f7265667300b04978e60c4ba32fd7b949714bcbe80c57af59747c61a31619cbafea034f5b6bb15332860b9f14c654d1012484f5c9d8edcad2f073e0ca5078fc64d38d1e297b9d66a71452b92cae675696216e08f21e87b8b54da0d1b5f3b4d6f8caf34a15ed2b2c98fcbf581297b31beafaffb76778a196ad93aa3d2d7a06720827") r3 = syz_open_procfs(0x0, &(0x7f0000000440)='syscall\x00') ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000140)={0x0, 0x80000, r3}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f00000001c0)={r4, 0x80000, r2}) sendfile(r2, r3, &(0x7f0000000080), 0x1) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000000c0)) tkill(r1, 0x1000000000016) open$dir(&(0x7f0000000180)='./file0\x00', 0x27e, 0x0) 13:46:53 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x5450, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:53 executing program 2: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.net/syz1\x00', 0x1ff) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="510000008a5f0b4d8405c2565f66d8154916b06c5046ce9a62c48ccc1b8a99c84c13f4fc94ae59dd65af38f2c7111ca1b4ba9c9fdf2845a682f4949935c707351c185a65de1b908ea2473d1a292379d8b55b6f7682f54cab763c5595340aaa02a1ef9bf72dd33d5c535e1ba8000000000000f3154c1f7185b4b309a1955a7cccaa2fed231c411bdad38ce4d8c488b212e7b4b8b091476d6d04a22fdc2188da484436cbd8c3dfdab8ae829261bf4900461900e751ff94f9d44b55ca7721149db4398fe94997ddf6692b01daedbf2496bd257fe84b816a31edd73f9e07671beff5ac533a9d215c1fc8b6848e4b9edfb0bc0a0c738679cedb2f0c2847279571fb59df0f9c8dc6e15a550bdf1f0e194da7096ac428c350ed54ee67d2b926d1734c0fc9361779c5b6f808c9eeb8cc94ae930ce2c02ac1d572ccd042605704f49a8f35"], &(0x7f00000002c0)=0x59) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000300)={r1}, &(0x7f0000000340)=0x8) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000080)={{0xd2c, 0x8001}, {0x7, 0x80000001}, 0x7fff, 0x0, 0x100000000}) r2 = syz_open_dev$sndmidi(&(0x7f0000000380)='/dev/snd/midiC#D#\x00', 0xe440, 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) ppoll(&(0x7f0000000100)=[{r0, 0x1000}, {r2, 0x3004}, {r2, 0x1604}, {r2, 0x1090}, {r0, 0x80}, {r2, 0x4000}, {r2, 0x2000}, {r2, 0x8000}, {r0, 0x10}, {r0, 0x8440}], 0xa, &(0x7f0000000180)={0x0, 0x1c9c380}, &(0x7f00000001c0)={0x40}, 0x8) r3 = getpid() move_pages(r3, 0x9, &(0x7f00000003c0)=[&(0x7f0000ffd000/0x3000)=nil, &(0x7f00002ab000/0x1000)=nil, &(0x7f00005da000/0x1000)=nil, &(0x7f000035d000/0x2000)=nil, &(0x7f0000336000/0x1000)=nil, &(0x7f000075b000/0x4000)=nil, &(0x7f00003d7000/0x2000)=nil, &(0x7f0000479000/0x1000)=nil, &(0x7f0000689000/0xe000)=nil], &(0x7f0000000440)=[0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/hwrng\x00', 0x2, 0x0) write$P9_RREAD(r4, &(0x7f0000000500)={0xb7, 0x75, 0x1, {0xac, "d1128880c8256da8e3bf2da50cbe414d40427ed6b85c539d441926185ee5cff5e683d1a6d3f547f5c5fba5a823e6c05abaaf7723176f2acd42f0f74ecc429f50df5e44822243d16d94b3fa1ce5f3b7086c6e9876d71918bbf0274823f0204f6d39b8fb16b52025d3a8514491584503fe9811e1f72c35703d5a4b66691f645a3e818761b98b6d7b8b2b77ab55a41dc412b6a1f66e95575365ec88bfde56391dea0e8cdd1d808956e0a8e6594c"}}, 0xb7) syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) 13:46:54 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(0xffffffffffffffff) 13:46:54 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445ef, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 338.465900] FAULT_FLAG_ALLOW_RETRY missing 30 [ 338.474226] CPU: 1 PID: 11324 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 338.481618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.490984] Call Trace: [ 338.493600] dump_stack+0x1c4/0x2b4 [ 338.497246] ? dump_stack_print_info.cold.2+0x52/0x52 [ 338.502440] ? kasan_check_write+0x14/0x20 [ 338.506674] ? do_raw_spin_lock+0xc1/0x200 [ 338.510930] handle_userfault.cold.33+0x47/0x62 [ 338.515637] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 338.520270] ? mark_held_locks+0x130/0x130 [ 338.524532] ? mark_held_locks+0x130/0x130 [ 338.528807] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 338.534344] ? print_usage_bug+0xc0/0xc0 [ 338.538411] ? print_usage_bug+0xc0/0xc0 [ 338.542471] ? select_task_rq_fair+0x3490/0x34f0 [ 338.547227] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 338.552762] ? check_preemption_disabled+0x48/0x200 [ 338.557796] ? graph_lock+0x170/0x170 [ 338.561630] ? __lock_acquire+0x7ec/0x4ec0 [ 338.565888] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 338.571456] ? find_held_lock+0x36/0x1c0 [ 338.575546] ? __handle_mm_fault+0x45dc/0x53e0 [ 338.580151] ? lock_downgrade+0x900/0x900 [ 338.584326] ? kasan_check_read+0x11/0x20 [ 338.588492] ? do_raw_spin_unlock+0xa7/0x2f0 [ 338.592919] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 338.597521] ? kasan_check_write+0x14/0x20 [ 338.601781] ? do_raw_spin_lock+0xc1/0x200 [ 338.606041] __handle_mm_fault+0x45ed/0x53e0 [ 338.610467] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 338.615320] ? graph_lock+0x170/0x170 [ 338.619119] ? print_usage_bug+0xc0/0xc0 [ 338.623171] ? __switch_to_asm+0x40/0x70 [ 338.627222] ? __switch_to_asm+0x34/0x70 [ 338.631287] ? __switch_to_asm+0x40/0x70 [ 338.635377] ? graph_lock+0x170/0x170 [ 338.639193] ? graph_lock+0x170/0x170 [ 338.643041] ? handle_mm_fault+0x42a/0xc70 [ 338.647296] ? lock_downgrade+0x900/0x900 [ 338.651477] ? check_preemption_disabled+0x48/0x200 [ 338.656527] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 338.662341] ? kasan_check_read+0x11/0x20 [ 338.666538] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 338.671839] ? rcu_bh_qs+0xc0/0xc0 [ 338.675390] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 338.680876] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 338.686406] ? check_preemption_disabled+0x48/0x200 [ 338.691423] handle_mm_fault+0x54f/0xc70 [ 338.695504] ? __handle_mm_fault+0x53e0/0x53e0 [ 338.700084] ? find_vma+0x34/0x190 [ 338.703622] __do_page_fault+0x67d/0xed0 [ 338.707680] ? mm_fault_error+0x380/0x380 [ 338.711819] ? graph_lock+0x170/0x170 [ 338.715607] ? migrate_swap_stop+0x930/0x930 [ 338.720011] do_page_fault+0xf2/0x7e0 [ 338.723816] ? vmalloc_sync_all+0x30/0x30 [ 338.727980] ? error_entry+0x76/0xd0 [ 338.731699] ? trace_hardirqs_off_caller+0xbb/0x310 [ 338.736709] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.741544] ? trace_hardirqs_on_caller+0x310/0x310 [ 338.746576] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.751433] page_fault+0x1e/0x30 [ 338.754888] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 338.760508] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 338.779411] RSP: 0018:ffff8801768177f0 EFLAGS: 00010202 [ 338.784787] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 338.792054] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880176817890 [ 338.799316] RBP: ffff880176817828 R08: ffffed002ed02f13 R09: ffffed002ed02f12 [ 338.806593] R10: ffffed002ed02f12 R11: 0000000000000003 R12: 0000000020013004 [ 338.813863] R13: 0000000020013000 R14: ffff880176817890 R15: 00007ffffffff000 [ 338.821147] ? _copy_from_user+0x10d/0x150 [ 338.825402] evdev_do_ioctl+0xb51/0x2180 [ 338.829488] ? str_to_user+0x90/0x90 [ 338.833228] ? graph_lock+0x170/0x170 [ 338.837052] ? do_futex+0x249/0x26d0 [ 338.840827] ? rcu_bh_qs+0xc0/0xc0 [ 338.840846] ? rcu_bh_qs+0xc0/0xc0 [ 338.840871] ? unwind_dump+0x190/0x190 [ 338.840899] ? find_held_lock+0x36/0x1c0 [ 338.840952] ? __fget+0x4aa/0x740 [ 338.859957] ? lock_downgrade+0x900/0x900 [ 338.864130] ? check_preemption_disabled+0x48/0x200 [ 338.869173] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 338.874989] ? kasan_check_read+0x11/0x20 [ 338.879157] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 338.884455] ? rcu_bh_qs+0xc0/0xc0 [ 338.888040] ? __fget+0x4d1/0x740 [ 338.891522] ? ksys_dup3+0x680/0x680 [ 338.895267] evdev_ioctl_handler+0x144/0x1a0 [ 338.899723] evdev_ioctl+0x27/0x2e [ 338.903290] ? evdev_ioctl_compat+0x30/0x30 [ 338.907652] do_vfs_ioctl+0x1de/0x1720 [ 338.911560] ? ioctl_preallocate+0x300/0x300 [ 338.915988] ? __fget_light+0x2e9/0x430 [ 338.919983] ? fget_raw+0x20/0x20 [ 338.923448] ? _copy_to_user+0xc8/0x110 [ 338.927441] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 338.932993] ? put_timespec64+0x10f/0x1b0 [ 338.937156] ? nsecs_to_jiffies+0x30/0x30 [ 338.941325] ? do_syscall_64+0x9a/0x820 [ 338.945318] ? do_syscall_64+0x9a/0x820 [ 338.949639] ? lockdep_hardirqs_on+0x421/0x5c0 [ 338.954240] ? security_file_ioctl+0x94/0xc0 [ 338.958670] ksys_ioctl+0xa9/0xd0 [ 338.962143] __x64_sys_ioctl+0x73/0xb0 [ 338.966052] do_syscall_64+0x1b9/0x820 [ 338.969966] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 338.975343] ? syscall_return_slowpath+0x5e0/0x5e0 [ 338.980291] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.985154] ? trace_hardirqs_on_caller+0x310/0x310 [ 338.990188] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 338.995221] ? prepare_exit_to_usermode+0x291/0x3b0 [ 339.000259] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.005130] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.010328] RIP: 0033:0x457579 [ 339.013530] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 339.032454] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 339.040176] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 339.047455] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 [ 339.054732] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 13:46:54 executing program 0: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1000002, 0x31, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000000080)={0x8, 0x9, 0x1e0f, 0x604}) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000), 0xc) 13:46:54 executing program 5: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$nfc_llcp(r1, &(0x7f0000000200)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "8811e78754a539d39c2bd6a407a8c8aa024d86cdc834bc921c0525fec2541e21ccf67e1d7b55cabe9e068dd58ce565aa9a9d325ebac7627ffe7a54cdbd77b3", 0x2b}, 0x60) listen(r1, 0x0) accept$packet(r1, &(0x7f0000000040), &(0x7f0000000000)=0x257) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f00000000c0)) tkill(r0, 0x1000000000016) set_tid_address(&(0x7f0000000100)) 13:46:54 executing program 2: syz_open_procfs(0x0, &(0x7f0000000000)='net/kcm\x00\b\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, &(0x7f0000000540)}}], 0x1, 0x0, &(0x7f0000003280)) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r1 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r0, 0x6) ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0x6) getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@mcast1, @empty, @dev={0xfe, 0x80, [], 0x19}, 0x8, 0xfd, 0x0, 0x0, 0x8}) ioctl$sock_inet_SIOCGIFDSTADDR(r1, 0x8917, &(0x7f0000000200)={'syz_tun\x00', {0x2, 0x4e20, @dev}}) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg(r1, &(0x7f0000005700)=[{{&(0x7f0000003900)=@pptp={0x18, 0x3, {0x0, @rand_addr}}, 0x80, &(0x7f0000003b80), 0x3a5, &(0x7f0000003bc0)}}], 0x3a6, 0x0) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x202000, 0x0) connect$packet(r3, &(0x7f0000000240)={0x11, 0x16, r2, 0x1, 0xc27, 0x6, @broadcast}, 0x14) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000007c0)=[{&(0x7f0000000900)=""/86}, {&(0x7f0000000040)=""/42, 0xfffffdda}, {&(0x7f0000000300)}, {&(0x7f0000000340)=""/250}, {&(0x7f0000000440)=""/219}, {&(0x7f0000000880)=""/127}, {&(0x7f00000005c0)=""/149}, {&(0x7f0000000680)=""/41}, {&(0x7f00000006c0)=""/59}, {&(0x7f0000000700)=""/152}], 0x111, 0x1) [ 339.062492] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 339.069771] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:54 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)="2f007e574d000330809022cfde26555dc9ecfe1974406edad38364782d63b6612854b9e49dbdcaef718197e37e870a308b1e3a798fa788a46d3025ef933e51828ab675064e2adbe9126423b4a73d68fbe99c6db2f160d49cb6cce76c27289a4f9d097354aaa5860d2383df87526baa184d90bb7729366c17bc33d765e9bc2f882a13f3a9c1f60660bd4fd2fa31d2c0a775242289bce062d10d24ded5406918a66b2c75c43fe1ff458ae5cd9fec63039ba5a7b66a60ede5ccdabc7ee77660ef2358ccdff02226021384b0c235f114ed9ade92767aecc256acdeb610df42e7169f240357f735ae5fe29017e51e27252f48b95bfbbb3a865535298bdc36d71db635f41c57771db77aeaff883feb3dc3cc24bd3c036e396ad3af37945058839e812270bc40901fa654e7cc3292a82fc80c374dc07142a1c2e9d3e2528e4fdac32bcaefe910ebd3b948a3bfebef5fa8d82473c7fbf3ec", 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x7, 0x0, 0x0, 0x9}, 0x0, 0xe, 0xffffffffffffffff, 0x0) fcntl$notify(r0, 0x402, 0x800000000000000d) fcntl$notify(r0, 0x402, 0x4) 13:46:54 executing program 0: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) socket$kcm(0x29, 0x5, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x1000400200) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'\x00', 0xc201}) ioctl$TUNSETPERSIST(r1, 0x800454e1, 0x0) 13:46:54 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/wireless\x00') ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000040)={@hyper}) r2 = creat(&(0x7f00000004c0)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000000c0)=0xc007) epoll_create(0x9) 13:46:54 executing program 4 (fault-call:8 fault-nth:0): getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:55 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40084503, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:55 executing program 3: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, 0x0}) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x400000, 0x0) setsockopt$inet_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x17c) prctl$intptr(0x2b, 0x0) [ 339.423986] FAULT_FLAG_ALLOW_RETRY missing 30 [ 339.436946] CPU: 1 PID: 11363 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 339.444340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.453725] Call Trace: [ 339.456361] dump_stack+0x1c4/0x2b4 [ 339.460046] ? dump_stack_print_info.cold.2+0x52/0x52 [ 339.465263] ? kasan_check_write+0x14/0x20 [ 339.469536] ? do_raw_spin_lock+0xc1/0x200 [ 339.473825] handle_userfault.cold.33+0x47/0x62 [ 339.478536] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 339.478555] ? mark_held_locks+0x130/0x130 [ 339.478575] ? print_usage_bug+0xc0/0xc0 [ 339.478602] ? print_usage_bug+0xc0/0xc0 [ 339.487659] ? print_usage_bug+0xc0/0xc0 [ 339.487681] ? __lock_acquire+0x7ec/0x4ec0 [ 339.487702] ? __lock_acquire+0x7ec/0x4ec0 [ 339.487720] ? print_usage_bug+0xc0/0xc0 [ 339.487739] ? graph_lock+0x170/0x170 [ 339.495888] ? __lock_acquire+0x7ec/0x4ec0 13:46:55 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r0, &(0x7f0000000000), 0xe) listen(r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) rename(&(0x7f00000002c0)='./file0/file0/file0\x00', &(0x7f0000000280)='./file0\x00') lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000540)) stat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)) read$FUSE(r2, &(0x7f0000001000), 0x1000) write$FUSE_INIT(r2, &(0x7f0000000340)={0x50, 0x0, 0x1, {0x7, 0x4}}, 0x50) bind$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, {0x0, 0x20}}, 0xe) listen(r1, 0x0) r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x2, 0x0) ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f00000000c0)={[{0x10001, 0x10001, 0x1f, 0x3, 0x2, 0x6, 0x4e7a, 0x7f, 0x0, 0x5, 0x5, 0x5, 0x94}, {0x0, 0x1, 0x9, 0x7ff, 0x80000001, 0x80000000, 0x92b, 0x1, 0x7, 0x401, 0x1, 0x1ff, 0xa1bc}, {0x5, 0x7, 0x8, 0x8001, 0xd17, 0x81, 0x66, 0x0, 0x1000, 0x7fffffff, 0xff, 0xd9a1, 0x9}], 0x8}) [ 339.495905] ? mark_held_locks+0x130/0x130 [ 339.495950] ? find_held_lock+0x36/0x1c0 [ 339.495992] ? __handle_mm_fault+0x45dc/0x53e0 [ 339.524835] ? lock_downgrade+0x900/0x900 [ 339.533500] ? kasan_check_read+0x11/0x20 [ 339.533531] ? do_raw_spin_unlock+0xa7/0x2f0 [ 339.533549] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 339.533568] ? kasan_check_write+0x14/0x20 [ 339.533589] ? do_raw_spin_lock+0xc1/0x200 [ 339.559344] __handle_mm_fault+0x45ed/0x53e0 [ 339.563780] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 339.568623] ? graph_lock+0x170/0x170 [ 339.572432] ? print_usage_bug+0xc0/0xc0 [ 339.576503] ? graph_lock+0x170/0x170 [ 339.580296] ? graph_lock+0x170/0x170 [ 339.584100] ? handle_mm_fault+0x42a/0xc70 [ 339.588342] ? lock_downgrade+0x900/0x900 [ 339.592516] ? check_preemption_disabled+0x48/0x200 [ 339.597555] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 339.603340] ? kasan_check_read+0x11/0x20 [ 339.607483] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 339.612768] ? rcu_bh_qs+0xc0/0xc0 [ 339.616326] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 339.621810] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.627411] ? check_preemption_disabled+0x48/0x200 [ 339.632447] handle_mm_fault+0x54f/0xc70 [ 339.636523] ? __handle_mm_fault+0x53e0/0x53e0 [ 339.641133] ? find_vma+0x34/0x190 [ 339.644705] __do_page_fault+0x67d/0xed0 [ 339.648792] ? mm_fault_error+0x380/0x380 [ 339.652963] ? graph_lock+0x170/0x170 [ 339.656775] do_page_fault+0xf2/0x7e0 [ 339.660607] ? vmalloc_sync_all+0x30/0x30 [ 339.664762] ? error_entry+0x76/0xd0 [ 339.668482] ? trace_hardirqs_off_caller+0xbb/0x310 [ 339.673503] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.678358] ? trace_hardirqs_on_caller+0x310/0x310 [ 339.683418] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.688268] page_fault+0x1e/0x30 [ 339.691714] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 339.697328] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 339.716228] RSP: 0018:ffff88017f51f7f0 EFLAGS: 00010202 [ 339.721427] Unknown ioctl -2142720410 [ 339.721613] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 339.732714] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff88017f51f890 [ 339.740010] RBP: ffff88017f51f828 R08: ffffed002fea3f13 R09: ffffed002fea3f12 [ 339.747287] R10: ffffed002fea3f12 R11: 0000000000000003 R12: 0000000020013004 [ 339.754570] R13: 0000000020013000 R14: ffff88017f51f890 R15: 00007ffffffff000 [ 339.761887] ? _copy_from_user+0x10d/0x150 [ 339.766136] evdev_do_ioctl+0xb51/0x2180 [ 339.770203] ? _parse_integer+0x134/0x180 [ 339.774364] ? str_to_user+0x90/0x90 [ 339.778093] ? graph_lock+0x170/0x170 [ 339.781901] ? _parse_integer+0x180/0x180 [ 339.786046] ? graph_lock+0x170/0x170 [ 339.789843] ? lock_release+0x970/0x970 [ 339.793832] ? arch_local_save_flags+0x40/0x40 [ 339.798459] ? find_held_lock+0x36/0x1c0 [ 339.802535] ? __fget+0x4aa/0x740 [ 339.805998] ? lock_downgrade+0x900/0x900 [ 339.810165] ? check_preemption_disabled+0x48/0x200 [ 339.815202] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 339.821005] ? kasan_check_read+0x11/0x20 [ 339.825153] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 339.830429] ? rcu_bh_qs+0xc0/0xc0 [ 339.834016] ? __fget+0x4d1/0x740 [ 339.837480] ? ksys_dup3+0x680/0x680 [ 339.841221] evdev_ioctl_handler+0x144/0x1a0 [ 339.845636] evdev_ioctl+0x27/0x2e [ 339.849178] ? evdev_ioctl_compat+0x30/0x30 [ 339.853511] do_vfs_ioctl+0x1de/0x1720 [ 339.857398] ? __lock_is_held+0xb5/0x140 [ 339.861464] ? ioctl_preallocate+0x300/0x300 [ 339.865893] ? __fget_light+0x2e9/0x430 [ 339.869890] ? fget_raw+0x20/0x20 [ 339.873377] ? __sb_end_write+0xd9/0x110 [ 339.877475] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 339.883032] ? fput+0x130/0x1a0 [ 339.886328] ? do_syscall_64+0x9a/0x820 [ 339.890317] ? do_syscall_64+0x9a/0x820 [ 339.894292] ? lockdep_hardirqs_on+0x421/0x5c0 [ 339.898883] ? security_file_ioctl+0x94/0xc0 [ 339.903302] ksys_ioctl+0xa9/0xd0 [ 339.906781] __x64_sys_ioctl+0x73/0xb0 [ 339.910681] do_syscall_64+0x1b9/0x820 [ 339.914572] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 339.919946] ? syscall_return_slowpath+0x5e0/0x5e0 [ 339.924885] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.929742] ? trace_hardirqs_on_caller+0x310/0x310 [ 339.934778] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 339.939803] ? prepare_exit_to_usermode+0x291/0x3b0 [ 339.944908] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.949780] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.955013] RIP: 0033:0x457579 13:46:55 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet(0x2, 0x80801, 0x42) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000280)='vcan0\x00', 0x10) sendmsg(r1, &(0x7f0000000000)={&(0x7f0000000140)=@in={0x2, 0x4e20, @local}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000380)="f0", 0x1}], 0x1}, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000000c0)={0xffffffffffffffff}, 0x106, 0x1000}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0xa, 0x4, 0xfa00, {r3}}, 0xc) sendmsg(r1, &(0x7f0000001680)={&(0x7f00000003c0)=@in={0x2, 0x4e20, @local}, 0x80, &(0x7f0000001640)=[{&(0x7f0000000940)="c1", 0x1}], 0x1, &(0x7f0000000340)}, 0x0) [ 339.958210] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 339.977106] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 339.984827] RAX: ffffffffffffffda RBX: 00007fd9995c4c90 RCX: 0000000000457579 [ 339.992123] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 [ 339.999397] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 340.006676] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 340.013964] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 0000000000000005 13:46:55 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:55 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) fsetxattr$security_selinux(r0, &(0x7f0000000080)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:inetd_exec_t:s0\x00', 0x22, 0x1) r1 = dup2(r0, r0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x10602, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="660fd4700e0f017d6b0f01df0f070f20d86635200000000f22d8f2f2350070360f1d3367660f50d0260f01cfb86a078ee8", 0x31}], 0x1, 0x3, &(0x7f0000000240)=[@cstype0={0x4, 0x2}], 0x1) r3 = dup2(r0, r0) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000084c0)={{{@in6=@mcast2, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @rand_addr}}, 0x0, @in=@local}}, &(0x7f00000085c0)=0xe8) sendmmsg(r3, &(0x7f000000b840)=[{{&(0x7f0000000280)=@nl=@kern={0x10, 0x0, 0x0, 0x40400}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000300)="04dbc984287107427b2bde62a88cc6b017e32bedcb600155f8c33d7db58dc183c2", 0x21}, {&(0x7f0000000340)="cff5bc4191d13898e29d13d9ecb43ef6d15b8bc7fd6a870e5423a113020a879af071b38b77685813ce1130b401a5a2", 0x2f}, {&(0x7f0000000380)="5e566395dc2f423545d4d8d3997c356236b43d036d30fc3904230fb85eb2e6ef7a044c5a1e8a8a1a4c0a52c3fef512fff915daf057c32fd3aa3eafef76322c14e43ff5f3d739699ee9d24f767c7f88298e16a0931b43a5782e8defae5b6eacbe23d5e6971eb49faa290799f9e1d10fdbbe0d38938a8638704b8fa93b", 0x7c}, {&(0x7f0000000400)="895e7018bdb75243b6e58b67be174dec03d2d038fe8d089e81000f39cf62aa5c999ef2b5801e7cdf429cf89ef707e25e66e783fe6a734c740bd1bd1664e745bc007b8cbd374ffb9debd2e1cedd706e37382578c69576d4fc5b7b6f74c5d1aec343527699377b6d2140a7df90d33ec7281838633029dd52d631830571600dc2ed91b048b9a2b12605dd2364b7f3615e53d5f4317adba1", 0x96}, {&(0x7f00000004c0)="d4257544ad52a3486ab7df29060cc49137fedaa812b306361fb7eec926c42cbd02fbf8484ae5f2d581ecc19422d57a832c3bd01824c29ecc2a85bb3aa578848edfbb4cd04940b53a7e6c131ad8ce5bda1c8b8a8abdc7bf40ef835384ad04a34b6c1f769485ee2c1df3375d6df619811c48766ae9cf76e9c54d12c4a0d176125f69b6352bf3aeae9fe139f9749009d45cb16c52ceec9ae3eb34888c9db23c14cb6e92eb787f03feeeade7e31180acf9f2d88fa9d68426745cf2bcb499b3a8627bd8262ddfcb5a0ea30cef918b27839419fe560792bb5912155380a40715a34cd07d5f2629c33d52", 0xe7}, {&(0x7f00000005c0)='H', 0x1}, {&(0x7f0000000600)="7da65288e03be43533f4d42c74980459b3cb8d3a47e2e02cbe542aedf4b859575f0a6b9655a5747d485f8afc8818c2e9aad76b24b3189fe30e91fe1d2175d87be8ced0050680e33a56a561f9551aa7f0e6aa382de07288423ffc228e1a9869e8aeca63b78fe64d7fa2eceebb", 0x6c}], 0x7, &(0x7f0000000700)=[{0x50, 0x105, 0x100, "453cde710f381ff055bee2748998ee2532ce27b43125ed2c5bf765e01cfc8acd0543059bda3a14fc32b92db2aa7bd73cb682cd15b8358102e9a0"}, {0xa0, 0x11f, 0x3, "cc498fdfbdfbe57a6d97b91d458182ca12921ab0d3cd0a796becf65f470740e4442cb85de17344ed1f94c60595293725693d18f2b1070801c383f5e5e8c81c562e0b21a439d4666bbb8512784f6369edc780a135af819163c494a24585ad5c18b7511765e4cdf1826b8c55b2da79e05b275338c09ad523330486e42952b7fcf7f1dfc7fb46f42f47fec7ae"}, {0xb0, 0x7344f742da2b98f8, 0x85, "0741acce090eef2042d1db17332e9d6abc69b2cf82efd8fc3d38f0c70ca3cee4768d0f663f5ed8d4569c43dad6f2330504363bf621ec4e062c597c6e7012f4624a89aba919672b1089a2bac8b553c07eab145ec8f3b87f8a76f260b656a9c99ca5e313109e8e742bd775fdd9498a149fcdaff69d525d499c11bb76add2f45853718719d565bbec6c99887ce0fee592aa4ae2ff56c9fd3d6bd8f2db57"}, {0x30, 0x13b, 0x80, "03263994a5b4ff98c1537ab494d6310a0f5121b877ec687e0451de0d3f71eef4"}, {0x28, 0x186, 0x5, "5fbb72d35f7ca9ee216fb0308172168066"}, {0x40, 0x13f, 0x2, "321864483d68e56b4555fff4b47e4a4976c5a03362b3a161f4785c4456d1016e8f3042202255c314c8bc3a19457e71"}, {0xf8, 0x115, 0x24, "d16311f0743aaad5d9f313a8de801e09c727f2cee967af22cf69670f0a3b6f56e146489e99cce1b7eb436e59e793c2292bab4765d7f6954ca411194ae77aeb740ecad25d697b2d381e866886ae05cee7f31140bd25a9aa9cdfa11c0d84967446315d21cd8896124ae542eb2e8485f7fb89822bf01654ca170dc2e98271b3aa6b0c571b2944aa5e27c441593ef806e5d6945b0681de6610c70b379c250fa586c386d3a91fd28c9ec8cb32e5a1170dcc3d265d901f689c6f412eb6c17e1070f3b698e856ebaf2e7317551c1d3daf3f8cbb7dc3080c32ddd36beccab4f9edf7e495b869e27cfeeb"}, {0x38, 0x119, 0x5, "b85d0d2319d474fd33a28ee218c6a3361a746cd2a97b1b26753c2f6d8b89899ecd5b03d03c"}], 0x368}, 0x6}, {{&(0x7f0000000a80)=@sco={0x1f, {0x4, 0x80000001, 0x6, 0x401, 0xfb}}, 0x80, &(0x7f0000000bc0)=[{&(0x7f0000000b00)="a2f072f68fd7f6e02ad2e79e29f9ad56032a528b6dbceafbf0d341186c17a2171aaed40466972f3f8dae5c6eab70425ec89da6c09642e34debb3080ca2e3770a20c0d75e8e6685c348f98083f39f4183a7b2d9e026edeea43833ddf7173c5413e3bc648a0dad297beb7f723f43a84f6c9dae5ddc2f841663953b63c9691143f4af5c9b703ea67993aab814ef68efd0329951e9c1d13c4700e0363158df3e3cec258ca542a0626bfc3573c6a8536af3e9a7907d5dac933d62c326fff341", 0xbd}], 0x1, &(0x7f0000000c00)=[{0x88, 0x108, 0x8, "d3b78d8bed38f78f37a0a186d7403f313b7cf4163202549a390870207eb6e12c7f9188d64f8780d3e9739da7d0452f65bebba269f9ffa5263508de703f8b559d5e5e82193f1f180fab1c599def0eddb18de4d81364a4822ff73efa69eddbf3c317c51001d4c6c5e78416e30ea1078520d4f7fa077852fa"}, {0x90, 0x109, 0x9, "96fb6de39878c3ae32d922450851f9d213ccdded6fcc79a22d1a5f8f2cbcd59749739a1dc1e6f0f384d8710fa3216fac48a03fc7d9bb9952df998c61b57b12ec176753e0bddc5a0271451ee2f151e49f02d43d33124df8f7dbaa28bad8211d943c3db236454f04f85c29ca5245e82f83091de57ae009bbb4d9"}, {0xc8, 0x10b, 0x5, "1e5bde8fc303fd09dac1bd70b920602aa33dba60504cab54dd50c563fcbcf5448926f3056e4165ed015d18624b9a95620d86c2ceacc7057f9ae4eb76bf551d1bc8c583ce73a25ad796c089052e8cb8d3cb54c3ba3b3e85e74cc62879987b7fe9e8a94f9b954d3832506bf61a66d1cda4cb21bc087dd6d18a8534c5aa80ebf13b826a7c5c67dfd2b937c2418d4a267e3f800bab561ab4212969f93ce97bccb9b1f6d69ac6cfa4f4b9871b7927ada8d961e0b2c0d9019f"}, {0x18, 0x110, 0x2, "b64caf0a388337f8"}, {0x48, 0x110, 0x8000, "57c7fd1bdad0d48468b599de2085c7dc7496f5aad0bcd116a87d5950723454ee8b5832c05ce736787bc0d3aef548608ec94da66912b6"}], 0x240, 0x841}, 0xff}, {{&(0x7f0000000e40)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x0, 0x1, 0x2, 0x1, {0xa, 0x4e23, 0xdf8, @loopback, 0xb9}}}, 0x80, &(0x7f0000000ec0), 0x0, &(0x7f0000000f00)=[{0x90, 0x111, 0x8, "0244465fb98dba4972de266e230768aad4f774001aaca335cf55a853cf22d847e662557a1ba83ddb67496e325579f5103fa693a57c6921839ce8b12a764e972ba9840059bf2ac466c5d07ac65908199b09b191c55b7b1df6c7e2ef2374f66deac46ee963b47985c085b5aa96e010c404831503bec40104828f43f8465b"}, {0xc0, 0x88, 0x0, "1b762ff5fc15ddd66187adabfd7237a8ee3823c52f4bfdd27e14a3c40d5116d57c4bb799cef6da9aeb6c1c4f35103a49639f85039f175a1e9d090c1e3fcbdd0df9d5b066bd503ad21ff01d457182a4e007e4d64c5e27ff3bb55b7f6fa084681768d98724b1f9d34cf897a1dd46b9968236604fb264d7e68d9ed65b9c746c3c770b5b12c6d9cbe1847d31dd2ce7841a1ade07f5c7bc76338603249f18819af4201ae59bbd57066b316d73dd4870dc3d"}, {0xd8, 0x11f, 0x93, "dd747e71b47c7d23e47d50551c7a6602ebad1c41efd2a1941af3993a14f6106a2efa335b1a8f5c3eb8683a0a20bcf65c91103bde5c8b91aff6bf976e3a2069e454497abb88e81f78fb3c426db3f7c9cf98585ef551c6512e405ea1d40dfd78932ddc4c4bc5257f27ed04a4bf12f0d61b1240d8d735bd4a0975d39be51b72cc9a9825346e5d5d8463fe30277622a50a14af803a42b8ef6cfe10a30d4ef63ad6b1b5931d75d07c9506cdb3c48e10c04a28356f5b29759420a78de93dd483e3289f73055807"}, {0x110, 0x10f, 0x7fffffff, "800e5a06319fef662cbf7a920715803d62edd60ef9ca3612ed3b48fed44b16cb424bbbcf80c92dd41bfee956e95f924a441412766b051e9f3eb857a0805f9ac3e8999135c5f97f672adc09e3d7c4d9e1111c3f48577c758b8ff3b3e6b82ce0bfd64d027df2d643a10de355b25d985ea500439057519bd056896413d75ca406cc0673f00a1f14c9fdfc950297775d8f9f121fb8fe6a615bdfd224fd4f2af33f751c00c14232104496d668593898b05cd1bdd7b8e7fac2ce1e79915fe71ff45cde906c8f42b0da81255f38c9263d1c390aac9618181a7619a90d1645f6e573f977e4df1b484e9039cada05db648c0c01c1046635c461013df6c3fa"}, {0xc8, 0x105, 0x3, "26000d8f74021299b104e56793b8d0482c2622bc35d7af635a99ebebcd9c89ec12c3554aa6b271a46066aed33b7d3c1f08c8186a0a1ad5946b8c49af44af1bfa9f144160bb13aaf4cfacdb71609cb47a16b3f7d7ac4faff624c1deb9a09e884fc54c7c1c8d0c29e7d4019dc79d16ddb933eb66b38b11e9213f07627a458953615c919cc82bc5e28d5db520827a4b77276c8742f8464e51b27cfe7a493dbb540f8a9fff7c4e780d38f36095223aa9781a509f70"}, {0x58, 0x105, 0x0, "6d0d9b334378aab88db6e7cc80500449a5594cf4776128d5be67ccebc1f00db49269a1e8de6a48b7784be223426e78a0d6c330a440c8757e3e6e9918cb3ba81f4199"}, {0x1010, 0x113, 0x7, "15eaeb811bd3d7807a10ab630bc09c78343fbc1995e8cdfa8938982432604326a59e314ba07feb115969a8c922fd6b418165aa8fe44396a7b2b3296fa65448ef5877932cbdb49db77efe236a04a778b8b50486d9d6f16ef6bbacb5a35d046bc941fd39421c1b8e75964990828f0ac95528bc1f18690ae9d2ac3afd183acf89fa3f0a9f99adbe599bc9cd61af3c07e31d830dbc4fe46a14ddaded6606aa232257358940d75c5b59fb9d6607148b0b422cf3f11f4054f988abf50d26e211d5912693e6ae8d9a42b09ef385df480042f2c9bf282456d14f184a56138c2b26d2546964631f7facc6b121a05340c528899c48314e36aeeebdd68472d6500c0c55a6c7d1b07c987adc1852c296b5dc89f1a2f29035df4760ab3f66c32aeb2d896bf8669f725bf623417ee612a3afb2cd4076881c8b112ac2855e0659a8f9e193fc0346a60e71ab50e8a9cb6b13b46666694fc00d3ffa42cfd0d150dd7e0cb3df06b9126ab9e9ed6c8ec1b723e1ce72d935b3cf24dbe9250fb9a57b875a9eda28427c6db58e6af353e74608da7452682355a41d65cb544ede5cda543bde0ec26b50b1d8ec30e92daf801f8ef361e43db3f9d3197cf768fa77fae3a9c0e9e323a298352900f58ee6de6bd641dfe073da6d23beb2659b4828d2239611fa8422a774c62480267449a7d11dc740b6dd568571742306e662de68bd681bc0ab3f52bc14a096d53b92e358e89735f1d5114718badc362fdd01a4be0587784c963b416d6a3fd86e72e13a28ecb9f833de2553c1ebf038e4278f7f0f888ce367c57cec662a19229acb8b03b20086b60246221e782002961b12e1b690edeac345be7a7e2c77f81264abf8c01515a7504c6089e218737c7fee5126d27fd53a894af0bc0601d21d5b586d55278aa4fbcaffe43024c0d89383fed2601e4e36e98ef9bb03e4f8bd6b44fc95f9f811027b1359535f48126ae30867dd7209bf1e1e77da3ba90541411fc21517b5398516056f7af3516b732e6ced5de5200df8f1c73d827bddf9aea9f71dfebc0535f5e72cbf60de5c345eaf57e3a88de3c42d11e5fa752d1de400a994cc5990273a3ac31763b827b254ddc857cd8ac65bd2385270422afefcf358ee4b02ca158b8e3e01b6256bd1758442af5d09989697380b7805034e476a507a933f599d48460f2cd63aad83ba054214f0c66154e8023af16fd60b28d9972e2acdc6ca68cc8e79316c063d86dc7356081d19eba39a8a4021c1540e13774cb66b846ce21e61ac1cf5c054209bee9f6ed34149a577e47f7fea10020124a7dd12b8bddbda290c440c6f36dfb5fa0d706a4a620c2c523b8f3bc7e1d4ccf0d75f12281924f67320c760764ee0d69abb091bdf76f5eee7f001db493ebb80f7d5912b94b5aadaa3ec501360df37cf18f7ce451c034e1583ca10531351c281fb3eed1fa0ae6130d0d8761174ae3174eed7115b98fa7cad4850f921b135a7c024a10bd6f775fd80ce805442b1a428b2210b72d7617cacfd68655db4616298c71ff0f31df808d4dd2f0ddf3e0a294045ba2c9defc1eeb746400026afcd94f1fb59c20dc257b5869b9de7cb5a2388a5c8e13920b0e80603f5a769714d7fb8e452d3c11ee1c148f6875d85d4b32cdab988ec39cb0da15cbd500aade1bca582a3bbe518da0598ed64e37103e7317f71c6054846c55632ba53f7ec0bc3d5f959fa2573748b9ce1437571d74bfca5506f32212d79ba7885a59813479af34635b0d72bc657c10aeefcd14e5c3c188b804409bb6427f952032738a8ad040a9e4a4a6e318b1cdbc70388484baa7cc222568f651bd45a87008984b7c80d42e2362f92250baf97dc539db7bd91c5fe897e37b7a521b4750c7f0463635b66ef8d4d3378e2aa2eff052080589aaaba6d9a539c8d22f8a67c2552cc50ec7c6a13d20d50f024b573d8109e9956ba10d7673a6072e4f7a9230c17eb8aae821161f8ba04ad94cbcfc6dd2d799e3409cd0a33f7af4f35de5023484660911e518e1ef5bde02c32de08cf578945a0e1b65a9851bd0d92df302775eb5beff55f4eb9cb733dd9a1567ceededf75f023f984bcc37b85f441ff978002e6cb94bafb2e190b628b1e66a57d4698793025fcf187b674f4b6e90789d1731965c5954c37a24932dbbb039c82452d62423ab210df0162b4f1107ad52aff683efc87252a10b49a873ab88a042b5b55f3346caf19ae7a2be9d4a259851068c0c7b9b2bcc992a5a481c6d9d3bcf3389cf745a0a034af3d0748b603ee2c6b48faa2fc442124cf6d1d74cac1aea55f0e1e36949bc5002d80bc55e12446bb8164128c8533a89815030360d188ec961aa51b4b2fe20e61882e5091b63b6ba8d546eddb39b48ff54a31713368e85812e7fdfe4117663e6965fb819cfe33c8096c7899346c474a335828f65bbf008aa184db89e983adb2a47cfaeca097ce6161461e5d28fe8f5ef627ee2c2534c804ad26516a4221c88cddb0838c9ee016b8f8202d6a7f6387d281b942926456b05b6baa45b78cf46a5d83b01a134c190d3b7462888e7428986c6c64d6ed6e78c609d3d04f73dcca9969699f828ce583df09f9364c88cfadacf254b1c1c1c5dd1ad80a5d3b2e1789c4a1b89be001e09a525917c5ae9dc4f098a4c86d57ea0c53554d399b9cd4177dc348aa6c1a189a37ec183e0a7be279bd942549b8f68dff381854d8e08d13a969d8d05f55a6c901ea4fc0a43b3c599158aee772c5e4953f1f036fe38a8074ece05a35e88ff5ebdfcebc84e635dfa37a6669328e55e266946e0b84b82d21eb71450ae0a0ee68005d9520736e992efe95016e3860268d5ce55a9b7bf52d16e53b56782e9200f5f95f1de418398b7775b3888159aa2e3fa1815cc042ead729fdc108a927b33714dbe32163433b9cd1baa3e7e360bdd169e6878af3af92f151666eea18bc65f1209a68f36c08096b51525aa75e536497b98eee70a146ae767de402ffd3a9e4dc6836b57cc62262dbd05594dd1e10d85ae412dd9c9deedc5df311e0fea2a983cad00cdc1ccd2b773803dad09ea2ed585f06a15252c1f14399606e17e66daed3c3e3df62a2919d6441a154cd5c25a16305fa288fdbbe0cb4ddd7339f31f8e296b0cd2c4b420d30da2c85227131027e0456ad6ab6a17d61e4f5541638152b6a600f123848b9b4c6051c40ae70a4eea3f5a4f1c9d1e582b68d13b5792e780fcfc18f771f1320c544513b1af21fefe56d78c47128624775f7ff3789b88d1ac7ebbfa6afdb9fb424caae62705d6a0853dc80dc2d6f9ae4ab05c71725bb3e509987dcb7be097d56eb55f6b14e7a65fe490fe3541e46cf31f7192f5bd6937322343b03e724576e04289a67dce0fc4889d15462276ecc8c66d832cca7935d49fe3ba1c0f26e312cebd7125165eb6839796a0f0d59b73e84a226a1fbc7ace0a46a070c8ddaebec25325bba278f222f1cc3d8c1609485a9bc7d7a9bfaa070b9dd91fdde3d4307dbc2e235d5d1637a9c2438d5c150ee9ad97fa19046cb76009c9f3579adeb1e6e47a1a3b9bb6b5fd8cdd3cc3a7523569c1170600e8da79230ea1748754ef99b6ef2b421a626f1c96d46d1dc5f8294a525b63e168fa9cfd1b006d27925cdfd6eb051f71ecc5c2ddfdb031ff74c5541a10c444aab39ddf7d04de1a374e9f4cae9dd8b05bb571a9ff516babcac89faae6a14a36319d1e1820c968ad0dd2cdc0fd84e7d63b44931a5a6d0891cf57bde6a4389a5b42f46137190daa205f1b1858c770252edefaa13ce9e6236442d5ff8732ad8f6bc1f9b6a03a2cb5a525236d0012ef42031f1ab2f0c4c19068803be6ca34668da5cc7790a31a474242fef6cbd9ec8cb3b25839fdd77cbf50496fca1d6392156e47760d01232c5745b9ac7e1588b20fa77f54dcc077fcf51d13b4223d20cf1c0c19a6294fd55ccceefb4407b0e390736ffb301fd72ce49e7fd463dead853f3c4fece722d5a04c9fc0c78cabff63261d271f94c476ad554f32137d5f82923aad967f2747fb05181f513194b61ad6453d954fefe723ef9387ebe859118de99bcb2af708871e52d546e4432cc7b4b8a258927c4295d221c9cfeb57ab64ba5a08101b0c5d8ab49692e5f5ea3e3e03a841a1e295ad9f9f575e2ee44ab59ce3162bae79d3698f5712bf35aa087deb53bb03133564ca875911b521c31589b6119251f74c352290ada8ae2e08d28bc3fc254c79ed7df8561e0e712a1bdae0144cfe40d9457a2fdb56c840a283f03d19e62c8a75383d04f7221771e2daed505d7efb2435e7f1a1beec8ce2baff63c424eb0adf7dde5f3f61dbc8c77fcebb28c02dba3beb0f27c2e9df8133e02c48f441b271c5ace86e00348ffbe7f6520444e8b0fe5cd3a5212899213e0d6f19357b182e34892f27a0aac2feb10294ec9e054c0850401654ab40c8c1ad12a229606fbdf117a07af67d017af63ae9b9b4020924e10f0afdcc83e54d22cf4cda3d12f9f83481351d3f8ce9135d92944327e55f03922dc915f69d493b6f1c5c2c392b8944d991a4045ec588eb2946741ae174d11d864a6c4d597701d89f79db1dced0e857771f2739dd7789c5baf815b6cfc83a49ba905dd6d53062698d371c1b4a7ae5f87d147e76081474c11840ae7416d6d62c9118ca19e10a36bb976c4427980010bd6d81ea7648f70c54bfb15e83137f9faaef2f716d23aac6c004e61019c2bdb1f4aa1a36efad5751b0b15c4094398c1301a5549723f46e7b1157bc432da00e826a7162fdf44309fdf9112e332a82cd57a838ed409538cdd9ea984b7df18020a5b62fa8c3a00184cb27f5a63b92868d4f1d333043e057ddafe72b32daba7130ae0898072c220d61486bea881e7efdba627c9a7f3edb8c56d4e42865a1e574bc9b79e9d75b6e65d6747d2b02943804924d173e755cdefb675ca73e0e9d685e1e3c95c638930eb99c0ce40a6939c6756a35a2a18f2f42462b024e5c4dee0b910df63df1fc42306c72cff1b0eb65f055f007c90e98c2e85961a3dbd3c786587c84b239e7943c0f8eab818fcd4c8e173d11c6225fbf8926bb6b97ba0d6ddf5765af439bc02ba96edb1c00e4de76002be4a2d1fef2eae37c69cd32b879020ed4946695f93e3fc9df610955ad28c9af2e1af05bf1659598d5f5e4c8da7603e9228e46e232b3186b2ee4782fa5b36fcb4cacb8f0d3606b83d2c7d47e9ab9299657eb7adf019ef8ed3c5e58022fd303293ccec6195ef6e4dac143360a7999f7f727b468c290a1239e567c2729c3a53b0a9e837a08a3ca29fda009a69f461a4da4bda874404e2edee0435bfce242e227b8416a67332d94c1266f829ed93fb3473376d96f627a33e69c5edf2f3e6fd0e08105f0f001886bcb1238cdb5ae3f1e0d079f2bef34d15ab29d11bdd25cdd1257d277cd4d92487443e19586808420f9a86a4ce825694d3176e956ae352142b213149f2f9fe8fe2c1e027e9f3d759e2bea915a96da9b4f136160eb90ee8e4b09277615ab6a833711f859bad9a7b4ed097cf1372e2bbdc973401be1dcf249788bd4970ca22de1d16234758ed9bb48349bc3899dfa5ebdaaeda75b313a29853fe709cdcfe3fe7c8456362cd19ac97959dc2630c93b41208ac1e4e92ddb412f1b97dd1279e50c010b7df1b8d7145611c21f232c9abf3920384c9dc9ff34c4de94ec45d02b4ae791837e72cf4810fbe40d75cce23972086fcb24b0f333d0dafac3b7c1c621214bdbfcf962b228b5a41366c572d5f5c28c69fb6fb729780f4222d931a2451c3168f67346a78198890a899aebbfb0208609d3687117529b21936"}], 0x1468, 0x24008080}, 0x1}, {{&(0x7f0000002380)=@llc={0x1a, 0x7, 0xfffffffffffff801, 0x7fff, 0x4, 0x7fffffff, @dev={[], 0x1c}}, 0x80, &(0x7f0000002480)=[{&(0x7f0000002400)="8565b27823987843e58f45e0d790c76c74d74ac46d66b2bfcabe5b9a20d0b9340aada9016baabef6e30dc5db095d123b4fe6ce20e31f5de522679e7aab410059deaf076a2237b545bc9973286206acadf02941ba52f810f90b0d74eb413e910ad4f440bc521da6fd953b00c9093d07081d3b36f97ce82adbb9619e9208", 0x7d}], 0x1, 0x0, 0x0, 0x800}, 0x7}, {{&(0x7f00000024c0)=@nfc, 0x80, &(0x7f00000029c0)=[{&(0x7f0000002540)="f77b891d001696fcb2034156d67332eae884d16d66ffd9081a7154236fadd856b4d7bb2a3f11a97b92778399776e53a0ac317d5cdba484f19980bf168bf985eb010447e11a60fa5aebe39a60ca72c249f9e4d33812106d68f7ffe5c74f8079caa21dcb9d4f75d404c9618bebce39e58da8c213a93d46c53c2319f746253250c7eb75e59fb0a5b9c94e3d5b01f7a328e1078cc014bf68638dc1b6111f6bcc4937ca7eb35b80b79ccb9b0f9a30dcadf359fed701f14b272877750b5d63c4ca7c14c0ca779b68da1bea2b8a0f89977ea5887789798bb686a28015afa37ef01aabb58e356918c4281aa12ae3f66a93d49e7198cf7ed416834e22016295b992", 0xfd}, {&(0x7f0000002640)="8f6ec61ce28de869b0f5a7ed96edd8461a186dbce6ac09280037cd1df6cac080d337492f701aad532051588117f0bd97968c33894dd632307845c393ccb47b024ce8ad9abfedb942b06816eb391653c7226e5c74407689c1faa2df0cf74a67e5768cfff88ad527fccf2c6a5ee0d711216450d8c7a057d572", 0x78}, {&(0x7f00000026c0)="001481521bd691664a9738b8a2bdd0e004d91d4d57ffc47ee78a0a7716a7fde441e8e6b91cd46e24dfc334124dc85f3477ba11a094ddeaa7ac5bab5d761248c47bae6213a6d2216f793430b76d574d9b24d038a1c6d82e302a5b339977844c5bc8bda12c4f8ae23337819a93685b1e0cb5ba", 0x72}, {&(0x7f0000002740)="d67154c7fde790b91cd525f6c47183a5dbba073319d21cc24b6368416683fe1a32e166d716ee9a5d55f23338f76ae118036d3614b97be80af20a74d4261305f6794f20730b2a7c4ce628171373f2f2ef53079522245dcfe8a6e346bbb732522f4c97a49c31688df60a8271927e1e144a42ac8b5c8ad7733cc4", 0x79}, {&(0x7f00000027c0)="802935506a48fa65f764dd416e2450d90cb92ec6f91f7b17d84ad368eabdeaea6e6821ff4d54ed41ef1c2951237de76bfd5f094f5c46a69847846562fa415daeb3ab2fb300a7a636f0309d094dae2783f833dc43b2a988f6212faf26d79d3492b593f0bb69e6cbacc0fa6cda874f93c15620008d3cbecde1cf14fce8b5e04d526ce68233db4bf7f3a0e528551f6d3e78810377cbf78acdd57e99b32bc8b70602a3b7cb817ddcac535b414a92cda9c72c0ce398bfe5aa", 0xb6}, {&(0x7f0000002880)="32d8c6e7647bcab79cf358a17cf8ed9a5cfcfeba958964efd1c8932ce368e49c26cba62fdc93abe712638abfd2dcaba57380d04a3b9cd99190abe19e13b486291ad23decb170077f56652f63b0687209940073739159ee8140aa0987b3776b80a5b7fd92c6a667cac951c4522ca9c9ee0b7a4cadad51b79fea6a6ee8faeead2fa95edaba3968208250262bbdb9bbe70fd1465f04da4e54f91a91a64000a0300c172c6d36b80c085b095540938a70294ef6a2", 0xb2}, {&(0x7f0000002940)="9e491307afc64ccf3162e5799d2aaa67536ddea477ff52bba558eb472ba4e599213638250256a2002bba28b233f0b553e4f88a229855b69e362880dc10c5748d33b464b75e9ea2ec56e0", 0x4a}], 0x7, &(0x7f0000002a40)=[{0x88, 0x10d, 0x7, "ee16d4d8024ca95d12422d396be4ec7e3bd5b47a872dc5581dc74b43a4f04b9f0581aa65cc2cdfe87c54d2571c6bb83f45c706f57ec235cb34b37d035d90abdec304eaca75c477272f1fea6772606e689c99c422eef19ef27de766800186372359a7278295fcf19d26aada195abdb9a4cc"}, {0x1010, 0x1ff, 0x0, "068c971f15bca0685d2bcbe63e979b69d8491546be820d0a9bfd90ce7e2f6afbef3a659795e9589a92869119c289d04e600fa14973225e8ca862350cb13507fc1a3a11217f0fcbc0a792d351cce8f3d446f854eddd50aa26e64248d5e168d803fe49371bebc5bb809eddd7dd2b66654afe3f9557583002e862a91fe8485472c7856e9917dbf0ed37f2742924b7653be62fbcf7a4ecfe345e3d5f95991fee18c7ca33c9545faf82e4c65b40cd471bbb4229d25729ff7f58a89f8357760fe8ec351cf11a6237c9550274fbdf8ae6f54f908840d39cfd4d8b5e8caaeaa10465b910e594875e7eebef5888074c5552ca1a6307c18cc3a961a32079b955c12cbd477877a994f541a78e3e5ccccdfa9995d3b8cbbb13c139e8f98c1acd324a3ca4c6ff1940bb1fdabef6809cf4eb110e2838f2ae67a6e53c4ce7eb6138ee5ce2144d227a0ad88f54ed6e0c39f919d4f71ca4f0f709e740cadde985fa0fb255a2f214b18d02df63be23b0af00359742ef720f18039e7a43331733f138aae532e781a7f9d56f68e44dfa1b7a3200f233eff81bbf97b6d17f91791a989f46e108c92f658ea1d514e3ec17a319f85f95cebf2244bac7f5edf10692a03738aa53caefe07172e15ffbd8051045cd35d238bb2e6e868f2272d29e74e76b366b4292453790673ea65d18d6e8a6aa9da1bae45686f0e4f5e69a0e0e8c43430d20d34af0459d6a1fe5b22759f0884920754c11722ce4fc8d3f7d9e12b87673c2f1dad02a8a457496bdb5868886b00f29ac0434a4abab0d6298de62aa1179b074680275ed98464c929ad6e93be22de90d963b5248199cb81a0bcad8ff4d480e9e01a20203c611d4aa7d8f29fdfc6b4646b1c6f5f1ed3d5becfaa3489ee6cc2e4bac910316715a6efe5368350f2d8bb2c578cac3a8bbb7cf070876b8db06ac86c3dd670da468f7f536f9a8d8508e5c3ac12a7297adf1bc03ac86f6c2f133963d895b4034773798254203fe10d9b7c2133e150f887f31552a6fb176b7530808f8a77655ba8010a1350cfdbb8aae8e621e5daa956749aa737796fa9e0104d51c04e8fd375304449eb8ae28b0ef6ebe0f28096860a0910c01e093f23cdb27d94930e8a3ccc3215a1919197e5adfd6db0d79e7bdd164b620d9d5fcd6915283d6110f9cd496a6390a64bcf2f71f3de19501d2387bb557c7b7b2aa5453279a939c864e63c7ebfd7e06611430c39fbf19a6db876b6acf9c9b9999c99f66905062e5f6f76013e3113296b43c752cb6c3235cdd4dca4097a3123faa4c1d65fa4e725b147714fe6627a6bc09da4a12e1060dc975b9c0bdf63c04c00ce7ed3fe1e9a32d77e234d1ddc8399f056d91ae66598115e4453ebff38323ea46b128e07d4243f0eab44be9fb416f00d84effdf195b054d24832ba86988aa792c60ccc3ce3a1b27a8fabda48b9e30791001196b0f81ed1c7836fc479306132688597fa316a1f6005f4760b4bc2a8f717d73c1f3ee15e0371e1666bbdb88f18fe1a93b8b50f854bd4743e52a50169c4787187c5aee673b2980aeb156b8ec2c29ef5aa38d062eca25d90ef20cc6a59d6421d28f067b808a1be6a6c3b0d95d2a6203ee54ad62b1778f199d79463af926e00d308654ec19d713f51fa3654888bcdea317d5548f60d49d0d52b5cdb5843b588b3de7f34f3631a045220d5050ae40427524e514eae15356d813ba62bffa021594b7657c68dee60e74be93fac7ceb577fbf26835f704404d432ff1cfc309f57e58450491168c6fcfa3af2c16ada3fc26d0e0577698f562b2d4e76092b60df1a26e625a759b1fc878616a24303b388fed7cbc880f2e01b5845a02913d7b0a3dab4bcb5d7eb4ef59b8149d5c6f3d3b5be49ced2438ab411ee92fc68dbb755c9992c5eda7f716fe86b6dca5ee7a9299c110be1e121b5bf33c582e68ace9aabc31cbe19d82537c74edd94de37652ac57b29e44b5c5cce1a25ad34cce4a9074fab8447c1c6daf8d398d8409015b4baaf11a00b60a0718a76fefe82391f33a0b8193219a950ef59170f6d56f46cd6a247c3cee02df910e8de2d2b7eea9eaf94ecfb4a257a6e784d403872fde437e89ff5b949cdf331df5cdcbc3dc06d5d2770cf9646ab4701f1ef81a611d9a0d708972d548a0cb75abffe088e88446b8ad923d546005001bf2387da5bfd76b94a456cfbbcefe8a5ba23b5e3e4d405b963b01f874d8955b0e6bef69af1699c998c185c09ff4845c74acdac1f7e0436d608657b0ac3c34339ccd3e93b08f426c5a6ef74320d6c5f392b0753132262fb19a497919c312d211d88a229c490fb58e2aaf3fefbde3b924614198f572754c20ad98327d3cc9301105a9b3e1c2da78eab2892619658a99edb7a8bea7e2f7d5c8ee2cab624738a2193364f67fe2986f97d5e8ac2738ab827b3d2314245b95cfe362529310c2e15ec192e60c8f17feb95eb25ac3577931b791ac534a364b93a1cd578ab883263ca2cc66880a0fa4dfb8fcaa3a1bffc8d8088189c4ae7eccb76f6f50da250eae2ed4ddb269fb3511282da65409fe417e97d629e630dc19d1fc97eb26f76451d1d163b5efd70b1a454dc1feee9102d0aeecd487c44462f3a9fd59c9bb67848fb61d4dc96105c26730c784f39a7634faadd20d148a136534f562632acced250534c244284d074c95faab8899d5cb84b2a9b18f8e9ae7b92351ce6ab720682b4a2c682e8581e0f5884e2b89ea7c1cd56ed821651e363e54f5ffab093e776eff83b2f84f8794aebebd2e99d37ab769be452457f7c02b4ec0e9bc3bc6d843bf926858038d1ffe919f891134e2b259b5ffebc3602514875ec7afe9eb4b87a942cebe0fbdadd3fe5be184c3d09ca328a335aa9e27f2acd37e3079fe8c034af0e4469d92ea729e8f7f561f74a227b53dbbffa14b9d31b46ec1f6de08c917d7914e57cdf521ee7c116a04e0a100dadb69b0f7bfe56db097d3e4a5d6dd225396d1669dfc3518a044a6e23c7d55c797673945da5ad756e8c27560e54b50b40e3ca12db4885bb2d32806c3900bf3cdcef8ce23bce0d3324c9fca89668be23b061ed4d7c3f98b3e0d9ef989506839eb970279a529ca3fb1c4a3315ca1ec689199e971d3cd81aa0c5402eb75d20584421864ad6eb1205977ebe1380ae0f1e35e4a6ec430828257f669d04b4eeb0af971c9f18883ae4f4c1228ef60978612fe5e55904b8c323cb5f4712bbd3b408a8961d5fd11cf5c3349a9ab657bbc03c37b99998bd0d4057ce340402611c9fe12126e24d8329c0b7e481465b0c1a4a3b2b544858908d1cbc282a95fc49a7b500edcc128c93154a5d0ffadb29ad05ca04f7443ce326522331dfb873a171fddf449b6961efdd1ec6566d43d9a290954600934c437e8425e538989ac349b2b7095f7737e5a62459f6e321f32dcb959e3dd61078ab8f4f032748eb237e83b77d5a3abd8a439f5afd7a872e55fc5d1e25c7dfa6593b4536afe34dfe88c7a26a9f4c4d1b4ec853360a5ce7a54b821df1550a9c767e86ce452d274e6e29da039e9849fda9c6bf7203949e32c33e78403b704713dd86328ea59b3cddbb87a97a9cf551fd53d8748d1ad20fa0b5d1a12a8691230403693a04c6b10530e2c98303f133a79325c4f1450f48e1929d4db016c74d2b3ba4dd9476798c4056481d6346342602db4e698f7df3e08bd8f22a8bee623622a3af92748d10cff13b48dad81b1f6b1e0641f10e6f7d59accd244ee340d954f57f2d6b9e10ee21789f85047db29a86074d5ab5b7a75a342009f26bb61a25d224e9dc08a55ecb09d6d64540eaeee245dc47e62e26622a4e8f25afb62cebc201cac81cd2c3b0b5b4dd3de8b85a46cb31fd9d2c2fdfaee9845580c36d14ff0868e3f1486c2292660142d2a2d28e128a3a55b9d9535e13b080eb348182f3d6ac24f0f8215a389ccf8fd436e6a40867e8c086daa287066a28f827e0c8c7d1ec90671428767d671b9a57aa2a417b21dfe1d3b17b5824ef74dbb1d31ac86177a694af42c5d90a7bed8807710711f3dab4dba5fdcad2b17cacfea46145176aac595fac9722c133c28426b7144728394d47b2263edb39ccf255aa168335c5e3813fd6ef9755cfdb89cb6cbdb17b012841446d794626961fa9213abee95d20db5f89dce4b12291931e582476f048349867ffc1dad302b5ee8548640566d6d1206a97f4ac4ad38c23014cb44d805ede2367aed9a15666217ec290cf7c1b3a81b25afadc014280e97f9e53d4deccee2b96a6c7b611b86b292e1256ec5cf474d5c0ae13a0c800763284e29d16d7d9c657f016bb54066fae8264f9939a4a07029cd301168db0a03d33eddc4d0a0c462669807a3c7bdcb43f774ec09d15e74f4f65d3992324ec7037f9dee3349203003134a265163edeacec9c888c7f72263a34459a44163512b9cb51154012482b822cccc0e5394eb1a9eb0b45b0ed563657ca28d953c3d8e52a423463c1c916bf4775ff58f782638e82bd2ab12089145e505eb8b14f089188b4eb042a8622ad8b05217a841193afdfc00f9c11110248b04fe262c076ca25e48e82a53a7ba6086540afb1b93b89f312b29cd49a827ea6611aa4adc1643103df1083c1cf9fa0c2480b903eff74f580e35ead469116f897f4d8cf59d1a0dc99dafb9473de7cdd50b33349b5b0bf80598d0ff69458e70ceb95fd798c84dbd8cd1ede7c814615af487777efcae729cc487b4dcc5d039cb5c15f9d19837e8f72956fcdfc9b99d126ae68c9e221e3e6135d8aa6599b47e293b58d3781c43889014b2fd6ce46c5255bff565d20e84df23ce6bbfd6c52677f691a700c4ae49ead75a062da105862515b34f050a9454aa935a79a60827723e89d7ae9ca1fd776ff8c31a6445bb7969ea8908565725293761abe9f5387ac80d774d71ec02c8c16dd6140370281335ea537b95cf7782ba00838f064cfb84f978015bc9b9b169342e912698a6872785e55ff2c67dc2bdcff15c1ba4a05b6937af0ca6fab952c7b9e7941ea3205e03054f94b6f884d1d57b1c162b77cedb1830916e0e2b79a046a2048a43ca4509c19a5a59b5a6bf4db9ce423b57a13750ffb43e6d52b63a209a225e205dd9b0c273beb6761849e4db8a03a4635845dcaf72abde0cd83a2edafa2c00786db5e00e8de7de5097b8f538f71daf3dd17aade59234058cf960658ea03e9648fed86e9214a2ea48975609675db5ecb29425492516f290f7742744fc67cde7dde2227d25a615a588a907b2b0ec23c8d3e6ade92d0e4441610dedac9ab0c96a9ab3d686aa49cec932fa0593b8ced61502c12fa221dd6f43bfb6e011710417f73e11e1aa7042c015096d504018a7f8ac55c90ec47933398e76a5d8cb694dd1c07a75a6f2509e1199d9e4574cd1fa09d321921ba419201515731fbaf7aafddce8bf75735ff82ebfeaf2f4623674bbda5aa4bb6ef4125369c145c0c7510a2ad012527949a9746cf8af4a92d3703e0f9172b62e92c3852c852d3ff666d5d979a4116e0008ff23ec5a78b4170b6eca35062406113eb44a541b58ad0af7908e0144db3b0fbe6176faf38ffa1371de613d12db5acfb2b533634d6e465d9127a29f45ad1608910513deb304fbde01c5671ba52f1cb68d8717da243fe1e07d80cef375b4dc85e319ce9a6099015673bfbb1f90ec380572ac4bd0c0c55bd9fbca4101b9ae7008efd0a8a80285f60fbceba5c6afab51b8b7ead1e28049edb809f23d9016f06f702d5480f29d24187ffc2ff09284336b646ade6c19ac89e74ad059159368e0e8250344b84e0a689109ee327965fe5f77c5c26f"}, {0x80, 0x10a, 0xffffffffffff0000, "803c62f61b9838c9b40c3d890ed91b2d2df619a413ab1b0555454b2637f7f626905a4ef1c78a7b19e4387a38ab5495bb3ce6cee417547ec886e091abb46d3a9168d1564775e4ae750e53c945495c438032dd470e612a3861e1b14e9178839c323834807529f219c4879041"}, {0xd0, 0x3a, 0x8000, "bcbfdc350cdbc0931c1e9cd2969c14feb975d79ad6b577eba3b2855733c8ac02a0ec9261bc015ff9b5d8ea117405c1eebb085db1e36228f7ee6b42955214e79a38faf91e54b95273ad8d8e7335dc90e78809f3f56ab9de6159e9d61d595b62c434fe31052c96e0bafd1fe641ea15273be2de84edde8927eca86aa217c724212891ca1f711a6036905d3c71596f32b2a407b02e97fcc6bb97553e348f01db295527af6f8cd8a7d7df9a96a2d4e96a422545f5e9ac911d2040cb18b8abfe67"}], 0x11e8, 0x4000000}, 0x5}, {{&(0x7f0000008600)=@xdp={0x2c, 0x6, r4, 0x37}, 0x80, &(0x7f0000009ac0)=[{&(0x7f0000008680)="444b5820f48722fcc49ea565ba491574c1fa3cfabc09531ad4fb01724c4e95b9a1dba40d442812f09b82d4e592a85b8a2c4517ac6059141224b05a7b6ae5d5a54ff1173f9cd9b80f4b702aff04c026ec2450069b8da382e2", 0x58}, {&(0x7f0000008700)="f09711a624e16b489147995eb025a1f15eef9be2df17794cddaec5a6cf0a051ea6a72f95af34d473cb232a05d3289c3ce1ead3f1679bb0bc5fe308bd454502c5ab445c029c83377bf947e422da9266cd32191e442d9359f3c2cb06e111df47e664a313880739e871590d8925d2cec16ac71c2a31b94e048f2fd81c8bf636298318e7d91b37934720e971767c64bfab8c48dc5a5dfb9a4fb0e932ab16cd9b300d00a3c05a5d99acd143a5de3f06499c", 0xaf}, {&(0x7f00000087c0)="686efae70b29a5f7baf0bddc6a93db3b5f1d848e3090357644c4ce73ae7ef5276ddb36c3972e05d83c2db49ebbdb8fd3f9c341e1e4f7c0bcbb6241e35b2132630ebce66c0814471a23baa83fa3d6aace2f24dda8ec30c8e0464d4582bc30b0f4d72fe696b67bf02f0e42c7c082a3584cc821e34dbd7ebfb1492b9a6aa839f7a18beb6ba8d69eb6e71e77bd8850062652600c9fbbb1e62c191930b308a3381b500943b80c2a6da1", 0xa7}, {&(0x7f0000008880)="09c393a485b2d13ecf0e2e726654b476ad358cd0c14100d4afed75", 0x1b}, {&(0x7f00000088c0)="50cb3905bcb6d3ffa565888bd7ca3e91bb9e59bdb068b384a3a25594a64d1bf624cd00536ed8cd02e2010d84ba04efa62262cce9e06205287468e6918161eb36c508f9c0e2214bc1a51f1d4be1544554c49cf39086c5944f9b12ca0fd5cd1d4797de2a65d2dd473501c65fcef41ddab494fbbdd166c06cc4fa0a33bdf3d88f39b02e", 0x82}, {&(0x7f0000008980)="19739bf7660032c42908cf3c1f7e47e50890f3e3a3e5d7e5e6ecd133602141842f7cfe8990d1c23bc4c01841fedd4994673600a8524e286469df18c55b504ac524a4dc76313b5cc0153b90a02dc32db24f0ae6784d31f0c24d73cf9cfc5b49b893cf2df72d252454bcb53ab2e640abb4f2942094b055495a0c202cfb83", 0x7d}, {&(0x7f0000008a00)="3377f0d7b008846141bb908823f3d6419da1a6f10d01384836ad464f01e45c835cac0f8640268c10a0940019fe606620a1f2eb470f9567787dcff587334114d0450519b17ba1ce03da6e755c97d6bb2aaa3d75f25e6e22da102c61dfbbd31c149fac6d6ad3a51230be3e94c4fb9ed6f21abaa192fc60af7ede5085cb6297eede67632d1f57a4e08f377e6e79b6785b0ad4c0db09f24e0c5b6921c3c0f9fce9dac044f010683115681a5c319501d4cfc07a56ead9c05468f0409cfd46f69d9925243b2fc4ea33322025259a7b063fab6bf788b2985d9d4370082f5e4a486d66035c1d390a55f61d208a2dba1de27f18796887a75dddc4db9f44ecc37d79a7c34e0c3f5c4277fe12c71abd695795ee29ed4bd403dc4258de231828d90845ac43dd67f002b291c9b31e744fc777020a87949facb6523f4c51fab1f3ca1b22c2f30ba553c32a161ec4d9ded2836b3469cee5918606ed60691766695cbe40969c9272fda9e2db7aea45ec18a2e80039788384c723500fbf674c5f4bb56262c54e0dafbf1d9ca2a0811bb36d8472e8984b7750e490d79605e925417a6d437672765a7c559665fb273d3061a1bee55fb38a83ae6e0fdf02db7806e38562f410c067a6ad07af58b1398e4986cbf531f804c7045992e8353af7a8270bb05ed5c93af3bcc4de928019998f626d79d76c7ec98f526f945001ddf02ddb030d5c601a3e230347f66711382ea0ffa0605d2ec15ac23c2b840de7af91a0627ca63382c5a8dfb34e91274b34179e18f45ea9c807cb725e93e84d684fe3828b009244ecc3d34bc21b64cca4e37763a10eafeca5b15ccd77e69fc6e7747f6078d0fa0bce07ece8bd015c825db6f5e5cb5922fae4e2346cde3013a39befdcb3337c9a5ff1eae495fce031d6aa90354c78ecf44bce61c22c6faea1ab64ac3808f99983630ba629ac1cbc56fd415338d4ec00afefcadb4d2ea005bacb88c46a4918408d039da032cf9f225bdc7ab3a8eda8c5211a27f0ae9759c067a8425412e80c27d651c0938ff2a66cbcbf088cded8375e891ed78c4196fd9184ba9b7267a6ebcc8e3c97667ab36a13b38460690f0595f5603ef162ee0ee37d9de041d18c97903f3d5da3245ff4e76066b4d1d1e2c3c188a241ae8804534baad643c0a8d25b0f2024bcf411753276bbb02158be4500a2152d4c61ce43ebc52ba30b2982a85303e6fa72691e591f1c8425fc095f729228928d636263f615d508d5605e9f0ed408e381fc02298e7749452015562db98fd1a7cc62d6f4f46c2a9b8ce729e9dc874629dfbe67f123b637150164d57bcafce1d76c07cf400ff791ae435ceaa2bc503b565c6e306078dfa09eae9ca603afb03631e37603d719b6546646abeb3a1bf44df47a847cec3fbb4619de044be3d62e9c7aac493958df07438afc94550e760419b1cccd954a039c135327eab6c3b097078c8a739c4af1fd62d92393873be216e81b57544fb2c995bbea2df5927a5fd51e5b346e56a8ec634d7a499ceec9790acf71e6770be97bc1182a3d575c593834c889f7903abda1c7a10a0bb2ff48ec2004b0728e679ff14632bb93b4435822a7f463432834c4e1954ba1910cab9affd50fcec50f290b43a96367302095753e27c8678c4a04ce9bed0a319388653aaf448f64ebb826aa40b7878e6831cba14d7e95f5168470c3bf9a9cd7dbe8d855db42cddbe33a0ebb29cdf9ee30a012df8787a95d50415164cc560fb4414a8c82b6e22cd090d560e86c1596863cf03b218693e1414049e53e18ae6ae7c443b083ebcfc71fdeb8ef6205fbc499873ee78ee26205c9a196a8e278a4a1cd1eb0ae200cc8d895902814ce1a9020bdb59d4630298adb0a357f44fe4923562393704aa4636cfdf5acf501e59a92d009395129cda1b0685890be044c7f79539de5d9c9c4ff230157c58ff7b5710bdb558f6c1c0e4e811564ef63f056aed5c4d09cd486d0efb3e731c1e74d93b8c9f5b25562dd8e5ec15db11074982d5e8f543aaaf0c967d14d48ed24805c790011a9bb53ec47aa3b515abdb14c87699506e32a9a91b373f550648f6880a3c9e3dc1ec1d3e5474be803d55a3f459e05d1fed6ce4f8f4021b3906b2a59536be0dc169b2fca987745128889f93367c9555496b1236d66da18a8ccbdc000a73a09f450c36b4c9abe7a80cda73426adf8ff5a97a907f572e0a4de1eb86238d1f620c21942506ac4b45ed042fabb0b93ff2d856ef66668a1d76125777f568eb16b83b98f3d3427de5420d3ffe7a93ee64de1edde1ccc9e8f5f9fd1bb623426260907e893cc7a889b9c7a5c07b08bca62d9e8b3d3e4fee816a7fe24369c6db83e16baeb6abff2c62f4fe6a60d0e1ba0178f39f706433f4e432c57982d3244291b5d14ef77ba9191074a019c99d6407d5e3efd41a21cb46e523433ca3f02cc4c19ec78b0c8c276dfdde9d51be9b4a8b89c45855f2e7db0cd7e7f4721f7d29b6a6851e2af356506efe4057e487cf7f8755e2107cee7472fb82fd22689a1ed75b259110a0cdb251954390727963ec2d345716bf9a491279f5325ef9abc4da88a6e356921cc5386daa80752672b877b09a38a36c377d1cd849bf6476b40fd138a906c7b6c431bf43357a4c35df506b8bf9f74f0843223770177d7623ff09b1fc6612e4953dcb177a40a851d4202d68403cacf0881ab8a60ea2b36bca843349c40b3df30f479d3909a9b2f46d1890041d1edfd3c60de418d526311d4b353a302bb11a2fc2acbc7107d907810cd070086c3022d68dc8d42159f6a5bcc4a259df09ccf7514af081cf7ab208a6183b5e0a3f1303d6f9a4e74995f4b66aed988021b75900530fd4f55e1d213ab0cdd087ea9e30f0396b071037010f7b94cd6cc91691b78d1d7221977a29b1b00d90d78e45f9ec139c2a710f006bfaa07adfc78facd2a54e93b4ed5c352fb849b70d79d92a8e8d00d3a3b20a222d569e92906f897b2d55c0e6b12d91201971c123c59f4caf646f15ac1cf02f43f629932bc6b2ab2c6b967d97de4d5f68fc39b3552e20c97cf45745a2da3ea86b96c16eb29fb60ba38bdd5c1f0ca9aeddacaafdf958dea3df0a7d4b30db5626f3af93b72906b480856cf835881f6f01b76b531b732a7b33a4d41a25e83ea08e894ae0cf017e2886a35ace90b3451705abd9d3b06d52851d629bbfea95ec783ed1ae0c2c88886ba514e5c3046f75b040e675f8e9b4c54e6971ebb8c1f3f2803929430163f02a40b3bc2d2ff6c1786272b95011841bbe96fa3d1e77ab7ce18c5352c11ee5034a44c7ab0abb8aeb2726fd366e69d94ddc8e62ca386c7996e9a7d53731f7904e291cf702d125121efe97186a911ba6e687182f08f27337e1539f92142bac6ef39c6fbe13fa99f0365ceab280e939ca15a52aaed860c2ad3d32175fd95e3e88bd00f30b5213e7bdd7cfaf77060627468535583dcc4dc470b84679c687175c1f74ad58afec78114501f50d157a3919dfed0857201c8f54473ddb31a671ded8d93f62242d201af6febb15f9c7f8c9f332a3219b90d6e007cf28ddfdbd044e8d4f7af195dee17dd9a2f9dd79b1487b50f099a1186fb233b5a6da6d69d9261ca71624f9ff7e9532f5d894a0af0140f25a8270d0aa591fec5006749a5c83ccb005de58ce1876040a15d8e67d734bde14d9b50d3e985f06ce0e9274800e70832b24c4c6d66ca01a1338cf897bdef5f2686cb86e2eb1078543d15e8d161ede197a0cb07443403ec0c08f90ba02eb19cbc5ebaa0fcb2aa5b8001e261aa76beb2e8b99b499dd24d7717daf56522a9e5c8f81a7e59626ea1d89ef24bb6199d9c1946c94b9d6e4bec35b220ebb31d5d7a9dff8e88fd503e9f8144b9dcd51f224510b93dc45a6afb3838ba30cfc158b3aaaa2bb923df7603ba111875099d8f9ce555eca38a5c2693d4f2ca43c16cbd28cdb69bf4c869859a564d96ec90a8e5ff47d50ec228a075e31adccba694db6396f113479281a30902da452bf58ee07353f384c21c15bf0a9574db3ee8d134b8b9ff85d90607330ddeb7b01b3f4abb56eac54e9da31624d68d3bd44d9d27e0834c0e4e68c04e99a054fee9bc2e53cb209b50848f3cc6cd2bed26d34b53a92d6ef98d83e2afe286f0b4d8d4d387bfc8236664deadabaeee45492c5a0738af94d41a492599864d791284fef0fedf7364ff9ffd58e7711f61eb32decfebef133a9f8a23452b0138b30ff13b7c5de69e00ec177ebc57c67dc1c34c20df2ae3bd41a3cb4a53a455de1ead14e8be45e503a2e3cdb03f8d1444f3eea6b9dc5094528697860c46b7600cddb1a96f98cf124f45d359903f2c5ceb133e0f981eceaa3caff8b657ea67acc1f926e7e4e2d10f1a728f7efe0f01d42578c64cd5dbf49be13f400fd38023f54748d9c4a3e2dbbadb5e14948a446eadfeb64c6acccf8db66ee792f1ff4c04acadb0355c895f0fa70acdb721de6f19d9239d38983d52181ab79dd610af60a93764d3d7d07e25994bbbf3d23635588340956e6778141975301526a05823452b48fb82d8ca3a993bf060f795bb227bd8e6d2bbe0dc85a0238ad70a22effe23dfb2f8014dfcaa330c01d8e59c8d6bbbe6f6087de812dd488457f13f2f9eb33b1a12667a746ea7a0e00d4568b8627e330c3f9f7cf0fa8c00993b4a254cc896a85a0b6ea7618f7f58ce9b4a6c2334a0531003fe7b299edf21b8bac56da34df78fcdb45a3c52de91dcd8ab7f5cd13ec710282c062bf45e209f12a0d17225392829c824b49b7c805eed50fe3870dc2665bf23ae526ddcadb66e269c269887e24a253836178351a2b862bb1d5e54e7d9c70d0f2c4d22944f385405a4826e64a93426019a7d2d9f13dd6947a6fa2bf1c995717dbff76e694babbd0e6a8073add1bc0f5e8b73a24c1f283058c0ec6c1165a7c0e9426cd110139e873662d1e344a30a8a3c267f720fdec641ce7655f8a673748e5fa58023ef74cff586b52e46de29104e6bc87df931c0e7b1cf441f14a5937c61e7c901abc3a0c9afd88fa21a82028718b95ab9b100efea8ae00d9f4ac549217d1a796d59d9405e6a48e1d6e9f6477acc5448b60d6d651a3c0757bbb28421094f564b761e8972bdbbc095ec23281c926b66074ab340dd1d65841643b540d579b53e0d18a242365cae82a384d0f6e86c1d20308c04174b46858175e1f9f21721778124495593e9c1860cf7cd570b3ec42fb9d126730a79320a64201612ec62b836fb2713437975eed20428e63b3ac449b967c408d1320c2d8777e9c9950837162abd5d42bf0d19eeb6e7c7a77e5e10b1ab6d96f2a22e9972ae2e40308804231323645fc3b80b4d30de5c86142b0855d31dc6c47957f46e9a684141a9017d1381948e0036e47145d95ce2e56abf6dc8d9a8aae24bd976fe3a049f398737d5a47e5ffe8b15998e86900e14b718c239c46c0030127bba5584736a6c20c67277620260c25cc59e1f4aad9f93f996ea50385d2462bcc5ea8c30129ec906fda585a6509fab05833badccdeb6a1cf3b907ed67ed3c1acb57932c18e2a49cc0fa805973b7d201eabb5a2f66dfe4047e28447e9a7ef2cdb609b3424c699318c549f96d24fec5bbffd1ad22a1844ab35923c4b158c815aafc390c4d7633fd03d99c262a0846d67b932e47ee97b53239d825077535d4e61d4e09361c57caad4451b8f57261dc1d8bab987f267ee7852b1af9531394a15bee18d63cbe8b6788556b105f59dc650ddbe32e2a3a02ba8d3c1b556d23923e01f01a283039a76321dce517b251488c2ea17b45bec15857167701ccbdbdf2fba857d", 0x1000}, {&(0x7f0000009a00)="54c75f856aafbe35ae52cca6b1356a2e2579f9209a66a59c87b06d293f55f75f07fc7ce3b30d3b7ecd9945ed6368898b55e0eb2d6b2080a70dbe09f965b6842a9857bec4401901d99f54994d2f058eb9912cd60c20b606ef80638fc5d72c181abd337556fbf967a65039fd3ba2fae90ef2e0872f1eb07c", 0x77}, {&(0x7f0000009a80)="b6f3a5733df8ef909d5befebd212c4cbca8f725205c62086e5e2550d8fabcfbea59ef3bd4930c46ffcc90597746899cade73ab2a737c234b89a2a19d26ce", 0x3e}], 0x9, &(0x7f0000009b80)=[{0xa8, 0x107, 0x6, "69c39bf8ea6f453cd12506d9bababaa16c92ecc93f562d15e58f65efd127a2929c56bd8ee964e03d61c1af9df2505df9c54db08bd6bff559ddb9e3f55ec4b3b298f921efee02931a49350971a83223e59996b81309cb18901f092ad8c88eba3bca9ce3b91d1b3f6d5f24c73d3864df614e737b0457754428383cdf87c65a7f24b4a3f624256cbd950ffe450abba76b76dc0353c546a084ab"}, {0x108, 0x39, 0x100000001, "e026ec8b754c63c85dc76eece64a9f04759bba018d861a2190a98e2dc435230cc8eabc77e0210ad6a6316c967f69a890988d7644ec85c7554bcfb1f2fd1326e74cdec349a960409dc3af43ac89de5e1089f6bad3475e9843bc7d15f64134f91e08b1968f1900ed19691d882aa50eb1846ccaf50062e9de3cf98af73a2ef48c4eadbee747ca0e4e6b254a3f14edce11eb38c5b51ef42374199d24a31554a5d6a99897b01264ac4ae3d71764612d2b5b3904c075a7ad00f12720b87a969e8b56da5aa9d6c302acca0371627cf0216f1ddcfe3a4010e32861b36b81aeb3c9988f8c1a605bdd9428f50d37c2f041807fd654e0f2"}, {0xe8, 0x115, 0x9, "269a380117134736e13318818c261d345d782fb4185f09664282d4536045407a7c286418394962fe238b19dcfa0dbd15afad6b42e216c24f72fc0bb961946a7286985909fc29e6bc7cd3a616f42c58f067f8ed938a7712b5f062c41e73121aaa3d13302f970ec499b4bd555178caec9cc573fd5d38d4fc5709cd11f07eb6c40d73fdb8d37c4ffb3d4705280a6421dce005cadac34af34bb2a591fad3be67ee4fd7885567dbcaab70df927146c0a23fc6413c23c12c802b96ded564d0bc366f8027fd2515cb7f40929aae86bbace2c2240d8268cbad"}, {0x1010, 0x119, 0x1, "d2aeaf5881bd3c9b01bf811ab1106446fb63556f4e82733d15c08987b9c0e95ae963706dd9e7fb3c709ca61eccf6ffc56bdead41cd30a4673f0b0be0104761e7d041314dd057cd698a09bf0db740a68feef72cbc8e7d729a3a0212df377a3272b9a5d291af9fabd24eb707c661cc0b4775d95da0a981d5aea5d8e6d2128d232c839460e074b0639d2b3cc68c7b3a81069088b335a432c8c6273bd876e122591960fb960a26229074382ad7e897af235b8ddca5486c0ac64029cccd7e5634d3cedd18f1c10f29b7955b05d198976dab9ad9b5e665f1d2857fb83e2ab4023eb83607753641cade16baafdfc37d39dabe9a2636aeaa81967440f4848cc3b437d9fc53020fb7786befb75974775da33ce518eca1bf9b9047725a9024349ab7d6b37a9ba03aff07e63386a1c10a6d5fd0254b8714bfaa71995da2e9718ece3f84719564f735879c76076769ebd50f5272c352083f5f0e4b0b98dd4db26b737838ee5a598686b9d7eed94f2f63f72017f96a73f3387b2671a1d93e06c451d9e08da231e1aedb75b3f1b7b7e2be5972f92fc181a5b349793f7e16a520ff8f27d1bcb5fd2ff5a0ed7f0631ec514017d3849f3708c7cc3e7820e871037144e4387c0222aaf3e7e5a27252c64313cfe3c2aaae243ac7cbab7b3821dfa7f71f2345abb118e8ae09e57e74b66c3a3c0d8fa37fefda7ea905d26e16c7362087c0d04134fde73198de092bf97dd3bc461d8ef0e49117dec72ec55aaac31d9448534735c5928bbda041099b653bb852ed016af43df79cf4b6be61677f337c115b0691c6a3cf504d48ac2a8b29b22cf750702c3bb002a97f18cdc2e28f0b056d905c69c7b555709601b897e1cb87a69a9dcecc1c83dd7fe9beaff5d53c4b2cee0fb9ebb1e1015354d763a6540d6cde49dbace31dd0e0530e108ff0a8a55858f6c2ed9f69ba5b1791c3d60019d10de8a0afe00d4667784ba3f55cb22e6bf1a16cef64204f4eb612f0ad995eed17cbbabfbb780b45058849988350888f2348016c1bf9a2f64fcedba8cf28ab1f2b9cbf0be3beac9f7f2cb8a971613e89b13c7c9375158471c5d8083b7a3f0ff890a73b6e4b5fa867f15858740d3d277635c0bdfd89149be525b75ff5f6b8efd584615878991aecdfa3702c647387a7fa6eeaba709018b56d33f62da46aec002b4596ed2cf11f84cba161697783f756ab219ef3217bdd33e0738afffd8127843b4d7fc25fe208b90c039b6d5c37c05327283ee237bed16984f337571a8af9aefdbc6fd1cdb019274a81064cdb68970d18ee6a0fc8ba6a7a23a24276b80645178c1facbfc2e298fdf1db7dad1fd122e54b2469eb35531a53857f55d3a52a7c15891d4440d1cfe6843848b82a052829bfd08ff10ac1840c52ecd3a8b92a465fc53c81dbffe32a756b9c261150805b18a2eb9d4141e00a72e57e5c352ae89f114ebd90e229ced48de90810fde0cf08b8b730e102abadb22f97256a14024c5cf3e09ac8fc03d0cd6cd6469349f227c0a23428f763095098bd5f9790bb59db6e58051bb0da24f77e20bb355d0e75d6aa3c5b16f27bb675edc161b9c9889301558d235029f55a3a3e0ace18718a68c62b46822ffe6a130bb32a3d7f9f8f580e9e405cb863e091d03829c6a77b902c0ed8eb602d3039802dd442e0ca19d2549488932237ca1b626038e7a52b254bc18e85c927a798251a501e4c60b2474c14afd86803b1d3cb0488041f37d763fe3f9154205151d449334f8aba9765399c0d0169cf7ecd3d6d3be56d682a23cc26b6c9ba37076a94d9d2c2d0c9df26f73da313575c3273f885e2f0c018b94df6a8d81f44513fbaaf324e1832f5dc37bf22ed8e6966a5cffb9cc26625bd759dadb3ac869ce48303e2c9681ec9706226156ff2c1506cc25fc4b66eec0f455ddec34865ca3cade1b7582d6e9a0d0291800d6549ef16ba35ebbe2eea01d59629531121fda13f7c035810e6f3e34fdaeff3d0d1805f7f1b1c069057e3ad259f09e1efcbf3cb96463bcaa31d5122e8ee97f99ea83496fbd817a6c41e65724c580d812c8349d88cdf3e43d5be3cde3d6cc718b5244842b60a0475265b84fc58d859634eb5a94b6f2b8f2cefb603c35a6ea42a0fbb19c98a021d0ec0a517e369b104196c8677769977e76d374c35f650e88bcc6542dfbc0fd1c32617539bb45bcebabba3a55d74363ca857dde3bb350b149d39a2ca4d039b5ada5cfeef031effb62d25f0e92816b8283734c0065d477378aa484567def3e5622004dfe2ac9294350c883865ef4edaf25760a10697795ff4c3b914ee3004dc8b6b729982fb4328f60ba27dee3552a7ceea17ee69db9d316cbb9367146d59941f17cc5513b6c0502621833dc2f94102b343136a99a87c6a8436999d49a762249c62eca5c815cf42a323f407137fdfd356ef0a217a945234ad12d60abf859f66af2f68392ff97be90c8439a31eeb7389383902e0396637269557f8f2a7c4488ccce4f30d80863bec20161fba3bcaf1b5eb304e4741d2eb254a7c1debc01bff09bbaeb2899aad6dddf513b11826d1648537785c4c31a3b900bb810208b75435dc3aed7b23e16cc05542eb0138e25ba123edacafa6313f8ed8971c67c1fdeb91e536f574a1fbebcbaf9e9b766ffb31982aedcdb4deb1a47d5c735b04c6dc7946aa0d6650e684f757911941ba62ed0d75561c451aa4e89a2e38042dcac56b7c9fb94d9de6b3b0d0015ba6096947139a0a3e1823f995bd328031b34c36f2308449adc41308cad986b7c1c863fae20214e4100553bb19136323d2d424315a510396990942ae390c7c69e85e0023f80860c41c6a08404e2c134855d8ff550b237d6a8ea53ec95ac4e68cd72f7646c4e6735a8fc79787115ea36e2a841ab4c8efd2c5cacd91f46dacb41f4433cca9a13598a7de48ff8370c579ebdaa40ec9d56069876e89ac9fb7d02efc91591ecfb7b103c4606c66dd3226a4c62ef96cfabc51ace6a440fb6d55bd15a83fddb088ed38738409cda42dc1d7f13bb33b6b01b84eb8416aee14e4087965ff4b172effaa2350b08252654334a1b9026c2f52e484aff0a9cf3079440aa70699e466291eb4ed8234c7f0815dec10f8447a05ef4ed12507806c5e1d02db4150c6b63e3c859ce27e5f3c0524b40f6252e5ac848277e81307f06f7b78ec3d15568b19de76a22090a4aa648320301715a9add6a4f168386662f5e433365d5305ed646e775c3d170464801dd2b9a863024051110ec914906b4997f6f1b33c50262ee5124e7922c848cea51cbad7b36e02fee8cd5609d66826d4ff560eb038b36a4162f75fdeb2e7c0d4f2bfa78c8dd81e085492e85111777bfa8f91445f735eb86291e645192736874361d2d48f42af28a83af3bcfb9c4808387d3fb77f2dc76e45ce31c7ec832789b33e78e24a6016ac3366bacc1936b7ff582dea70ce8825a0620e4457318bc7e05113977be01f764935de3000ceeb1b9f7f686bbd642359d8dba7e2157b5f4a03be316d3913fbb480bfac39124202611528286ca2550b3806b9e4feee3fe465f6895d0db5961cd4d7438f8f47a93b0e9c305df7016ad3e1e8160454e00e397cd370a00e082dcb1a86861e17bbad4f6d9c4d124430da8481e9b902197408ac16a44f599d49accd50b34901ba377fd473cbde68af5e6810bfeb6ce747cd7a02dfc9eaf0695e4efe64c7b2963bf7b4e9d5652b6398fd71e751bfaae084092f15f8ead6895728cc70d201278c1601fae217084c0d2e64c8fdef6347ed6ebf659cd1e1b017c53e3bf0f241591f734090c2e4901122c82582013144a8c5bfd99cd1e8bac3b99a514d00afca669108b152eedc73c7f55493e935dc8bf175bce188bb248f2488350fea25fb4a148fe24d1634ad0344281f811e1b75197f0ac36812ed25b2c5ab7bd1e68aacf209251451d3c394559f588e86faa0c4db7128f6b9655d2991d1f74d795f57e4d92c9009432fe05e8353ddfe2b0a080d6b4c3c5c54404931ebfb891769e5e9e6d4cf65879becf0c01e95bfd51536eae3a73e63df30da9f65177643eccf8f80256999438c3835b26841bfcf239fbba204512b210d9735cced3ae5483552a6d5e99210bbee4e1dc0804181cc7a0b641c9700e63adb8f23c32be5ae69c8061737ffee4c14437796cec2a5e006257576ee5a33a3517e51f27783b983d0ca55b25a1f39993aad11eb134de24a54fefac4abb8125b4dd622d9897520d599cae3d6985d85c6e531b77dd1c45c0c6340b53cb29440194556ced13ebe6141bc0b69e235c7a9803ad7dd9fc9ec7edfb01b495a0c2a0f014d7d45dc9aa3e66837d46ea570e9f9baa228c4a581fda8f93db4b19db82fc0810fa685a27ae31cb4c1171127bf89cc17864f9f56a25f5914682c6c741ef0a0b8ce53c68051e6497ba2756b310bc12636ceaa886ce93c95756e4456a371683c6ded239a72b185d9e1cdd7506bd6288a7043ddbbe6a2683b4c2a7910d727bfa3952a30f6fa3365d09b1e1627d9b5cfe101a0715a64978e0a4e5dc73017d7236cd593e2be7a7598ad954a647474dbb50dcade49323bc8ddae1c1bce3b3c041ac9191d43dd27e3fd236ca27dca6b97acdf9e724ed105f091c22d04fd93e1c5fba47234a497534eb37473d2a27ba52ff3ed5f8c85e791b5cfcf8309e28d6a13796f6e401474af8784b0387a0169490ad691a00affd033b90e6adbbccabda382fcdb6f7683b180c91021312f4c9fd79802434f635cbdba507d2745d343362d9dd809d7dbee618d7c5425058f3a13f62110f9c6cc1f268914a786a20a296f0cf5e6334e2d8810e6957a0e8dc2e8a4ad874a94cd7730537ad034d9b7e0f9e259794175c6cd971e05188e64c563935efabefb8e091cc61ce7ba52fa8f70334c11bc5c0e44e1d14cfac9ae054e3a2c57b03d40bcaf61cc1871e2b7577cb9e92016782de12ed8767efe2802c2f7526e741126972a85086b609da8257ff0e7ade2e70397931a7901729431d6402bf50a15cbe1b448b9b6ac3b6615f3947b99481969ff63963fdede785f146f53a04d5e94e88a4d13aa1c510087fc6acf053675c615011c32df772cd85aa8d9e304a6a0a1550007c2c1a12d008344251d8571e489516bd91c89a6322efc78b1bee3503c256bf4465844afb98e2a79fb34d521d8951f213011474411fbc12dfa0fbe7778cfe0f6efa0d577f12d91e43e744b4174865cdc48cba374fcd3cd5dede99acef221a1e24559fb166dedc06471a2ccf1d0087ceb5eb45c5de2466ecd04cd9d04dc6558d3e293ddef6a3e35375f24749290d0c81879aea9d2fc3ec9f6bc9824530a55f73f029e240c945d2067644eec7063459bd0c92c55b5fe66940278c09e070e8797b7e499348cd46609233b249df32621ecee4d89db9b7427b1fec289dee00dbcf41f0c2e7588111a403cc38c6e6e899b9902536730edf979e38520d6718201e05dc2e1bba42e4832c8eb6a07e7013a826751a579f76538814f37b999ef27ec89b9455939a90e8dc3e4cb4835c8c5dda738e564b49958236815af2933aed78a219ff5b3d11c461545b5cf98d6cc89341c51dcd15e16582971f6a1056fa498e04c1f5f20972f0031b6244a8532bcdd041fbe7aec1d35ea77fa6a148a77320704c72a8de425817c846c5a1554a6d8c774e85a3e0631c065ff50d3b046ece65c373e5813ad4725da26770ffed073791e3563ce39b4c96bbc2a9975afcb29b280ce5e03975fd3491bd2e520e6fd0831d1532043f4c5297a06d8cf30b828895eca4ad75e2cabfceba8b3e50a68553f42c8"}, {0x110, 0x13f, 0x7fff, "badedde29ac1312cd96f9c4e9721090511bd1f64e8e3f456fb35a6a0dc639e2b96fdf21705631b995f2fa4a19f9642cb3432374055891cdb98188886ecd8531ee883275ac53186f80fd1ea58aa65807e2f6a239da023bb289348491e6fed8eb39c7d6d2a8a1d589f93004459adb61cbf8ae0892132b7f87ba93d612e2d2fd6096882f9026f1405d330ccee78a274654960980b9c24e95b9f2c6a9278459a5525121d509654df49dedba9b29291351224912d5be2931ba0de50bb22aef3d5fce86a426b3fd7461493b0dfd9aaeafee751981b82894b49624bbb302c6141b325b49b0c0e36abf32687a219e4440e078fdc9c1cef9a13f0d8da54cfe8e67ddcc6"}, {0x58, 0x116, 0x1ff, "9a482778a791ec2a42227e6a8b5e818f6d02e29a9acaa318cca6fb9fc88e8b880a0caaff9fc2c989231303f4b0a575faa4cb529d59cbaa1440f43575954a512129a2c6299bdf8d"}, {0x110, 0x118, 0x5, "ca643c308557efb16b04fa620577ccc2907be75b58969a9eb7ef91dcc3d197f839c5a8e470b5aeb2cc13da77113125b8cb2513f9780bd12e60a13b5479ba6c89ef578e519e99f737222c3b199d2cbb727fd72d15322bf29c526de730b1a8f534d22389323a81c82a0ea701f33b370e51edd9d23e5a2fa447468bfe513331c89a57d314ff885e849f2049b4d82e87cc37b499bc5608cc8c6280f791eafa574807193518be4d7bc3f9532df2269d1f002ff560f67cad3a7a98c8b0ec3117012be17134bed643d1436cf8a02516c95ea79d615323c997a2fc746cede9f065f1099160d93c6228292193d4fa72309fac901ead8ad5bbf2980e7215632957"}], 0x1520, 0x2004c000}, 0x40}, {{&(0x7f000000b0c0)=@pppoe={0x18, 0x0, {0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 'bond0\x00'}}, 0x80, &(0x7f000000b1c0)=[{&(0x7f000000b140)="636cdf8687ee938cb5bc53ac7622013b9ad85cebafa4e8e6f3229cf753a94aad3fb8fe6618608ef88926d3c14d888b57e29abc0ed0cd031bd4c350f74230740491efc5bcc8cfa85fc6dd8a40d044a8398d80daa5f2c561514c415efa6ee5756f801a09a847c3b29e4ab69f042463feb713f9", 0x72}], 0x1, &(0x7f000000b200)=[{0x70, 0x1ff, 0x3, "affa33117c1be9ddf9d5d6dbc9d601fa9aaa6a2be2dfa91edbe7489205eeda22dde835f264177ce6d89ff700c5c7e1048b5c32a528dcedc6f644ea8761858fd3fea207487e32af0aab18e10f78070aedd66ee1cc3ec446102de7ea4a0af37b"}, {0x70, 0x0, 0x3, "910ec661179a18ec854eb28d9a1480008cb8110f8476eecac62efc2011d9afe1b512f4af7d4489b67f0d6c7f495077b7a0b8b10351ec1ca507ed75b6b759b928db28973242a4ca734f05e19946a5b89bbb7eed58af758556bb1ecb"}], 0xe0, 0x40}, 0x23}, {{&(0x7f000000b300)=@ipx={0x4, 0xffffffffffff7fff, 0x3892c0000000, "4a5ba1782e65", 0x68f}, 0x80, &(0x7f000000b540)=[{&(0x7f000000b380)="19f21240860b18be90ecee0fa24be613401f19bc775ed03c33cd7137dd0f653c6eb73c4ae0058784be0ad41e24dda5acab09b8c5ddda84ca133fc8fcaf279022095fc271d7f12a328d6238d8a05bba03ac7b0d10aa1d180f2ebd446cbaf90f140a9530013c02db67c00f2423ef2c2e4801bd9a3d200e88690b2371d9fba714d63706f40b7d3fde63427c8a204325f55ede8179a1b2cedb6e2b13501eeaf793c20d4e1bce9e0259a186d5ea90bc6f94a96ae34cb1", 0xb4}, {&(0x7f000000b440)="b0e20aca30dda8684fc5cccf8c057f0c0393e1f2ae350f0aef0410f1423fa4e2b80c3ad0b9406501d97bce95c407bdde581b8156725fffd20be5ef231ca2052f6f13a3d7b95b2114ee44876b50011e0b", 0x50}, {&(0x7f000000b4c0)="dcf993fa2ce243127c39134858a04ae7ce88cbb01bb3175bf3dc0d6fa001b0385e61fc99d735e5ce7e19d521d6cb2cf89854f8c9cf6b0efd55f924d849694083c0", 0x41}], 0x3, &(0x7f000000b580)=[{0x40, 0x10d, 0x100000001, "457632211aa4a3f93bb75243b99573018e6d3ea0cb752afee88e05d718ccb168bbaace8e1a0f0df220998286b2137644"}, {0x30, 0x119, 0x9, "de93037e04a6444707e652e94dd14ba477bd8c3a3061feff12f2253275"}, {0x70, 0x139, 0x3800000, "7188ae58ef7a11349c5cf3442c5c0ff5977965d57a215edd536796a71b7f664160c2a91e6f059daa544e2858a6d601feb56176da885c83a7b8b73b22e1d20063dedf4822839d90dccda6571c8cb9aac42f11d86ea86d6393e8"}, {0xf0, 0x10e, 0x752a, "cdfa276cf7ce25a1a2ed540e17db32867bc20263deaff4b6b8d7ab1aec3aa3451dd6d322333d080ef8ceb8422570e33c627cb29404dd07811853f7860d8846e7e73084299aa67a1e54187d072de4c313f72fb113f5c94073c64a4d0608e4e13b336f0b5f9c8bbc3cdaceac34c7bb16aae5775c0a7d26b60d2ab0819f10158b158eb5842db092087c20a7420decf94d59b422daa4495f1e426cccec3447805ca21936368b163b71d0989b86a0d1b0168ab8314224c6ff679d360a9dab509cdb6f2ddb1d32cad923a59faa66562187a0e8a7507830bd546cf6f4ebf649248328"}, {0xe0, 0x105, 0x0, "63bcd37288b306d04ea2c51e563a2656e9886d97609e3b77fa6913f436f391d798c7f1e51c45e38c210c9e09240309f65ae35255e792a9c74b8380e1bbfa304a2818d77e26d22ac662c0dc039246e0e0c853efcd3169f84f8d639bbdad7b1fe37bac4d2369509ac220fb79ddc9e48d49a720c998bb4440b6ef049f5215a6019ed4c3e4253beeb25f550890e12ac9835490d2987b9fd5b86ca4094fa674beaa76ef3008f0f3e5bc358e9f919abbe1d87fae41c1e6b1e63505acf8dc70174aed8c800c98625e4568eaa8f04e02"}], 0x2b0, 0x20000000}, 0x1000}], 0x8, 0x0) r6 = socket$inet6_udp(0xa, 0x2, 0x0) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000003c80)) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8000, &(0x7f0000000100)=0x401, 0x7, 0x7) syz_mount_image$f2fs(&(0x7f0000003ec0)='f2fs\x00', &(0x7f0000003f00)='./file1\x00', 0x7, 0x2, &(0x7f0000004040)=[{&(0x7f0000003f40)="cda46613c82b4036002c972c49efca74f92c345d0bd23958bdb3d6ce12a14640809b5ab34feb8df9bbd0ea4b5a7d51c46eb6276949617c511857", 0x3a, 0x2}, {&(0x7f0000003f80)="486f875e0ab4e18b41d2ce007fad75c6e03a81d8d308b0fdbf4bd64e65ec6c39b4580f66e75fe5d6cf40ab751632e202e6494610c6b8c920cd40ea2c5270484aed7472809b83c0f713a27f4eab23a475f3d0afa6181bcec1cff6eb59694c58141a501816947efc6930ed817980d3a779be5d684ebd6e4675e914128fc6677651d1c5f66aceefff69fd77b73cf6d3d98f51745b518c75b5e6e014895116721db5163ff9d22479325385d34efe03a28aa49690132cbd0aff13", 0xb8, 0x3ff}], 0x8004, &(0x7f0000004080)={[{@usrquota={'usrquota', 0x3d, 'defcontext'}}, {@usrquota={'usrquota', 0x3d, 'vboxnet1}*'}}, {@jqfmt_vfsold='jqfmt=vfsold'}, {@fsync_mode_posix='fsync_mode=posix'}, {@inline_data='inline_data'}, {@grpjquota={'grpjquota', 0x3d, '+mime_typeem0&em1{keyring'}}], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@fsname={'fsname', 0x3d, 'trans=unix,'}}]}) connect$l2tp(r3, &(0x7f0000000180)=@pppol2tp={0x18, 0x1, {0x0, r6, {0x2, 0x4e22, @rand_addr=0x7df78a89}, 0x3, 0x4, 0x4, 0x3}}, 0x26) ioctl$LOOP_SET_CAPACITY(r0, 0x40101283) getgroups(0x6, &(0x7f0000003cc0)=[0xee00, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xee00, 0xee00]) mount$9p_unix(&(0x7f0000000040)='./file0\x00', &(0x7f0000000ec0)='./file0\x00', &(0x7f0000003c40)='9p\x00', 0x0, &(0x7f0000003d00)={'trans=unix,', {[{@dfltuid={'dfltuid', 0x3d, r5}}, {@dfltuid={'dfltuid', 0x3d, r5}}, {@uname={'uname', 0x3d, 'system_u:object_r:inetd_exec_t:s0\x00'}}, {@posixacl='posixacl'}, {@aname={'aname', 0x3d, 'eth1&'}}, {@cache_mmap='cache=mmap'}, {@noextend='noextend'}, {@dfltgid={'dfltgid', 0x3d, r7}}, {@nodevmap='nodevmap'}, {@afid={'afid', 0x3d, 0xfffffffffffffffc}}], [{@audit='audit'}, {@euid_eq={'euid', 0x3d, r5}}, {@fsname={'fsname', 0x3d, '/dev/null\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'system_u:object_r:inetd_exec_t:s0\x00'}}, {@appraise='appraise'}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '}4#'}}, {@defcontext={'defcontext', 0x3d, 'root'}}]}}) 13:46:55 executing program 3: r0 = syz_open_dev$dmmidi(&(0x7f0000000200)='/dev/dmmidi#\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000340)) migrate_pages(0x0, 0x80, &(0x7f0000000040)=0xffffffff, &(0x7f0000000080)=0x7) creat(&(0x7f0000000000)='./file0\x00', 0x0) 13:46:55 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40084504, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 340.289013] FAULT_FLAG_ALLOW_RETRY missing 30 [ 340.302613] F2FS-fs (loop0): Unable to read 1th superblock [ 340.309397] CPU: 1 PID: 11397 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 340.316784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 340.326152] Call Trace: [ 340.328785] dump_stack+0x1c4/0x2b4 [ 340.332457] ? dump_stack_print_info.cold.2+0x52/0x52 [ 340.337676] ? kasan_check_write+0x14/0x20 [ 340.341948] ? do_raw_spin_lock+0xc1/0x200 [ 340.346219] handle_userfault.cold.33+0x47/0x62 [ 340.349895] F2FS-fs (loop0): Unable to read 2th superblock [ 340.350946] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 340.350966] ? mark_held_locks+0x130/0x130 [ 340.350991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 340.356750] F2FS-fs (loop0): Unable to read 1th superblock [ 340.361195] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 340.361219] ? select_task_rq_fair+0x34f0/0x34f0 [ 340.361236] ? reweight_task+0x130/0x130 [ 340.361268] ? print_usage_bug+0xc0/0xc0 [ 340.394923] ? print_usage_bug+0xc0/0xc0 [ 340.399007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 340.404571] ? find_held_lock+0x36/0x1c0 [ 340.408653] ? graph_lock+0x170/0x170 [ 340.412479] ? __lock_acquire+0x7ec/0x4ec0 [ 340.416731] ? _raw_spin_unlock_irq+0x27/0x80 [ 340.421248] ? _raw_spin_unlock_irq+0x27/0x80 [ 340.425763] ? lockdep_hardirqs_on+0x421/0x5c0 [ 340.430430] ? find_held_lock+0x36/0x1c0 [ 340.434544] ? __handle_mm_fault+0x45dc/0x53e0 [ 340.439167] ? lock_downgrade+0x900/0x900 [ 340.443365] ? kasan_check_read+0x11/0x20 [ 340.447567] ? do_raw_spin_unlock+0xa7/0x2f0 [ 340.452012] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 340.456611] ? kasan_check_write+0x14/0x20 [ 340.460889] ? do_raw_spin_lock+0xc1/0x200 [ 340.462551] F2FS-fs (loop0): Unable to read 2th superblock [ 340.465151] __handle_mm_fault+0x45ed/0x53e0 [ 340.465181] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 340.480059] ? graph_lock+0x170/0x170 [ 340.483891] ? print_usage_bug+0xc0/0xc0 [ 340.487980] ? graph_lock+0x170/0x170 [ 340.491803] ? graph_lock+0x170/0x170 [ 340.495639] ? handle_mm_fault+0x42a/0xc70 [ 340.499900] ? lock_downgrade+0x900/0x900 [ 340.504071] ? check_preemption_disabled+0x48/0x200 [ 340.509114] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 340.514923] ? kasan_check_read+0x11/0x20 [ 340.519091] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 340.524395] ? rcu_bh_qs+0xc0/0xc0 [ 340.527957] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 340.533434] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.538988] ? check_preemption_disabled+0x48/0x200 [ 340.544032] handle_mm_fault+0x54f/0xc70 [ 340.548121] ? __handle_mm_fault+0x53e0/0x53e0 [ 340.552730] ? find_vma+0x34/0x190 [ 340.556310] __do_page_fault+0x67d/0xed0 [ 340.560409] ? mm_fault_error+0x380/0x380 [ 340.564580] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 340.569628] ? graph_lock+0x170/0x170 [ 340.573462] do_page_fault+0xf2/0x7e0 [ 340.577284] ? vmalloc_sync_all+0x30/0x30 [ 340.581455] ? error_entry+0x76/0xd0 [ 340.585188] ? trace_hardirqs_off_caller+0xbb/0x310 [ 340.590235] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.595099] ? trace_hardirqs_on_caller+0x310/0x310 [ 340.600153] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.605028] page_fault+0x1e/0x30 [ 340.608500] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 340.614144] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 340.633060] RSP: 0018:ffff8801767ff7f0 EFLAGS: 00010202 [ 340.638442] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 340.645723] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff8801767ff890 [ 340.653006] RBP: ffff8801767ff828 R08: ffffed002ecfff13 R09: ffffed002ecfff12 [ 340.660286] R10: ffffed002ecfff12 R11: 0000000000000003 R12: 0000000020013004 [ 340.667573] R13: 0000000020013000 R14: ffff8801767ff890 R15: 00007ffffffff000 [ 340.674914] ? _copy_from_user+0x10d/0x150 [ 340.679175] evdev_do_ioctl+0xb51/0x2180 [ 340.683260] ? str_to_user+0x90/0x90 [ 340.686995] ? graph_lock+0x170/0x170 [ 340.690815] ? do_futex+0x249/0x26d0 [ 340.694595] ? rcu_bh_qs+0xc0/0xc0 [ 340.698132] ? rcu_bh_qs+0xc0/0xc0 [ 340.701670] ? unwind_dump+0x190/0x190 [ 340.705591] ? find_held_lock+0x36/0x1c0 [ 340.709678] ? __fget+0x4aa/0x740 [ 340.709698] ? lock_downgrade+0x900/0x900 [ 340.709715] ? check_preemption_disabled+0x48/0x200 [ 340.709741] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 340.709759] ? kasan_check_read+0x11/0x20 [ 340.732329] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 340.737625] ? rcu_bh_qs+0xc0/0xc0 13:46:56 executing program 5: getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000540), &(0x7f0000000580)=0x8) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x20000001, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000140)) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x12, r0, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100), 0x28) sendto$inet6(r0, &(0x7f00000005c0), 0xf4000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c) [ 340.741186] ? __fget+0x4d1/0x740 [ 340.744651] ? ksys_dup3+0x680/0x680 [ 340.748381] evdev_ioctl_handler+0x144/0x1a0 [ 340.752788] evdev_ioctl+0x27/0x2e [ 340.756326] ? evdev_ioctl_compat+0x30/0x30 [ 340.760656] do_vfs_ioctl+0x1de/0x1720 [ 340.764555] ? ioctl_preallocate+0x300/0x300 [ 340.768961] ? __fget_light+0x2e9/0x430 [ 340.772948] ? fget_raw+0x20/0x20 [ 340.776424] ? _copy_to_user+0xc8/0x110 [ 340.780427] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.785988] ? put_timespec64+0x10f/0x1b0 13:46:56 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r0, &(0x7f0000000000), 0xe) listen(r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) rename(&(0x7f00000002c0)='./file0/file0/file0\x00', &(0x7f0000000280)='./file0\x00') lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000540)) stat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)) read$FUSE(r2, &(0x7f0000001000), 0x1000) write$FUSE_INIT(r2, &(0x7f0000000340)={0x50, 0x0, 0x1, {0x7, 0x4}}, 0x50) bind$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, {0x0, 0x20}}, 0xe) listen(r1, 0x0) r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x2, 0x0) ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f00000000c0)={[{0x10001, 0x10001, 0x1f, 0x3, 0x2, 0x6, 0x4e7a, 0x7f, 0x0, 0x5, 0x5, 0x5, 0x94}, {0x0, 0x1, 0x9, 0x7ff, 0x80000001, 0x80000000, 0x92b, 0x1, 0x7, 0x401, 0x1, 0x1ff, 0xa1bc}, {0x5, 0x7, 0x8, 0x8001, 0xd17, 0x81, 0x66, 0x0, 0x1000, 0x7fffffff, 0xff, 0xd9a1, 0x9}], 0x8}) [ 340.790159] ? nsecs_to_jiffies+0x30/0x30 [ 340.794338] ? do_syscall_64+0x9a/0x820 [ 340.798343] ? do_syscall_64+0x9a/0x820 [ 340.802356] ? lockdep_hardirqs_on+0x421/0x5c0 [ 340.806962] ? security_file_ioctl+0x94/0xc0 [ 340.811411] ksys_ioctl+0xa9/0xd0 [ 340.814919] __x64_sys_ioctl+0x73/0xb0 [ 340.818818] do_syscall_64+0x1b9/0x820 [ 340.822712] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 340.826162] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 340.828099] ? syscall_return_slowpath+0x5e0/0x5e0 [ 340.828118] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.828140] ? trace_hardirqs_on_caller+0x310/0x310 [ 340.828163] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 340.858266] ? prepare_exit_to_usermode+0x291/0x3b0 [ 340.863300] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.868160] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.873353] RIP: 0033:0x457579 [ 340.876567] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 340.895473] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 340.903191] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 340.910476] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 [ 340.917751] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 340.925023] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 340.932297] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 340.980559] FAULT_FLAG_ALLOW_RETRY missing 30 [ 340.985316] CPU: 1 PID: 11405 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 340.992692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.002052] Call Trace: [ 341.004675] dump_stack+0x1c4/0x2b4 [ 341.008337] ? dump_stack_print_info.cold.2+0x52/0x52 [ 341.013567] ? kasan_check_write+0x14/0x20 [ 341.017827] ? do_raw_spin_lock+0xc1/0x200 [ 341.022105] handle_userfault.cold.33+0x47/0x62 [ 341.022148] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 341.031447] ? mark_held_locks+0x130/0x130 [ 341.035713] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 341.035734] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 341.035758] ? select_task_rq_fair+0x34f0/0x34f0 [ 341.051405] ? reweight_task+0x130/0x130 [ 341.051438] ? print_usage_bug+0xc0/0xc0 [ 341.051458] ? print_usage_bug+0xc0/0xc0 [ 341.051477] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 341.051503] ? find_held_lock+0x36/0x1c0 [ 341.051526] ? graph_lock+0x170/0x170 [ 341.077637] ? __lock_acquire+0x7ec/0x4ec0 [ 341.081899] ? _raw_spin_unlock_irq+0x27/0x80 [ 341.086412] ? _raw_spin_unlock_irq+0x27/0x80 [ 341.090929] ? lockdep_hardirqs_on+0x421/0x5c0 [ 341.095535] ? find_held_lock+0x36/0x1c0 [ 341.099630] ? __handle_mm_fault+0x45dc/0x53e0 [ 341.104229] ? lock_downgrade+0x900/0x900 [ 341.108409] ? kasan_check_read+0x11/0x20 [ 341.112584] ? do_raw_spin_unlock+0xa7/0x2f0 [ 341.117010] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 341.121616] ? kasan_check_write+0x14/0x20 [ 341.125878] ? do_raw_spin_lock+0xc1/0x200 [ 341.130142] __handle_mm_fault+0x45ed/0x53e0 [ 341.134588] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 341.139449] ? graph_lock+0x170/0x170 [ 341.143268] ? print_usage_bug+0xc0/0xc0 [ 341.147353] ? graph_lock+0x170/0x170 [ 341.151181] ? graph_lock+0x170/0x170 [ 341.155025] ? handle_mm_fault+0x42a/0xc70 [ 341.159285] ? lock_downgrade+0x900/0x900 [ 341.163455] ? check_preemption_disabled+0x48/0x200 [ 341.168513] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 341.174322] ? kasan_check_read+0x11/0x20 13:46:56 executing program 3: ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f00000009c0)={0x0, 0x0, 0x8d}) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r0, 0x0) write$P9_RWALK(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="c43bfff63332be631e7d4b89ee4dfa68a71bbb7e515da1ee7af85fefbd2f081899065fcaf97e784c023f5ed167646c5d8009a4db4cf2765e2d9d96aa94789fb2f4914fa6afc38d9b30dd8ed141e7700dfc609a538c803861a329259f748b4a418f41d6f80a5351a4eff96435e5ee65a321758b137166c85399db4f500a7f6a1382107ac377764e63b6ced41af9af1611c90e04a732c657c4f4c65e6b49e4b9244dc80edc6859f7669f67"], 0x5) perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$UI_END_FF_ERASE(r0, 0x400c55cb, &(0x7f0000000080)={0x2, 0x1000000000000000, 0x80000001}) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0) mq_notify(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, 0x0, @thr={&(0x7f0000000380), &(0x7f0000000b40)}}) ftruncate(0xffffffffffffffff, 0x0) [ 341.178505] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 341.183800] ? rcu_bh_qs+0xc0/0xc0 [ 341.187380] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 341.192852] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 341.198423] ? check_preemption_disabled+0x48/0x200 [ 341.203461] handle_mm_fault+0x54f/0xc70 [ 341.207547] ? __handle_mm_fault+0x53e0/0x53e0 [ 341.212151] ? find_vma+0x34/0x190 [ 341.212176] __do_page_fault+0x67d/0xed0 [ 341.212203] ? mm_fault_error+0x380/0x380 [ 341.212219] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 341.212241] ? graph_lock+0x170/0x170 [ 341.232824] do_page_fault+0xf2/0x7e0 [ 341.236662] ? vmalloc_sync_all+0x30/0x30 [ 341.240827] ? error_entry+0x76/0xd0 [ 341.244588] ? trace_hardirqs_off_caller+0xbb/0x310 [ 341.249623] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.254481] ? trace_hardirqs_on_caller+0x310/0x310 [ 341.259541] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.264410] page_fault+0x1e/0x30 [ 341.267883] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 341.273523] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 341.292430] RSP: 0018:ffff8801bc61f7f0 EFLAGS: 00010202 [ 341.297808] RAX: ffffed00378c3f40 RBX: 0000000000000004 RCX: 0000000000000004 [ 341.305088] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff8801bc61f9f8 [ 341.312365] RBP: ffff8801bc61f828 R08: ffffed00378c3f40 R09: ffffed00378c3f3f [ 341.319683] R10: ffffed00378c3f3f R11: ffff8801bc61f9fb R12: 0000000020013004 [ 341.326959] R13: 0000000020013000 R14: ffff8801bc61f9f8 R15: 00007ffffffff000 [ 341.334270] ? _copy_from_user+0x10d/0x150 [ 341.338524] evdev_do_ioctl+0xf33/0x2180 [ 341.342604] ? str_to_user+0x90/0x90 [ 341.346332] ? graph_lock+0x170/0x170 [ 341.350163] ? do_futex+0x249/0x26d0 [ 341.353896] ? __lockdep_init_map+0x105/0x590 [ 341.358414] ? __lock_acquire+0x7ec/0x4ec0 [ 341.362673] ? find_held_lock+0x36/0x1c0 [ 341.366787] ? __fget+0x4aa/0x740 [ 341.370252] ? lock_downgrade+0x900/0x900 [ 341.374413] ? check_preemption_disabled+0x48/0x200 [ 341.379453] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 341.385267] ? kasan_check_read+0x11/0x20 [ 341.389429] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 341.394726] ? rcu_bh_qs+0xc0/0xc0 [ 341.398295] ? __fget+0x4d1/0x740 [ 341.401769] ? ksys_dup3+0x680/0x680 [ 341.405501] evdev_ioctl_handler+0x144/0x1a0 [ 341.409926] evdev_ioctl+0x27/0x2e [ 341.413493] ? evdev_ioctl_compat+0x30/0x30 [ 341.417827] do_vfs_ioctl+0x1de/0x1720 [ 341.421744] ? ioctl_preallocate+0x300/0x300 [ 341.426165] ? __fget_light+0x2e9/0x430 [ 341.430154] ? fget_raw+0x20/0x20 [ 341.433620] ? _copy_to_user+0xc8/0x110 [ 341.437610] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 341.443159] ? put_timespec64+0x10f/0x1b0 [ 341.447345] ? nsecs_to_jiffies+0x30/0x30 [ 341.451512] ? do_syscall_64+0x9a/0x820 [ 341.455499] ? do_syscall_64+0x9a/0x820 [ 341.459489] ? lockdep_hardirqs_on+0x421/0x5c0 [ 341.464091] ? security_file_ioctl+0x94/0xc0 [ 341.468517] ksys_ioctl+0xa9/0xd0 [ 341.471991] __x64_sys_ioctl+0x73/0xb0 [ 341.475901] do_syscall_64+0x1b9/0x820 [ 341.479806] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 341.485183] ? syscall_return_slowpath+0x5e0/0x5e0 [ 341.490122] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.494979] ? trace_hardirqs_on_caller+0x310/0x310 [ 341.500013] ? prepare_exit_to_usermode+0x291/0x3b0 [ 341.505050] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.509922] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.515118] RIP: 0033:0x457579 [ 341.518326] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 341.537255] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 341.544979] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 341.552257] RDX: 0000000020013000 RSI: 0000000040084504 RDI: 0000000000000005 [ 341.559534] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 341.566809] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 341.574086] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:46:57 executing program 0: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$UI_SET_LEDBIT(r1, 0x40045569, 0xd) recvmmsg(r1, &(0x7f00000055c0)=[{{0x0, 0x0, &(0x7f0000003c40)=[{&(0x7f0000002640)=""/230, 0xe6}, {&(0x7f0000002740)=""/4096, 0x1000}, {&(0x7f0000003740)=""/221, 0xdd}, {&(0x7f0000000540)=""/28, 0x1c}, {&(0x7f0000003840)=""/98, 0x62}, {&(0x7f00000038c0)=""/81, 0x51}, {&(0x7f0000003940)=""/214, 0xd6}, {&(0x7f0000003a40)=""/159, 0x9f}, {&(0x7f0000003b00)=""/47, 0x2f}, {&(0x7f0000003b40)=""/224, 0xe0}], 0xa, &(0x7f0000003d00)=""/104, 0x68, 0x4}}, {{&(0x7f0000003d80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000003f80)=[{&(0x7f0000003e00)=""/234, 0xea}, {&(0x7f0000003f00)=""/80, 0x50}], 0x2, &(0x7f0000003fc0)=""/79, 0x4f, 0x4}, 0x6}, {{0x0, 0x0, &(0x7f0000005300)=[{&(0x7f0000004040)=""/193, 0xc1}, {&(0x7f00000041c0)=""/83, 0x53}, {&(0x7f0000004240)=""/39, 0x27}, {&(0x7f0000004280)=""/43, 0x2b}, {&(0x7f00000042c0)=""/4096, 0x1000}, {&(0x7f00000052c0)=""/27, 0x1b}, {&(0x7f0000005980)=""/4096, 0x1000}], 0x7, 0x0, 0x0, 0x2}, 0xfffffffffffffff8}, {{&(0x7f0000005380)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000005580)=[{&(0x7f0000005400)=""/189, 0xbd}, {&(0x7f0000006980)=""/4096, 0x1000}, {&(0x7f00000054c0)=""/138, 0x8a}], 0x3, 0x0, 0x0, 0x9}, 0x80000000}], 0x4, 0x101, &(0x7f0000005740)={0x77359400}) setsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000005780)={@multicast2, @local, r2}, 0xc) epoll_pwait(r1, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x1, &(0x7f0000000440)={0x1}, 0x8) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000480)=0xfffffffffffffff0) pwritev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000580)="9dde16d333e5cbf2cd61c103b81b94aae21726a0a830531ac30d2dc4ec46029eb92a4c270eb98c63fc00e342bfca671ca8475294a15b705693d08a5bf7626eb5a06bccda80857df1086d90a248c5e2979fce50a5810cfdba1016a151485926ea69ac08938d97d31119f38bd0d67e345eb1fa44bf529c68079c660582c4f43e46bec8bb3352ee20cbde99ac7d1abb6ac2a2543fa311c192a4ff8335b45a0cb5b4e4853a876c17b3a571aee4bd520636b059ff", 0xb2}], 0x1, 0x81806) getrandom(&(0x7f0000000380)=""/186, 0xba, 0x2) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, &(0x7f00000000c0)) ioctl$EVIOCGKEY(r1, 0x80404518, &(0x7f0000004140)) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000140)) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f0000000180)={0x4, 0x1}) mincore(&(0x7f0000ffc000/0x1000)=nil, 0x1000, &(0x7f0000001640)=""/4096) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000002c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd320-generic\x00'}, 0x58) r4 = accept$alg(r3, 0x0, 0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000240)='/dev/full\x00', 0x400000, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x11, &(0x7f0000000280)=0x7, 0x4) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={"00ac720000000000ec973f820f7c4000", 0x400000102}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x118) close(0xffffffffffffffff) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000004140)={@local, 0xffffffff, 0x1, 0x3, 0x4, 0x80000001, 0x3ff, 0xbd29}, &(0x7f0000004180)=0x20) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg(r4, &(0x7f0000007f00)=[{{&(0x7f00000056c0)=@can={0x1d, 0x0, 0x3f00000000000000}, 0x7ffff000, &(0x7f00000000c0)}}, {{&(0x7f0000005900)=@pppoe={0x18, 0x0, {0x0, @link_local, 'syzkaller0\x00'}}, 0x80, &(0x7f0000007ac0), 0x1a9, &(0x7f0000007b00)}}], 0x3fffffffffffe0d, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000100)={0x0, 0xa5e44afb34cf28fb, &(0x7f0000000640)="02c96965f7ffb573ac510fc52087ab531a2d9b53a2ce1d7493c98dbcd9af40ae440dd80a80d3784024d206d6d2de3e24dd8ae853416385348b564d16b2255dfd4bea39e0cab5164aad7935fbef7ad19d727e32d19be615ebfd7652c6cdfa44649deb06ecbb606eb1a6e52738d89b03f36cedbec329daa1877f1cdebe628302c687f4be9e29f367e42b9526d500f133a91a80e42df219b3d644ced0aaafceabb54bfa9dac415fd011280c6b74377bd8f775d1e967598ec723e424adf37c41de3865bbe3a3ccc17d55443ab86819d8e70e9b140346346fc581a4306d573efa1d276b4f68d07125e5eb66acdd407d7ec191b8b33a7522851108f8389df9fc13e6ed1aa23c9751cdb7165659b188d45d1023b7081a8c97056cd1f98ae8957720cb07b4c0ec3c6efd50624ec1820977fc88d7072496b8d4ea102a4b97b5219680bc08383a56ded8adedbf7a0bea9be86b230d770170db6c9d3fbf747dafc950f5efa76f23a3f4b9e46064632e8dbcc1441582be8652a01bf7220d235a3e498ba9f770a8b3fde56555fab054759798b5d17771ae5a4502293d2f8392e30de837394de1c4f513a47fc5c6a96f8b7f4ca00c5a31375e0491aa5fc24da8da9e4feba67bdcaf576028bc079903312ea67d518012a3ddfd657d4c0ee3f0ff44a6a9e29099bfd9a76246bea09c4efc8b6c8c275a3da50da3d06139d3660d08c7c6bf4311e707f781ae78cfc95136970def0176465aca167e730607372d1e81f94daee793f4e6c81fe661bdee4798cf0c0adc30a900a5ac55677f8202cd8e33f5c88e0518e5854aaef9550c33cc56ab0f4b3afffcb5838fa0a2b4e60f5fb35919b4e6cf274c26d6e06667db2211eb108443d051fb480ad40a7746c2d658f42df0eb666b01f359909791d374943847e02a301028cacdd4fb90073f49ea8a8506a18c4abd12cec35be83b0fb74087ddfcc7dffc6209d7bf5ff7c7ae8a95b1c420c2514d47e471f71c3e4bbff118116832d01376ebee99e7ca6d1a89025e8f181f10ed0800534799979b9c8f71b3f30e85251aa69a153ab43fbdd554607177e01dcd361c5ad31089a0ab5011c109e48e19733cfd3b1b095dd8e0e8080696ec355a45006c43547fc086fa2140c8858d71593a616787cfa290fbcc661ad0836febc83c6348d64dd16cf41425d8a468ed343a1136460cc6aa9e3885241bda1e3bc48f4909474de6e9cf25cb38f4819d25b60d0ba18943e04a032ef16cfe6d48f30b76f819bbf01c02fdcbc147e6431238a7b5b0f96263f3d9fa7e264f66bd84be84de954bc691e5d2060f526fdfec36a90491f13c75b5e12046c4ccc3a8adf7fffc5bac9130f252b046e303eb8093ebf915f3ad7e13925c67307e6fde67b7142635c271199e20e35f429bc75380defc0ee38eb7a8a2d978c4f5f4dd9dc6cca03786f2930d51e0e8f7feaa5262551a271be76b9d19d629b40448e8a43cfa7183578d69b8c327a3b6f8b9b53909a40fa0991d6401c351ed55f85dbeeb776d4eab758db6ffe443f8208e7b385d1324bb6cd26c7735c98ba314f3df10c4765eac0a75f5fb00d07957f4cda21fe7fef3e42c54d3d17f4a7f8ea8b0004d99d23f2caebca7af5bb9891c37c7132215532aecb4e1c31880d54965f1c1af523240c9e811a16c9c7e3efe7b497924a9777c5c998adb69932ad04bc2466861a7b20655ee4cea021e45d70c9c0108f7262b349fcabfe30f819f7ce22b3b5c85505a4aad56ecdf2605de14e91485b6f8c70f4253fbf05b065ff2824269eeb75bd3a2069d6a688215851a0166b5a83b20dd2fec5506547e344dd28f705ab7a857f57101eceacceb3baabdea61bb9aac208633642e1382ec8a5d7c2fae163c9ec226d0c20b039eb9b92d5109c3a534ee90f85a7ae82141b9fab2d0a67f5932d5ce390db27396334def39ad52235fb39e938a60d6386890998f6938fd0b956151a68308ef048ad061af18d2eb8dd30e6936fa6fd99ac4b92016e211c24059bec8c2e0883023ae5ca0a9007cc9ac97365db5c4770be431d645dc7dd3c44ac526e7b1aace92577ad44e6ab29c711e31ac168d2ddfa687f31402f70ec0ce1bede70536e89329a1e7bdca59089a5a6dfe2e38284698408dc08f9395d7ff4177ddee80351f167500d7b9743a9cabb914273bf5c7ad4282f3d3136d1307c28fb647d5ee00eca1d79a4c0650dae0df0282c20bfd8b5ae0f294d8e3e1dee828d17dbe23ca2a90659b1c433ab7aefb771b4f92767f398a7950a10711824770d6f4e33c6a29e36d9620468958c8ac8dc022866750307f209c62cd9ab11ab98c53847bd863fb8638c75b47bcbf1d03472c60a1c18e1a06df8cadfea524eec6b0db24d8e3cc6b272171dd27463946d716c754ba61e73a001ff3adeb9080c817dfc9086cc08a156d7a3bd6b7efa7cc41dd4e4c1c3f93c80799a8c17783cfa820eafd1b00c6e2ac6427001fd235b0bcb252c849eb53b4fb284c3cbe1656c981e2d9dee4c05ec0dd8a5a8661299f61fc301415febcc156132aad9b730f8ab32307656cf77c5a8f9d9c79b3977140bd168b59dfcf2cb84fcc152b2040a1592f16d2795cc12ebd1f904ee6a48e4980b80ae7bdfc11e502741b9139d2b8960c9f4117a17eb9843e4ad152db9116ba0a8a270762713caa8c788a07125aec279b088c167e1d317d3d10a726f121894c9986edc47777b54015848481ba9df66fcaa8497b7f76db77de605041d7a297b09d5fdd1b17ba9fc90cd25c64829b5afe690034f9a7bc46aeed37b5740dd166441ede6f02c531ec671f5f1ea0ce50733e4889363579da59e27d903a4b1088ad4c47e47ec0f3d58bef0e3018a7d3009ae48c56c69fc31508a2a91b76dbb17c606c72f672815fa28a7bf6bc76a202666b93ffe43e7903d860c3e2a908bdf840f2ede4d91ed5a3d78b2929711dcb7b203b8b8542b5244b27fabc14bd86b5a955c2285f24881e6cd4c9c05cf647d7e727324ed8144de1e6fe74efd483aa3aa8afd3905080daddc35b92e0bf33117f945e84eace779d2ecaf22883807a7877a9eaf4392dece26cf580a0f3883b9c0206e3b561307b64d5ed48f47363e0ae14e755b939a9815745f29ac66eed5d99dbbb27439fc21fa64ef10c9ddb3336b5c9faa3e2e35632acc2b9ca42aefe1eb6d610709e01f53998fc5649acc5ca1ae556672a9830fe668c7e62da7c1b7098971ad7bd87527036ab2f9c17ad6ebb79583a18b128e01ed32ddc6617d06a8ae41b95ce5e68f1ec3b0e524a670f4b060c2af0ddd91e5a3acb261bc850f49f57abb0a165bab775bd8cfa08d3bed7520bd5d544cb9bf3703b42f408ec95134d710fe6d3f2676b18f1e00762fd519428813a81a25e4850d1b0d44461f7e4ba3545e7ad58d61cbf5e4373873f4abad7ed705dcf8b322ccfc4a8e403f70d991ee0d34d90a498e98c4e6943be5bc9b7ae5d13198a82a7952c36193b6322d2ff2ef6e87e72e8e7a0ecc5d9ea99f9c4ac1f04b8beaf756cd2e14d29e92709bf2eb62954be3dc823e7ca7dece3482ae0ea4780bfa644a8f899bc3887e3fe10730b8ac2494e9ca0f35d9962d948e20bf53e515a7bc1d96ebd6e6e24b14d52c3e93be1ba4018dedad672af92e153ccd598adc5bda14059296735a387cf5c3dd38337ce2eaa24acf841511867e47001a0f62133723092f6c12a1206ff5a3b4ceddd5eaee682237ca845657f7fc701e1b71df537bd68e8ea975052d3de0e6462660588cd8be4f7dc8409c9db50b6ee4e483a58a89ddf4ea5a698c90aa33761492a16d5e3005e8e284bab6db755075e094f1e0756329e5a0239fa5a12ec73f2622a2f93770b545af171aadae4054a671d492047ee027992b91b98ba303c45b3c85c54578dde37c93d44d3f1bcafc5c618f2fbe8b137a4cd36e6b31820f869ce4f3dab80ded0bc5ba94b8badfaedb3ecb8eb59677eeda3f86384f5ad9742e4308ed4a6bcac3eb7159c9495000d3144589b43cf861715f0f5e1d87db85606c48d15869fdb5cc4dc58166999053698c16858941d30fc9849907b1323d98116cd70ef647a723da30ac8accd7eb1657736056be9058acc6960da5d95596d469d52f4dd47cfed60c2a1847eb9f6b843bf191db7accd14d3d3970ee8b95d2724151cdc0916982ff7ff498fef0a61503fc72f32691ce9ed27eed633d2f3e69edef297fc66f6e43255c842842df5a1657304cd7a545f7cc3bbf945d5fd4fbafaab94da8fc9142edb7d34ea27eb8f37571974b0cdf213172c44fd3c07547070a2b66594c9bd268c1ac985843471ced03f67893b272a18f45adef1ea47de50e0b8e41428170e8bea875e666c16e14a24e172702d7d295281c5c164fd678a0966774e361b6c625b7286b06cd42ebd05c0483642e90cb8f671e75c1b6a20010e03563ebe7bbf78cb9fa7f346e7e6306f71bc3b5a5eaf7ce5a2cbccb865e437693cedd617c488c85424e7450c813eb53408090027f11fc976f595ab0202faaee5ee9940131c57f03ae49b437ef843072a0a758e08861e7c0038cba128923f50191d675099037c20467a97d3aa1253dc1859661ea6f378b483ec1cefbdb02d1b7d47744382692fe15ae7494ea0f121590618954b628329d7036cd6795c828fcd845841fa50d5f9f808e9fa2ca38b645200de27f7bdc39e18dc2ee34d68df876e6c28e32bdb7c9e5259ab6c65324cdbb9882ac5be2f7c46602ed3d98ad8f925317a05551eb823f6da7ea90ea4f82d3bab5dfa232614fd335e5d4424bd54390a15711ee040a011384964764fb71976146c8cbcfe44f2aa34abd1331d94973f4a6a251c09ff208bec8422a14f0a84cd0279cd6a4a1e1b7060cc98db3cfc3502631732ed5f0fc4b506a568525159885b196447eb2532017b74eb0d6be1348d0e73572b038b8c5c787682f772756facf03e0dcfcb83de869f6e6525d14601348470e936859f04719ad1c083714ddf90422ee612368b345c9f20dcae6fbb1ce6afdadab72e3dab673f8d40703264d6c2eb719a2ed597092a833f15e1f611e903d75e57399fbd198fba2994fd0f83ab8fec0d7c10d19ce7f855d1fdcf1d6765ab084a2a7383d65a99be455a8e09500d75ffe4b469d11ec9ce85150af1aaed0ce00082ac1b00b088baddbb59eb770da94289abd8e5b0866a7cc83b513ebe5541a26054644d45a1126d09b8c09658918401ad21958e078e792c9db53f06e862b308ec580bdf44b9813a87d2bc3e1f8ba8d063c069d77b24a2f9d16dfc1650ae6cc4a85c28679e29e3aec1f3408ab55e271b733fe3c9e73fe6eb0cf45b24c33f2ed59128a84abda29aa30f68c38a0d1653837239a4f14086c7f5906348b5181d50e18bf014d5ab769e50b48f5bc04ab33a152ab704e42dbd453285bc8d783cd48c68013c8bb79625310ca7a3869079cabbfc57b376b0a0bd630d076ead811afe415cbc088bc484151e5128372be5186c0756cc61504309ce39ddc29649c76482ac8f04cd680dabcc6f9fc77d1ef3ecd791984453838b43f86e4b59f69888cec47589c9f81701c9dc61e61a1b95fdaa24888d7d1add8f1204d08eb369e7936fe36a7d26df9b9be425479d237833e8148c5be14397b605026bce7f6de6300162dddfe1da783188b7bcc4b3321bd1736608c8e3d815e9e465e21b8ee26cc473a84af66766dd65ffd2e66071d89017fc74cdc3fcd70af51394dcbd0b04db019ec7094c55e6896c92514f4a7dfc35cc9a0771a5abfbef37fffbdd7819c49f9dc6a27f40498882e20870b919bea808b300eeab817da70f0c57", &(0x7f00000001c0)="acd17a0cc958d77afe406d40eafc50a42ffedfc8f11fcff98f838ba31ac14fb972bd7104e69ba13553b630a6187f80b436786b03067c2c3b4598019efc3da4b4f7f3dfdd5f1405d6db68f69c8c22485d872875edf4a70b7a5462964508e89db1d5b7b718eab3650fcf90d7a88d60666c9d8ed40ef8", 0x1000, 0x75}) [ 341.597401] Unknown ioctl -2142720410 13:46:57 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80084503, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:57 executing program 5: syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='.//ile0\x00', 0x0, 0x0, &(0x7f0000000300), 0x80400, &(0x7f0000000340)=ANY=[@ANYBLOB="696f636861727365743dae386369692c696f636861727365743d69736f383835392d322c00"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) write$UHID_INPUT(r0, &(0x7f00000003c0)={0x8, "4e739e31af628c3bb14effaf4ff85edc550e261e33eb1a8474ecc1891115784095b7b94317dad7962b4824ddafc33d4f1989597f93c5091e0a285c4ce0baa4bb530b1bb8c84ff0eaa325140e6e5e0725b3a9700e563f9945b9ceba89bdcfb9901a43e6642bcd2d7aeeb89e5e3b308e4d6f82de028420368c58066fb3ef8d92b03ed17e019f65c1881eb58b01b1485fbe3c209e80c7418be495168738cc4ca0e6786deb11818e528c5546e2e861357767702091bf414f91320ed2ca68761e70fcba00f2a3e6d1a5a055c425b26efcf4a2329b5da4f40a801b53e467571f32d0f52c3c56c117b59429cc059b06a4f07572ee60877f4838fb5202d0f7519ef8388447678c08449f5cdd13b6a79b20a8eaa2573ccb099984805a630cc419f0ca4ce375cb05dda399c1df48ec62ea428d226e8eef4ed36269cf1e96f023ceed1de3f5f1fd284546981d6bf6b2b777f98352041f8924b77927f0660afabf830c2cbda8b2f41eeda4aee978af94ad0e6a250c55f7729502a35a14a32cdc7e77b4d1aeec0ff7f12c8f4622b0f4dbeb64afe4c5b930f84b27ae95d42529640b7bd4a419e07debf2080779487d593d3a2bed392d777814ec6d18f473815aabbd951e0034dd9a6650eed690ec3d93431776ad5368d06e2835f8ad6987eaf7b468f03fa7d495eeaa23ba81cc3daf9db03d6df0c12f453acfb612faa0e6107747b37cae78e3f649700aaea4b668e7e4be576f1ee37a47f65a31051d0b3c90924aa53a91ed922eeb29677c0b72c001c13d7bda9913bce3cceeb5ad10cb19626bd5a639a22523d2f9f9442c3f6627bb5cfb32292bc3365814ed19c8726da5f334072c0415bf40a178bebad4190562a1b509a90f7c6a0812b7d81352d8bf335e65711ebe24e265a20cb1b6addd7bf140eb51ba2e3af120c876697685f299652cd95027cb1f549f19c54bb113779e80784b3d727ad9dbc9cd8aeefa4848a1bf024b13c7f8fba7ca48ba5f79183b456e6239f80af8c6ac4da35f7869d40e0d1d454403f607044003a7a2ed2ad45d6ef2a6a082b619389f6511b68d2bebfb0cb1d2c625e909b990a8a7b225e137a04c2c3c56592f14b126df5417db2f4bfd36e977b9ae26cd8d8fe03448e8fd18d7c3ac9154b8fc1336858fc5c948cd5b868c8e13e529949b0c6909e92023b0cd63a4f5e56707db4a291798113381788c653bb82a8c534dd02263487ec0a1f65e67cf4bb8a9dba34dadff6298dd43c753589a60c5ae792299d9c94e7edebcb6b7eb9a9e7b4bc85c614b4751f4915b841816ac9987300e1fa74b1ee712c59faebd1e0f045bde90c8204e7158bfa2ea032a3b67048a720bc17fa796847cc1a8db9ff732196e97f822311d08fcc1ba50621d7350e89b3fb870beca74995c9a51a5f91b31be11202f68a6ecc9f934a0ee14d86a31941b0aabfd8abd5280e3fda9963364448a0a100051d643e70720bc9e93f92c14cd87e713ef4d15e5047abb67c906dcea737dbad125d421f65f4e5c7de0aa825eada346bda83cba0b1b7e70ed024e28c43b2cc42296845c3cae43b8d635aa6e49b56d2d1a8389c30d0ee2823d2f1c43cd229de8e4c36bb49cab3ed9f1a71369a460dd024e16343a402e4dc145c0d3c6189c21032a53bbad96ad1b6d936ac68205fd0951f101fe866f1a4bedd687c47f3e68f68263384b6a8276fbffde67212bc30339620b94dde08f12d17d5cbe1d309d09ba941b1a3eeab0a83b55d5fab45e2a907fdfb5b7471482aa097270fe3f986490d4ecf9e7abafeb3c0fc511d79792805e976247fb87fa8be3be7f51028c76eba9e0597d26d766861f0ad1f7f2dfd42346d51ed7f84d7e0d2fc28036b7cf3e9a770780f10cb5fa638964f2243bd813f92fb880b1d92914249d023b86523e1974054e26fcd6e0dc201cd10c9bd8fe5bda970152ad2c4f1504e46068990ed6f79b850cc75d2f34b0a26226beb2892d522d45dc4b0fb150fa94d1f326d60a7ed61635b495fe624cb9ca05f7958fa1465f552c814b97c56024b77fcd3e1d61cd6b78eb64102c3c2b161f814ecc6662edff3868f54ad0345baeb201379df63dcff1767cac15055942dd4228f01545af16b79063b734b7b5f408382e86f70b8ce54efca6db473b16028f66763b65f78914eb32ebc1e30ca033c996fd02ae74cff6a796db3d272a684af8534b85a9837c3df47b761ceb1bfdce6dea03e1b2ad96e912ee92dece400915557bcfe912e2532a1f2736b6bff0b0d72a94c024b6981d5609d10a50e8e858c5f30e583df0505ebd70ae9010fa248694325c041a7ba2ce3d43e5e4a701a38470361c25a0fffc933aebc4226d1fb6ab451ab41c1d8d87b96517c6aa00ae70e4d2465ae22e7107818cdd84b97b713d3b1d57d54876e598ddca0a9a81f0a4e11c229dd3fa38a474c8cf1720e6187f93b6ff392501048bfc82a6bb21d551d90d3be8f859f0db294409a77351547ffb2b3a94820b8fea35d518762f54b166e18872638ab6539c1a62d20fea4b05f7cd483a9d72a9b16411ecbb085354296e241c570bb64092fde11596fbb9aacf3e48bc0848d90b24c9e167a0acdafd350a380659e77e162558b6ad61f414a36d719485881d98ff85425a1021eb8eaffb22afa69c60c267a385368d30b0d668696c98e36f5351d6cdd88ff3ddd5a81a8ee98e20fbed1b5266d5116d82a2618aba027ffaf1027e65dea5d6b6cbd2d562cba35f2c6ca5a8a3180f41c860cc5e477f2ab1889af8f7e35d1eb4c4459b00e2d2e078481e173d74a75512bd9739a4a19bd49ed1313126813363d1b24abf6a9d2cad75afc866a19b4bbfb61529d5d300fe20608a5e367cc94d17b233c2e0bda905ea7e5d77f35e88032579d71b77cb5bd5fdfda7e9971a0a8391ba7c2f3d87d5b01624097450bdf3f77eca74dabb41bb49743e587706beb8772ff31ee587713657e544a1fee58b02fc390e917e583c3db46ac1eefb621fad9d1d634292aff1ba7fb4adaa8817830f3bea3ae3250d1d7970df2f50d966f7bf6a52fa0583d747b2a59097002d68a69d5c765c0b30d1501e367a048bee68d71e331983a8579490f3688943880f467d4d4ff18829e1eaf90b198b940f04973968c8cfa75f1f6a9e699767130a4e8e0650214e6f1382b54990f3cc04ffdc5173418e22f8e1fbdb1e88499d782241674d4c22336065ed36848d0a4c6420f4e21bbeb8d847707a419c7e00ac91445da4905ff7bf1e33bf9f6577247727b97acfc9a7ffe8be57a126114c4c7ade1ac9866b15422805824b475d6dee30aada08ad75bef7837b4d1b95dd160c22827a406f60af93a073fcc558d8c6b552107e3581f11bec310e2608adaceea496f2345186187349b77f35517dfbf7b24cfde748fac135744dd6f6ec786146e895fb875b90a689bc4b6890003d8217f0ed4c9f490774cb673eddfcb80bce86296f815e736d7ffd76e9c6e49d6b38fe65fc0fcba6a8450290a901a9156f9af52ec932306fc6feddeefe5dd80ff6d207d62f4b825d9f65d329b0414ce92bd0d87a81ed00ecf7a3da17a0907a835c65d98bc8976924bfcd2cf2f8e92b37c29850306979d0c69d8634cefaa1a83dd9881ba8b2342b3d5588ed7eac8363cfc08237579dbf46d0b84370fc11a6569045c8ad21ea4b0f4bf0089f7914db5042b6e48a1b64df7241aa49c07eae98a523ef95db376dade0b0bd39aec645d335dd8301deb033b08772940af44066092a9ed30982eba23ddccc6b919c040334af73d953ac0dd655713805edb9b43ec1b0b12d34aaba26ee728e1a481eb8af6a4d187274d9fc358f4b85d50a700575d05b54f54983f0ea5d7cc1921a1c1ada2b59948f26b7b213a797e32ab881ecca8d27b632e90bd55e190c966686682fe904e1af56a977986e3079eb043dc14a85bc711e394906527f0ddc69c316d6f49a49e70f1450ce62ce51a7afa20d1d1d7a22cb1631cdb2dbc4797d6800054e037659c112db431f83bcbd82b944a5a93beec00519185175045c9c9c9744fad193f4f2a231afce114a990c8d77983c2ad2d97ac886c644efd77f84d4555c690299c61e13e6bf6d9688c9b20b84401c316de57993d442fa2656d8ed2b573b3c09ddffbdaa51af2055fccabc06623781d4c40a8680f6d14742dcb8b15e1fadc4e53d2f8cdd468e4441cd3ca12fe2eec9dbbe2cac30a6f138292c0cb3c5cd77f0f6a1149cd80901e4ed1ae31fae03d90663d49a0f7dd79086d804b0faf091a55f2ccec3c07aa01879d1a0d0e5759c3df042b49879041e326d9a65e50d79815fd0a4ff2781747cedc07375d4de8049e8c08cbfbb7fe6534712b5cb719af74ff5a59dc61f24383ab026fb7b0ef5e94366ddf44c604e69b7e5e31a4ecf3e1a221f18cf597d3ba930e9f1cbf7f25c88943b1e1272236f76fe968859dae102314c45c52e23bc05b18a1f17745950504b71dc9037fc3a6f5bed6fdb1648bcf5ef600d2e9bddf0484853577a51c3151ebde39aab381a84554ef0195c413f48d907f66ad6fbe99f5ac837db5b62a6bc2af208686e4394d6d4afccdb697cae7a1d51ec1c9c902092618ab3a7cfe95ddd94255ad76c315caa3f3bab1283cf8f57bfeb1a94750a67084982562b3c94ae592233f67f5e146b8f7471a8d4c334f88f43738fe45ba8f21ee59277920c69cff531934e8bcfd51ad083d66ac671b15ed2519f136304db66eb15137679ffc5c972097e21077691675447db6b24bbfb59951a8b50c9cf0ddd5141fdc0605d7b887e482a1f60e0625415ee59e37af0434b04cec54baa1113adbb0b7e8b4f65eb282b88b1d45962e3a946871be257d1f239d2cdb84b772a94ad56fb8137318f5ed2063fae3406b66a899ef66261a4cc7fad5fb2b601dd6c3e2d0d2786fdbf2ba6da4cd551a03394a8d46367e18f7bca32e22b91804f726b070ab3eabb6f3972f1456185a292094d0975992536ccadce25c14a08eb6096e149301a5590eacc6780994b5e22229b683a15ed8840549e6d194c60b841e0bb659b43f76cba00ec1690719abe256259bf1ad49f4e8b83b0bc387582bbfe0a3f8271eab7a88cd74eb38b957d81547919c7d8757668eca3fc510375c3639a238134445528cee7f3e4f65ccc3f0ab7c9400c84a6575560302dfac36196f8ca89ef04e089d68a6b46a4ed6618298518ae0c36d1ce2ca25ec69e05305dc323d8a779f62902cd7ec2cb09534d012ebb111f296c77f4fbbfb3671b4bdd2d102062cd4cd50fe7c447264c5270c3710ae846f120f0de629c83261d85190688dc7d21966562b764d914f100a7f024833276035ce0a96741790ed72b4a4fbaae3a50e6afc1a42afabee2798d47fe923be007ec850ccffbce856945aa470ea6c87353558cf89651d96fb6bf1caf0014d57752c1aa4efef97118a738966a68c40a8fecaa41ffeae0ac36290233529919160aa715d57670df1c29f2549f5b1d43e355689be9ee242fe0bef9bf18e090005d98f6591a81959fd4c99a76bcb619efeb0fb39a9b24e9ffa28be9cdf33c97cab89229475558c51fb00dadf431b7554c3869c9987cb2e79dbce34018d7c563cea3664144df1d0b5e7d4aa8e9e68605ade21cba0bdbee3749c836f98013c496d35c763a40c2aeae2925d61e2ba13c96bbc840cf33f003339d9a6d1b0f7582714132108e517bf9480bfdebf4f749d29a2af650eac27a877457be3dfb4609baa821c0eee984ec652b2ec9f021431d5ac7acf2ed9609caf24bfd09f50b6604d6eee8f29dc5f38821a16bb44151463ae7e2e23f66f7a233155609ac5b", 0xfffffffffffffe95}, 0x1006) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='.//ile0\x00', 0xe005, 0x1, &(0x7f0000000080)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000340)=ANY=[]) ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f00000001c0)={0x5, 0x6}) write(r0, &(0x7f0000000240)="e542ebc9babd42b2438b5c1325d0e31529c9d992060064c6146260864c319ccedde3d1ecedd3834be772dda11e9629ad0e87f7695540c42fc78e3700b04264cf8fa2", 0x42) getsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f00000000c0)=0x7, &(0x7f0000000180)=0x1) 13:46:57 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x5451, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:57 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000)) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(0xffffffffffffffff, 0x400442c8, &(0x7f0000000700)={r1, 0x0, 0x0, "6e036d4cf8aa85cc47acce0fad24264bd54271180bfa"}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000700)=ANY=[]) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x4000, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000080)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000006c0)=0x1) 13:46:57 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0) r0 = socket$inet6(0xa, 0x2000000000001, 0x0) getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000100)={'security\x00'}, &(0x7f00000001c0)=0xfffffffffffffee5) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x2100, 0x0) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000280)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='dctcp\x00', 0x6) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e20, 0x3f, @loopback, 0x1}, 0x1c) sendto$inet6(r0, &(0x7f00007a8fff), 0x0, 0x20000000, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x3) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000700)='highspeed\x00', 0xfffffffffffffec1) setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000040), 0x4) write$input_event(0xffffffffffffffff, &(0x7f00000002c0)={{0x77359400}}, 0x18) r2 = fcntl$dupfd(r0, 0x406, r0) write$FUSE_WRITE(r2, &(0x7f00000000c0)={0x18, 0xfffffffffffffff5, 0x2, {0xffffffffffffac7d}}, 0x18) r3 = add_key(&(0x7f0000000340)='id_resolver\x00', &(0x7f0000000380)={'syz', 0x1}, &(0x7f00000003c0)="13f310176d968d1d38b6da34882abad1ad9a8d1c29ec1ddc76c570bf5b59ead90645c93351ed2b0b6514b56a5482dc7d9782bb33ff61c1c30ae87776e04059b9041e5b4bfa3eae94b43b6b0b7b147cb28f2663b764242fada42be1960484cea303a9d4281bfd5d9acf54b3d7842613788ef13f7a1b", 0x75, 0xfffffffffffffffe) keyctl$invalidate(0x15, r3) 13:46:57 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80284504, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:57 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0xc0045878, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:57 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r0, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000140)={0x0, 0x1, 0x1ff}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000001c0)=@assoc_value={r3, 0xffffffffffffff00}, 0x8) accept4$llc(r2, &(0x7f0000000080)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000100)=0x10, 0x80000) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r4, r1) 13:46:57 executing program 3: ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, &(0x7f0000000300)={'eql\x00', {0x2, 0x0, @dev}}) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='trusted.overlay.opaque\x00', &(0x7f0000000340)='y\x00', 0x2, 0x3) ioctl$int_out(r0, 0x4005460, &(0x7f0000000280)) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'team0\x00'}) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000240), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) sched_setaffinity(0x0, 0x3cb, &(0x7f00000000c0)=0x9) open$dir(&(0x7f0000000200)='./file0\x00', 0x0, 0x128) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000140)="db04", 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)="766574683100000000ffffffffffef00", 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0), 0x6) 13:46:57 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0xc020660b, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:58 executing program 2: lsetxattr$trusted_overlay_opaque(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)='trusted.overlay.opaque\x00', &(0x7f0000000800)='y\x00', 0x2, 0x0) r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x3, 0x100) ioctl$TCSBRK(r0, 0x5409, 0x2) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000540)={'veth0_to_bridge\x00', &(0x7f0000000900)=ANY=[@ANYBLOB="3f0000000b000000a4000000000000000e000000ff010000000000000000000000000001ff0100000022000000ffe700000000014e224e22070000000000000000000000000000001b81ffffffffffff000800025a1d6a0100000005fe800000000002000000000000000011fe80000000000000000000000000001c0000000300000067317b420000000000000000008690aaaaaaaaaaaa00090000000000000001000000000000030000000000f7fffe4ff77f000000000700000001000000010000000600000000000000020000000000000002000000adc9f78afce0fe2583b12e386723a46125a68c4b182e7c898ac87dbf28c3e7ebff71a925f525111089e0dbda7208a86823a55cbc82d19b006c6c65bad2c2fd1418907f201ab5f1bfcf6f040e7dd9e0f6fac9a4ff9a5e953e84fba389922327fccb8e5e20b5563129e376d2d72d531b3575cd40fff681571d7d0c68e1636f5c195a5f058cf156265351f4f444ecc8bd3481ac65bdb60badef62ce5f3023e209bfef29c59cf6bad13eea2cc887b4624370a8edd7d26f731e98b008913eecf06eca0c0c10b8af5ab7a33211655d93f08d937179c794f687a23356b82dd54aabf51f37a1929a43e0e0c2a6373a310b6c9896434f861873c142025f0fdfb5a970fc41b198e903093fb76ed69a519f576d2e459f875393a157e203f6bac8f918ba2dca79a28ce10d2e754c17651625567bbcdb848ec53b55b239051acca0f6805f16f7b1c7215258bbaef7df07525ad9db06eb9eebe306f044cad6198508f693aa491e379cf31709a4364a8c3ab38c8dee2abaf461548753293848a2c0adf0bc157f5782a4d718abd9b778664af9f643d97c26d4c84aaa2724a7c8a9dfd467cfd6a34c61e5537b89ce7ed07ecbe42ce3c0827db59c"]}) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x12) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0xfffffff0}, 0xc, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="1463915bd552c8ded21135a97c5a13ffd80000002800010b0000000000c3ef97f5de328832ec07f0aebfda7c0957c6e762098e260c7784b7064e7be66f0316907f37d9b6ed1482c573feb5edaa5fb35ea867f6478c1c919b8ef990a8bc10faf175acb251569c1bebd61d134bc91f7323037e59c8c68cab7592c304660fc8ab03628e4f367f5671564190b13e6f0ebfa45d9d87774faeec796e5b3bcba15dadb94f2b01da53ab4f6280f1ecc8e9dae75c201864acb92aceefc0f1b50581d663317aeacc2c7baf031cb3f47f6de33901000000000000005d255abd174d52ffbad15b6fdd3ae9a962d6db656fc79a2bfcc79efcc6601bd774fe126b7b2b961963cad0b57d9db1c813bb216e"], 0x14}}, 0x0) r3 = syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x80240) ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000240)="03451a8e3c88ae7d3921d4fed8b6b0d5ae82ad0c92ca7183616bb5a74befd952d61420bbef578f8c2355bd27a91eb9cca6a50fce0ef6acbd70669a369de13daa846776c333107a207dc4fb702fe58a7b5d90d6d10c7e818b85e9803b367b5bac3c0d5c50b939761f5084db7566f7163a8d69f912f057a2cb0eb729b622d61a1970851b3c2128225d250f0e6fe16f14438f1fc28214ead497c9c99c7605340596f839df56fad3bff523bf3f9c52196be697dd25ea78d7b43990c9a79f01ddc7c5245a5a97719a7a95b43f59677f230fc7cff2179bad8407a74c82498398609b773bb824f2db1180e35deb4dbea8e5a7bd1f89679538abc3e06b2b24aa6217d6b6") unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r0, 0x28, &(0x7f0000000100)}, 0xfffffffffffffd87) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x3) mlockall(0xfc) unshare(0x40000000) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000580)=""/190) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, &(0x7f0000000180)={{0x9}, 'port0\x00', 0x0, 0x0, 0x6, 0x10000, 0x1, 0x1, 0x101}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000380)={0x0, 0x0}, &(0x7f00000003c0)=0xc) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f00000004c0)={{0x3, 0x4e, 0x3cb, 0xffffffff80000000}, 'syz1\x00', 0x26}) lchown(&(0x7f0000000340)='./file0\x00', r4, r5) [ 342.707295] IPVS: ftp: loaded support on port[0] = 21 [ 343.287626] IPVS: ftp: loaded support on port[0] = 21 13:46:59 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha1_mb\x00'}, 0x58) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) bind$bt_sco(r2, &(0x7f0000000200)={0x1f, {0xfffffffffffffffa, 0x0, 0x1, 0x7, 0x0, 0x5}}, 0x8) r3 = accept4(r0, 0x0, &(0x7f00000000c0), 0x0) bind$alg(r1, &(0x7f0000000280)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha512\x00'}, 0x58) sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="000000000000000000000e000095"], 0x3}}, 0x8000) syncfs(r2) accept4$unix(r3, 0x0, &(0x7f0000000000), 0x0) 13:46:59 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40044590, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:59 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445f2, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:59 executing program 3: ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, &(0x7f0000000300)={'eql\x00', {0x2, 0x0, @dev}}) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='trusted.overlay.opaque\x00', &(0x7f0000000340)='y\x00', 0x2, 0x3) ioctl$int_out(r0, 0x4005460, &(0x7f0000000280)) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'team0\x00'}) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000240), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) sched_setaffinity(0x0, 0x3cb, &(0x7f00000000c0)=0x9) open$dir(&(0x7f0000000200)='./file0\x00', 0x0, 0x128) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000140)="db04", 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)="766574683100000000ffffffffffef00", 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0), 0x6) 13:46:59 executing program 2: lsetxattr$trusted_overlay_opaque(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)='trusted.overlay.opaque\x00', &(0x7f0000000800)='y\x00', 0x2, 0x0) r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x3, 0x100) ioctl$TCSBRK(r0, 0x5409, 0x2) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000540)={'veth0_to_bridge\x00', &(0x7f0000000900)=ANY=[@ANYBLOB="3f0000000b000000a4000000000000000e000000ff010000000000000000000000000001ff0100000022000000ffe700000000014e224e22070000000000000000000000000000001b81ffffffffffff000800025a1d6a0100000005fe800000000002000000000000000011fe80000000000000000000000000001c0000000300000067317b420000000000000000008690aaaaaaaaaaaa00090000000000000001000000000000030000000000f7fffe4ff77f000000000700000001000000010000000600000000000000020000000000000002000000adc9f78afce0fe2583b12e386723a46125a68c4b182e7c898ac87dbf28c3e7ebff71a925f525111089e0dbda7208a86823a55cbc82d19b006c6c65bad2c2fd1418907f201ab5f1bfcf6f040e7dd9e0f6fac9a4ff9a5e953e84fba389922327fccb8e5e20b5563129e376d2d72d531b3575cd40fff681571d7d0c68e1636f5c195a5f058cf156265351f4f444ecc8bd3481ac65bdb60badef62ce5f3023e209bfef29c59cf6bad13eea2cc887b4624370a8edd7d26f731e98b008913eecf06eca0c0c10b8af5ab7a33211655d93f08d937179c794f687a23356b82dd54aabf51f37a1929a43e0e0c2a6373a310b6c9896434f861873c142025f0fdfb5a970fc41b198e903093fb76ed69a519f576d2e459f875393a157e203f6bac8f918ba2dca79a28ce10d2e754c17651625567bbcdb848ec53b55b239051acca0f6805f16f7b1c7215258bbaef7df07525ad9db06eb9eebe306f044cad6198508f693aa491e379cf31709a4364a8c3ab38c8dee2abaf461548753293848a2c0adf0bc157f5782a4d718abd9b778664af9f643d97c26d4c84aaa2724a7c8a9dfd467cfd6a34c61e5537b89ce7ed07ecbe42ce3c0827db59c"]}) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x12) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0xfffffff0}, 0xc, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="1463915bd552c8ded21135a97c5a13ffd80000002800010b0000000000c3ef97f5de328832ec07f0aebfda7c0957c6e762098e260c7784b7064e7be66f0316907f37d9b6ed1482c573feb5edaa5fb35ea867f6478c1c919b8ef990a8bc10faf175acb251569c1bebd61d134bc91f7323037e59c8c68cab7592c304660fc8ab03628e4f367f5671564190b13e6f0ebfa45d9d87774faeec796e5b3bcba15dadb94f2b01da53ab4f6280f1ecc8e9dae75c201864acb92aceefc0f1b50581d663317aeacc2c7baf031cb3f47f6de33901000000000000005d255abd174d52ffbad15b6fdd3ae9a962d6db656fc79a2bfcc79efcc6601bd774fe126b7b2b961963cad0b57d9db1c813bb216e"], 0x14}}, 0x0) r3 = syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x80240) ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000240)="03451a8e3c88ae7d3921d4fed8b6b0d5ae82ad0c92ca7183616bb5a74befd952d61420bbef578f8c2355bd27a91eb9cca6a50fce0ef6acbd70669a369de13daa846776c333107a207dc4fb702fe58a7b5d90d6d10c7e818b85e9803b367b5bac3c0d5c50b939761f5084db7566f7163a8d69f912f057a2cb0eb729b622d61a1970851b3c2128225d250f0e6fe16f14438f1fc28214ead497c9c99c7605340596f839df56fad3bff523bf3f9c52196be697dd25ea78d7b43990c9a79f01ddc7c5245a5a97719a7a95b43f59677f230fc7cff2179bad8407a74c82498398609b773bb824f2db1180e35deb4dbea8e5a7bd1f89679538abc3e06b2b24aa6217d6b6") unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r0, 0x28, &(0x7f0000000100)}, 0xfffffffffffffd87) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x3) mlockall(0xfc) unshare(0x40000000) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000580)=""/190) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, &(0x7f0000000180)={{0x9}, 'port0\x00', 0x0, 0x0, 0x6, 0x10000, 0x1, 0x1, 0x101}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000380)={0x0, 0x0}, &(0x7f00000003c0)=0xc) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f00000004c0)={{0x3, 0x4e, 0x3cb, 0xffffffff80000000}, 'syz1\x00', 0x26}) lchown(&(0x7f0000000340)='./file0\x00', r4, r5) [ 343.564073] IPVS: ftp: loaded support on port[0] = 21 13:46:59 executing program 5: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000300), &(0x7f0000000340)=0x14) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000240)={0xffffffffffffffff}, 0x106, 0x100b}}, 0x20) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000003c0)={'vcan0\x00', 0x0}) setsockopt$inet6_mreq(r0, 0x29, 0x1d, &(0x7f0000000400)={@loopback, r2}, 0x14) ioctl$KVM_RUN(r0, 0xae80, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000380)) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f00000002c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000180), r1}}, 0x18) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000040)=r0) gettid() openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x8000, 0x0) getsockopt(r0, 0x7, 0x8, &(0x7f0000000100)=""/111, &(0x7f0000000080)=0x6f) 13:46:59 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40084503, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:59 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80104592, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:46:59 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x44, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="00634040000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000", @ANYPTR=&(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000008bb89835da5221fe41b515167f83dd3453241249a5f222967bb93507519c8296ffb6a47b548b542cc3c8d7fecfadb3ad8c8e6f95b941b47d64251a6a5dca933960ea92f03f36e312bb20ff5ab02c6350edb9f86643edf7ba6166b3f3e4e82a48dcaa134dde847eed2bf1b195f593a09d2126ebc1507492e848b9ba796e9019fdeb3d4991f8425267ad7372d57cd9493a36e5be52", @ANYRES64=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYPTR=&(0x7f0000000080)=ANY=[]], 0x5e, 0x0, &(0x7f0000000500)="66ac68bebf0e0600798aaa62abc8a9a70f36894399d30b4644c1a756c6f612e4040000003b21e5a1ad06ca4a727201571a12732e200ee855998513107e39a343c681413346a0a0494f7adb57362643112665dc024c3eb8433c33bac51b87"}) 13:46:59 executing program 3: r0 = socket$inet6(0xa, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$inet(0x2, 0x3, 0x7f) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000000)=@nat={'nat\x00', 0x19, 0x1, 0xc0, [0x20000100, 0x0, 0x0, 0x20000190, 0x20000160], 0x0, &(0x7f00000000c0), &(0x7f0000000100)=[{}, {}, {}, {}]}, 0x138) 13:46:59 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="0a5cc80700315f85715070") r1 = socket$inet(0x2, 0x200000002, 0x0) bind(r0, &(0x7f0000000080)=@l2={0x1f, 0x3, {0xffffffff, 0x101, 0x4, 0x84ab, 0x80000000, 0x13}, 0x0, 0x7f}, 0x80) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f0000000240)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x3a) getsockname(r2, &(0x7f0000000000)=@xdp, &(0x7f00000002c0)=0x80) [ 344.085344] kernel msg: ebtables bug: please report to author: Hook order must be followed [ 344.117827] binder: BINDER_SET_CONTEXT_MGR already set 13:46:59 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x2800, 0x0) recvfrom$unix(r1, &(0x7f0000000080)=""/49, 0x31, 0x0, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r2, &(0x7f0000e11ff0)=[{&(0x7f0000000140)="580000001400add427323b470c458c560a067fffffff81004e220000000058000b4824ca945f64009400050028925aa80000000000000080000efffe1b0000000000fff5dd00000010000100090a1000410400000000fcff", 0x58}], 0x1) [ 344.139540] FAULT_FLAG_ALLOW_RETRY missing 30 [ 344.151203] CPU: 1 PID: 11532 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 344.158594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.167956] Call Trace: [ 344.170579] dump_stack+0x1c4/0x2b4 [ 344.174244] ? dump_stack_print_info.cold.2+0x52/0x52 [ 344.179466] ? kasan_check_write+0x14/0x20 [ 344.183727] ? do_raw_spin_lock+0xc1/0x200 [ 344.187995] handle_userfault.cold.33+0x47/0x62 [ 344.192705] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 344.197304] ? mark_held_locks+0x130/0x130 [ 344.198489] binder: 11539:11546 ioctl 40046207 0 returned -16 [ 344.201551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 344.201573] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 344.201596] ? select_task_rq_fair+0x34f0/0x34f0 [ 344.201611] ? reweight_task+0x130/0x130 [ 344.201642] ? print_usage_bug+0xc0/0xc0 [ 344.201669] ? print_usage_bug+0xc0/0xc0 [ 344.235390] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 344.235418] ? find_held_lock+0x36/0x1c0 [ 344.245021] ? graph_lock+0x170/0x170 [ 344.248847] ? __lock_acquire+0x7ec/0x4ec0 [ 344.253112] ? _raw_spin_unlock_irq+0x27/0x80 [ 344.257628] ? _raw_spin_unlock_irq+0x27/0x80 [ 344.262150] ? lockdep_hardirqs_on+0x421/0x5c0 [ 344.266762] ? find_held_lock+0x36/0x1c0 [ 344.270854] ? __handle_mm_fault+0x45dc/0x53e0 [ 344.275460] ? lock_downgrade+0x900/0x900 [ 344.279625] ? kasan_check_read+0x11/0x20 [ 344.283782] ? do_raw_spin_unlock+0xa7/0x2f0 [ 344.288198] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 344.292786] ? kasan_check_write+0x14/0x20 [ 344.297039] ? do_raw_spin_lock+0xc1/0x200 [ 344.301294] __handle_mm_fault+0x45ed/0x53e0 [ 344.305722] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 344.310579] ? graph_lock+0x170/0x170 [ 344.314392] ? print_usage_bug+0xc0/0xc0 [ 344.318464] ? graph_lock+0x170/0x170 [ 344.322273] ? graph_lock+0x170/0x170 [ 344.326294] ? handle_mm_fault+0x42a/0xc70 [ 344.330562] ? lock_downgrade+0x900/0x900 [ 344.334719] ? check_preemption_disabled+0x48/0x200 [ 344.339756] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 344.346034] ? kasan_check_read+0x11/0x20 [ 344.350192] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 344.355475] ? rcu_bh_qs+0xc0/0xc0 [ 344.359022] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 344.364484] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 344.370032] ? check_preemption_disabled+0x48/0x200 [ 344.375065] handle_mm_fault+0x54f/0xc70 [ 344.379139] ? __handle_mm_fault+0x53e0/0x53e0 [ 344.383733] ? find_vma+0x34/0x190 [ 344.387287] __do_page_fault+0x67d/0xed0 [ 344.391368] ? mm_fault_error+0x380/0x380 [ 344.395533] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 344.400558] ? graph_lock+0x170/0x170 [ 344.404379] do_page_fault+0xf2/0x7e0 [ 344.408194] ? vmalloc_sync_all+0x30/0x30 [ 344.412352] ? error_entry+0x76/0xd0 [ 344.416085] ? trace_hardirqs_off_caller+0xbb/0x310 [ 344.421117] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 344.425970] ? trace_hardirqs_on_caller+0x310/0x310 [ 344.431014] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 344.435890] page_fault+0x1e/0x30 [ 344.439359] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 344.445002] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 344.463909] RSP: 0018:ffff8801758777f0 EFLAGS: 00010202 [ 344.469283] RAX: ffffed002eb0ef1c RBX: 0000000000000010 RCX: 0000000000000002 [ 344.476556] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801758778d0 [ 344.483851] RBP: ffff880175877828 R08: ffffed002eb0ef1c R09: ffffed002eb0ef1a [ 344.491137] R10: ffffed002eb0ef1b R11: ffff8801758778df R12: 0000000020013010 [ 344.498426] R13: 0000000020013000 R14: ffff8801758778d0 R15: 00007ffffffff000 [ 344.505741] ? _copy_from_user+0x10d/0x150 [ 344.509989] evdev_do_ioctl+0x12a9/0x2180 [ 344.514152] ? str_to_user+0x90/0x90 [ 344.517886] ? graph_lock+0x170/0x170 [ 344.521705] ? do_futex+0x249/0x26d0 [ 344.525434] ? rcu_bh_qs+0xc0/0xc0 [ 344.528986] ? rcu_bh_qs+0xc0/0xc0 [ 344.532531] ? unwind_dump+0x190/0x190 [ 344.536433] ? find_held_lock+0x36/0x1c0 [ 344.540510] ? __fget+0x4aa/0x740 [ 344.543976] ? lock_downgrade+0x900/0x900 [ 344.548130] ? check_preemption_disabled+0x48/0x200 [ 344.553162] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 344.558966] ? kasan_check_read+0x11/0x20 [ 344.563127] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 344.568415] ? rcu_bh_qs+0xc0/0xc0 [ 344.571976] ? __fget+0x4d1/0x740 [ 344.575449] ? ksys_dup3+0x680/0x680 [ 344.579184] evdev_ioctl_handler+0x144/0x1a0 [ 344.583606] evdev_ioctl+0x27/0x2e [ 344.587152] ? evdev_ioctl_compat+0x30/0x30 [ 344.591479] do_vfs_ioctl+0x1de/0x1720 [ 344.595386] ? ioctl_preallocate+0x300/0x300 [ 344.599807] ? __fget_light+0x2e9/0x430 [ 344.603794] ? fget_raw+0x20/0x20 [ 344.607252] ? _copy_to_user+0xc8/0x110 [ 344.611238] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 344.616785] ? put_timespec64+0x10f/0x1b0 [ 344.620941] ? nsecs_to_jiffies+0x30/0x30 [ 344.625103] ? do_syscall_64+0x9a/0x820 [ 344.629083] ? do_syscall_64+0x9a/0x820 [ 344.633069] ? lockdep_hardirqs_on+0x421/0x5c0 [ 344.637662] ? security_file_ioctl+0x94/0xc0 [ 344.642087] ksys_ioctl+0xa9/0xd0 [ 344.645553] __x64_sys_ioctl+0x73/0xb0 [ 344.649451] do_syscall_64+0x1b9/0x820 [ 344.653347] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 344.658730] ? syscall_return_slowpath+0x5e0/0x5e0 [ 344.663664] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 344.668516] ? trace_hardirqs_on_caller+0x310/0x310 [ 344.673540] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 344.678566] ? prepare_exit_to_usermode+0x291/0x3b0 [ 344.683596] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 344.688457] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 344.693652] RIP: 0033:0x457579 [ 344.696855] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 344.715781] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 344.723507] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 344.730786] RDX: 0000000020013000 RSI: 0000000080104592 RDI: 0000000000000004 13:47:00 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)="2e2f6367726f75702e6370752f7301003100d185a9910498de94b8d883a8a0efacb3bf1c94f0f84f93f63f6127c6ad07bf85b8a8f7c53d89000060f5d470cdfeedc06388718675a7f1e380e65f8bdbe2e3d5dd871a9a3d0c9542ba694bb92fa9493f0d2fe3e71189dd79ab61cded49a08d9148", 0x1ff) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000000)={0xd, 0x7, 0x2, {{}, 0x103}}, 0x5) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47744279}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = dup(r0) shutdown(r2, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x2, 0x1}, 0x14) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3, 0x94) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 13:47:00 executing program 3: r0 = syz_open_dev$usb(&(0x7f0000000280)='/dev/bus/usb/00#/00#\x00', 0x40000fffffe, 0x1) openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x800000000208000, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000240)={0x300}) ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000040)={0x21a, &(0x7f0000000000)=[{}]}) 13:47:00 executing program 2: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = memfd_create(&(0x7f0000000280)='\x00', 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$sock_proto_private(r0, 0x89ed, &(0x7f0000000100)="0f74daa183bd894a8b57b4dbcac8ced579d3402608a9778f4353f8b684604f9f0d002492f37163c53c3dd040826d989d2d2d11146107b2d1321ed34a7a2cccaa815fa9741ab6f16110add0d1a94944c100c5124924ea08e48054d27a3b52cfe27b481e4c3f4c1c8247dfa04d5209052dc6981f868c0106a6d55880017ada33d2eda4cca8e4e54d4b56b80d077e65e3a28faedb95b114156772") mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0}, &(0x7f0000000240)=0xc) mount$9p_xen(&(0x7f0000000040)='trans=fd,', &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x4020, &(0x7f0000000300)={'trans=xen,', {[{@dfltuid={'dfltuid', 0x3d, r2}}], [{@pcr={'pcr', 0x3d, 0x1}}, {@appraise='appraise'}]}}) [ 344.738060] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 344.745336] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 344.752609] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 344.778995] binder_alloc: 11539: binder_alloc_buf, no vma 13:47:00 executing program 3: socket$alg(0x26, 0x5, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f000004c000)=0x23, 0x4) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x18) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000040)={0x7d, 0x0, [0x8, 0x400, 0xfffffffffffffffd, 0x802]}) setsockopt$sock_int(r0, 0x1, 0x2000000000f, &(0x7f0000f10000)=0xfffffffffffff830, 0x4) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f000086eff0)={0x2, 0x4e22, @multicast2}, 0x10) bind$inet6(r0, &(0x7f0000f13000)={0xa, 0x4e22}, 0x1c) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={r1, 0x0, 0x0, 0x449, &(0x7f00000000c0)=[0x0, 0x0], 0x2}, 0x20) 13:47:00 executing program 0: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000001c0)=""/189) write$P9_RMKDIR(r0, &(0x7f0000000000)={0x14, 0x49, 0x1, {0x4, 0x2, 0x6}}, 0x14) [ 344.811076] binder: 11539:11541 transaction failed 29189/-3, size 24-0 line 2970 [ 344.819572] binder: release 11539:11541 transaction 4 out, still active [ 344.828152] binder: send failed reply for transaction 4, target dead 13:47:00 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000384ff7)='/dev/ppp\x00', 0x101002, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000b94000)=""/246) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f00000000c0)=0x600210) write$P9_RFSYNC(r0, &(0x7f0000000140)={0x7}, 0x7) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000100)={0x0, 0x1c9c380}, &(0x7f0000000080), 0x8) 13:47:00 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40049409, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:00 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80284504, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:00 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000080)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1}) shutdown(r1, 0x0) [ 345.286017] FAULT_FLAG_ALLOW_RETRY missing 30 [ 345.295107] CPU: 1 PID: 11583 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 345.302503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.311885] Call Trace: [ 345.314512] dump_stack+0x1c4/0x2b4 [ 345.318166] ? dump_stack_print_info.cold.2+0x52/0x52 [ 345.323381] ? kasan_check_write+0x14/0x20 [ 345.327638] ? do_raw_spin_lock+0xc1/0x200 [ 345.331916] handle_userfault.cold.33+0x47/0x62 [ 345.336622] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 345.341222] ? mark_held_locks+0x130/0x130 [ 345.345472] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.351038] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 345.356429] ? select_task_rq_fair+0x34f0/0x34f0 [ 345.361207] ? reweight_task+0x130/0x130 [ 345.365300] ? print_usage_bug+0xc0/0xc0 [ 345.369400] ? print_usage_bug+0xc0/0xc0 [ 345.373481] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.379042] ? find_held_lock+0x36/0x1c0 [ 345.383126] ? graph_lock+0x170/0x170 [ 345.386954] ? __lock_acquire+0x7ec/0x4ec0 [ 345.391208] ? _raw_spin_unlock_irq+0x27/0x80 [ 345.395717] ? _raw_spin_unlock_irq+0x27/0x80 [ 345.400224] ? lockdep_hardirqs_on+0x421/0x5c0 [ 345.404825] ? find_held_lock+0x36/0x1c0 [ 345.408934] ? __handle_mm_fault+0x45dc/0x53e0 [ 345.413536] ? lock_downgrade+0x900/0x900 [ 345.417703] ? kasan_check_read+0x11/0x20 [ 345.421879] ? do_raw_spin_unlock+0xa7/0x2f0 [ 345.426311] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 345.430914] ? kasan_check_write+0x14/0x20 [ 345.435168] ? do_raw_spin_lock+0xc1/0x200 [ 345.439429] __handle_mm_fault+0x45ed/0x53e0 [ 345.443880] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 345.448745] ? graph_lock+0x170/0x170 [ 345.452560] ? print_usage_bug+0xc0/0xc0 [ 345.456642] ? graph_lock+0x170/0x170 [ 345.460453] ? graph_lock+0x170/0x170 [ 345.464294] ? handle_mm_fault+0x42a/0xc70 [ 345.468544] ? lock_downgrade+0x900/0x900 [ 345.472708] ? check_preemption_disabled+0x48/0x200 [ 345.477754] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 345.483562] ? kasan_check_read+0x11/0x20 [ 345.487723] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 345.493015] ? rcu_bh_qs+0xc0/0xc0 [ 345.496576] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 345.502043] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 345.507598] ? check_preemption_disabled+0x48/0x200 [ 345.512643] handle_mm_fault+0x54f/0xc70 [ 345.516728] ? __handle_mm_fault+0x53e0/0x53e0 [ 345.521335] ? find_vma+0x34/0x190 [ 345.524911] __do_page_fault+0x67d/0xed0 [ 345.528996] ? mm_fault_error+0x380/0x380 [ 345.533158] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 345.538189] ? graph_lock+0x170/0x170 [ 345.542011] do_page_fault+0xf2/0x7e0 [ 345.545858] ? vmalloc_sync_all+0x30/0x30 [ 345.550033] ? error_entry+0x76/0xd0 [ 345.553763] ? trace_hardirqs_off_caller+0xbb/0x310 [ 345.558804] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.563660] ? trace_hardirqs_on_caller+0x310/0x310 [ 345.568712] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.573581] page_fault+0x1e/0x30 [ 345.577055] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 345.582700] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 345.601615] RSP: 0018:ffff880175ad77f0 EFLAGS: 00010206 [ 345.606994] RAX: ffffed002eb5af4f RBX: 0000000000000028 RCX: 0000000000000005 [ 345.614275] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff880175ad7a50 [ 345.621556] RBP: ffff880175ad7828 R08: ffffed002eb5af4f R09: ffffed002eb5af4a [ 345.628834] R10: ffffed002eb5af4e R11: ffff880175ad7a77 R12: 0000000020013028 [ 345.636130] R13: 0000000020013000 R14: ffff880175ad7a50 R15: 00007ffffffff000 [ 345.643449] ? _copy_from_user+0x10d/0x150 [ 345.647706] evdev_do_ioctl+0x75c/0x2180 [ 345.651788] ? str_to_user+0x90/0x90 [ 345.655516] ? graph_lock+0x170/0x170 [ 345.659334] ? do_futex+0x249/0x26d0 [ 345.663065] ? rcu_bh_qs+0xc0/0xc0 [ 345.666621] ? rcu_bh_qs+0xc0/0xc0 [ 345.670176] ? unwind_dump+0x190/0x190 [ 345.674091] ? find_held_lock+0x36/0x1c0 [ 345.678177] ? __fget+0x4aa/0x740 [ 345.681649] ? lock_downgrade+0x900/0x900 [ 345.685813] ? check_preemption_disabled+0x48/0x200 [ 345.690848] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 345.696671] ? kasan_check_read+0x11/0x20 [ 345.700834] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 345.706134] ? rcu_bh_qs+0xc0/0xc0 [ 345.709708] ? __fget+0x4d1/0x740 [ 345.713182] ? ksys_dup3+0x680/0x680 [ 345.716924] evdev_ioctl_handler+0x144/0x1a0 [ 345.721349] evdev_ioctl+0x27/0x2e [ 345.724912] ? evdev_ioctl_compat+0x30/0x30 [ 345.729253] do_vfs_ioctl+0x1de/0x1720 [ 345.733162] ? ioctl_preallocate+0x300/0x300 [ 345.737586] ? __fget_light+0x2e9/0x430 [ 345.741574] ? fget_raw+0x20/0x20 [ 345.745039] ? _copy_to_user+0xc8/0x110 [ 345.749037] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 345.754590] ? put_timespec64+0x10f/0x1b0 [ 345.758755] ? nsecs_to_jiffies+0x30/0x30 [ 345.762922] ? do_syscall_64+0x9a/0x820 [ 345.766914] ? do_syscall_64+0x9a/0x820 [ 345.770910] ? lockdep_hardirqs_on+0x421/0x5c0 [ 345.775515] ? security_file_ioctl+0x94/0xc0 [ 345.779951] ksys_ioctl+0xa9/0xd0 [ 345.783424] __x64_sys_ioctl+0x73/0xb0 [ 345.787332] do_syscall_64+0x1b9/0x820 [ 345.791231] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 345.796611] ? syscall_return_slowpath+0x5e0/0x5e0 [ 345.801549] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.806411] ? trace_hardirqs_on_caller+0x310/0x310 [ 345.811451] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 345.816484] ? prepare_exit_to_usermode+0x291/0x3b0 [ 345.821529] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.826401] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.831598] RIP: 0033:0x457579 [ 345.834807] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 345.853721] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 345.861445] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 345.868725] RDX: 0000000020013000 RSI: 0000000080284504 RDI: 0000000000000004 [ 345.876003] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 345.883283] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 345.890562] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 345.907248] FAULT_FLAG_ALLOW_RETRY missing 30 [ 345.912084] CPU: 1 PID: 11585 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 345.919460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.919469] Call Trace: [ 345.919501] dump_stack+0x1c4/0x2b4 [ 345.919529] ? dump_stack_print_info.cold.2+0x52/0x52 [ 345.919549] ? kasan_check_write+0x14/0x20 [ 345.919575] ? do_raw_spin_lock+0xc1/0x200 [ 345.919608] handle_userfault.cold.33+0x47/0x62 [ 345.919646] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 345.940372] ? mark_held_locks+0x130/0x130 [ 345.940397] ? mark_held_locks+0x130/0x130 [ 345.940436] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.940458] ? print_usage_bug+0xc0/0xc0 [ 345.940478] ? print_usage_bug+0xc0/0xc0 [ 345.940501] ? select_task_rq_fair+0x3490/0x34f0 [ 345.953638] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.953660] ? check_preemption_disabled+0x48/0x200 [ 345.953679] ? graph_lock+0x170/0x170 [ 345.953703] ? __lock_acquire+0x7ec/0x4ec0 [ 345.953719] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.953744] ? find_held_lock+0x36/0x1c0 [ 345.962560] ? __handle_mm_fault+0x45dc/0x53e0 [ 345.976394] ? lock_downgrade+0x900/0x900 [ 345.976421] ? kasan_check_read+0x11/0x20 [ 345.976440] ? do_raw_spin_unlock+0xa7/0x2f0 [ 345.976459] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 345.976478] ? kasan_check_write+0x14/0x20 [ 345.990826] ? do_raw_spin_lock+0xc1/0x200 [ 345.990859] __handle_mm_fault+0x45ed/0x53e0 [ 346.009487] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 346.009506] ? graph_lock+0x170/0x170 [ 346.009525] ? print_usage_bug+0xc0/0xc0 [ 346.009542] ? __switch_to_asm+0x40/0x70 [ 346.009556] ? __switch_to_asm+0x34/0x70 [ 346.009569] ? __switch_to_asm+0x40/0x70 [ 346.009586] ? graph_lock+0x170/0x170 [ 346.009605] ? graph_lock+0x170/0x170 [ 346.022694] ? handle_mm_fault+0x42a/0xc70 [ 346.022715] ? lock_downgrade+0x900/0x900 [ 346.022735] ? check_preemption_disabled+0x48/0x200 [ 346.022761] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 346.022780] ? kasan_check_read+0x11/0x20 [ 346.031342] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 346.044404] ? rcu_bh_qs+0xc0/0xc0 [ 346.044435] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 346.044455] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 346.044474] ? check_preemption_disabled+0x48/0x200 [ 346.044499] handle_mm_fault+0x54f/0xc70 [ 346.053756] ? __handle_mm_fault+0x53e0/0x53e0 [ 346.053779] ? find_vma+0x34/0x190 [ 346.053805] __do_page_fault+0x67d/0xed0 [ 346.053832] ? mm_fault_error+0x380/0x380 [ 346.053852] ? graph_lock+0x170/0x170 [ 346.065774] ? migrate_swap_stop+0x930/0x930 [ 346.065801] do_page_fault+0xf2/0x7e0 [ 346.065821] ? vmalloc_sync_all+0x30/0x30 [ 346.065841] ? error_entry+0x76/0xd0 [ 346.065859] ? trace_hardirqs_off_caller+0xbb/0x310 [ 346.065901] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.081597] ? trace_hardirqs_on_caller+0x310/0x310 [ 346.081629] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.081655] page_fault+0x1e/0x30 [ 346.081674] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 346.081693] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 346.081702] RSP: 0018:ffff8801759577f0 EFLAGS: 00010206 [ 346.081718] RAX: ffffed002eb2af4f RBX: 0000000000000028 RCX: 0000000000000005 [ 346.081729] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff880175957a50 [ 346.081739] RBP: ffff880175957828 R08: ffffed002eb2af4f R09: ffffed002eb2af4a [ 346.081749] R10: ffffed002eb2af4e R11: ffff880175957a77 R12: 0000000020013028 [ 346.081765] R13: 0000000020013000 R14: ffff880175957a50 R15: 00007ffffffff000 [ 346.095182] ? _copy_from_user+0x10d/0x150 [ 346.095207] evdev_do_ioctl+0x75c/0x2180 [ 346.095230] ? str_to_user+0x90/0x90 [ 346.095254] ? graph_lock+0x170/0x170 [ 346.113995] ? do_futex+0x249/0x26d0 [ 346.114017] ? rcu_bh_qs+0xc0/0xc0 [ 346.114035] ? rcu_bh_qs+0xc0/0xc0 [ 346.114057] ? unwind_dump+0x190/0x190 [ 346.130077] ? find_held_lock+0x36/0x1c0 [ 346.130107] ? __fget+0x4aa/0x740 [ 346.130125] ? lock_downgrade+0x900/0x900 [ 346.130144] ? check_preemption_disabled+0x48/0x200 [ 346.130168] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 346.130187] ? kasan_check_read+0x11/0x20 [ 346.146432] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 346.146451] ? rcu_bh_qs+0xc0/0xc0 [ 346.146483] ? __fget+0x4d1/0x740 [ 346.146515] ? ksys_dup3+0x680/0x680 [ 346.158896] evdev_ioctl_handler+0x144/0x1a0 [ 346.158920] evdev_ioctl+0x27/0x2e [ 346.158937] ? evdev_ioctl_compat+0x30/0x30 [ 346.158954] do_vfs_ioctl+0x1de/0x1720 [ 346.158979] ? ioctl_preallocate+0x300/0x300 [ 346.158999] ? __fget_light+0x2e9/0x430 [ 346.170654] ? fget_raw+0x20/0x20 [ 346.361177] ? _copy_to_user+0xc8/0x110 [ 346.365178] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 346.370730] ? put_timespec64+0x10f/0x1b0 [ 346.374913] ? nsecs_to_jiffies+0x30/0x30 [ 346.379082] ? do_syscall_64+0x9a/0x820 [ 346.383074] ? do_syscall_64+0x9a/0x820 [ 346.387073] ? lockdep_hardirqs_on+0x421/0x5c0 [ 346.391677] ? security_file_ioctl+0x94/0xc0 [ 346.396113] ksys_ioctl+0xa9/0xd0 [ 346.399593] __x64_sys_ioctl+0x73/0xb0 [ 346.403498] do_syscall_64+0x1b9/0x820 [ 346.407412] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 346.412797] ? syscall_return_slowpath+0x5e0/0x5e0 [ 346.417753] ? trace_hardirqs_on_caller+0x310/0x310 [ 346.422783] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 346.427818] ? recalc_sigpending_tsk+0x180/0x180 [ 346.432585] ? kasan_check_write+0x14/0x20 [ 346.436845] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.441723] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.446922] RIP: 0033:0x457579 [ 346.450130] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 346.469042] RSP: 002b:00007fd1b7320c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 346.476790] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 346.484072] RDX: 0000000020013000 RSI: 0000000080284504 RDI: 0000000000000005 [ 346.491353] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 346.498641] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73216d4 [ 346.505924] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:02 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = syz_open_dev$mouse(&(0x7f0000000400)='/dev/input/mouse#\x00', 0x6, 0x4081) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000100)={{}, 0x20}) ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000480)) getsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, &(0x7f00000005c0)=0x3, &(0x7f0000000640)=0x2) r2 = socket(0x10, 0x802, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000180), &(0x7f0000000900)=0x8) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000003c0)={'team0\x00'}) openat$vcs(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vcs\x00', 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000100)={"7465616d300000ffffffc000", 0x4bfd}) sendmmsg$alg(r2, &(0x7f00000000c0)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="247d014ecb76f47885e10fb6794c5e2e2a3c7eab2cc76e709804f3571397cdd17fb4d7db7b9cb8472d4fca2915b286fb6d706848b717795b9a53307b5804cad4840940c4ef5f73e74ae5630cccc1fa35af1822166bd95509ea9ec4071fae4efa6bdbb79017ea45054536b5d9fb3c4cf80e4ea22edea590c529bf80d05b2a0e220082ba3a7a069b07e12b358d6cf01540c0a3366f58c01c9c", 0x98}, {&(0x7f0000000080)="ff947a544f", 0x5}, {&(0x7f0000000280)="36488a929b74841ec0cee60640a8624cc8bf8398be512c08939741667ae63978a43949fb9a0f209bb30676224c3b13376cfe606fe169fe8ca6d54a99e333be6207be3ca345a209d8f8a1b6a0a5a794ff143b3529a2cc69e168afaef98913e08175f13e52b6965ce8bcca70a01e13e8f4789d2e2cc24da0dbbe", 0x79}, {&(0x7f0000000980)="6d32d26f4402f1bc35ce044dd71138e596df5b1d31d3e23b1fa93cd3edfd162228d28ef11e4ebc3751ac429290d63be5b17ea9cf111ab1af85b396bf6f4807cf067a53aa6c417b37ad46035e8fd212f1d4f88b11feb5de2de706e785e6a690c43e9a6c1f8a2a3fca18103d98c173549bc80f21351dcdeba7922f2e9a75431d79d9fd702d5542f92348208d2837f92a1e4f9fce0e15520965609882132d4a9f858a047d693f5cc0d54ff26428d4adece240475bdbd07bb6479996011898040a38cf4f78ad946b1e030ef81b979e5309d9290b0c65fe1e615139a534cfa665db0037f9f2da36aabb288544fa95c54e20f057b5c6a36c43eeb7c8bed1c2aceb845b0ea6bd59b8b7a10a590d0b04195b50248042b9584b451e6e25983b5ac2e87509818ba046ae6b7b4a701b2385dfc5119fee37e1b6dcd72a03422fe9a2efafe4d40a2e80f89b880e2a3466c24d38bba735fa43f8ffd734afebd0b1395b7227a0e47088d0678d9b6d265b37d0109b992d8c31af02b5d6a1a39a646c40b8f1c53e2820d250e6247d41d2f277923b66373d5328f22087992f98020ee6e49548e64825892b575e26ff970eaa974e5c0f69969894d8a6ab47e4ec86fe0f733483febc0ee3c2029556d716bd28c5cc8f8489194af87286e7055487bbf237fe1b2b18a85823378542ae88b1fdc5bec4f49e8d6b1ca89a46ba99b9427a79b24c8d2c06b49bd6912d6addb53e88c7e85984c8220ed19722de295818278373579ab2d963f533583fa5c01788e963112f7134fc78881bb0158bb582e4951e16dafd8c358ebe9ab2ceb957a71a2ae1999f17a66c5f5003e7f222f895cab4d077d441811ac4d11467ccb33d02c8f0e4b9d4ff116caa0c36c4cca5013a6fd68dd0970bbd0eb1bc555fc0a0210492d8f547a7fed18f2cabefa6c9a26200d62cc686883601836d0644ce7c9d8cc814664549114574675bd71c1d153c5614042d7f14911d3502a02ed43301f731d587af05963ba735a8d79a841e04f71f62417ea8ec576041d2a202f34869a0db2afe78d0db7f5f36145636f8f8f1469a94b7ed119648d2f13f3e12f520260385175a8e916dddda213a18e8f4e2316cfee593fdd81fc901f289d35add200fcf7395761c367c8eee3806e23d1f3e65a5a3df79d9220945ff1799d778c015a2f0c1603e0c1a62116fc2da557e15507872259a95d2f29f6b62c391f1bb5eaaa44cdbb037d40ede83d95add6ae951572025fe832136167df42fc1f9e2b38dc16512546db6ba47a8f31dea831f50aa8d40767cf92f961b253149ee817300b51d27c13dea0f00612c49d56ebd2aa20187c77c74c0780036f7836db79b083f47a5ee7cc9f1812a88b7e5a2b8ce302c5f8335b6cdd279211371d7f499fae6ffba566eeb1c9ca414701f7f92c7780ff62be668f1390bc20186b6bf14a81c5d7bc0234f506d9a2cc597a8e4a4e15bd5d7a7cec7d14a6a04e08ca0e0125e1ff727cbb7e4c6c2d5fc51269deb58857ba21e5350a7f6d5c81c310e6d7aa91a50ae3b6156c4a7532b90769fe1ce3a9da404f4215a5c5d897aa2b885ccaf9e9bc98ef155a67de34fdbd81e9adbf9ef2be6a0c2528088cea4f4d7ba47657935b3bed29d4191fce03d866c844845ee292b3a82fe63a34d1a943902d4d021a580527841ba037946971e9723102fbb3dd8b64ed276e8a8402057079fe078366ecbf0338e3e0ace3b057f3cb15db90bf695d961a83e03134befb639c80ffb20c2a2b06a8b868b202357bb60ab6f69ba70a983c5a6d6a684f8d0ebf2c96a9bf9558115347f54c4a883f4b94e72084b97fb347c03f37a99d55fa56471c8acd929c61aa78289aa0aa8c5f8a7d1190977c84815bb36ba7b45d0af04290454a53e7dfd2c2a277e9666bdf08320d440ec0d8ecdb1be7087a634529d5f3c0a19a10de7b3bf7adcb7fa15485ee174e308342563a7d0d9b4b183d487137bc9e2d9b03d63dcec79fe417de36150fc631b100d36d553b13c96fcf1dca6379fbfb6608f8e8d4506c203b3421306930e7ad2461d36e291685aa8f7570a7cec6c32b46a15b09b1e006aa80a30218cf51cd08edcadbefb0fc9a85a1ce0952af33a88a073c7daae3ab88fbc1536006826a05d6cf30fb7ef3dad26d0ba3613cc96a050eaf6c7949b045f2bf7c65cf4ce4636bafbf32a97e5cec43f40d780dc8c24f7b5314ea900ce05b3d084433b2088512997e69c5063becb7ee9d7aee92e405f93cb21f32d7b4ebce110a13575d2b4bbcba0ce19c4c5bd10c5a53a1eaa7dceae2a8ee3d5c6a3cda275cd1cec47ca84a20af969d0b14af28b951b4fb35ec8dc19a94c78c495d5067605f0d0dc7d3ab84dd551c634ff4e29bc61671c1d94cd8a5825c4804c1f7ab17f6e02ead15d48a04e8acb502dff705cc8e3aac7f7d59d6f631d881d8bcceae6802d31e9994cfd885f3b480ad304f1aa8b49e70a6b5cb1a95b9910a74923123731c3877bf85e72910b31c1f525bb0dc9d765f311ba79d94d83bad96041c4315d6f8f25678bbeaf5a64b53774fa2683d173bbadfd6eaf0534ee9d3e5adb6c6006b0bff8cd7fe24e1791a334668e08b4f663de1478c3474f6b7807625ff5977025617ce8745d390952971af476905de8ebf840a7b778dcfacb84a7be6a39b4be1b3f26f9248ee25201c2677800ec215e9f011f79c196861c292a077cc115aada110c3317a4fabd078ed4c17a66823b5d1e1c313baa4c214ee9bd77daa56b727d4b55e689e6b28351be0e78fa056d5aad47623ddf8a9106afe6008b95e4f13ae7231c42bf62c10c1dfb51d8019152b12f92b65ae1e36d6dd31103291e21ba1068cd96044828874ebe01a6bfb521b57ff966e96d59836cd505a931cbe72185b34952cf9a68a754cd7f6d5bfe8d1f7d78a6c2c6c9371dbe953a9bc7966aa28aabc1a1d2dd63b72d8f3cfa51be2c1a079a6870cf581a14ae140c42511a44a72d69b6eeaff39b29aec3b0750bd574566ead86add2884ca3aa7106a0f2e804ea3e24f8ed4a23376e136caa40023fa3b294d0998de07e66d1a56a6f77f97899c7a9ecef6352d1a4bcfdb60f6e53c1ee19127869a68ff50bc58e28fe66219fe26e94fd8a1aff2dd371201fd60ab55d45f36930308d10fa21a791305200e89c5cd0cb11274fbd305acbd15b8a52f1f9f465963c2d73b8389273c18ae937a49d51c52627b7a697a62bbd61a82621e754ef52200839252efd2065bc55d916276b3f0240303179d4ec582be1b5765333fc1b1521f61011357a62607df13de38ae41c18eb685e27eff8b2d169bc1d9ad70fa03da77b554deab9e7ce14df3997946166753e19d29a3357d3127220a61873131069623b328e54a30455a288103330e535b51b9f0af53df8efd7615acc6a552a5dff11c2f66ca8f821a61e19a199dd40997e1ef5d7494cd84ce5b3f482011b2dde28cf5de35342674a67034c228776b520e3b0839ecb22776969ff977a9680151673cc7ce9825aa7e44b4e1aeb5ab173c77ea7274b6fb40a1faf8ae3311568619d48f12ab0286f36f1f052ee85b45a6dbb0a10714d39a6d0dc8d30c818bdf91f04d3008345d4d7d35178dfaf92e399c1f95bc59d548f0bb7e4d3e80e13e88f2170ad5ced7893b7b376e931919b76dfc9e10d50081a2d54f5dc236d9bed8ebb8b756ec91bfa1482d0dc203e3dcd21c3f5305b4d1048eb5132e26e1dd3e0df5649831bf53880bc078ddb40e877c9d8e35b34961dab8d0129bd4a592322f66c32be05b32ec161d1bf7415ae6d9cf59400bfcce8abd363c8490caf4e355a13f2570a5ba1198766a6a266edfafac037d41c5fd50b91854c9347dd91f82bb4c22e5cea0c8f91373170536f1b13da05386d7e85005597c46934a69216f8b7f95aed9a54265c4f41b42bee1bdcc419f95b2a8d01284735e18e03fa13f2eea7615dd8764886cd827917dd2eb1956bb52f2f3a5ddc8d98d18a9e4502aa457297b5ba4741dfb5638bf52b658a2c5f75033b0ffc84ecf23cbe833d35c3117f4845bce48c6fd42f78497d7cd265e6689eae56d3912c0c519b9681c292bbad8e3dc8655fb476b3485164873577e971989fc4f7e9084a964bc34c26b155a860b8bcf55ecbfdd4fe70568c2dbdc37c8b1dc74a600580504ed6f11b8ce951c972467f6a8b36cda3a1fd736300204e8231dbc42d6ef2a854be7f99bbeb2199fd76795f1ba1d8aae72cc83846c314a0364b3334813ce7f31391a0272f9c2d6e6942467c6da76f8e97dc8512178e31122cc73835115892382d34d34551268b01043a0190b89bfa76586b29f7a51934d06b447bf63bcae8d38e962c375020443a55981a940330c5b050734f5915ba0df8ede7f6938d82106bbb095d5c8bd765e070aadce9593550775d2234e3666facad6bb502d237ca713efa2bde3fe997b623a242739967c614ccb130e0521fdb5699660d256eed5a48f8766f0e0deeb917412fce4581add7df7929ba43a8b1c4ba68091e4aea4d91d4abc6b60bc05fa65b11b858af8b6337efc10cc6bda00d16a16b21a59284bc38acfac2d3fd4a84acec718064a0f8970e4e49f2d7da75d23ba72927d8b761d7e579bb061bc3e6e3d4c53d5d80a5575677a81ab11945cee9916dede37ef1b419633b704e64c430e57a567a1edc166d8f254bea4289d5ecccb7cc2e67f135fc51ef7016d62d77ba7df2ac7baefc3da6aafdf845bd9a26bd6f829197a970acf59a3b9d443650c8e71e7feeb38a04dfad8ce870abc0e165ad9e400354fb4d6ef6e3b460dd78866a6ac4f473a7c05ea3a93494a2e78780f860b80074e5d538ad29c8960171a83ec9b1ddbe215844ab80bd23a7a18ad72bd39a031a1fa26e8e4348bcbdd464651cf7012ceff97e7989668fa6311e447ff62e553edb79c0f820f75de136c91bcd5e625322cfa95d19b0e35aea1ced22ae0b2461d2b923d6e3190364f0811699df3e9b269c83914f89df94adbfa3e24eba77724f13a19741c87b48efb75cf8f968880a615bd3e2365f29fe5b3f5030df114bd8273005c8d8acf9a044dc82cd9fa8c22290d8ed51caa4e051519d2a9a57439f65bd7e9192e2c7e231bfe292f10cd75ec255599cf0fbdaf0ed1a9d0ac93520bb63df7550911a7bc339f1061f209edf9326b7d42941078ffcde2792dd2bb848a27d0f83f9c5deeb3b55df741d67317eb3b84981fd3bca7eefcdb05a8d4751e5f898df6beab60f3f3a3f0d4034135d9335885f7169fa904c4a789d7d0c3432879aff5d70d89c65347b5b9e5a1770186f5d3517edf4fe1c026cb95e24f6027a4caeb0822f78680f6b3e1ed1b433146392bc18131beafa52a4289ab13ccffb405422e64cea56eb9a6ed3c9e23e934fa905c538d1f66fb3509a7706ab27a71d05c026281777fc3e04dcf1aebb94ec4af3b30e965cd41d77493c4cf237522bcbc0778237f4cc801778a25b41293616e6a1730785499244cef0636d3987368baca2251c2dabe6c789d47acba4067dd97a1799e4eb485acbcbaff69130c91652096327b580f36fa157a9f9c4f82f1702f401e6bf5cfb01307574db29e200dd6c6225cba47127cb1394e43a2ae567ecf7d17da2aedfb75e599e41131fe8ccf5b0dfd43ff9e2269f75bdf5ddbb405b52dde9acb8f105c452e3805dc3d8258f32fdfff79968beee1861dad354b09682f42568abb9165f8d4050d1adbbebfb427956bdec8e66561c2e3a8c68e1e871566e1034605c4b24123ce3d56523d56370135dd8ce9f331b76ac6f2fab7091d5e8e2f1c2eb6322794be7215957b4c04c98d7810e", 0x1000}, {&(0x7f00000004c0)="706915f7f35b6240b0e2b969c4abfe12a8d3785dd0a058370800cd1865a018e55698eb2a86976bac5cf1e32f84152a307d887ec9fde9fd7827e456aeb88c62710c1c4e23a477a997d60d4be4f1b1264a4659e1c16bfc894a16955ab25938a14b7ddb8c94133d570ce8c492ce7939848df9cbc4bc0e6fd528448372b52df238058e5408ef741a044d10efeb164ebf6766b1b750e17c4cf2bce2d2397e96324e360188bd18c26c9918b799ac992e7dab51b240eb542b58c32261f00f3c764ea352f5cb78f75f10e8faf83c778cb4512117c5c88529cad9b3", 0xd7}, {&(0x7f0000000680)="63a242bbfb5ca995ebd84809e17e73bd888375482cd54b086bab8b32182aeff9dee46b0f9913a4a9c34f31c596d39101cbebe5a1b517eb8b530f4a9884fdf1ecb2b4a919cee45f922a64f83e74221947941cc26a6650b64d079e7a200f725884980134443b5348f585bdcddadaac33bcd0a1a26b9bf9cee139c66ce1c39ccf283817a569345d3f13d9f8390e58cb734cac4053cc402695101f5b8477aa90941f4f3f709e55b139e0924e90883a7a2fc25deccdc6d7234de920d39f6bab35162741f4797574e8592058a88a7511ebebfad42e7f7cf2ab3103b8338d9d957b1994060fbff9211c797d5480386682a98a", 0xef}], 0x6, 0x0, 0x0, 0x880}], 0x1, 0x840) pipe2$9p(&(0x7f0000000940), 0x4000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 13:47:02 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='numa_maps\x00') bind$vsock_dgram(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff}, 0x10) preadv(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/169, 0xa9}], 0x0, 0x1000000000000091) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000001c0)={0xffffffff80000001, 0x0, 0x8, 0x5, 0x8, 0x6, 0x9, 0x100000000, 0x0}, &(0x7f0000000200)=0x20) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000380)=ANY=[@ANYRES32=r1, @ANYBLOB="b5000000308e8ddb68443f476288fb242884cfc81629186d57f3facdbc73412a10693322ab3f548ccbc1f51d08698b7d5e338fcd6e4d1d4812c96e79a673baaa60ee1da775bd0334c80ab1303252b2913f0a618e8658ab8a98eceedf6bf62b0ec5c93404e509bbb5de45ed8e9dc89537e0b199a08d84cd0156997de2c9d8361b62dd665cf6392e4b45c530134dbc6ace5692d19aa316ae93216991cd87742a319a4e2bf20191de029ddbb08419d6193066d1457f9554fd2c8479d9a6566088ffe3cb321713a9a2c96aa50ea96abb29d4c25e04ae6a6202004f2c0946f4cccf8316c3f638a0d512f2fea33e280388b4ded6e5fe246cfcb51666a393d1380899ffe8306e99f1f52e4d3847"], &(0x7f0000000300)=0xbd) r2 = open(&(0x7f0000000180)='./file0\x00', 0x100, 0x100) rt_sigsuspend(&(0x7f0000000240)={0x44a8}, 0x8) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0x7, &(0x7f0000000340)={0x3, 0x9, 0x7, 0x101}, 0x10) 13:47:02 executing program 2: sendmsg(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000380)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000000980), 0x0, &(0x7f0000000100)}, 0x0) fcntl$getflags(0xffffffffffffffff, 0xb) socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001540)={{{@in6=@remote, @in=@broadcast}}, {{@in=@multicast1}, 0x0, @in=@dev}}, &(0x7f0000001640)=0xe8) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bpq0\x00', 0x21}) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00') getdents(r0, &(0x7f0000000180)=""/46, 0x2e) socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000140)='ip6tnl0\x00') write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f, 0x100f}}, 0x20) write$FUSE_GETXATTR(r0, &(0x7f0000000040)={0x18, 0xffffffffffffffda, 0x2, {0x4}}, 0x18) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r0, &(0x7f0000000100)={0x4, 0x8, 0xfa00, {r2, 0xcb}}, 0x10) 13:47:02 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x0, 0x8000}, 0x4) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000001c0)={0x1ffffffffffffeb7, &(0x7f0000000240)=[{0x8000, 0x80000000, 0xfffffffffffffffb, 0xff}, {0x7, 0xb7b9, 0x2, 0x6}, {0x745c, 0x2, 0x7ff, 0x799e}, {0x4, 0xfffffffffffffffe, 0xc75, 0x6}, {0xfffffffffffffff9, 0x7f, 0x2, 0x9}, {0x8c, 0x5f26, 0x9, 0x100000000}, {0x836, 0x8830, 0x40, 0x6}, {0x200, 0x6, 0x2, 0x101}]}, 0xffffffffffffffdc) sendmmsg(r0, &(0x7f0000006e00)=[{{&(0x7f0000000540)=@hci, 0x80, &(0x7f00000006c0)}}, {{&(0x7f00000058c0)=@can, 0x80, &(0x7f0000005a40), 0xfffffdef, &(0x7f0000005a80)}}], 0x3d5, 0x0) 13:47:02 executing program 2: openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x80001, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$ntfs(&(0x7f0000000100)='ntfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='umask=00000000000000000007363,mft_zone_multiplier=0x0000000000000001,errors=remount-ro,disable_sparse=']) 13:47:02 executing program 5: syslog(0x3, &(0x7f00000000c0)=""/147, 0x37a8ec531be3c41f) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r0 = socket$inet_udp(0x2, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000000)) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000680)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000000007000000040000005804000000000000500200005002000070030000700300007003000004000000", @ANYPTR=&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="ffffffffe00000020000000000000000aaaaaaaaaabb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000626f6e645f736c6176655f30000000007465716c30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0003801000000000000000000000000000000000000000000000000000048004c454400000000000000000000000000000000000000000000000000000073797a31000000000000000000000000000000000000000000000000000000000000000000000000ac1414bb000000000000000000000000ffffffffffff00000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000076657468315f746f5f6272696467650076657468305f746f5f7465616d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f000180100000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000822d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f000200100000000000000000000000000000000000000000000000000003000434f4e4e4d41524b00000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000e8000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x4a8) 13:47:02 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x4020940d, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 346.959341] FAULT_FLAG_ALLOW_RETRY missing 30 [ 346.964752] CPU: 0 PID: 11615 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 346.972133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 346.981499] Call Trace: [ 346.984116] dump_stack+0x1c4/0x2b4 [ 346.987773] ? dump_stack_print_info.cold.2+0x52/0x52 [ 346.992986] ? kasan_check_write+0x14/0x20 [ 346.997245] ? do_raw_spin_lock+0xc1/0x200 [ 347.001517] handle_userfault.cold.33+0x47/0x62 [ 347.006225] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 347.010829] ? mark_held_locks+0x130/0x130 [ 347.015099] ? __switch_to_asm+0x34/0x70 [ 347.019169] ? __switch_to_asm+0x40/0x70 [ 347.023281] ? __schedule+0x874/0x1ed0 [ 347.027208] ? print_usage_bug+0xc0/0xc0 [ 347.031288] ? print_usage_bug+0xc0/0xc0 [ 347.035378] ? graph_lock+0x170/0x170 [ 347.039207] ? __lock_acquire+0x7ec/0x4ec0 [ 347.043466] ? find_held_lock+0x36/0x1c0 [ 347.047558] ? __handle_mm_fault+0x45dc/0x53e0 [ 347.052155] ? lock_downgrade+0x900/0x900 [ 347.056499] ? kasan_check_read+0x11/0x20 [ 347.060666] ? do_raw_spin_unlock+0xa7/0x2f0 [ 347.065124] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 347.069722] ? kasan_check_write+0x14/0x20 [ 347.073975] ? do_raw_spin_lock+0xc1/0x200 [ 347.078246] __handle_mm_fault+0x45ed/0x53e0 [ 347.082685] ? futex_wait_setup+0x266/0x3e0 [ 347.087032] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 347.091903] ? graph_lock+0x170/0x170 [ 347.095721] ? print_usage_bug+0xc0/0xc0 [ 347.099800] ? __lock_acquire+0x7ec/0x4ec0 [ 347.104053] ? graph_lock+0x170/0x170 [ 347.107873] ? graph_lock+0x170/0x170 [ 347.111744] ? handle_mm_fault+0x42a/0xc70 [ 347.116007] ? lock_downgrade+0x900/0x900 [ 347.120173] ? check_preemption_disabled+0x48/0x200 [ 347.125211] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 347.131019] ? kasan_check_read+0x11/0x20 [ 347.135189] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 347.140516] ? rcu_bh_qs+0xc0/0xc0 [ 347.144070] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 347.149552] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 347.155127] ? check_preemption_disabled+0x48/0x200 [ 347.160190] handle_mm_fault+0x54f/0xc70 [ 347.164271] ? __handle_mm_fault+0x53e0/0x53e0 [ 347.168883] ? find_vma+0x34/0x190 [ 347.172449] __do_page_fault+0x67d/0xed0 [ 347.176526] ? __switch_to_asm+0x34/0x70 [ 347.180614] ? mm_fault_error+0x380/0x380 [ 347.184786] ? graph_lock+0x170/0x170 [ 347.188603] do_page_fault+0xf2/0x7e0 [ 347.192427] ? vmalloc_sync_all+0x30/0x30 [ 347.196587] ? error_entry+0x76/0xd0 [ 347.200363] ? trace_hardirqs_off_caller+0xbb/0x310 [ 347.205424] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.210290] ? trace_hardirqs_on_caller+0x310/0x310 [ 347.215334] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.220239] page_fault+0x1e/0x30 [ 347.223721] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 347.229377] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 347.248291] RSP: 0018:ffff880175ad7bd0 EFLAGS: 00010202 [ 347.253671] RAX: ffffed002eb5afa2 RBX: 0000000000000020 RCX: 0000000000000004 [ 347.260952] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff880175ad7cf0 [ 347.268247] RBP: ffff880175ad7c08 R08: ffffed002eb5afa2 R09: ffffed002eb5af9e [ 347.275525] R10: ffffed002eb5afa1 R11: ffff880175ad7d0f R12: 0000000020013020 [ 347.282801] R13: 0000000020013000 R14: ffff880175ad7cf0 R15: 00007ffffffff000 [ 347.290139] ? _copy_from_user+0x10d/0x150 [ 347.294416] do_vfs_ioctl+0x4da/0x1720 [ 347.298326] ? ioctl_preallocate+0x300/0x300 [ 347.302783] ? __fget_light+0x2e9/0x430 [ 347.306778] ? fget_raw+0x20/0x20 [ 347.310238] ? _copy_to_user+0xc8/0x110 [ 347.314255] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 347.319829] ? put_timespec64+0x10f/0x1b0 [ 347.324023] ? nsecs_to_jiffies+0x30/0x30 [ 347.328187] ? do_syscall_64+0x9a/0x820 [ 347.332176] ? do_syscall_64+0x9a/0x820 [ 347.336170] ? lockdep_hardirqs_on+0x421/0x5c0 [ 347.340770] ? security_file_ioctl+0x94/0xc0 [ 347.345217] ksys_ioctl+0xa9/0xd0 [ 347.348690] __x64_sys_ioctl+0x73/0xb0 [ 347.352599] do_syscall_64+0x1b9/0x820 [ 347.356505] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 347.361899] ? syscall_return_slowpath+0x5e0/0x5e0 [ 347.366842] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.371735] ? trace_hardirqs_on_caller+0x310/0x310 [ 347.376776] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 347.381814] ? prepare_exit_to_usermode+0x291/0x3b0 [ 347.386872] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.391746] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 347.396942] RIP: 0033:0x457579 [ 347.400150] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 347.419069] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 347.426794] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 347.434074] RDX: 0000000020013000 RSI: 000000004020940d RDI: 0000000000000004 [ 347.441351] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 347.448647] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 13:47:02 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x5421, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 347.455928] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 347.474858] FAULT_FLAG_ALLOW_RETRY missing 30 [ 347.486655] CPU: 0 PID: 11617 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 347.494037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.503411] Call Trace: [ 347.506033] dump_stack+0x1c4/0x2b4 [ 347.509687] ? dump_stack_print_info.cold.2+0x52/0x52 [ 347.514925] ? kasan_check_write+0x14/0x20 [ 347.519210] ? do_raw_spin_lock+0xc1/0x200 [ 347.523475] handle_userfault.cold.33+0x47/0x62 [ 347.528184] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 347.532784] ? mark_held_locks+0x130/0x130 [ 347.537042] ? __switch_to_asm+0x34/0x70 [ 347.541126] ? preempt_notifier_register+0x200/0x200 [ 347.546238] ? __switch_to_asm+0x34/0x70 [ 347.550335] ? __switch_to_asm+0x34/0x70 [ 347.554409] ? __switch_to_asm+0x40/0x70 [ 347.558492] ? __switch_to_asm+0x34/0x70 [ 347.562564] ? __switch_to_asm+0x40/0x70 [ 347.566661] ? __switch_to_asm+0x34/0x70 [ 347.570745] ? __switch_to_asm+0x40/0x70 [ 347.574837] ? __switch_to_asm+0x34/0x70 [ 347.578919] ? __switch_to_asm+0x40/0x70 [ 347.583000] ? print_usage_bug+0xc0/0xc0 [ 347.587076] ? print_usage_bug+0xc0/0xc0 [ 347.591157] ? __sched_text_start+0x8/0x8 [ 347.595320] ? check_preemption_disabled+0x48/0x200 [ 347.600357] ? graph_lock+0x170/0x170 [ 347.604176] ? __lock_acquire+0x7ec/0x4ec0 [ 347.608435] ? find_held_lock+0x36/0x1c0 [ 347.612519] ? __handle_mm_fault+0x45dc/0x53e0 [ 347.617112] ? lock_downgrade+0x900/0x900 [ 347.621282] ? kasan_check_read+0x11/0x20 [ 347.625441] ? do_raw_spin_unlock+0xa7/0x2f0 [ 347.629873] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 347.634512] ? kasan_check_write+0x14/0x20 [ 347.638778] ? do_raw_spin_lock+0xc1/0x200 [ 347.643038] __handle_mm_fault+0x45ed/0x53e0 [ 347.647470] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 347.652323] ? graph_lock+0x170/0x170 [ 347.656138] ? check_preemption_disabled+0x48/0x200 [ 347.661183] ? print_usage_bug+0xc0/0xc0 [ 347.665260] ? graph_lock+0x170/0x170 [ 347.669085] ? graph_lock+0x170/0x170 [ 347.672931] ? handle_mm_fault+0x42a/0xc70 [ 347.677183] ? lock_downgrade+0x900/0x900 [ 347.681349] ? check_preemption_disabled+0x48/0x200 [ 347.686394] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 347.692201] ? kasan_check_read+0x11/0x20 [ 347.696366] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 347.701654] ? rcu_bh_qs+0xc0/0xc0 [ 347.705207] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 347.710677] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 347.716231] ? check_preemption_disabled+0x48/0x200 [ 347.721276] handle_mm_fault+0x54f/0xc70 [ 347.725367] ? __handle_mm_fault+0x53e0/0x53e0 [ 347.729970] ? find_vma+0x34/0x190 [ 347.733555] __do_page_fault+0x67d/0xed0 [ 347.737639] ? mm_fault_error+0x380/0x380 [ 347.741802] ? graph_lock+0x170/0x170 [ 347.745615] ? __fget+0x4aa/0x740 [ 347.749088] do_page_fault+0xf2/0x7e0 [ 347.752915] ? vmalloc_sync_all+0x30/0x30 [ 347.757079] ? error_entry+0x76/0xd0 [ 347.760830] ? trace_hardirqs_off_caller+0xbb/0x310 [ 347.765898] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.770754] ? trace_hardirqs_on_caller+0x310/0x310 [ 347.775827] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.780726] page_fault+0x1e/0x30 [ 347.784197] RIP: 0010:__get_user_4+0x21/0x30 [ 347.788625] Code: 50 ff 31 c0 0f 1f 00 c3 90 48 83 c0 03 72 55 65 48 8b 14 25 40 ee 01 00 48 3b 82 18 14 00 00 73 43 48 19 d2 48 21 d0 0f 1f 00 <8b> 50 fd 31 c0 0f 1f 00 c3 66 0f 1f 44 00 00 48 83 c0 07 72 25 65 [ 347.807538] RSP: 0018:ffff88017597fc10 EFLAGS: 00010206 [ 347.812914] RAX: 0000000020013003 RBX: ffff880184ec87c0 RCX: ffffc90003e86000 [ 347.820190] RDX: ffffffffffffffff RSI: ffffffff81b162e3 RDI: 0000000000000286 [ 347.827467] RBP: ffff88017597fdb8 R08: 0000000000000000 R09: 0000000000000000 [ 347.834744] R10: ffff8801d7f6cf00 R11: de06756c5a84344a R12: 1ffff1002eb2ff8a [ 347.842022] R13: 0000000000005421 R14: ffff8801cca41100 R15: 0000000000005421 [ 347.849330] ? __might_fault+0x1a3/0x1e0 [ 347.853414] ? do_vfs_ioctl+0x3f0/0x1720 [ 347.857498] ? ioctl_preallocate+0x300/0x300 [ 347.861925] ? __fget_light+0x2e9/0x430 [ 347.865916] ? fget_raw+0x20/0x20 [ 347.869384] ? _copy_to_user+0xc8/0x110 [ 347.873378] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 347.878937] ? put_timespec64+0x10f/0x1b0 [ 347.883102] ? nsecs_to_jiffies+0x30/0x30 [ 347.887266] ? do_syscall_64+0x9a/0x820 [ 347.891254] ? do_syscall_64+0x9a/0x820 [ 347.895248] ? lockdep_hardirqs_on+0x421/0x5c0 [ 347.899852] ? security_file_ioctl+0x94/0xc0 [ 347.904308] ksys_ioctl+0xa9/0xd0 [ 347.907781] __x64_sys_ioctl+0x73/0xb0 [ 347.911689] do_syscall_64+0x1b9/0x820 [ 347.915596] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 347.920979] ? syscall_return_slowpath+0x5e0/0x5e0 [ 347.925923] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.930783] ? trace_hardirqs_on_caller+0x310/0x310 [ 347.935815] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 347.940850] ? prepare_exit_to_usermode+0x291/0x3b0 [ 347.945919] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.951288] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 347.956491] RIP: 0033:0x457579 [ 347.959707] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 347.978616] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 347.986340] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 347.993621] RDX: 0000000020013000 RSI: 0000000000005421 RDI: 0000000000000004 [ 348.000911] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 348.008192] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 348.015469] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:03 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r1, 0x34) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000000)=0xffffffffffff0001, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendto$inet6(r2, &(0x7f00000007fa)="97", 0x1, 0x0, &(0x7f00006f9000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) pwritev(r2, &(0x7f0000000240)=[{&(0x7f0000000040)="baa73b03fd851b366ecd64081c893b25affdd087c49af9f89f17d01394f7112d06a2b0267cfc1fa55ffd962b24c90ca4610eafcb2115a2470b4b72b2b257a82b625f37ffd6e5561ab55e2e7cb59341d2c6974452ea7fa25cc3d058c83137afa780b01f4921ef470664dfba5b2752dce87147bc76770e8415b0be3c83188669c8486120e9ee74d2238d76251b99617660edf0c55486c2b7c32aa0e202677b6fe03f6bd58f41a02b0e88e682b8c7ffe291575001515ccc642da85c635a4b9b7c141ba72b13ec97f7612e8aed7cafe636f7be8893c69db1416fca21f5a7b47d7b225fe7a2d2b40f46fcf966dfd54efb9693867e6a", 0xf3}, {&(0x7f0000000140)="d6bcbae370a8456510d5e061ab7e1b9ced52f0fdf60c7cdc8cedefdecfbfd3c59c454fdc245802e946ae66da0d3abae645394d2be39209b2ff7bb98400e3b5496a6cc2a7105f999e6f805f0b6e9de9c98b604b40137d64e389fadef39f4160656baec540f6316b94ff38fed45c0d87ef65ab1879af9eb5c0d4773db791d0e3c17dccd3663654d8091bb41e8daa99ddd404bd43fb0301b42cd4263216b7b3ba8817e9d221988fad66e8ea8b1f8a147f78c449a22d3ebdb2ec9546f96fd1a7d5c036800cb56a85972b3cb785edffdfedaba9f2e3f1f2505e512b8d40e0bac8b3e0", 0xe0}, {&(0x7f00000002c0)="c8aef45cb6fbe75712a90ca04307a2f7c905c1d9cc9025c4285247e05d870226cd283ed9fc65f89687ce97e0a6d5a38b3df9349e7d05e6e7d35f4ebd449f7506ced3dc0ba04989a205457253a4fea5df4ec555c69cdb3cdcb312540553ffaf24199ca5949a2d892b7f35b3c33df2a06c7b6bf15cc5dcdb942def555bac2cadee137ca9a6c8d644a119f79cc77c9bda7c2a4812bba7baae35cf5c20a781e804c3e88d4395c7eedb19edde0dcc0266dcc969925a1de5ae7dc2cd59ccaf7f1c0f08b5aeb6585c58368569158e9811a3cd48009e4d22ef39ae81cf", 0xd9}], 0x3, 0x0) [ 349.055530] device team0 entered promiscuous mode [ 349.090149] ntfs: (device loop2): parse_options(): The disable_sparse option requires a boolean argument. [ 349.119011] device team_slave_0 entered promiscuous mode [ 349.128671] device team_slave_1 entered promiscuous mode [ 349.138622] 8021q: adding VLAN 0 to HW filter on device team0 13:47:04 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000080)={0x13, 0x2, 0x22a7}) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@ipv6_newroute={0x30, 0x18, 0x23, 0x0, 0x0, {0xa, 0x0, 0xffffff9e}, [@RTA_GATEWAY={0x14, 0x2, @empty={[0xfe80]}}]}, 0x30}}, 0x0) 13:47:04 executing program 3: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f00000001c0)='/dev/usbmon#\x00') mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x8}, &(0x7f0000000380), 0x1400) ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4008641a, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[0x81]}) r1 = add_key(&(0x7f0000000400)='cifs.spnego\x00', &(0x7f0000000480), 0x0, 0x0, 0xfffffffffffffffd) add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f00000002c0), &(0x7f0000000300), 0x0, r1) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f00000002c0), 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r2, 0x0) ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, &(0x7f00000003c0)={0x0, 0x0, 0x100000001, 0x6}) connect$can_bcm(0xffffffffffffffff, &(0x7f0000002ff0), 0x10) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000000), 0x4) sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000005ff0)={&(0x7f0000008000)={0x5, 0x0, 0x0, 0x0, 0x2}, 0x10}}, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ppp\x00', 0x100, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000140)={0x6, 0x100000001, 0x1, 0x91d, 0x567a, 0x9, 0x7}, 0xc) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r3, 0xc05c5340, &(0x7f00000015c0)={0x3, 0x1, 0xb0e1, {0x77359400}, 0x7fff, 0x2}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f00000004c0)=ANY=[@ANYBLOB]) write$binfmt_misc(r2, &(0x7f0000000440)={'syz1'}, 0x1200e) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000040)) 13:47:04 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x5452, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:05 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendfile(r0, r0, &(0x7f0000000000), 0xd2d17df) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', &(0x7f0000000000), 0x0, [], [0x4]}) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x1ff, 0x4200) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f00000002c0)={'nat\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f00000000c0)=[{}], 0x0, [{}, {}]}, 0x98) 13:47:05 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x7524}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snapshot\x00', 0x400, 0x0) bind$vsock_stream(r1, &(0x7f00000003c0)={0x28, 0x0, 0x2711, @reserved}, 0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e22, @remote}}, 0x3, 0x1000}, &(0x7f00000000c0)=0x90) setxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=@random={'user.', 'nodev!\\\x00'}, &(0x7f0000000340)='em1\x00', 0x4, 0x1) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000140)={r4, 0x7aab}, 0x8) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000040)) 13:47:05 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x5452, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:05 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpid() r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000040), 0x113, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) 13:47:05 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000000040)={0x3}, 0x8, 0x0) r0 = fcntl$getown(0xffffffffffffff9c, 0x9) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000700)={{}, 0x3, 0x9, 0x0, 0x0, 0x1, 0x9, r0}) [ 349.598402] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 13:47:05 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x26e1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000100)={0x8}) ftruncate(r0, 0x8000003) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140)=""/152, &(0x7f0000000080)=0x98) write$P9_RREADDIR(r0, &(0x7f0000000040)=ANY=[@ANYRES16=r0], 0x2) ioctl$SG_GET_ACCESS_COUNT(r0, 0x2289, &(0x7f00000000c0)) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000200)={0x0, 0x3, 0x1, 0xcc07, '\x00', 0x1}) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r0, 0x111, 0x5, 0x7, 0x4) [ 349.703170] FAULT_FLAG_ALLOW_RETRY missing 30 [ 349.730524] CPU: 1 PID: 11670 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 349.737925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 349.747282] Call Trace: [ 349.749895] dump_stack+0x1c4/0x2b4 [ 349.753566] ? dump_stack_print_info.cold.2+0x52/0x52 [ 349.758778] ? kasan_check_write+0x14/0x20 [ 349.763036] ? do_raw_spin_lock+0xc1/0x200 [ 349.767302] handle_userfault.cold.33+0x47/0x62 [ 349.772015] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 349.776623] ? mark_held_locks+0x130/0x130 [ 349.780876] ? lock_release+0x970/0x970 [ 349.784900] ? __switch_to_asm+0x34/0x70 [ 349.789008] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 349.794083] ? pfn_pte+0x1c3/0x230 [ 349.797640] ? copy_subpage+0x240/0x240 [ 349.801643] ? do_raw_spin_lock+0xc1/0x200 [ 349.805911] ? print_usage_bug+0xc0/0xc0 [ 349.809992] ? print_usage_bug+0xc0/0xc0 [ 349.814065] ? find_held_lock+0x13f/0x1c0 [ 349.818236] ? filemap_map_pages+0xdc3/0x1980 [ 349.822749] ? graph_lock+0x170/0x170 [ 349.826574] ? __lock_acquire+0x7ec/0x4ec0 [ 349.830820] ? rcu_bh_qs+0xc0/0xc0 [ 349.834370] ? find_held_lock+0x36/0x1c0 [ 349.838452] ? __handle_mm_fault+0x45dc/0x53e0 [ 349.843042] ? lock_downgrade+0x900/0x900 [ 349.847203] ? kasan_check_read+0x11/0x20 [ 349.851363] ? do_raw_spin_unlock+0xa7/0x2f0 [ 349.855785] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 349.860389] ? kasan_check_write+0x14/0x20 [ 349.864632] ? do_raw_spin_lock+0xc1/0x200 [ 349.868892] __handle_mm_fault+0x45ed/0x53e0 [ 349.873322] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 349.878173] ? graph_lock+0x170/0x170 [ 349.881984] ? check_preemption_disabled+0x48/0x200 [ 349.887005] ? print_usage_bug+0xc0/0xc0 [ 349.891085] ? print_usage_bug+0xc0/0xc0 [ 349.895153] ? graph_lock+0x170/0x170 [ 349.898960] ? graph_lock+0x170/0x170 [ 349.902789] ? handle_mm_fault+0x42a/0xc70 [ 349.907028] ? lock_downgrade+0x900/0x900 [ 349.911185] ? check_preemption_disabled+0x48/0x200 [ 349.916217] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 349.922019] ? kasan_check_read+0x11/0x20 [ 349.926175] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 349.931455] ? rcu_bh_qs+0xc0/0xc0 [ 349.935024] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 349.940494] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 349.946040] ? check_preemption_disabled+0x48/0x200 [ 349.951076] handle_mm_fault+0x54f/0xc70 [ 349.955150] ? __handle_mm_fault+0x53e0/0x53e0 [ 349.959741] ? find_vma+0x34/0x190 [ 349.963294] __do_page_fault+0x67d/0xed0 [ 349.967387] ? mm_fault_error+0x380/0x380 [ 349.971554] ? graph_lock+0x170/0x170 [ 349.975371] ? __fget+0x4aa/0x740 [ 349.978873] do_page_fault+0xf2/0x7e0 [ 349.982717] ? vmalloc_sync_all+0x30/0x30 [ 349.986894] ? error_entry+0x76/0xd0 [ 349.990616] ? trace_hardirqs_off_caller+0xbb/0x310 [ 349.995655] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.000507] ? trace_hardirqs_on_caller+0x310/0x310 [ 350.005564] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.010430] page_fault+0x1e/0x30 [ 350.013894] RIP: 0010:__get_user_4+0x21/0x30 [ 350.018315] Code: 50 ff 31 c0 0f 1f 00 c3 90 48 83 c0 03 72 55 65 48 8b 14 25 40 ee 01 00 48 3b 82 18 14 00 00 73 43 48 19 d2 48 21 d0 0f 1f 00 <8b> 50 fd 31 c0 0f 1f 00 c3 66 0f 1f 44 00 00 48 83 c0 07 72 25 65 [ 350.037226] RSP: 0018:ffff8801802cfc10 EFLAGS: 00010206 [ 350.042596] RAX: 0000000020013003 RBX: ffff88018b437cc0 RCX: ffffc9000a0db000 [ 350.049901] RDX: ffffffffffffffff RSI: ffffffff81b162e3 RDI: 0000000000000286 [ 350.057655] RBP: ffff8801802cfdb8 R08: 0000000000000000 R09: 0000000000000000 [ 350.064926] R10: ffff8801c6180d80 R11: de06756c5a84344a R12: 1ffff10030059f8a [ 350.072196] R13: 0000000000005452 R14: ffff8801cca41100 R15: 0000000000005452 [ 350.079499] ? __might_fault+0x1a3/0x1e0 [ 350.083577] ? do_vfs_ioctl+0x2b1/0x1720 [ 350.087663] ? ioctl_preallocate+0x300/0x300 [ 350.092076] ? __fget_light+0x2e9/0x430 [ 350.096058] ? fget_raw+0x20/0x20 [ 350.099517] ? _copy_to_user+0xc8/0x110 [ 350.103501] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 350.109050] ? put_timespec64+0x10f/0x1b0 [ 350.113206] ? nsecs_to_jiffies+0x30/0x30 [ 350.117365] ? do_syscall_64+0x9a/0x820 [ 350.121364] ? do_syscall_64+0x9a/0x820 [ 350.125385] ? lockdep_hardirqs_on+0x421/0x5c0 [ 350.129992] ? security_file_ioctl+0x94/0xc0 [ 350.134414] ksys_ioctl+0xa9/0xd0 [ 350.137890] __x64_sys_ioctl+0x73/0xb0 [ 350.141789] do_syscall_64+0x1b9/0x820 [ 350.145684] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 350.151058] ? syscall_return_slowpath+0x5e0/0x5e0 [ 350.155990] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.160840] ? trace_hardirqs_on_caller+0x310/0x310 [ 350.165877] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 350.170905] ? prepare_exit_to_usermode+0x291/0x3b0 [ 350.175938] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.180794] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.185984] RIP: 0033:0x457579 [ 350.189182] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 350.208097] RSP: 002b:00007fd9995a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 350.215817] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 350.223090] RDX: 0000000020013000 RSI: 0000000000005452 RDI: 0000000000000004 13:47:05 executing program 5: syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff0000000000001400470000300000000000009078ac1414aa80000000440805010000000000000000148dd73c13d087871291268af3cabff359ec8dccce8ccb5b06d3e74efacdb782026669193e81731a25cb7d8746181248818550d7eb7c226f8b289fe69a9fb110f6975c64bc4f90bc90ec6078b0b6721b3ef9b7d676fa7a24e7234e45c234fc99ef9f923f3e0c816a5dd1bf", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], &(0x7f00000002c0)) r0 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0x80, 0x101200) read$FUSE(r0, &(0x7f0000000300), 0x1000) [ 350.230360] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 350.237647] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995a46d4 [ 350.244921] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 350.253629] FAULT_FLAG_ALLOW_RETRY missing 30 [ 350.273530] CPU: 0 PID: 11678 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 350.280926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 350.290290] Call Trace: [ 350.292921] dump_stack+0x1c4/0x2b4 [ 350.296574] ? dump_stack_print_info.cold.2+0x52/0x52 [ 350.301781] ? kasan_check_write+0x14/0x20 [ 350.306035] ? do_raw_spin_lock+0xc1/0x200 [ 350.310294] handle_userfault.cold.33+0x47/0x62 [ 350.314989] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 350.319593] ? mark_held_locks+0x130/0x130 [ 350.323862] ? __switch_to_asm+0x34/0x70 [ 350.327964] ? preempt_notifier_register+0x200/0x200 [ 350.333080] ? __switch_to_asm+0x34/0x70 [ 350.337149] ? __switch_to_asm+0x34/0x70 [ 350.341216] ? __switch_to_asm+0x40/0x70 [ 350.345283] ? __switch_to_asm+0x34/0x70 [ 350.349350] ? __switch_to_asm+0x40/0x70 [ 350.353454] ? __switch_to_asm+0x34/0x70 [ 350.357529] ? __switch_to_asm+0x40/0x70 [ 350.361614] ? __switch_to_asm+0x34/0x70 [ 350.365678] ? __switch_to_asm+0x40/0x70 [ 350.369751] ? print_usage_bug+0xc0/0xc0 [ 350.373822] ? print_usage_bug+0xc0/0xc0 [ 350.377909] ? __sched_text_start+0x8/0x8 [ 350.382064] ? check_preemption_disabled+0x48/0x200 [ 350.387118] ? graph_lock+0x170/0x170 [ 350.390949] ? __lock_acquire+0x7ec/0x4ec0 [ 350.395200] ? find_held_lock+0x36/0x1c0 [ 350.399278] ? __handle_mm_fault+0x45dc/0x53e0 [ 350.403875] ? lock_downgrade+0x900/0x900 [ 350.408042] ? kasan_check_read+0x11/0x20 [ 350.412198] ? do_raw_spin_unlock+0xa7/0x2f0 [ 350.416614] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 350.421207] ? kasan_check_write+0x14/0x20 [ 350.425461] ? do_raw_spin_lock+0xc1/0x200 [ 350.429741] __handle_mm_fault+0x45ed/0x53e0 [ 350.434168] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 350.439019] ? graph_lock+0x170/0x170 [ 350.442825] ? check_preemption_disabled+0x48/0x200 [ 350.447848] ? print_usage_bug+0xc0/0xc0 [ 350.451932] ? graph_lock+0x170/0x170 [ 350.455736] ? graph_lock+0x170/0x170 [ 350.459562] ? handle_mm_fault+0x42a/0xc70 [ 350.463803] ? lock_downgrade+0x900/0x900 [ 350.467956] ? check_preemption_disabled+0x48/0x200 [ 350.472989] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 350.478792] ? kasan_check_read+0x11/0x20 [ 350.482946] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 350.488231] ? rcu_bh_qs+0xc0/0xc0 [ 350.491779] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 350.497239] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 350.502801] ? check_preemption_disabled+0x48/0x200 [ 350.507830] handle_mm_fault+0x54f/0xc70 [ 350.511914] ? __handle_mm_fault+0x53e0/0x53e0 [ 350.516499] ? find_vma+0x34/0x190 [ 350.520051] __do_page_fault+0x67d/0xed0 [ 350.524130] ? mm_fault_error+0x380/0x380 [ 350.528285] ? graph_lock+0x170/0x170 [ 350.532090] ? __fget+0x4aa/0x740 [ 350.535553] do_page_fault+0xf2/0x7e0 [ 350.539362] ? vmalloc_sync_all+0x30/0x30 [ 350.543521] ? error_entry+0x76/0xd0 [ 350.547244] ? trace_hardirqs_off_caller+0xbb/0x310 [ 350.552268] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.557119] ? trace_hardirqs_on_caller+0x310/0x310 [ 350.562154] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.567013] page_fault+0x1e/0x30 [ 350.570477] RIP: 0010:__get_user_4+0x21/0x30 [ 350.574916] Code: 50 ff 31 c0 0f 1f 00 c3 90 48 83 c0 03 72 55 65 48 8b 14 25 40 ee 01 00 48 3b 82 18 14 00 00 73 43 48 19 d2 48 21 d0 0f 1f 00 <8b> 50 fd 31 c0 0f 1f 00 c3 66 0f 1f 44 00 00 48 83 c0 07 72 25 65 [ 350.593824] RSP: 0018:ffff880187dafc10 EFLAGS: 00010206 [ 350.599204] RAX: 0000000020013003 RBX: ffff880184ec8040 RCX: ffffc90003e86000 [ 350.606479] RDX: ffffffffffffffff RSI: ffffffff81b162e3 RDI: 0000000000000286 [ 350.613765] RBP: ffff880187dafdb8 R08: 0000000000000000 R09: 0000000000000000 [ 350.621035] R10: ffff880180ed08c0 R11: de06756c5a84344a R12: 1ffff10030fb5f8a [ 350.628303] R13: 0000000000005452 R14: ffff8801cca41100 R15: 0000000000005452 [ 350.635611] ? __might_fault+0x1a3/0x1e0 [ 350.639701] ? do_vfs_ioctl+0x2b1/0x1720 [ 350.643783] ? ioctl_preallocate+0x300/0x300 [ 350.648211] ? __fget_light+0x2e9/0x430 [ 350.652192] ? fget_raw+0x20/0x20 [ 350.655672] ? _copy_to_user+0xc8/0x110 [ 350.659654] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 350.665218] ? put_timespec64+0x10f/0x1b0 [ 350.669402] ? nsecs_to_jiffies+0x30/0x30 [ 350.673571] ? do_syscall_64+0x9a/0x820 [ 350.677547] ? do_syscall_64+0x9a/0x820 [ 350.681528] ? lockdep_hardirqs_on+0x421/0x5c0 [ 350.686117] ? security_file_ioctl+0x94/0xc0 [ 350.690539] ksys_ioctl+0xa9/0xd0 [ 350.694007] __x64_sys_ioctl+0x73/0xb0 [ 350.697915] do_syscall_64+0x1b9/0x820 [ 350.701808] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 350.707186] ? syscall_return_slowpath+0x5e0/0x5e0 [ 350.712118] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.716969] ? trace_hardirqs_on_caller+0x310/0x310 [ 350.721990] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 350.727016] ? prepare_exit_to_usermode+0x291/0x3b0 [ 350.732043] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.736912] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.742108] RIP: 0033:0x457579 [ 350.745332] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 350.764233] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 350.771951] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 13:47:06 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x2, 0x0) getpeername(r0, &(0x7f0000000380)=@sco, &(0x7f0000000400)=0x80) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000240)=ANY=[]) mkdir(&(0x7f0000000340)='./file1\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]}) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) getdents(r1, &(0x7f00000001c0)=""/239, 0xef) lstat(&(0x7f0000000080)='./file1\x00', &(0x7f00000002c0)) 13:47:06 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f00000002c0), &(0x7f0000000300)) fadvise64(r0, 0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000200)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000140), 0x1c) ioctl$KVM_GET_FPU(0xffffffffffffffff, 0x81a0ae8c, &(0x7f00000003c0)) ioctl$int_in(r1, 0x5421, &(0x7f0000000380)=0x801) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000100), 0x4) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='pagemap\x00') sendfile(r1, r2, &(0x7f0000000000), 0x10000) [ 350.779220] RDX: 0000000020013000 RSI: 0000000000005452 RDI: 0000000000000004 [ 350.786495] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 350.793771] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 350.801042] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 350.891017] FAT-fs (loop0): bogus number of reserved sectors [ 350.898630] FAULT_FLAG_ALLOW_RETRY missing 30 [ 350.900245] FAT-fs (loop0): Can't find a valid FAT filesystem [ 350.911644] CPU: 0 PID: 11670 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 350.919039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 350.928403] Call Trace: [ 350.931015] dump_stack+0x1c4/0x2b4 [ 350.931041] ? dump_stack_print_info.cold.2+0x52/0x52 [ 350.931062] ? kasan_check_write+0x14/0x20 [ 350.931084] ? do_raw_spin_lock+0xc1/0x200 [ 350.931111] handle_userfault.cold.33+0x47/0x62 [ 350.953497] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 350.958109] ? mark_held_locks+0x130/0x130 [ 350.962360] ? __switch_to_asm+0x34/0x70 [ 350.966469] ? preempt_notifier_register+0x200/0x200 [ 350.971589] ? __switch_to_asm+0x34/0x70 [ 350.975669] ? __switch_to_asm+0x34/0x70 [ 350.979742] ? __switch_to_asm+0x40/0x70 [ 350.983811] ? __switch_to_asm+0x34/0x70 [ 350.987903] ? __switch_to_asm+0x40/0x70 [ 350.991980] ? __switch_to_asm+0x34/0x70 [ 350.991994] ? __switch_to_asm+0x40/0x70 [ 350.992007] ? __switch_to_asm+0x34/0x70 [ 350.992019] ? __switch_to_asm+0x40/0x70 [ 350.992043] ? print_usage_bug+0xc0/0xc0 [ 350.992062] ? print_usage_bug+0xc0/0xc0 [ 351.012362] ? __sched_text_start+0x8/0x8 [ 351.012385] ? check_preemption_disabled+0x48/0x200 [ 351.012412] ? graph_lock+0x170/0x170 [ 351.029438] ? __lock_acquire+0x7ec/0x4ec0 [ 351.033717] ? find_held_lock+0x36/0x1c0 13:47:06 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000040)) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) shutdown(r0, 0x0) mount(&(0x7f00000004c0)=ANY=[@ANYBLOB="31d33ca1d0d61db8e1f36f90e40ffc5506857cce1b53ea1ce35a7ec2916b643531bc72a0ea421812a495ec0b5274b102ac6a8e820c8af5712b8c81efdeca33dd158ea2346e1ce16794f3a2b47f623937dfe3c32364141866a4377cece1e0ee206e17ced9c0d891ea9abc91490d9c1beff52e107616749edfb1d722102d1558ce6139ec089577747d801efdba41dc0e6f9380d3a8c530e993f1db650f33"], &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x2000, 0x0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000340)={0x0, 0x0, 0x401, 0x0, 0x8000, 0x8, 0x1, 0x1, 0x4, 0x0, 0x2, 0x3}) ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000280)="1626237255a0c7409176ff4109b6a4c35fa524541809aed294053b3e625888d1c60efefe643b6d88f1020ae2bc68041771bec13c4721af86c4e12c34f2d7b4abb65bc70b0f91e8b4e33b0bab533faa4ad897e3512a0196b12e4666f21a6239904cf3cb3a2b224cacdc12ff3242f9a26cfb8a42be2d2ca16ed75f784df50a7c5c022fb084ebb49712cdb47d5f20f0365d89e0eef69cc467f04b94dcad2bcb4c9f279d465ddfc621f8bef1ca59375b3089a8ba577e59733c9562") bind$vsock_dgram(r2, &(0x7f0000000180)={0x28, 0x0, 0x2711, @reserved}, 0x10) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f00003b9fdc)) syz_open_pts(r3, 0x0) write(r3, &(0x7f0000c34fff), 0xffffff0b) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000005, 0x5c831, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x80, 0x0) 13:47:06 executing program 3: r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc}, 0xbf) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x0, 0xfffffffffffffff7}, 0x10) write$binfmt_aout(r2, &(0x7f00000003c0), 0x20) write$binfmt_aout(r2, &(0x7f0000000380), 0x20) close(r2) [ 351.037807] ? __handle_mm_fault+0x45dc/0x53e0 [ 351.042413] ? lock_downgrade+0x900/0x900 [ 351.046585] ? kasan_check_read+0x11/0x20 [ 351.050751] ? do_raw_spin_unlock+0xa7/0x2f0 [ 351.055184] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 351.059990] ? kasan_check_write+0x14/0x20 [ 351.064243] ? do_raw_spin_lock+0xc1/0x200 [ 351.068514] __handle_mm_fault+0x45ed/0x53e0 [ 351.072954] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 351.077843] ? graph_lock+0x170/0x170 [ 351.081714] ? print_usage_bug+0xc0/0xc0 [ 351.085807] ? graph_lock+0x170/0x170 [ 351.089632] ? graph_lock+0x170/0x170 [ 351.093499] ? handle_mm_fault+0x42a/0xc70 [ 351.097753] ? lock_downgrade+0x900/0x900 [ 351.101966] ? check_preemption_disabled+0x48/0x200 [ 351.107019] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 351.112831] ? kasan_check_read+0x11/0x20 [ 351.117029] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 351.122323] ? rcu_bh_qs+0xc0/0xc0 [ 351.125900] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 351.131374] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 351.136937] ? check_preemption_disabled+0x48/0x200 [ 351.141985] handle_mm_fault+0x54f/0xc70 [ 351.146068] ? __handle_mm_fault+0x53e0/0x53e0 [ 351.150667] ? find_vma+0x34/0x190 [ 351.154227] __do_page_fault+0x67d/0xed0 [ 351.158342] ? mm_fault_error+0x380/0x380 [ 351.162521] ? graph_lock+0x170/0x170 [ 351.166342] ? __fget+0x4aa/0x740 [ 351.169836] do_page_fault+0xf2/0x7e0 [ 351.173681] ? vmalloc_sync_all+0x30/0x30 [ 351.177846] ? error_entry+0x76/0xd0 [ 351.181606] ? trace_hardirqs_off_caller+0xbb/0x310 [ 351.186644] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 351.191508] ? trace_hardirqs_on_caller+0x310/0x310 [ 351.196550] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 351.201415] page_fault+0x1e/0x30 [ 351.204907] RIP: 0010:__get_user_4+0x21/0x30 [ 351.209334] Code: 50 ff 31 c0 0f 1f 00 c3 90 48 83 c0 03 72 55 65 48 8b 14 25 40 ee 01 00 48 3b 82 18 14 00 00 73 43 48 19 d2 48 21 d0 0f 1f 00 <8b> 50 fd 31 c0 0f 1f 00 c3 66 0f 1f 44 00 00 48 83 c0 07 72 25 65 [ 351.228252] RSP: 0018:ffff8801802cfc10 EFLAGS: 00010206 [ 351.233632] RAX: 0000000020013003 RBX: ffff88018b437cc0 RCX: ffffc9000a0db000 [ 351.240917] RDX: ffffffffffffffff RSI: ffffffff81b162e3 RDI: 0000000000000286 [ 351.248204] RBP: ffff8801802cfdb8 R08: 0000000000000000 R09: 0000000000000000 [ 351.255486] R10: ffff8801c6180d80 R11: de06756c5a84344a R12: 1ffff10030059f8a [ 351.262782] R13: 0000000000005452 R14: ffff8801cca41100 R15: 0000000000005452 [ 351.270096] ? __might_fault+0x1a3/0x1e0 [ 351.274185] ? do_vfs_ioctl+0x2b1/0x1720 [ 351.278273] ? ioctl_preallocate+0x300/0x300 [ 351.282699] ? __fget_light+0x2e9/0x430 [ 351.286691] ? fget_raw+0x20/0x20 [ 351.290159] ? _copy_to_user+0xc8/0x110 [ 351.294161] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 351.299726] ? put_timespec64+0x10f/0x1b0 [ 351.303926] ? nsecs_to_jiffies+0x30/0x30 [ 351.308096] ? do_syscall_64+0x9a/0x820 [ 351.312086] ? do_syscall_64+0x9a/0x820 [ 351.316075] ? lockdep_hardirqs_on+0x421/0x5c0 [ 351.320682] ? security_file_ioctl+0x94/0xc0 [ 351.325129] ksys_ioctl+0xa9/0xd0 [ 351.328608] __x64_sys_ioctl+0x73/0xb0 [ 351.332537] do_syscall_64+0x1b9/0x820 [ 351.336441] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 351.341845] ? syscall_return_slowpath+0x5e0/0x5e0 [ 351.346822] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 351.351686] ? trace_hardirqs_on_caller+0x310/0x310 [ 351.356724] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 351.361762] ? prepare_exit_to_usermode+0x291/0x3b0 [ 351.366791] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 351.371724] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.376950] RIP: 0033:0x457579 [ 351.380177] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 351.399102] RSP: 002b:00007fd9995a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 351.406837] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 351.414144] RDX: 0000000020013000 RSI: 0000000000005452 RDI: 0000000000000004 [ 351.421419] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 351.428709] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995a46d4 [ 351.435992] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 351.519939] FAT-fs (loop0): bogus number of reserved sectors [ 351.539350] FAT-fs (loop0): Can't find a valid FAT filesystem [ 351.555206] overlayfs: filesystem on './file0' not supported as upperdir 13:47:07 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80044584, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:07 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0) setns(r0, 0x4000000) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22, 0x0, @ipv4={[], [], @local}}, 0x1c) listen(r1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000080)="580000001400add427323b470c458c560a067fffffff81004e220000000058000b4824ca945f64009400050028925aa80000000000000080000efffe1b0000000000fff5dd00000010000100090a1000410400000000fcff", 0x3c}], 0x1) 13:47:07 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40104593, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:07 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r0, 0x5, 0x40008000000006, &(0x7f0000000000), 0x0) [ 351.727975] FAULT_FLAG_ALLOW_RETRY missing 30 [ 351.768464] CPU: 1 PID: 11723 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 351.775904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.785271] Call Trace: [ 351.787907] dump_stack+0x1c4/0x2b4 [ 351.791565] ? dump_stack_print_info.cold.2+0x52/0x52 [ 351.796774] ? kasan_check_write+0x14/0x20 [ 351.801056] ? do_raw_spin_lock+0xc1/0x200 [ 351.805342] handle_userfault.cold.33+0x47/0x62 [ 351.810065] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 351.814667] ? mark_held_locks+0x130/0x130 [ 351.818919] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 351.824473] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 351.829856] ? select_task_rq_fair+0x34f0/0x34f0 [ 351.834665] ? reweight_task+0x130/0x130 [ 351.838764] ? print_usage_bug+0xc0/0xc0 [ 351.842846] ? print_usage_bug+0xc0/0xc0 [ 351.846938] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 351.852502] ? find_held_lock+0x36/0x1c0 [ 351.856602] ? graph_lock+0x170/0x170 [ 351.860444] ? __lock_acquire+0x7ec/0x4ec0 [ 351.864707] ? _raw_spin_unlock_irq+0x27/0x80 [ 351.869216] ? _raw_spin_unlock_irq+0x27/0x80 [ 351.873728] ? lockdep_hardirqs_on+0x421/0x5c0 [ 351.878327] ? find_held_lock+0x36/0x1c0 [ 351.882439] ? __handle_mm_fault+0x45dc/0x53e0 [ 351.887040] ? lock_downgrade+0x900/0x900 [ 351.891210] ? kasan_check_read+0x11/0x20 [ 351.895375] ? do_raw_spin_unlock+0xa7/0x2f0 [ 351.899817] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 351.904419] ? kasan_check_write+0x14/0x20 [ 351.908670] ? do_raw_spin_lock+0xc1/0x200 [ 351.912951] __handle_mm_fault+0x45ed/0x53e0 [ 351.917419] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 351.922275] ? graph_lock+0x170/0x170 [ 351.926118] ? print_usage_bug+0xc0/0xc0 [ 351.930196] ? graph_lock+0x170/0x170 [ 351.934007] ? graph_lock+0x170/0x170 [ 351.937850] ? handle_mm_fault+0x42a/0xc70 [ 351.942108] ? lock_downgrade+0x900/0x900 [ 351.946273] ? check_preemption_disabled+0x48/0x200 [ 351.951323] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 351.957132] ? kasan_check_read+0x11/0x20 [ 351.961318] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 351.966607] ? rcu_bh_qs+0xc0/0xc0 [ 351.970606] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 351.976073] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 351.981633] ? check_preemption_disabled+0x48/0x200 [ 351.986679] handle_mm_fault+0x54f/0xc70 [ 351.990773] ? __handle_mm_fault+0x53e0/0x53e0 [ 351.990793] ? find_vma+0x34/0x190 [ 351.990816] __do_page_fault+0x67d/0xed0 [ 351.990841] ? mm_fault_error+0x380/0x380 [ 351.998991] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 352.012200] ? graph_lock+0x170/0x170 [ 352.016350] do_page_fault+0xf2/0x7e0 [ 352.020190] ? vmalloc_sync_all+0x30/0x30 [ 352.024357] ? error_entry+0x76/0xd0 [ 352.028101] ? trace_hardirqs_off_caller+0xbb/0x310 [ 352.033142] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.038011] ? trace_hardirqs_on_caller+0x310/0x310 [ 352.043504] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.048388] page_fault+0x1e/0x30 [ 352.051876] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 352.057534] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 352.076481] RSP: 0018:ffff88018169f7f0 EFLAGS: 00010202 [ 352.076497] RAX: ffffed00302d3f1c RBX: 0000000000000010 RCX: 0000000000000002 [ 352.076506] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018169f8d0 [ 352.076514] RBP: ffff88018169f828 R08: ffffed00302d3f1c R09: ffffed00302d3f1a [ 352.076522] R10: ffffed00302d3f1b R11: ffff88018169f8df R12: 0000000020013010 [ 352.076531] R13: 0000000020013000 R14: ffff88018169f8d0 R15: 00007ffffffff000 [ 352.076577] ? _copy_from_user+0x10d/0x150 [ 352.122597] evdev_do_ioctl+0x1027/0x2180 [ 352.126773] ? str_to_user+0x90/0x90 [ 352.130511] ? graph_lock+0x170/0x170 [ 352.134333] ? do_futex+0x249/0x26d0 [ 352.138067] ? rcu_bh_qs+0xc0/0xc0 [ 352.138088] ? rcu_bh_qs+0xc0/0xc0 [ 352.138104] ? unwind_dump+0x190/0x190 [ 352.138133] ? find_held_lock+0x36/0x1c0 [ 352.138161] ? __fget+0x4aa/0x740 [ 352.138181] ? lock_downgrade+0x900/0x900 [ 352.160814] ? check_preemption_disabled+0x48/0x200 [ 352.165861] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 352.171690] ? kasan_check_read+0x11/0x20 [ 352.175863] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 352.181174] ? rcu_bh_qs+0xc0/0xc0 [ 352.184749] ? __fget+0x4d1/0x740 [ 352.188237] ? ksys_dup3+0x680/0x680 [ 352.191983] evdev_ioctl_handler+0x144/0x1a0 [ 352.196427] evdev_ioctl+0x27/0x2e [ 352.199988] ? evdev_ioctl_compat+0x30/0x30 [ 352.204328] do_vfs_ioctl+0x1de/0x1720 [ 352.208246] ? ioctl_preallocate+0x300/0x300 [ 352.212673] ? __fget_light+0x2e9/0x430 [ 352.216670] ? fget_raw+0x20/0x20 [ 352.220142] ? _copy_to_user+0xc8/0x110 [ 352.224140] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 352.229696] ? put_timespec64+0x10f/0x1b0 [ 352.233877] ? nsecs_to_jiffies+0x30/0x30 [ 352.238053] ? do_syscall_64+0x9a/0x820 [ 352.242047] ? do_syscall_64+0x9a/0x820 [ 352.246042] ? lockdep_hardirqs_on+0x421/0x5c0 [ 352.250649] ? security_file_ioctl+0x94/0xc0 [ 352.255088] ksys_ioctl+0xa9/0xd0 [ 352.258568] __x64_sys_ioctl+0x73/0xb0 [ 352.262476] do_syscall_64+0x1b9/0x820 [ 352.266393] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 352.271779] ? syscall_return_slowpath+0x5e0/0x5e0 [ 352.276724] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.281593] ? trace_hardirqs_on_caller+0x310/0x310 [ 352.286629] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 352.291669] ? prepare_exit_to_usermode+0x291/0x3b0 [ 352.296715] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.301590] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.306796] RIP: 0033:0x457579 [ 352.310008] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 352.328925] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 352.336650] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 352.343937] RDX: 0000000020013000 RSI: 0000000040104593 RDI: 0000000000000004 [ 352.351220] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 352.358508] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 13:47:08 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r1 = getpid() r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/fib_triestat\x00') sched_setscheduler(r1, 0x5, &(0x7f00000000c0)) setsockopt$inet_tcp_int(r0, 0x6, 0x4, &(0x7f0000000080), 0x4) ioctl$PIO_FONT(r2, 0x4b61, &(0x7f0000000140)="d8") setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f0000000000)=0x2, 0x4) write$nbd(0xffffffffffffffff, &(0x7f00000002c0), 0x10) [ 352.365790] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:08 executing program 3: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x800, 0x0) gettid() remap_file_pages(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00027, 0x1, &(0x7f00000000c0), 0x1, 0x2000000000002) r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000080)={0x1, 0x101}) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) 13:47:08 executing program 0: syz_emit_ethernet(0x3e, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000300000000000069078ac1414bbac1414000303907800000000450000000000000000000000ac7014aaac141400df67501c33139ae257362924ab76f303c0680d3f310ae222273783dddcf865f9ceec02c999aa30c8dad1cd88e99cb514e89a02961be89bf328323ca9db404bf22f0455b4202938abee4c89a61484315470d69d00000000000000016231e6a793541f8c79c5532e1e1b7a7313aa4978c5d60d37b66ef23ff796faa9d20247db9a2cd4c97f95afe8a739bd29ef19ba416d252a370b92cc96cf466367826276c76725ec4e76c63f41c7e70623c43bd62d373b693d85eb7d10c32f5b5382919c8e694f91be05ea7ec12a9acebc58cb68e32d6f6108a1397cf648e6d83d32d49b970f6a069dde4ecd4b0f31231f6e2695cd94d04ad7daa5f0cb25f1d568fa3b7886c7efc1e8cd7accc6d9dc7027f95020c172f38fdd3c925552edb19cd15d06dffe84794efe91d58f0d2f721ea4f4beab96"], &(0x7f0000000000)) openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x404000, 0x0) 13:47:08 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) connect$inet6(r0, 0xffffffffffffffff, 0x0) accept4$inet6(r0, 0x0, &(0x7f0000000000), 0x80800) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000040)={{0xa, 0x4e21, 0x0, @local, 0xffff}, {0xa, 0x4e21, 0x5, @local, 0x6ee6}, 0x4, [0x790, 0x1, 0x6d, 0x4, 0x8, 0x1f, 0x100]}, 0x5c) 13:47:08 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80084504, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:08 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000040)) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) shutdown(r0, 0x0) mount(&(0x7f00000004c0)=ANY=[@ANYBLOB="31d33ca1d0d61db8e1f36f90e40ffc5506857cce1b53ea1ce35a7ec2916b643531bc72a0ea421812a495ec0b5274b102ac6a8e820c8af5712b8c81efdeca33dd158ea2346e1ce16794f3a2b47f623937dfe3c32364141866a4377cece1e0ee206e17ced9c0d891ea9abc91490d9c1beff52e107616749edfb1d722102d1558ce6139ec089577747d801efdba41dc0e6f9380d3a8c530e993f1db650f33"], &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x2000, 0x0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000340)={0x0, 0x0, 0x401, 0x0, 0x8000, 0x8, 0x1, 0x1, 0x4, 0x0, 0x2, 0x3}) ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000280)="1626237255a0c7409176ff4109b6a4c35fa524541809aed294053b3e625888d1c60efefe643b6d88f1020ae2bc68041771bec13c4721af86c4e12c34f2d7b4abb65bc70b0f91e8b4e33b0bab533faa4ad897e3512a0196b12e4666f21a6239904cf3cb3a2b224cacdc12ff3242f9a26cfb8a42be2d2ca16ed75f784df50a7c5c022fb084ebb49712cdb47d5f20f0365d89e0eef69cc467f04b94dcad2bcb4c9f279d465ddfc621f8bef1ca59375b3089a8ba577e59733c9562") bind$vsock_dgram(r2, &(0x7f0000000180)={0x28, 0x0, 0x2711, @reserved}, 0x10) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f00003b9fdc)) syz_open_pts(r3, 0x0) write(r3, &(0x7f0000c34fff), 0xffffff0b) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000005, 0x5c831, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x80, 0x0) 13:47:08 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0x40046205, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000700), 0x0, 0x0, &(0x7f0000000100)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000600), 0x1, 0x0, &(0x7f00000000c0)="e1"}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, &(0x7f0000000000), &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)) [ 352.699986] FAULT_FLAG_ALLOW_RETRY missing 30 [ 352.707134] CPU: 1 PID: 11757 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 352.714516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 352.723891] Call Trace: [ 352.726505] dump_stack+0x1c4/0x2b4 [ 352.730158] ? dump_stack_print_info.cold.2+0x52/0x52 [ 352.735371] ? kasan_check_write+0x14/0x20 [ 352.739644] ? do_raw_spin_lock+0xc1/0x200 [ 352.743927] handle_userfault.cold.33+0x47/0x62 [ 352.748695] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 352.753305] ? mark_held_locks+0x130/0x130 [ 352.757576] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 352.763142] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 352.768535] ? select_task_rq_fair+0x34f0/0x34f0 [ 352.773324] ? reweight_task+0x130/0x130 [ 352.777444] ? print_usage_bug+0xc0/0xc0 [ 352.781527] ? print_usage_bug+0xc0/0xc0 [ 352.785614] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 352.791215] ? find_held_lock+0x36/0x1c0 [ 352.795326] ? graph_lock+0x170/0x170 [ 352.799170] ? __lock_acquire+0x7ec/0x4ec0 [ 352.803427] ? _raw_spin_unlock_irq+0x27/0x80 [ 352.807940] ? _raw_spin_unlock_irq+0x27/0x80 [ 352.812458] ? lockdep_hardirqs_on+0x421/0x5c0 [ 352.817066] ? find_held_lock+0x36/0x1c0 [ 352.821163] ? __handle_mm_fault+0x45dc/0x53e0 [ 352.825770] ? lock_downgrade+0x900/0x900 [ 352.829951] ? kasan_check_read+0x11/0x20 [ 352.834128] ? do_raw_spin_unlock+0xa7/0x2f0 [ 352.838559] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 352.843162] ? kasan_check_write+0x14/0x20 [ 352.847423] ? do_raw_spin_lock+0xc1/0x200 [ 352.851689] __handle_mm_fault+0x45ed/0x53e0 [ 352.856128] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 352.860992] ? graph_lock+0x170/0x170 [ 352.864821] ? print_usage_bug+0xc0/0xc0 [ 352.868926] ? graph_lock+0x170/0x170 [ 352.872758] ? graph_lock+0x170/0x170 [ 352.876602] ? handle_mm_fault+0x42a/0xc70 [ 352.880861] ? lock_downgrade+0x900/0x900 [ 352.885055] ? check_preemption_disabled+0x48/0x200 [ 352.890105] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 352.895933] ? kasan_check_read+0x11/0x20 [ 352.900131] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 352.905433] ? rcu_bh_qs+0xc0/0xc0 [ 352.908999] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 352.914468] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 352.920060] ? check_preemption_disabled+0x48/0x200 [ 352.925114] handle_mm_fault+0x54f/0xc70 [ 352.929195] ? __handle_mm_fault+0x53e0/0x53e0 [ 352.933793] ? find_vma+0x34/0x190 [ 352.937361] __do_page_fault+0x67d/0xed0 [ 352.941451] ? mm_fault_error+0x380/0x380 [ 352.945617] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 352.950814] ? graph_lock+0x170/0x170 [ 352.954634] do_page_fault+0xf2/0x7e0 [ 352.958479] ? vmalloc_sync_all+0x30/0x30 [ 352.962646] ? error_entry+0x76/0xd0 [ 352.966387] ? trace_hardirqs_off_caller+0xbb/0x310 [ 352.971425] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.976281] ? trace_hardirqs_on_caller+0x310/0x310 [ 352.981331] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.986197] page_fault+0x1e/0x30 [ 352.989664] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 352.995304] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 353.014216] RSP: 0018:ffff8801bf3df7f0 EFLAGS: 00010202 [ 353.019596] RAX: ffffed0037e7bf34 RBX: 0000000000000004 RCX: 0000000000000004 [ 353.026889] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff8801bf3df998 [ 353.034175] RBP: ffff8801bf3df828 R08: ffffed0037e7bf34 R09: ffffed0037e7bf33 [ 353.041458] R10: ffffed0037e7bf33 R11: ffff8801bf3df99b R12: 0000000020013004 [ 353.048743] R13: 0000000020013000 R14: ffff8801bf3df998 R15: 00007ffffffff000 [ 353.056497] ? _copy_from_user+0x10d/0x150 [ 353.060776] evdev_do_ioctl+0x540/0x2180 [ 353.064856] ? str_to_user+0x90/0x90 [ 353.068598] ? graph_lock+0x170/0x170 [ 353.072448] ? do_futex+0x249/0x26d0 [ 353.076175] ? rcu_bh_qs+0xc0/0xc0 [ 353.079732] ? rcu_bh_qs+0xc0/0xc0 [ 353.083290] ? unwind_dump+0x190/0x190 [ 353.087207] ? find_held_lock+0x36/0x1c0 [ 353.091290] ? __fget+0x4aa/0x740 [ 353.094764] ? lock_downgrade+0x900/0x900 [ 353.098947] ? check_preemption_disabled+0x48/0x200 [ 353.103983] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 353.109798] ? kasan_check_read+0x11/0x20 [ 353.113965] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 353.119258] ? rcu_bh_qs+0xc0/0xc0 [ 353.122841] ? __fget+0x4d1/0x740 [ 353.126351] ? ksys_dup3+0x680/0x680 [ 353.130102] evdev_ioctl_handler+0x144/0x1a0 [ 353.134529] evdev_ioctl+0x27/0x2e [ 353.138081] ? evdev_ioctl_compat+0x30/0x30 [ 353.142420] do_vfs_ioctl+0x1de/0x1720 [ 353.146354] ? ioctl_preallocate+0x300/0x300 [ 353.150796] ? __fget_light+0x2e9/0x430 [ 353.154786] ? fget_raw+0x20/0x20 [ 353.158268] ? _copy_to_user+0xc8/0x110 [ 353.162276] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 353.167826] ? put_timespec64+0x10f/0x1b0 [ 353.171991] ? nsecs_to_jiffies+0x30/0x30 [ 353.176158] ? do_syscall_64+0x9a/0x820 [ 353.180147] ? do_syscall_64+0x9a/0x820 [ 353.184139] ? lockdep_hardirqs_on+0x421/0x5c0 [ 353.188738] ? security_file_ioctl+0x94/0xc0 [ 353.193166] ksys_ioctl+0xa9/0xd0 [ 353.196638] __x64_sys_ioctl+0x73/0xb0 [ 353.200541] do_syscall_64+0x1b9/0x820 [ 353.204458] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 353.209839] ? syscall_return_slowpath+0x5e0/0x5e0 [ 353.214799] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 353.219668] ? trace_hardirqs_on_caller+0x310/0x310 [ 353.224697] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 353.229732] ? prepare_exit_to_usermode+0x291/0x3b0 [ 353.234773] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 353.239642] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 353.244846] RIP: 0033:0x457579 [ 353.248063] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 353.266991] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 353.274741] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 353.282016] RDX: 0000000020013000 RSI: 0000000080084504 RDI: 0000000000000004 [ 353.289320] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 13:47:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x1f) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x80040, 0x0) getsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000080)={@local, 0x0}, &(0x7f00000000c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', r2}) accept$packet(r1, &(0x7f0000001dc0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14) write$P9_RREMOVE(r1, &(0x7f0000000140)={0x7, 0x7b, 0x1}, 0x7) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000001f80)={{{@in6=@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xc}}, @in=@loopback, 0x4e23, 0xfffffffffffffff7, 0x4e21, 0x0, 0xa, 0x80, 0x0, 0x8b, r3}, {0x8, 0x48b, 0x1, 0x20, 0x5, 0x3, 0x9}, {0x4, 0xffffffffffffffff, 0x8, 0x2}, 0x20a, 0x6e6bba, 0x2, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x4d3, 0xc131b73c9d7387a2}, 0xa, @in6, 0x3500, 0x1, 0x1, 0xab0, 0x1, 0x8001, 0x8}}, 0xe8) sendmsg$nl_route(r0, &(0x7f0000000580)={&(0x7f0000000000), 0xc, &(0x7f0000000540)={&(0x7f00000003c0)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14, 0x52}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x3}, 0x0) syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x4, 0x80000) [ 353.296595] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 353.303884] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:09 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(pcrypt(rfc4106-gcm-aesni))\x00'}, 0x58) r1 = dup2(r0, r0) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000280)='fou\x00') sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x6000004}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="dfc17c1c741ef45ebff93501836c32d6cd8d984a06c28329cf762ff6c88ba41227057d2a622ecaf75ab7c9a121928b93a43ae783780feedd92b29ac64b0c92364a6a2aeb24d6b57a94dd149f4eee07bc5aa010f6067234842f384f2602c5b5c6040e8f3fedec0d45758cccc0eac53357fa1c6cd80ac59fcf5254ed17055cddc70b98611627b056392ff8084652d4a81e711b4e723dbfd6681e853fff2254bbbeb60fa8960bee", @ANYRES16=r2, @ANYBLOB="010729bd7000fbdbdf25020000000800040001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20004801) ioctl$sock_SIOCADDDLCI(r1, 0x8980, &(0x7f0000000380)={'bond0\x00', 0x180000000000}) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'seqiv(rfc4106-gcm-aesni)\x00'}, 0x58) bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(rfc4106(generic-gcm-aesni))\x00'}, 0x58) 13:47:09 executing program 2: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x25}}, &(0x7f0000000000)="504c20004cf7d12af11ce92537b5e3191e66de5d4ec18e4c2df01484a86d77842f624946eae310794c8c96ff1466232e25951139bda5d2990e523f8ec3080ffc1224d8dc4c84a9c8e8ab31576806715523fa749e8615c61049b8b1be6aa7740702cc5add", 0x5, 0x487, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000200)={0x1, 0x70, 0xefd8, 0x8001, 0xfffffffffffffff9, 0x800, 0x0, 0x8, 0x40288, 0x6, 0x100000001, 0x40, 0x1, 0x7, 0x8, 0xfffffffffffffff7, 0x8, 0x80, 0xffffffff, 0x7ef, 0xff, 0x1, 0x4, 0x80000001, 0x101, 0x4, 0x0, 0x10000, 0xfffffffffffffc00, 0x5, 0x1, 0x6, 0x8000, 0xffffffff, 0xff, 0x9, 0x1, 0x8, 0x0, 0x8, 0x5, @perf_bp={&(0x7f0000000100), 0x4}, 0x800, 0x2, 0x8, 0x0, 0x41f265e4, 0xa3c, 0x1f}) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x200, 0x0) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000280)={0x7, 0x7}) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) dup2(r1, r0) 13:47:09 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80044501, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:09 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80084502, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:09 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0xffffffff80000000, &(0x7f0000000280)="153f6234488dd25d766070") getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), &(0x7f0000000040)=0x4) syz_mount_image$bfs(&(0x7f0000000200)='bfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0) 13:47:09 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xffffffffffffffff}, 0x393) getsockopt$packet_buf(r0, 0x107, 0x12, &(0x7f0000651000)=""/240, &(0x7f0000ca5ffc)=0xf0) recvmmsg(r0, &(0x7f0000003b40)=[{{&(0x7f0000000040)=@pptp={0x18, 0x2, {0x0, @multicast2}}, 0x80, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/184, 0xb8}, {&(0x7f0000000180)=""/160, 0xa0}], 0x2, &(0x7f0000000280)=""/46, 0x2e, 0x10000000000}, 0xb520}, {{&(0x7f00000002c0)=@hci, 0x80, &(0x7f0000002700)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f0000002340)=""/209, 0xd1}, {&(0x7f0000002440)=""/215, 0xd7}, {&(0x7f0000002540)=""/73, 0x49}, {&(0x7f00000025c0)=""/53, 0x35}, {&(0x7f0000002600)=""/219, 0xdb}], 0x7, &(0x7f0000002780)=""/149, 0x95}, 0xffffffff80000001}, {{&(0x7f0000002840)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000002b00)=[{&(0x7f00000028c0)}, {&(0x7f0000002900)=""/106, 0x6a}, {&(0x7f0000002980)=""/193, 0xc1}, {&(0x7f0000002a80)=""/69, 0x45}], 0x4, &(0x7f0000002b40)=""/199, 0xc7, 0x6}, 0x2}, {{&(0x7f0000002c40)=@generic, 0x80, &(0x7f0000003240)=[{&(0x7f0000002cc0)=""/136, 0x88}, {&(0x7f0000002d80)=""/19, 0x13}, {&(0x7f0000002dc0)=""/142, 0x8e}, {&(0x7f0000002e80)=""/243, 0xf3}, {&(0x7f0000002f80)=""/15, 0xf}, {&(0x7f0000002fc0)=""/224, 0xe0}, {&(0x7f00000030c0)=""/52, 0x34}, {&(0x7f0000003100)=""/151, 0x97}, {&(0x7f00000031c0)=""/15, 0xf}, {&(0x7f0000003200)=""/21, 0x15}], 0xa, &(0x7f0000003300)=""/70, 0x46, 0x6}, 0x6}, {{&(0x7f0000003380)=@ipx, 0x80, &(0x7f00000035c0)=[{&(0x7f0000003400)=""/154, 0x9a}, {&(0x7f00000034c0)=""/83, 0x53}, {&(0x7f0000003540)=""/105, 0x69}], 0x3, &(0x7f0000003600)=""/184, 0xb8, 0x4}, 0xffff}, {{&(0x7f00000036c0)=@rc, 0x80, &(0x7f0000003a00)=[{&(0x7f0000003740)}, {&(0x7f0000003780)=""/127, 0x7f}, {&(0x7f0000003800)=""/168, 0xa8}, {&(0x7f00000038c0)=""/37, 0x25}, {&(0x7f0000003900)=""/197, 0xc5}], 0x5, &(0x7f0000003a80)=""/185, 0xb9, 0x2}, 0x1}], 0x6, 0x100, 0x0) ioctl$int_out(r1, 0x5460, &(0x7f00000028c0)) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r1, 0x111, 0x1, 0x7, 0x4) [ 353.793930] BFS-fs: bfs_fill_super(): No BFS filesystem on loop3 (magic=00000000) 13:47:09 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80084503, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:09 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0xc0045878, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:09 executing program 3: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffff9c, 0x0) r1 = perf_event_open(&(0x7f00004e7000)={0x2, 0x2a7, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$P9_RCLUNK(0xffffffffffffffff, &(0x7f0000000180)={0x7}, 0x7) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000040), &(0x7f0000000080)=0x30) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000400)="6370755f307861000000010000019cd30e35a01d3d040a1c60666f8dcc6d5c76fd2e9e09626b31deea1b0d3b8184872d58b62cc5b4223726b5797482fb1d83f82e2d2000000028e9604401695c8d6c866c68a8fc80de2c4b74f423c55d593bc13676f9890906be2aaa26bd1678518ef3d61afdd00427799b7ce4b70845ed9780731957b75bf0253e4d4df598be5e3d7121a60f70013200bbbe9d5835af657010520b26afa8247f3756ed4c4a34cf0701d5540acac2865fc1ce8ded62538de97482f4317a7772e66f88e5e3e7476378c0914901000000010000004b9ee55ba00a0f04a6b07345298ad052c3c12c62201c2349527a36fe4a7edad75ffe1fe586b1787526fbf2bfe87f9193ab05003485866c8d000000000000000000000000000000") 13:47:10 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000040)) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) shutdown(r0, 0x0) mount(&(0x7f00000004c0)=ANY=[@ANYBLOB="31d33ca1d0d61db8e1f36f90e40ffc5506857cce1b53ea1ce35a7ec2916b643531bc72a0ea421812a495ec0b5274b102ac6a8e820c8af5712b8c81efdeca33dd158ea2346e1ce16794f3a2b47f623937dfe3c32364141866a4377cece1e0ee206e17ced9c0d891ea9abc91490d9c1beff52e107616749edfb1d722102d1558ce6139ec089577747d801efdba41dc0e6f9380d3a8c530e993f1db650f33"], &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x2000, 0x0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000340)={0x0, 0x0, 0x401, 0x0, 0x8000, 0x8, 0x1, 0x1, 0x4, 0x0, 0x2, 0x3}) ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000280)="1626237255a0c7409176ff4109b6a4c35fa524541809aed294053b3e625888d1c60efefe643b6d88f1020ae2bc68041771bec13c4721af86c4e12c34f2d7b4abb65bc70b0f91e8b4e33b0bab533faa4ad897e3512a0196b12e4666f21a6239904cf3cb3a2b224cacdc12ff3242f9a26cfb8a42be2d2ca16ed75f784df50a7c5c022fb084ebb49712cdb47d5f20f0365d89e0eef69cc467f04b94dcad2bcb4c9f279d465ddfc621f8bef1ca59375b3089a8ba577e59733c9562") bind$vsock_dgram(r2, &(0x7f0000000180)={0x28, 0x0, 0x2711, @reserved}, 0x10) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f00003b9fdc)) syz_open_pts(r3, 0x0) write(r3, &(0x7f0000c34fff), 0xffffff0b) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000005, 0x5c831, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x80, 0x0) 13:47:10 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4068aea3, &(0x7f0000000080)={0x7b, 0x0, [0x7, 0x3, 0x8000, 0x7]}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000480)=[{&(0x7f0000000500)=""/196, 0xc4}, {&(0x7f0000000240)=""/49, 0x31}, {&(0x7f0000000280)=""/157, 0xfffffffffffffe78}, {&(0x7f0000000340)=""/81, 0x51}, {&(0x7f00000003c0)=""/104, 0x68}, {&(0x7f0000000440)=""/35, 0x23}], 0x6, 0x0) 13:47:10 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x5460, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:10 executing program 0: bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0x28, &(0x7f0000000480)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000880)={r0}, 0xc) perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(0xffffffffffffffff, 0xc1105518, &(0x7f0000001000)) socketpair$inet_sctp(0x2, 0x2000009, 0x84, &(0x7f0000000340)) r1 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x4, 0x40) ioctl$SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0f85403, &(0x7f0000000680)={{0xffffffffffffffff, 0x2, 0x0, 0x0, 0x9a9f}, 0x0, 0xf671, "6964300000000000000000004810a984a0ed44cf000000000000000000000000e5ffffffe2ffffff00000000000000000075a6d02c00", 'timer0\x00', 0x0, 0x0, 0x100000001, 0xfffffffffffffff7, 0xfffffffffffffa80}) request_key(&(0x7f00000001c0)='dns_resolver\x00', &(0x7f0000000240)={'syz', 0x1}, &(0x7f0000000280)='@\x00', 0xffffffffffffffff) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r3 = shmget(0xffffffffffffffff, 0x4000, 0x54000000, &(0x7f0000ff9000/0x4000)=nil) shmctl$IPC_STAT(r3, 0x2, &(0x7f0000000380)=""/96) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000300)={0xfffffffffffffff7, 0xbe, 0xf87, 0x1}, 0x10) ioctl$DRM_IOCTL_FREE_BUFS(r2, 0x4010641a, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[0xd07c, 0x0, 0x8]}) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f00000000c0)={0x5, 0x1, 0x8000}, 0x4) openat$cgroup_subtree(r2, &(0x7f00000002c0)='cgroup.subtree_control\x00', 0x2, 0x0) 13:47:10 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40084504, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:10 executing program 3: bind$can_raw(0xffffffffffffffff, &(0x7f0000000180), 0x10) socket$inet6(0xa, 0x802, 0x80000000) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f00000001c0), 0xc) getpeername$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000140)=0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x400448e7, &(0x7f0000000000)={'ip6_vti0\x00'}) [ 354.420220] FAULT_FLAG_ALLOW_RETRY missing 30 [ 354.427405] CPU: 1 PID: 11868 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 354.434792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.444158] Call Trace: [ 354.446779] dump_stack+0x1c4/0x2b4 [ 354.450449] ? dump_stack_print_info.cold.2+0x52/0x52 [ 354.455664] ? kasan_check_write+0x14/0x20 [ 354.459936] ? do_raw_spin_lock+0xc1/0x200 [ 354.464206] handle_userfault.cold.33+0x47/0x62 [ 354.468918] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 354.473520] ? mark_held_locks+0x130/0x130 [ 354.477775] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.483328] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 354.488716] ? select_task_rq_fair+0x34f0/0x34f0 [ 354.493479] ? reweight_task+0x130/0x130 [ 354.493510] ? print_usage_bug+0xc0/0xc0 [ 354.493529] ? print_usage_bug+0xc0/0xc0 [ 354.493551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.511282] ? find_held_lock+0x36/0x1c0 [ 354.515369] ? graph_lock+0x170/0x170 [ 354.519197] ? __lock_acquire+0x7ec/0x4ec0 [ 354.519215] ? _raw_spin_unlock_irq+0x27/0x80 [ 354.519230] ? _raw_spin_unlock_irq+0x27/0x80 [ 354.519247] ? lockdep_hardirqs_on+0x421/0x5c0 [ 354.519270] ? find_held_lock+0x36/0x1c0 [ 354.537084] ? __handle_mm_fault+0x45dc/0x53e0 [ 354.537106] ? lock_downgrade+0x900/0x900 [ 354.537130] ? kasan_check_read+0x11/0x20 [ 354.537151] ? do_raw_spin_unlock+0xa7/0x2f0 [ 354.558484] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 354.563086] ? kasan_check_write+0x14/0x20 [ 354.567337] ? do_raw_spin_lock+0xc1/0x200 [ 354.571612] __handle_mm_fault+0x45ed/0x53e0 [ 354.571642] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 354.580905] ? graph_lock+0x170/0x170 [ 354.584724] ? print_usage_bug+0xc0/0xc0 [ 354.584745] ? graph_lock+0x170/0x170 [ 354.584760] ? graph_lock+0x170/0x170 [ 354.584799] ? handle_mm_fault+0x42a/0xc70 [ 354.584819] ? lock_downgrade+0x900/0x900 [ 354.596493] ? check_preemption_disabled+0x48/0x200 [ 354.596522] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 354.596536] ? kasan_check_read+0x11/0x20 [ 354.596554] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 354.596572] ? rcu_bh_qs+0xc0/0xc0 [ 354.596594] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 354.615784] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 354.615806] ? check_preemption_disabled+0x48/0x200 [ 354.615836] handle_mm_fault+0x54f/0xc70 [ 354.615857] ? __handle_mm_fault+0x53e0/0x53e0 [ 354.615888] ? find_vma+0x34/0x190 [ 354.653497] __do_page_fault+0x67d/0xed0 [ 354.653524] ? mm_fault_error+0x380/0x380 [ 354.661131] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 354.661150] ? graph_lock+0x170/0x170 [ 354.661180] do_page_fault+0xf2/0x7e0 [ 354.677940] ? vmalloc_sync_all+0x30/0x30 [ 354.682111] ? error_entry+0x76/0xd0 [ 354.685850] ? trace_hardirqs_off_caller+0xbb/0x310 [ 354.690910] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.695775] ? trace_hardirqs_on_caller+0x310/0x310 [ 354.700823] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.705704] page_fault+0x1e/0x30 [ 354.709172] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 354.714809] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 354.733727] RSP: 0018:ffff880183f677f0 EFLAGS: 00010202 [ 354.739122] RAX: ffffed00307ecf40 RBX: 0000000000000004 RCX: 0000000000000004 [ 354.746409] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880183f679f8 [ 354.753688] RBP: ffff880183f67828 R08: ffffed00307ecf40 R09: ffffed00307ecf3f [ 354.760971] R10: ffffed00307ecf3f R11: ffff880183f679fb R12: 0000000020013004 [ 354.768255] R13: 0000000020013000 R14: ffff880183f679f8 R15: 00007ffffffff000 [ 354.775574] ? _copy_from_user+0x10d/0x150 [ 354.779836] evdev_do_ioctl+0xf33/0x2180 [ 354.783933] ? str_to_user+0x90/0x90 [ 354.787668] ? graph_lock+0x170/0x170 [ 354.791504] ? do_futex+0x249/0x26d0 [ 354.795236] ? rcu_bh_qs+0xc0/0xc0 [ 354.798793] ? rcu_bh_qs+0xc0/0xc0 [ 354.802353] ? unwind_dump+0x190/0x190 [ 354.806275] ? find_held_lock+0x36/0x1c0 [ 354.810366] ? __fget+0x4aa/0x740 [ 354.813841] ? lock_downgrade+0x900/0x900 [ 354.818017] ? check_preemption_disabled+0x48/0x200 [ 354.823060] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 354.828890] ? kasan_check_read+0x11/0x20 [ 354.833062] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 354.838358] ? rcu_bh_qs+0xc0/0xc0 [ 354.841931] ? __fget+0x4d1/0x740 [ 354.841956] ? ksys_dup3+0x680/0x680 [ 354.841982] evdev_ioctl_handler+0x144/0x1a0 [ 354.853556] evdev_ioctl+0x27/0x2e [ 354.857113] ? evdev_ioctl_compat+0x30/0x30 [ 354.861458] do_vfs_ioctl+0x1de/0x1720 [ 354.865369] ? ioctl_preallocate+0x300/0x300 [ 354.869804] ? __fget_light+0x2e9/0x430 [ 354.873792] ? fget_raw+0x20/0x20 [ 354.877259] ? _copy_to_user+0xc8/0x110 [ 354.881253] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 354.886808] ? put_timespec64+0x10f/0x1b0 [ 354.890977] ? nsecs_to_jiffies+0x30/0x30 [ 354.895148] ? do_syscall_64+0x9a/0x820 [ 354.899141] ? do_syscall_64+0x9a/0x820 [ 354.903131] ? lockdep_hardirqs_on+0x421/0x5c0 [ 354.907736] ? security_file_ioctl+0x94/0xc0 [ 354.912168] ksys_ioctl+0xa9/0xd0 [ 354.915637] __x64_sys_ioctl+0x73/0xb0 [ 354.919543] do_syscall_64+0x1b9/0x820 [ 354.923450] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 354.928832] ? syscall_return_slowpath+0x5e0/0x5e0 [ 354.933785] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.938649] ? trace_hardirqs_on_caller+0x310/0x310 [ 354.943687] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 354.949110] ? prepare_exit_to_usermode+0x291/0x3b0 [ 354.954152] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.959029] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.964231] RIP: 0033:0x457579 [ 354.967441] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 354.986365] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 354.994096] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 354.994111] RDX: 0000000020013000 RSI: 0000000040084504 RDI: 0000000000000004 [ 355.008664] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 13:47:10 executing program 2: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/nullb0\x00', 0x4000000004002, 0x0) fallocate(r0, 0x1, 0x0, 0x8000000000000) 13:47:10 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) io_setup(0x8, &(0x7f0000000100)=0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80000, 0x0) ioctl$BLKPBSZGET(r1, 0x127b, &(0x7f0000000040)) syz_open_dev$sndtimer(&(0x7f0000000080)='/dev/snd/timer\x00', 0x0, 0x1f3403) io_getevents(r0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f00000001c0)) close(0xffffffffffffffff) socket$vsock_stream(0x28, 0x1, 0x0) io_submit(r0, 0x1400, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000140), 0x700000000000}]) 13:47:10 executing program 2: r0 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x10001, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000100)={0x5, 0x0, 0x10000, 0x9}) ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000140)={0xfffffffffffffffb, r1}) r2 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5, 0x3f, 0xc77, 0x1, 0x4, r2}, 0x2c) ioctl$TCSBRKP(r2, 0x5425, 0x10000) setrlimit(0x8, &(0x7f00000a3ff0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x2000) write$P9_RLCREATE(r2, &(0x7f0000000040)={0x18, 0xf, 0x2, {{0x2, 0x0, 0x5}, 0x3}}, 0x18) mlockall(0x2) 13:47:10 executing program 2: openat$tun(0xffffffffffffff9c, &(0x7f0000000180)='/dev/net/tun\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x7}, 0x1c) r1 = add_key(&(0x7f0000000000)='pkcs7_test\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)="2eb3cbead743ffb173c0c3a5839f22401472f34173fdf0b0e98417408e8f74f920c6412d552d4d97d318f5fb9333b6b2fef37a6db9456801101361c0932236319a4e90338dcd19fa7da0acab9b547544693bd2c69ae7b4e0c28079c1262ded0056b549c715521696d231628e67cfb0f3757f173054123a5d696e7604e96c8d2d2758c13f0ec06f14fd42da68a52d6a3825e85d9daee30a85afd2ba4d3925241d657bb8c8b581a0692780db95bc5cbba9e781e5703a1b70", 0xb7, 0xfffffffffffffff9) r2 = add_key(&(0x7f00000002c0)='cifs.idmap\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000340)="83ae6fef00f232dd1e33f9727a6c9d3a711da1d1e1327cb776ec341a08edc54c5e8d9f72a7e3ca7ec99fb3b5213a3074347cc5e4910b8e571b5a37565f644125b53373abd3fd718955078c3df0ca7c0686", 0x51, 0xfffffffffffffffb) keyctl$search(0xa, r1, &(0x7f00000001c0)='encrypted\x00', &(0x7f0000000280)={'syz', 0x1}, r2) ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f00000012c0)) sendmsg(r0, &(0x7f000001b000)={0x0, 0x0, &(0x7f0000019fa0), 0x1f2, &(0x7f000001ef08)}, 0x0) 13:47:10 executing program 0: r0 = socket$inet_sctp(0x2, 0x2000000000000008, 0x84) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x84042, 0x0) ioctl$BLKGETSIZE64(r1, 0x80081272, &(0x7f00000001c0)) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYPTR64=&(0x7f0000000080)=ANY=[@ANYRESOCT=0x0, @ANYRESHEX=r0, @ANYRESDEC=r0, @ANYRES32=r0, @ANYRESOCT=r0]], 0x1) getsockopt$inet_buf(r0, 0x0, 0x24, &(0x7f0000000180)=""/46, &(0x7f0000000200)=0x2e) getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x9}, &(0x7f0000000280)=0x8) setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000002c0)={r2, 0x2, 0x80, 0x100, 0x3, 0x8}, 0x14) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000040)={0x3, [0x7, 0x4, 0x380000000000000]}, &(0x7f0000000100)=0xa) [ 355.015940] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 355.023217] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:10 executing program 3: ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000600)) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e24, @multicast2}}, 0x3}, &(0x7f00000001c0)=0x98) r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f00000004c0)=ANY=[@ANYBLOB="79821990ef18c8c076776a1297241e2f271381142906c5796279a67f2098bfdf1d55cb03f6fece1b331bd1fddfff65ad2430edda8bcaeb2b88bd898ae9cfdcaa156c74f7e5e305dc72d66802a67e088bb1b31d1436d22fa0fc50729b1dd6e0724963b1424d1108006d4a3e2da7caffe22642dae07f31f1fc1fed8d91879ddaaf92b6ae98bb10f8fe25fec933ffff62000000000000000000000000ec495c966c50469c20715c1751427b838076e65ce584fce5478b4dce47891ac884cba0fe699f78e6bdb70275651b81468e47de9f8bf905397f3f5c0ec2b5c51f8bea9ea68448c781645a3c793d5418b72fb63e"], &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000)) mkdir(&(0x7f0000000080)='./file0/file0\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0/file1\x00', 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x3) umount2(&(0x7f0000000200)='./file0\x00', 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x200, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000440)={'team_slave_0\x00', 0x0}) connect$packet(r0, &(0x7f0000000480)={0x11, 0xf7, r3}, 0x14) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer2\x00', 0x400182, 0x0) r5 = dup2(r2, r4) utimensat(r4, &(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280)={{0x0, 0x2710}, {0x77359400}}, 0x0) write$P9_RLOPEN(r5, &(0x7f0000000040)={0x18, 0xd, 0x1, {{0x10, 0x2, 0x3}, 0x4}}, 0x18) gettid() ioctl$KVM_GET_PIT2(r5, 0x8070ae9f, &(0x7f0000000100)) membarrier(0x0, 0x0) ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f00000005c0)=""/142) 13:47:11 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000040)) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) shutdown(r0, 0x0) mount(&(0x7f00000004c0)=ANY=[@ANYBLOB="31d33ca1d0d61db8e1f36f90e40ffc5506857cce1b53ea1ce35a7ec2916b643531bc72a0ea421812a495ec0b5274b102ac6a8e820c8af5712b8c81efdeca33dd158ea2346e1ce16794f3a2b47f623937dfe3c32364141866a4377cece1e0ee206e17ced9c0d891ea9abc91490d9c1beff52e107616749edfb1d722102d1558ce6139ec089577747d801efdba41dc0e6f9380d3a8c530e993f1db650f33"], &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x2000, 0x0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000340)={0x0, 0x0, 0x401, 0x0, 0x8000, 0x8, 0x1, 0x1, 0x4, 0x0, 0x2, 0x3}) ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000280)="1626237255a0c7409176ff4109b6a4c35fa524541809aed294053b3e625888d1c60efefe643b6d88f1020ae2bc68041771bec13c4721af86c4e12c34f2d7b4abb65bc70b0f91e8b4e33b0bab533faa4ad897e3512a0196b12e4666f21a6239904cf3cb3a2b224cacdc12ff3242f9a26cfb8a42be2d2ca16ed75f784df50a7c5c022fb084ebb49712cdb47d5f20f0365d89e0eef69cc467f04b94dcad2bcb4c9f279d465ddfc621f8bef1ca59375b3089a8ba577e59733c9562") bind$vsock_dgram(r2, &(0x7f0000000180)={0x28, 0x0, 0x2711, @reserved}, 0x10) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f00003b9fdc)) syz_open_pts(r3, 0x0) write(r3, &(0x7f0000c34fff), 0xffffff0b) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000005, 0x5c831, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x80, 0x0) 13:47:11 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x1e, 0x1, 0x0) sendmsg(r1, &(0x7f00003bbfc8)={&(0x7f0000fdbf80)=@generic={0x10000000001e, "02ff0100000001000000000000000ae77f5bf86c48020002000000f1ffffff009a480075e6a50000de010300000000e4ff064b3f013a000000080000008f00000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ecddd0206c39750c40000fd00000900000000000b0000db000004da36"}, 0x2ef, &(0x7f0000d1b000), 0x0, &(0x7f000012e000)}, 0x0) restart_syscall() write$RDMA_USER_CM_CMD_QUERY_ROUTE(r1, &(0x7f00000000c0)={0x5, 0x10, 0xfa00, {&(0x7f0000000280)}}, 0x457d10) close(r1) syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x6, 0x20000) r2 = dup3(r0, r0, 0x80000) ioctl$VHOST_GET_VRING_ENDIAN(r2, 0x4008af14, &(0x7f0000000140)={0x1, 0x8}) 13:47:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000080)="153f6234488dd25d766070") r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={"7465616d300000163694d900", 0x0}) sendmsg$nl_route(r1, &(0x7f00000018c0)={&(0x7f00000002c0), 0xc, &(0x7f0000001880)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000013000501000000000000000000000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32], 0x30}}, 0x0) 13:47:11 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x4020940d, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:11 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80104592, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:11 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x18082, 0x0) r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x1, 0x20000) getpeername$unix(r0, &(0x7f0000000200)=@abs, &(0x7f0000000100)=0x6e) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x2) syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f0000000140)='./file0\x00', 0x759a, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000a40)) [ 355.646709] netlink: 16 bytes leftover after parsing attributes in process `syz-executor2'. [ 355.677359] REISERFS warning (device loop3): sh-2006 read_super_block: bread failed (dev loop3, block 16, size 4096) [ 355.700347] FAULT_FLAG_ALLOW_RETRY missing 30 [ 355.705121] FAULT_FLAG_ALLOW_RETRY missing 30 [ 355.720405] CPU: 0 PID: 11935 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 355.727784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 355.737146] Call Trace: [ 355.739760] dump_stack+0x1c4/0x2b4 [ 355.743445] ? dump_stack_print_info.cold.2+0x52/0x52 [ 355.745574] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 [ 355.748661] ? kasan_check_write+0x14/0x20 [ 355.748683] ? do_raw_spin_lock+0xc1/0x200 [ 355.748713] handle_userfault.cold.33+0x47/0x62 [ 355.771465] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 355.776062] ? mark_held_locks+0x130/0x130 [ 355.780311] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 355.785892] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 355.791288] ? select_task_rq_fair+0x34f0/0x34f0 [ 355.796054] ? reweight_task+0x130/0x130 [ 355.800153] ? print_usage_bug+0xc0/0xc0 [ 355.804228] ? print_usage_bug+0xc0/0xc0 [ 355.808305] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 355.813904] ? find_held_lock+0x36/0x1c0 [ 355.818006] ? graph_lock+0x170/0x170 [ 355.821830] ? __lock_acquire+0x7ec/0x4ec0 [ 355.826077] ? _raw_spin_unlock_irq+0x27/0x80 [ 355.830589] ? _raw_spin_unlock_irq+0x27/0x80 [ 355.835122] ? lockdep_hardirqs_on+0x421/0x5c0 [ 355.839722] ? find_held_lock+0x36/0x1c0 [ 355.843831] ? __handle_mm_fault+0x45dc/0x53e0 [ 355.848463] ? lock_downgrade+0x900/0x900 [ 355.852650] ? kasan_check_read+0x11/0x20 [ 355.856822] ? do_raw_spin_unlock+0xa7/0x2f0 [ 355.861248] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 355.865850] ? kasan_check_write+0x14/0x20 [ 355.870118] ? do_raw_spin_lock+0xc1/0x200 [ 355.874380] __handle_mm_fault+0x45ed/0x53e0 [ 355.878817] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 355.883677] ? graph_lock+0x170/0x170 [ 355.887492] ? print_usage_bug+0xc0/0xc0 [ 355.891569] ? graph_lock+0x170/0x170 [ 355.895393] ? graph_lock+0x170/0x170 [ 355.899239] ? handle_mm_fault+0x42a/0xc70 [ 355.903490] ? lock_downgrade+0x900/0x900 [ 355.907653] ? check_preemption_disabled+0x48/0x200 [ 355.912695] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 355.918504] ? kasan_check_read+0x11/0x20 [ 355.922676] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 355.927972] ? rcu_bh_qs+0xc0/0xc0 [ 355.931530] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 355.937001] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 355.942561] ? check_preemption_disabled+0x48/0x200 [ 355.947617] handle_mm_fault+0x54f/0xc70 [ 355.952174] ? __handle_mm_fault+0x53e0/0x53e0 [ 355.956779] ? find_vma+0x34/0x190 [ 355.960342] __do_page_fault+0x67d/0xed0 [ 355.964446] ? mm_fault_error+0x380/0x380 [ 355.968607] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 355.973642] ? graph_lock+0x170/0x170 [ 355.977472] do_page_fault+0xf2/0x7e0 [ 355.981297] ? vmalloc_sync_all+0x30/0x30 [ 355.985467] ? error_entry+0x76/0xd0 [ 355.989214] ? trace_hardirqs_off_caller+0xbb/0x310 [ 355.994254] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 355.999119] ? trace_hardirqs_on_caller+0x310/0x310 [ 356.004168] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.009036] page_fault+0x1e/0x30 [ 356.012513] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 356.018165] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 356.037086] RSP: 0018:ffff8801c2e077f0 EFLAGS: 00010202 [ 356.042472] RAX: ffffed00385c0f1c RBX: 0000000000000010 RCX: 0000000000000002 [ 356.049755] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801c2e078d0 [ 356.057042] RBP: ffff8801c2e07828 R08: ffffed00385c0f1c R09: ffffed00385c0f1a [ 356.064330] R10: ffffed00385c0f1b R11: ffff8801c2e078df R12: 0000000020013010 [ 356.071610] R13: 0000000020013000 R14: ffff8801c2e078d0 R15: 00007ffffffff000 [ 356.079006] ? _copy_from_user+0x10d/0x150 [ 356.083280] evdev_do_ioctl+0x12a9/0x2180 [ 356.087456] ? str_to_user+0x90/0x90 [ 356.091191] ? graph_lock+0x170/0x170 [ 356.095016] ? do_futex+0x249/0x26d0 [ 356.098747] ? rcu_bh_qs+0xc0/0xc0 [ 356.102305] ? rcu_bh_qs+0xc0/0xc0 [ 356.105858] ? unwind_dump+0x190/0x190 [ 356.109793] ? find_held_lock+0x36/0x1c0 [ 356.113896] ? __fget+0x4aa/0x740 [ 356.117369] ? lock_downgrade+0x900/0x900 [ 356.121543] ? check_preemption_disabled+0x48/0x200 [ 356.126618] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 356.132427] ? kasan_check_read+0x11/0x20 [ 356.136597] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 356.141913] ? rcu_bh_qs+0xc0/0xc0 [ 356.145489] ? __fget+0x4d1/0x740 [ 356.148973] ? ksys_dup3+0x680/0x680 [ 356.152712] evdev_ioctl_handler+0x144/0x1a0 [ 356.157145] evdev_ioctl+0x27/0x2e [ 356.160695] ? evdev_ioctl_compat+0x30/0x30 [ 356.165034] do_vfs_ioctl+0x1de/0x1720 [ 356.168949] ? ioctl_preallocate+0x300/0x300 [ 356.173373] ? __fget_light+0x2e9/0x430 [ 356.177363] ? fget_raw+0x20/0x20 [ 356.180833] ? _copy_to_user+0xc8/0x110 [ 356.184841] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 356.190428] ? put_timespec64+0x10f/0x1b0 [ 356.194603] ? nsecs_to_jiffies+0x30/0x30 [ 356.198775] ? do_syscall_64+0x9a/0x820 [ 356.202767] ? do_syscall_64+0x9a/0x820 [ 356.206764] ? lockdep_hardirqs_on+0x421/0x5c0 [ 356.211371] ? security_file_ioctl+0x94/0xc0 [ 356.215801] ksys_ioctl+0xa9/0xd0 [ 356.219270] __x64_sys_ioctl+0x73/0xb0 [ 356.223177] do_syscall_64+0x1b9/0x820 [ 356.227077] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 356.232462] ? syscall_return_slowpath+0x5e0/0x5e0 [ 356.237403] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.242270] ? trace_hardirqs_on_caller+0x310/0x310 [ 356.247302] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 356.252335] ? prepare_exit_to_usermode+0x291/0x3b0 [ 356.257375] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.262246] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 356.267444] RIP: 0033:0x457579 [ 356.270647] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 356.289561] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 356.297286] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 356.304567] RDX: 0000000020013000 RSI: 0000000080104592 RDI: 0000000000000004 [ 356.311845] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 356.319143] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 356.326423] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 356.333858] CPU: 1 PID: 11931 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 356.341258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 356.350642] Call Trace: [ 356.353254] dump_stack+0x1c4/0x2b4 [ 356.356912] ? dump_stack_print_info.cold.2+0x52/0x52 [ 356.362126] ? kasan_check_write+0x14/0x20 [ 356.366402] ? do_raw_spin_lock+0xc1/0x200 [ 356.370663] handle_userfault.cold.33+0x47/0x62 [ 356.375369] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 356.379986] ? mark_held_locks+0x130/0x130 [ 356.384237] ? __switch_to_asm+0x34/0x70 [ 356.388311] ? __switch_to_asm+0x40/0x70 [ 356.392407] ? __schedule+0x874/0x1ed0 [ 356.396329] ? print_usage_bug+0xc0/0xc0 [ 356.400416] ? print_usage_bug+0xc0/0xc0 [ 356.404528] ? graph_lock+0x170/0x170 [ 356.408355] ? __lock_acquire+0x7ec/0x4ec0 [ 356.412629] ? find_held_lock+0x36/0x1c0 [ 356.416717] ? __handle_mm_fault+0x45dc/0x53e0 [ 356.421317] ? lock_downgrade+0x900/0x900 [ 356.425487] ? kasan_check_read+0x11/0x20 [ 356.429654] ? do_raw_spin_unlock+0xa7/0x2f0 [ 356.434077] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 356.438677] ? kasan_check_write+0x14/0x20 [ 356.442931] ? do_raw_spin_lock+0xc1/0x200 [ 356.447197] __handle_mm_fault+0x45ed/0x53e0 [ 356.451619] ? futex_wait_setup+0x266/0x3e0 [ 356.455965] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 356.460829] ? graph_lock+0x170/0x170 [ 356.464657] ? print_usage_bug+0xc0/0xc0 [ 356.468733] ? __lock_acquire+0x7ec/0x4ec0 [ 356.472988] ? graph_lock+0x170/0x170 [ 356.476805] ? graph_lock+0x170/0x170 [ 356.480644] ? handle_mm_fault+0x42a/0xc70 [ 356.484907] ? lock_downgrade+0x900/0x900 [ 356.489079] ? check_preemption_disabled+0x48/0x200 [ 356.494119] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 356.499931] ? kasan_check_read+0x11/0x20 [ 356.504096] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 356.509392] ? rcu_bh_qs+0xc0/0xc0 [ 356.512958] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 356.518430] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 356.523985] ? check_preemption_disabled+0x48/0x200 [ 356.529030] handle_mm_fault+0x54f/0xc70 [ 356.533117] ? __handle_mm_fault+0x53e0/0x53e0 [ 356.537719] ? find_vma+0x34/0x190 [ 356.541283] __do_page_fault+0x67d/0xed0 [ 356.545371] ? mm_fault_error+0x380/0x380 [ 356.549545] ? graph_lock+0x170/0x170 [ 356.553370] do_page_fault+0xf2/0x7e0 [ 356.557201] ? vmalloc_sync_all+0x30/0x30 [ 356.561362] ? error_entry+0x76/0xd0 [ 356.565102] ? trace_hardirqs_off_caller+0xbb/0x310 [ 356.570143] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.575057] ? trace_hardirqs_on_caller+0x310/0x310 [ 356.580103] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.584992] page_fault+0x1e/0x30 [ 356.588460] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 356.594096] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 356.613010] RSP: 0018:ffff8801873efbd0 EFLAGS: 00010202 [ 356.618395] RAX: ffffed0030e7dfa2 RBX: 0000000000000020 RCX: 0000000000000004 [ 356.625676] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801873efcf0 [ 356.632954] RBP: ffff8801873efc08 R08: ffffed0030e7dfa2 R09: ffffed0030e7df9e [ 356.640234] R10: ffffed0030e7dfa1 R11: ffff8801873efd0f R12: 0000000020013020 [ 356.647521] R13: 0000000020013000 R14: ffff8801873efcf0 R15: 00007ffffffff000 [ 356.654834] ? _copy_from_user+0x10d/0x150 [ 356.659104] do_vfs_ioctl+0x4da/0x1720 [ 356.663018] ? ioctl_preallocate+0x300/0x300 [ 356.667448] ? __fget_light+0x2e9/0x430 [ 356.671438] ? fget_raw+0x20/0x20 [ 356.674913] ? _copy_to_user+0xc8/0x110 [ 356.678925] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 356.684482] ? put_timespec64+0x10f/0x1b0 [ 356.688659] ? nsecs_to_jiffies+0x30/0x30 [ 356.692828] ? do_syscall_64+0x9a/0x820 [ 356.696846] ? do_syscall_64+0x9a/0x820 [ 356.700856] ? lockdep_hardirqs_on+0x421/0x5c0 [ 356.705471] ? security_file_ioctl+0x94/0xc0 [ 356.709911] ksys_ioctl+0xa9/0xd0 [ 356.713398] __x64_sys_ioctl+0x73/0xb0 [ 356.717308] do_syscall_64+0x1b9/0x820 [ 356.721217] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 356.726598] ? syscall_return_slowpath+0x5e0/0x5e0 [ 356.731541] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.736410] ? trace_hardirqs_on_caller+0x310/0x310 [ 356.741441] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 356.746474] ? prepare_exit_to_usermode+0x291/0x3b0 [ 356.751518] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.756399] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 356.761596] RIP: 0033:0x457579 [ 356.764805] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 356.783717] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 356.791439] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 356.798719] RDX: 0000000020013000 RSI: 000000004020940d RDI: 0000000000000004 [ 356.805997] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 356.813275] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 356.820556] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:12 executing program 0: mkdir(&(0x7f0000ed6000)='./file0\x00', 0x0) mount(&(0x7f00000001c0)=ANY=[], &(0x7f00000000c0)='./file0\x00', &(0x7f00000013c0)='ramfs\x00', 0x1, &(0x7f0000000080)) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x208400, 0x0) mknodat(r0, &(0x7f0000000040)='./file0\x00', 0xc018, 0x5a) r1 = openat(0xffffffffffffff9c, &(0x7f0000012ff8)='./file0\x00', 0x2, 0x0) fsetxattr$security_smack_transmute(r1, &(0x7f0000000140)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000180)='TRUE', 0x4, 0x1) symlinkat(&(0x7f000045bff8)='./file0\x00', r1, &(0x7f00000cc000)='./file0\x00') r2 = msgget$private(0x0, 0x10) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r0, 0x800442d4, &(0x7f0000000080)=0x6d) msgctl$IPC_RMID(r2, 0x0) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000100)={0x8000, 0x80000000}) 13:47:12 executing program 0: r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x20, 0x101002) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000000)=""/188) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x80100, 0x0) connect(r1, &(0x7f0000000140)=@nfc_llcp={0x27, 0x1, 0x2, 0x7, 0x401, 0x9, "8e7f97fa6cd7028632734a72f0f96986c0c9d446a3383ff83624a66d9e7d6e9b7ea123825301d463e73a06d777e3f484f42578ee15b03e85583b5dfccedb4f", 0xe}, 0x80) write$evdev(r0, &(0x7f00006f7fe8)=[{{}, 0x1, 0x400000000000038, 0x400000002}], 0xfdd0) [ 357.050177] FAULT_FLAG_ALLOW_RETRY missing 30 [ 357.055706] CPU: 1 PID: 11942 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 357.063575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.072938] Call Trace: [ 357.075544] dump_stack+0x1c4/0x2b4 [ 357.079194] ? dump_stack_print_info.cold.2+0x52/0x52 [ 357.084404] ? kasan_check_write+0x14/0x20 [ 357.088658] ? do_raw_spin_lock+0xc1/0x200 [ 357.092927] handle_userfault.cold.33+0x47/0x62 [ 357.097625] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 357.102222] ? mark_held_locks+0x130/0x130 [ 357.106467] ? mark_held_locks+0x130/0x130 [ 357.110734] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.116286] ? print_usage_bug+0xc0/0xc0 [ 357.120362] ? print_usage_bug+0xc0/0xc0 [ 357.124466] ? select_task_rq_fair+0x3490/0x34f0 [ 357.129248] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.134798] ? check_preemption_disabled+0x48/0x200 [ 357.139827] ? graph_lock+0x170/0x170 [ 357.143646] ? __lock_acquire+0x7ec/0x4ec0 [ 357.147902] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.153469] ? find_held_lock+0x36/0x1c0 [ 357.157553] ? __handle_mm_fault+0x45dc/0x53e0 [ 357.162147] ? lock_downgrade+0x900/0x900 [ 357.166313] ? kasan_check_read+0x11/0x20 [ 357.170473] ? do_raw_spin_unlock+0xa7/0x2f0 [ 357.174904] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 357.179504] ? kasan_check_write+0x14/0x20 [ 357.183751] ? do_raw_spin_lock+0xc1/0x200 [ 357.188007] __handle_mm_fault+0x45ed/0x53e0 [ 357.192442] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 357.197295] ? graph_lock+0x170/0x170 [ 357.201109] ? print_usage_bug+0xc0/0xc0 [ 357.205183] ? __switch_to_asm+0x40/0x70 [ 357.209253] ? __switch_to_asm+0x34/0x70 [ 357.213320] ? __switch_to_asm+0x40/0x70 [ 357.217397] ? graph_lock+0x170/0x170 [ 357.221210] ? graph_lock+0x170/0x170 [ 357.225046] ? handle_mm_fault+0x42a/0xc70 [ 357.229293] ? lock_downgrade+0x900/0x900 [ 357.233455] ? check_preemption_disabled+0x48/0x200 [ 357.238492] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 357.244297] ? kasan_check_read+0x11/0x20 [ 357.248456] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 357.253744] ? rcu_bh_qs+0xc0/0xc0 [ 357.257299] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 357.262763] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 357.268315] ? check_preemption_disabled+0x48/0x200 [ 357.273355] handle_mm_fault+0x54f/0xc70 [ 357.277438] ? __handle_mm_fault+0x53e0/0x53e0 [ 357.282033] ? find_vma+0x34/0x190 [ 357.285593] __do_page_fault+0x67d/0xed0 [ 357.289674] ? mm_fault_error+0x380/0x380 [ 357.293833] ? graph_lock+0x170/0x170 [ 357.297640] ? migrate_swap_stop+0x930/0x930 [ 357.302072] do_page_fault+0xf2/0x7e0 [ 357.305896] ? vmalloc_sync_all+0x30/0x30 [ 357.310060] ? error_entry+0x76/0xd0 [ 357.313789] ? trace_hardirqs_off_caller+0xbb/0x310 [ 357.318819] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.323671] ? trace_hardirqs_on_caller+0x310/0x310 [ 357.328711] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.333572] page_fault+0x1e/0x30 [ 357.337036] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 357.342681] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 357.361591] RSP: 0018:ffff880183f677f0 EFLAGS: 00010202 [ 357.366964] RAX: ffffed00307ecf1c RBX: 0000000000000010 RCX: 0000000000000002 [ 357.374241] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff880183f678d0 [ 357.381513] RBP: ffff880183f67828 R08: ffffed00307ecf1c R09: ffffed00307ecf1a [ 357.388785] R10: ffffed00307ecf1b R11: ffff880183f678df R12: 0000000020013010 [ 357.396062] R13: 0000000020013000 R14: ffff880183f678d0 R15: 00007ffffffff000 [ 357.403382] ? _copy_from_user+0x10d/0x150 [ 357.407648] evdev_do_ioctl+0x12a9/0x2180 [ 357.411820] ? str_to_user+0x90/0x90 [ 357.415549] ? graph_lock+0x170/0x170 [ 357.419364] ? do_futex+0x249/0x26d0 [ 357.423124] ? __lockdep_init_map+0x105/0x590 [ 357.427635] ? lockdep_init_map+0x9/0x10 [ 357.431718] ? find_held_lock+0x36/0x1c0 [ 357.435802] ? __fget+0x4aa/0x740 [ 357.439265] ? lock_downgrade+0x900/0x900 [ 357.443433] ? check_preemption_disabled+0x48/0x200 [ 357.448478] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 357.454284] ? kasan_check_read+0x11/0x20 [ 357.458443] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 357.463739] ? rcu_bh_qs+0xc0/0xc0 [ 357.467303] ? __fget+0x4d1/0x740 [ 357.470776] ? ksys_dup3+0x680/0x680 [ 357.474513] evdev_ioctl_handler+0x144/0x1a0 [ 357.478936] evdev_ioctl+0x27/0x2e [ 357.482499] ? evdev_ioctl_compat+0x30/0x30 [ 357.486844] do_vfs_ioctl+0x1de/0x1720 [ 357.490762] ? ioctl_preallocate+0x300/0x300 [ 357.495186] ? __fget_light+0x2e9/0x430 [ 357.499170] ? fget_raw+0x20/0x20 [ 357.502645] ? _copy_to_user+0xc8/0x110 [ 357.506679] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 357.512238] ? put_timespec64+0x10f/0x1b0 [ 357.516415] ? nsecs_to_jiffies+0x30/0x30 [ 357.520579] ? do_syscall_64+0x9a/0x820 [ 357.524601] ? do_syscall_64+0x9a/0x820 [ 357.528604] ? lockdep_hardirqs_on+0x421/0x5c0 [ 357.533201] ? security_file_ioctl+0x94/0xc0 [ 357.537628] ksys_ioctl+0xa9/0xd0 [ 357.541107] __x64_sys_ioctl+0x73/0xb0 [ 357.545021] do_syscall_64+0x1b9/0x820 [ 357.548923] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 357.554301] ? syscall_return_slowpath+0x5e0/0x5e0 [ 357.559265] ? trace_hardirqs_on_caller+0x310/0x310 [ 357.564299] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 357.569329] ? recalc_sigpending_tsk+0x180/0x180 [ 357.574103] ? kasan_check_write+0x14/0x20 [ 357.578357] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.583229] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.586609] FAULT_FLAG_ALLOW_RETRY missing 30 [ 357.588424] RIP: 0033:0x457579 [ 357.588443] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 357.588458] RSP: 002b:00007fd9995a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 357.622768] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 357.630043] RDX: 0000000020013000 RSI: 0000000080104592 RDI: 0000000000000004 [ 357.637320] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 357.644595] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995a46d4 [ 357.651881] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 357.659196] CPU: 0 PID: 11931 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 357.660254] netlink: 16 bytes leftover after parsing attributes in process `syz-executor2'. [ 357.666570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.666577] Call Trace: [ 357.666604] dump_stack+0x1c4/0x2b4 [ 357.666626] ? dump_stack_print_info.cold.2+0x52/0x52 [ 357.695869] ? kasan_check_write+0x14/0x20 [ 357.700141] ? do_raw_spin_lock+0xc1/0x200 [ 357.704403] handle_userfault.cold.33+0x47/0x62 [ 357.709105] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 357.713702] ? mark_held_locks+0x130/0x130 [ 357.717955] ? __switch_to_asm+0x34/0x70 [ 357.722024] ? __switch_to_asm+0x40/0x70 [ 357.726108] ? __schedule+0x874/0x1ed0 [ 357.730021] ? print_usage_bug+0xc0/0xc0 [ 357.734103] ? print_usage_bug+0xc0/0xc0 [ 357.738195] ? graph_lock+0x170/0x170 [ 357.738219] ? __lock_acquire+0x7ec/0x4ec0 [ 357.746263] ? find_held_lock+0x36/0x1c0 13:47:13 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x8000, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000040)={0xffff, 0x7, 0x1, 0x5, 0xffffffff, 0x3, 0x2}, 0xc) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f00000000c0)={{0x400000ffffff94}, {0xfdfdffff}}) [ 357.746295] ? __handle_mm_fault+0x45dc/0x53e0 [ 357.746315] ? lock_downgrade+0x900/0x900 [ 357.759107] ? kasan_check_read+0x11/0x20 [ 357.763270] ? do_raw_spin_unlock+0xa7/0x2f0 [ 357.767695] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 357.772299] ? kasan_check_write+0x14/0x20 [ 357.776549] ? do_raw_spin_lock+0xc1/0x200 [ 357.780808] __handle_mm_fault+0x45ed/0x53e0 [ 357.785229] ? futex_wait_setup+0x266/0x3e0 [ 357.789572] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 357.794438] ? graph_lock+0x170/0x170 [ 357.798253] ? print_usage_bug+0xc0/0xc0 [ 357.802332] ? __lock_acquire+0x7ec/0x4ec0 [ 357.806585] ? graph_lock+0x170/0x170 [ 357.810421] ? graph_lock+0x170/0x170 [ 357.814259] ? handle_mm_fault+0x42a/0xc70 [ 357.818508] ? lock_downgrade+0x900/0x900 [ 357.822666] ? check_preemption_disabled+0x48/0x200 [ 357.822690] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 357.833496] ? kasan_check_read+0x11/0x20 [ 357.833515] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 357.833533] ? rcu_bh_qs+0xc0/0xc0 [ 357.833551] ? __bpf_trace_preemptirq_template+0x30/0x30 13:47:13 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x2}) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x105000, 0x0) ioctl$KDGETMODE(r2, 0x4b3b, &(0x7f0000000100)) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000040)=@assoc_value, &(0x7f00000000c0)=0x8) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x100000e, 0x32, 0xffffffffffffffff, 0x0) close(r0) 13:47:13 executing program 2: r0 = socket$inet(0x10, 0xa, 0x2) sendmsg(r0, &(0x7f000001d000)={0x0, 0x20, &(0x7f0000000040)=[{&(0x7f0000000080)="2400002bb07ab600170e0604000200001d85687f0000000400ff7e", 0x24}]}, 0x0) [ 357.833574] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 357.857513] ? check_preemption_disabled+0x48/0x200 [ 357.862553] handle_mm_fault+0x54f/0xc70 [ 357.866636] ? __handle_mm_fault+0x53e0/0x53e0 [ 357.871236] ? find_vma+0x34/0x190 [ 357.874797] __do_page_fault+0x67d/0xed0 [ 357.878899] ? mm_fault_error+0x380/0x380 [ 357.883065] ? graph_lock+0x170/0x170 [ 357.886906] do_page_fault+0xf2/0x7e0 [ 357.890727] ? vmalloc_sync_all+0x30/0x30 [ 357.894914] ? error_entry+0x76/0xd0 [ 357.898651] ? trace_hardirqs_off_caller+0xbb/0x310 13:47:13 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_ifreq(r0, 0x89f6, &(0x7f0000000300)={"7369743000000400b5c4b900007f0200"}) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x400, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x4100, 0x0) sendmsg$nl_netfilter(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0xd, 0x2, 0x1, 0x70bd28, 0x25dfdbff, {0xf, 0x0, 0x2}, [@generic="b6fa1940fc158bfde47b5fa23eba6d34f60b148141dffab773fb545975b490ffe8a99bd9d7f6278db7e81c27390bfd4c5e8cf6bade5c"]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x80) [ 357.903694] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.908559] ? trace_hardirqs_on_caller+0x310/0x310 [ 357.913611] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.918477] page_fault+0x1e/0x30 [ 357.921946] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 357.927582] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 357.946497] RSP: 0018:ffff8801873efbd0 EFLAGS: 00010202 13:47:13 executing program 3: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f00000000c0)={'syz'}, &(0x7f0000000600)="585ccb83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2572829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c0100000000000000c0d0c60000ce0637ce0000b4ec24c53d3d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f47725392a36", 0xc0, 0xfffffffffffffffe) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000080)=0x7, 0x4) r2 = socket$l2tp(0x18, 0x1, 0x1) keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r0, r0}, &(0x7f00000002c0)=""/212, 0x32, &(0x7f0000000240)={&(0x7f00000001c0)={'cmac(camellia-asm)\x00'}}) ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") [ 357.952330] RAX: ffffed0030e7dfa2 RBX: 0000000000000020 RCX: 0000000000000004 [ 357.959612] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801873efcf0 [ 357.966909] RBP: ffff8801873efc08 R08: ffffed0030e7dfa2 R09: ffffed0030e7df9e [ 357.974189] R10: ffffed0030e7dfa1 R11: ffff8801873efd0f R12: 0000000020013020 [ 357.981472] R13: 0000000020013000 R14: ffff8801873efcf0 R15: 00007ffffffff000 [ 357.988793] ? _copy_from_user+0x10d/0x150 [ 357.993061] do_vfs_ioctl+0x4da/0x1720 [ 357.997011] ? ioctl_preallocate+0x300/0x300 [ 358.001440] ? __fget_light+0x2e9/0x430 [ 358.005457] ? fget_raw+0x20/0x20 [ 358.008932] ? _copy_to_user+0xc8/0x110 [ 358.012937] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 358.018515] ? put_timespec64+0x10f/0x1b0 [ 358.022681] ? nsecs_to_jiffies+0x30/0x30 [ 358.026854] ? do_syscall_64+0x9a/0x820 [ 358.030864] ? do_syscall_64+0x9a/0x820 [ 358.034900] ? lockdep_hardirqs_on+0x421/0x5c0 [ 358.039506] ? security_file_ioctl+0x94/0xc0 [ 358.043940] ksys_ioctl+0xa9/0xd0 [ 358.047426] __x64_sys_ioctl+0x73/0xb0 [ 358.051332] do_syscall_64+0x1b9/0x820 [ 358.055238] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 358.060620] ? syscall_return_slowpath+0x5e0/0x5e0 [ 358.065563] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.070422] ? trace_hardirqs_on_caller+0x310/0x310 [ 358.075474] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 358.080514] ? prepare_exit_to_usermode+0x291/0x3b0 [ 358.085564] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.090435] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.095638] RIP: 0033:0x457579 [ 358.098847] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 358.117778] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 358.125502] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 358.132777] RDX: 0000000020013000 RSI: 000000004020940d RDI: 0000000000000004 [ 358.140054] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 358.147337] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 13:47:13 executing program 3: perf_event_open(&(0x7f0000000840)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x228, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000540)='/dev/uinput\x00', 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000001680)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x100000000000dfff, 0x1, &(0x7f0000000040)=[{&(0x7f00000016c0)="eb64c86d4f66732e66617400020441000500077008f8", 0x16}], 0x0, &(0x7f0000000140)=ANY=[]) timer_getoverrun(0x0) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000080)) pipe2(&(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x801) ioctl$IOC_PR_PREEMPT_ABORT(r0, 0x401870cc, &(0x7f0000000280)={0x80, 0x7, 0x2, 0x80000001}) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vhost-net\x00', 0x2, 0x0) r3 = dup(r2) ioctl$DRM_IOCTL_RES_CTX(r3, 0xc0106426, &(0x7f00000004c0)={0x5, &(0x7f00000003c0)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000800)={r4, &(0x7f0000000500)=""/35}) ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0) ioctl$VHOST_RESET_OWNER(r2, 0xaf02, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = socket$inet6(0xa, 0x0, 0x0) syz_open_dev$sndseq(&(0x7f0000000780)='/dev/snd/seq\x00', 0x0, 0x101001) connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev}, 0x1c) ioctl$EVIOCGVERSION(0xffffffffffffffff, 0x80044501, &(0x7f0000000980)=""/186) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, &(0x7f0000000580)=0x14) r6 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x120e, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000700), &(0x7f0000000740)=0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x9) perf_event_open(&(0x7f0000000400)={0x0, 0x70, 0x0, 0x1, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x5, 0x0, 0x101, 0x0, 0x3f, 0x0, 0x2, 0x0, 0x7, 0x0, 0x7, 0x0, 0x0, 0x0, 0x9, 0x50c58dcb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x3f, 0x0, 0x10000, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x7}, 0x0, 0x4, 0x0, 0x7, 0x101, 0x6, 0x7}, 0x0, 0xf, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000380)={'vcan0\x00'}) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000005c0)="74c8225730a68ced5098d64d82d8739cb962a4880b63eaa566911e847a633c68835dc10452b6dbe968cbb41ac4f6d6e3dfebc78da4f1c72644384f31618f367f8f126ef4b640ddc26b2b15d9e195977890ceddf3278cd1a7acda6375070dd101bcad2a1422cdfd6f140f6fe3af112f6d7ed05e063af0ef1d74d59421ac166b0f2176281c53ce6bfa633d11") setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000007c0)={0x0, 0x6}, 0x8) umount2(&(0x7f0000000300)='./file0\x00', 0x3) syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x2000000) [ 358.154617] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:14 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x5451, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:14 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0xc0045878, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:14 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000001140)='/dev/input/event#\x00', 0x0, 0x0) ioctl$int_out(r0, 0x2, &(0x7f0000000040)) pipe2(&(0x7f0000001080)={0xffffffffffffffff}, 0x0) ioctl$TIOCOUTQ(r2, 0x5411, &(0x7f00000011c0)) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'veth1_to_team\x00', 0x0}) socketpair$inet6_sctp(0xa, 0x0, 0x84, &(0x7f00000027c0)) sendmsg$nl_route(r3, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0xf0ffffff}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r4, 0xffffff9e, 0xf0ffffff}, [@NDA_LLADDR={0xa, 0x2, @empty=[0xf0ffffff]}]}, 0x28}}, 0x0) ioctl$EVIOCGKEY(r1, 0x80404518, &(0x7f0000000080)=""/4096) [ 358.456882] FAT-fs (loop3): Unrecognized mount option "/dev/snd/seq" or missing value 13:47:14 executing program 5: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x10, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000000000), 0x2, 0x10000000002) prctl$setmm(0x23, 0x7, &(0x7f0000fef000/0x10000)=nil) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc)) add_key$keyring(&(0x7f00000012c0)='keyring\x00', &(0x7f0000001300), 0x0, 0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$team(&(0x7f0000000500)='team\x00') accept4$packet(0xffffffffffffffff, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000600)=0x14, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f00000004c0), 0xc, &(0x7f0000000800)={&(0x7f0000000700)={0x9c, 0x0, 0x500, 0x70bd27, 0x25dfdbff, {}, [{{0x8}, {0x80, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8}}, {0x8}}}]}}]}, 0x9c}}, 0x4) openat$dsp(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dsp\x00', 0x4000, 0x0) epoll_create1(0x0) r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x4b2, 0x0) syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x81, 0x200) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f00000013c0)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f00003e1000/0x2000)=nil, 0x2000}) 13:47:14 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x2, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:14 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000040)={0x3, 0x101}) bind$alg(r0, &(0x7f00003f1fa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00006a9fef)="e5fcb5bf", 0x4) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg(r1, &(0x7f0000003500)=[{{0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000000)=[{0x10, 0x117, 0x4}], 0x10}}], 0x1, 0x0) 13:47:14 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0xc0189436, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:14 executing program 3: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000017c0)={@multicast1, @rand_addr, 0x0}, &(0x7f0000001800)=0xc) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000001840)={r1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], 0x4}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x638, 0x8083) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000040)={0x0, 0x0, 0x1000, 0x0, [0xfffffffe]}) close(r2) r3 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x0, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000002c0), 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000140)={0x0, 'bridge_slave_0\x00'}, 0x18) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000200)=0x1) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000015c0)='ip6_vti0\x00', 0x10) setsockopt$inet_sctp_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x200, 0x0, 0x0, 0x8001, 0x0, 0x10001, 0xc04, 0x0, 0xff}, 0xb) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000380)={0x0, 0x24}, 0x10) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) [ 358.856075] FAULT_FLAG_ALLOW_RETRY missing 30 [ 358.865740] CPU: 1 PID: 12036 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 358.873123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 358.882501] Call Trace: [ 358.885116] dump_stack+0x1c4/0x2b4 [ 358.888798] ? dump_stack_print_info.cold.2+0x52/0x52 [ 358.894004] ? kasan_check_write+0x14/0x20 [ 358.898256] ? do_raw_spin_lock+0xc1/0x200 [ 358.902528] handle_userfault.cold.33+0x47/0x62 [ 358.907235] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 358.911833] ? mark_held_locks+0x130/0x130 [ 358.916081] ? __schedule+0x874/0x1ed0 [ 358.920009] ? print_usage_bug+0xc0/0xc0 [ 358.924088] ? print_usage_bug+0xc0/0xc0 [ 358.928173] ? find_held_lock+0x36/0x1c0 [ 358.928200] ? graph_lock+0x170/0x170 [ 358.936076] ? __lock_acquire+0x7ec/0x4ec0 [ 358.940329] ? ___might_sleep+0x1ed/0x300 [ 358.940351] ? find_held_lock+0x36/0x1c0 [ 358.940403] ? __handle_mm_fault+0x45dc/0x53e0 [ 358.940422] ? lock_downgrade+0x900/0x900 [ 358.940445] ? kasan_check_read+0x11/0x20 [ 358.940468] ? do_raw_spin_unlock+0xa7/0x2f0 [ 358.949050] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 358.949069] ? kasan_check_write+0x14/0x20 [ 358.949085] ? do_raw_spin_lock+0xc1/0x200 [ 358.949112] __handle_mm_fault+0x45ed/0x53e0 [ 358.949141] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 358.949160] ? graph_lock+0x170/0x170 [ 358.992539] ? print_usage_bug+0xc0/0xc0 [ 358.996650] ? futex_wait+0x5ec/0xa50 [ 359.000470] ? graph_lock+0x170/0x170 13:47:14 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445f2, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 359.004300] ? graph_lock+0x170/0x170 [ 359.008170] ? handle_mm_fault+0x42a/0xc70 [ 359.012435] ? lock_downgrade+0x900/0x900 [ 359.016726] ? check_preemption_disabled+0x48/0x200 [ 359.021765] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 359.027578] ? kasan_check_read+0x11/0x20 [ 359.031734] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 359.037004] ? rcu_bh_qs+0xc0/0xc0 [ 359.040548] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 359.045992] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 359.051536] ? check_preemption_disabled+0x48/0x200 [ 359.056566] handle_mm_fault+0x54f/0xc70 [ 359.060637] ? __handle_mm_fault+0x53e0/0x53e0 [ 359.065221] ? find_vma+0x34/0x190 [ 359.068757] __do_page_fault+0x67d/0xed0 [ 359.072812] ? mm_fault_error+0x380/0x380 [ 359.076974] ? graph_lock+0x170/0x170 [ 359.080772] ? __fget+0x4aa/0x740 [ 359.084222] do_page_fault+0xf2/0x7e0 [ 359.088027] ? vmalloc_sync_all+0x30/0x30 [ 359.092188] ? error_entry+0x76/0xd0 [ 359.095918] ? trace_hardirqs_off_caller+0xbb/0x310 [ 359.100943] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.105802] ? trace_hardirqs_on_caller+0x310/0x310 [ 359.110838] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.115703] page_fault+0x1e/0x30 [ 359.119150] RIP: 0010:__get_user_2+0x25/0x30 [ 359.123550] Code: 00 00 00 00 00 48 83 c0 01 0f 82 81 00 00 00 65 48 8b 14 25 40 ee 01 00 48 3b 82 18 14 00 00 73 6f 48 19 d2 48 21 d0 0f 1f 00 <0f> b7 50 ff 31 c0 0f 1f 00 c3 90 48 83 c0 03 72 55 65 48 8b 14 25 [ 359.142462] RSP: 0018:ffff8801d2357c10 EFLAGS: 00010206 [ 359.147844] RAX: 0000000020013011 RBX: ffff8801cd059000 RCX: ffffc90003e86000 [ 359.155121] RDX: ffffffffffffffff RSI: ffffffff81b162e3 RDI: 0000000000000286 [ 359.162393] RBP: ffff8801d2357db8 R08: 0000000000000000 R09: 0000000000000000 [ 359.169688] R10: ffff8801c48389c0 R11: de06756c5a84344a R12: 1ffff1003a46af8a [ 359.176947] R13: 00000000c0189436 R14: ffff8801cca41100 R15: 00000000c0189436 [ 359.184232] ? __might_fault+0x1a3/0x1e0 [ 359.188293] ? do_vfs_ioctl+0xea2/0x1720 [ 359.192349] ? ioctl_preallocate+0x300/0x300 [ 359.196765] ? __fget_light+0x2e9/0x430 [ 359.200744] ? fget_raw+0x20/0x20 [ 359.204190] ? _copy_to_user+0xc8/0x110 [ 359.208176] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 359.213721] ? put_timespec64+0x10f/0x1b0 [ 359.217866] ? nsecs_to_jiffies+0x30/0x30 [ 359.222021] ? do_syscall_64+0x9a/0x820 [ 359.225988] ? do_syscall_64+0x9a/0x820 [ 359.229967] ? lockdep_hardirqs_on+0x421/0x5c0 [ 359.234552] ? security_file_ioctl+0x94/0xc0 [ 359.238956] ksys_ioctl+0xa9/0xd0 [ 359.242459] __x64_sys_ioctl+0x73/0xb0 [ 359.246374] do_syscall_64+0x1b9/0x820 [ 359.250264] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 359.255642] ? syscall_return_slowpath+0x5e0/0x5e0 [ 359.260558] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.265414] ? trace_hardirqs_on_caller+0x310/0x310 [ 359.270476] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 359.275482] ? prepare_exit_to_usermode+0x291/0x3b0 [ 359.280492] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.285344] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 359.290529] RIP: 0033:0x457579 13:47:15 executing program 0: r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x7f) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) fchdir(0xffffffffffffffff) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000004fc0)={{{@in6=@remote, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6}}, &(0x7f00000050c0)=0xe8) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000005100)={r2, 0x1, 0x6, @local}, 0x10) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000040)={0x8, 0xffff, 0x0, 0x2, 0x1, [{0x100, 0x25f8, 0x4, 0x0, 0x0, 0x8}]}) sendmsg$nl_netfilter(r1, &(0x7f0000d65000)={&(0x7f0000de2ff4)={0x10, 0xfffffffffffff000}, 0xc, &(0x7f00007a8000)={&(0x7f0000000000)={0x14, 0x0, 0x1, 0xffffffffffffffff}, 0x14}}, 0x0) 13:47:15 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @remote, @loopback}, 0xc) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x0, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x0, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000180)={@loopback, @mcast1, @loopback, 0x7, 0x0, 0x8cd, 0x100, 0x51, 0x80, r3}) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r4 = getpid() ioctl$SG_GET_KEEP_ORPHAN(r1, 0x2288, &(0x7f00000000c0)) sched_setscheduler(r4, 0x5, &(0x7f0000000200)) perf_event_open(&(0x7f0000000100)={0x5, 0x70, 0xa, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x8}}, 0x0, 0x0, r2, 0x2) syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffc) [ 359.293727] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 359.312627] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 359.320349] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 359.327624] RDX: 0000000020013000 RSI: 00000000c0189436 RDI: 0000000000000004 [ 359.334896] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 359.342159] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 359.349426] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:15 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0xc0189436, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 359.462361] Unknown ioctl 35123 [ 359.492026] Unknown ioctl 35084 13:47:15 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x2, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:15 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000000)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7030000000000006a0a00fe000000008500000030000000b7000000000000009500000000000000"], &(0x7f00000002c0)="7383ee86dfd40f176d2c65"}, 0x48) r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x40, 0x103000) write$FUSE_NOTIFY_STORE(r1, &(0x7f00000000c0)={0x29, 0x4, 0x0, {0x6, 0x1, 0x1, 0x0, [0x0]}}, 0x29) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0xe, 0x73, &(0x7f00000001c0)="baef40ce52357da968f260530cc8", &(0x7f0000000100)=""/115}, 0x28) [ 359.561819] Unknown ioctl 8840 13:47:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000000100)=@generic={0x3, 0x8, 0x7fffffff}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="f043812d63000000009000000f0648b800300000000000000f23c80f21f835040090000f23f8b96e080000b800000000ba008000000f3066642e0f0174b0db66b878000f00d8c7442400de000000c7442402bc02ddb3c7442406000000000f011424643ef00fba3fd13e430f060f30", 0x6f}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x4, 0x0, 0x2000, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000012000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="e3ccba4100b80060ef650f01cbba410066b80060000066efb89f018ee00fc72b0fc7280f32baf80c66b813f4c98966efbafc0cec0f01df", 0x37}], 0x1, 0x0, &(0x7f0000000100), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 359.616082] FAULT_FLAG_ALLOW_RETRY missing 30 [ 359.661724] CPU: 0 PID: 12059 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 359.669147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 359.678515] Call Trace: [ 359.681131] dump_stack+0x1c4/0x2b4 [ 359.681159] ? dump_stack_print_info.cold.2+0x52/0x52 [ 359.681182] ? kasan_check_write+0x14/0x20 [ 359.690000] ? do_raw_spin_lock+0xc1/0x200 [ 359.690027] handle_userfault.cold.33+0x47/0x62 [ 359.690059] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 359.690079] ? mark_held_locks+0x130/0x130 [ 359.712015] ? __schedule+0x874/0x1ed0 [ 359.715949] ? print_usage_bug+0xc0/0xc0 [ 359.720033] ? print_usage_bug+0xc0/0xc0 [ 359.724125] ? find_held_lock+0x36/0x1c0 [ 359.728209] ? graph_lock+0x170/0x170 [ 359.732031] ? __lock_acquire+0x7ec/0x4ec0 [ 359.736299] ? ___might_sleep+0x1ed/0x300 [ 359.740467] ? find_held_lock+0x36/0x1c0 [ 359.744548] ? __handle_mm_fault+0x45dc/0x53e0 [ 359.749135] ? lock_downgrade+0x900/0x900 [ 359.753294] ? kasan_check_read+0x11/0x20 [ 359.757450] ? do_raw_spin_unlock+0xa7/0x2f0 [ 359.761909] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 359.766513] ? kasan_check_write+0x14/0x20 [ 359.770754] ? do_raw_spin_lock+0xc1/0x200 [ 359.775009] __handle_mm_fault+0x45ed/0x53e0 [ 359.779439] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 359.784297] ? graph_lock+0x170/0x170 [ 359.788148] ? print_usage_bug+0xc0/0xc0 [ 359.792217] ? futex_wait+0x5ec/0xa50 [ 359.796023] ? graph_lock+0x170/0x170 [ 359.799827] ? graph_lock+0x170/0x170 [ 359.803657] ? handle_mm_fault+0x42a/0xc70 [ 359.807914] ? lock_downgrade+0x900/0x900 [ 359.812074] ? check_preemption_disabled+0x48/0x200 [ 359.817108] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 359.822926] ? kasan_check_read+0x11/0x20 [ 359.827084] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 359.832373] ? rcu_bh_qs+0xc0/0xc0 [ 359.835939] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 359.841403] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 359.846981] ? check_preemption_disabled+0x48/0x200 [ 359.852017] handle_mm_fault+0x54f/0xc70 [ 359.856092] ? __handle_mm_fault+0x53e0/0x53e0 [ 359.860712] ? find_vma+0x34/0x190 [ 359.864279] __do_page_fault+0x67d/0xed0 [ 359.868353] ? mm_fault_error+0x380/0x380 [ 359.872510] ? graph_lock+0x170/0x170 [ 359.876316] ? __fget+0x4aa/0x740 [ 359.879784] do_page_fault+0xf2/0x7e0 [ 359.883618] ? vmalloc_sync_all+0x30/0x30 [ 359.887778] ? error_entry+0x76/0xd0 [ 359.891514] ? trace_hardirqs_off_caller+0xbb/0x310 [ 359.896577] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.901428] ? trace_hardirqs_on_caller+0x310/0x310 [ 359.906467] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.911326] page_fault+0x1e/0x30 [ 359.914787] RIP: 0010:__get_user_2+0x25/0x30 [ 359.919201] Code: 00 00 00 00 00 48 83 c0 01 0f 82 81 00 00 00 65 48 8b 14 25 40 ee 01 00 48 3b 82 18 14 00 00 73 6f 48 19 d2 48 21 d0 0f 1f 00 <0f> b7 50 ff 31 c0 0f 1f 00 c3 90 48 83 c0 03 72 55 65 48 8b 14 25 [ 359.938109] RSP: 0018:ffff880183dffc10 EFLAGS: 00010206 [ 359.943481] RAX: 0000000020013011 RBX: ffff8801d5a4ad40 RCX: ffffc90009eda000 [ 359.951191] RDX: ffffffffffffffff RSI: ffffffff81b162e3 RDI: 0000000000000286 [ 359.958459] RBP: ffff880183dffdb8 R08: 0000000000000000 R09: 0000000000000000 [ 359.965727] R10: ffff880189e2ca00 R11: de06756c5a84344a R12: 1ffff100307bff8a [ 359.972996] R13: 00000000c0189436 R14: ffff8801cca41100 R15: 00000000c0189436 [ 359.980299] ? __might_fault+0x1a3/0x1e0 [ 359.984375] ? do_vfs_ioctl+0xea2/0x1720 [ 359.988450] ? ioctl_preallocate+0x300/0x300 [ 359.992868] ? __fget_light+0x2e9/0x430 [ 359.996869] ? fget_raw+0x20/0x20 [ 360.000346] ? _copy_to_user+0xc8/0x110 [ 360.004333] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 360.009893] ? put_timespec64+0x10f/0x1b0 [ 360.014057] ? nsecs_to_jiffies+0x30/0x30 [ 360.018217] ? do_syscall_64+0x9a/0x820 [ 360.022199] ? do_syscall_64+0x9a/0x820 [ 360.026186] ? lockdep_hardirqs_on+0x421/0x5c0 [ 360.030783] ? security_file_ioctl+0x94/0xc0 [ 360.035202] ksys_ioctl+0xa9/0xd0 [ 360.038669] __x64_sys_ioctl+0x73/0xb0 [ 360.042572] do_syscall_64+0x1b9/0x820 [ 360.046476] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 360.051860] ? syscall_return_slowpath+0x5e0/0x5e0 [ 360.056827] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.061690] ? trace_hardirqs_on_caller+0x310/0x310 [ 360.066722] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 360.071749] ? prepare_exit_to_usermode+0x291/0x3b0 [ 360.076776] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.081671] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.086904] RIP: 0033:0x457579 [ 360.090116] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 360.109033] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.116747] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 360.124019] RDX: 0000000020013000 RSI: 00000000c0189436 RDI: 0000000000000004 [ 360.131289] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 360.138563] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 360.145833] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:15 executing program 5: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x10, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000000000), 0x2, 0x10000000002) prctl$setmm(0x23, 0x7, &(0x7f0000fef000/0x10000)=nil) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc)) add_key$keyring(&(0x7f00000012c0)='keyring\x00', &(0x7f0000001300), 0x0, 0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$team(&(0x7f0000000500)='team\x00') accept4$packet(0xffffffffffffffff, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000600)=0x14, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f00000004c0), 0xc, &(0x7f0000000800)={&(0x7f0000000700)={0x9c, 0x0, 0x500, 0x70bd27, 0x25dfdbff, {}, [{{0x8}, {0x80, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8}}, {0x8}}}]}}]}, 0x9c}}, 0x4) openat$dsp(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dsp\x00', 0x4000, 0x0) epoll_create1(0x0) r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x4b2, 0x0) syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x81, 0x200) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f00000013c0)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f00003e1000/0x2000)=nil, 0x2000}) 13:47:15 executing program 3: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000017c0)={@multicast1, @rand_addr, 0x0}, &(0x7f0000001800)=0xc) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000001840)={r1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], 0x4}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x638, 0x8083) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000040)={0x0, 0x0, 0x1000, 0x0, [0xfffffffe]}) close(r2) r3 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x0, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000002c0), 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000140)={0x0, 'bridge_slave_0\x00'}, 0x18) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000200)=0x1) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000015c0)='ip6_vti0\x00', 0x10) setsockopt$inet_sctp_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x200, 0x0, 0x0, 0x8001, 0x0, 0x10001, 0xc04, 0x0, 0xff}, 0xb) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000380)={0x0, 0x24}, 0x10) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) 13:47:15 executing program 0: r0 = socket$packet(0x11, 0xa, 0x300) socket$packet(0x11, 0x3, 0x300) getpeername$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000000)={'mangle\x00'}, &(0x7f0000000100)=0x54) 13:47:15 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r0, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(0xffffffffffffffff) 13:47:16 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x5421, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:16 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480)="07ebed0000", 0x5) r1 = accept$alg(r0, 0x0, 0x0) bind$alg(r0, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x318) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="eae90dc4cd3ba7682f1181c50d4781685fc030c00a60f32b67b141d63e642a58911ec61c4017651e5ac537419c2ee7843222133318ea1a6fd4de75433ec63d30c63f1f1ac203b344ce3d454d420e44166265caa14ebed595370522e3b4f604c5193955ea6725fe3c37413a55427ef034f9efc7c3732a2eef187141befe5fa80a26b0490f89e84c65cf", 0x89) write$binfmt_script(r1, &(0x7f0000000000)=ANY=[], 0xfffffced) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-camellia-asm\x00'}, 0x58) recvmmsg(r1, &(0x7f0000000d40)=[{{&(0x7f0000000000)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000680)=""/246, 0xf6}, {&(0x7f00000003c0)=""/132, 0x84}], 0x2, &(0x7f00000023c0)=""/4096, 0x1000}}], 0x1, 0x10103, &(0x7f0000003f80)={0x77359400}) 13:47:16 executing program 0: 13:47:16 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) r3 = syz_open_procfs(r1, &(0x7f0000000000)='net/ip6_tables_matches\x00') fcntl$setpipe(r3, 0x407, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:16 executing program 3: r0 = socket$inet(0x10, 0xe, 0xfffffffffffffe01) sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="23000000290007031dfffd946fa2830020200a00090000000600f0ffffffffffff00ff", 0x23}], 0x1}, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) write$cgroup_type(r1, &(0x7f0000000080)='threaded\x00', 0x0) [ 360.551913] FAULT_FLAG_ALLOW_RETRY missing 30 [ 360.579698] CPU: 0 PID: 12094 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 360.587128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.596489] Call Trace: [ 360.596521] dump_stack+0x1c4/0x2b4 [ 360.596545] ? dump_stack_print_info.cold.2+0x52/0x52 [ 360.596565] ? kasan_check_write+0x14/0x20 [ 360.596588] ? do_raw_spin_lock+0xc1/0x200 [ 360.596617] handle_userfault.cold.33+0x47/0x62 [ 360.596652] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 360.596672] ? mark_held_locks+0x130/0x130 [ 360.596690] ? __schedule+0x874/0x1ed0 [ 360.596733] ? print_usage_bug+0xc0/0xc0 [ 360.596752] ? print_usage_bug+0xc0/0xc0 [ 360.596779] ? find_held_lock+0x36/0x1c0 [ 360.596801] ? graph_lock+0x170/0x170 [ 360.650710] ? __lock_acquire+0x7ec/0x4ec0 [ 360.650735] ? ___might_sleep+0x1ed/0x300 13:47:16 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x2, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x0) write$binfmt_elf32(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB='X'], 0x1) ioctl$DRM_IOCTL_AGP_ENABLE(r1, 0x40086432, &(0x7f0000000140)=0x7) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000040)=0x5, 0x4) timerfd_create(0x3, 0x0) open_by_handle_at(r0, &(0x7f0000000080)={0xae, 0x2, "d1afbffee22d2065d62449e66b2440becb64ddab1a337e3fd6234a95a34b67f29fa3809c25e0931314190088f1477c357264c46904821843189ab1998ed58bd14c2705f53b510df7cd9ba60aeefedba5c6c5fe27276edb6fec3008f813462fa5d2eac3d7d210da3980fcf1997b19fd6abde7784cb8fc25186658daf3cbd1f91c614259584eccfa18e182b80cbefa1cac2be3165f26b7ff670713f4de1f7a7792a0a944ef214a"}, 0x100) mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000002, 0x1013, r1, 0x0) 13:47:16 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) syz_open_procfs(0x0, &(0x7f0000000140)='net/rt_acct\x00') bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-generic\x00'}, 0x58) openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = accept4$alg(r0, 0x0, 0x0, 0x0) sendfile(r3, r1, &(0x7f0000000080)=0x10, 0xffe) [ 360.650756] ? find_held_lock+0x36/0x1c0 [ 360.650788] ? __handle_mm_fault+0x45dc/0x53e0 [ 360.650806] ? lock_downgrade+0x900/0x900 [ 360.650830] ? kasan_check_read+0x11/0x20 13:47:16 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mixer\x00', 0x400, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000440)={{{@in, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@local}}, &(0x7f0000000540)=0xe8) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000580)={'bpq0\x00', r3}) ptrace$setopts(0x4200, r1, 0xb75, 0x8) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r4 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r4, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) request_key(&(0x7f0000000140)='.request_key_auth\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)='syz', 0xfffffffffffffffe) r5 = request_key(&(0x7f0000000280)='ceph\x00', &(0x7f00000002c0)={'syz', 0x1}, &(0x7f0000000300)='syz', 0xffffffffffffffff) r6 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, r5) add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, r6) close(r0) [ 360.650848] ? do_raw_spin_unlock+0xa7/0x2f0 [ 360.650865] ? do_raw_spin_trylock+0x1c0/0x1c0 13:47:16 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x7d8, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)="2f67726f75702e73746174003c23fb572a1f0294e6f378b41ad54b4d9d9a1f63f8785ad188a7e1c88875e05b18a4cb3a9cd12dcea440d899c22c652b3a471b4a7fa2f3fdf6e034d804e5f0df4b1dee483b157624c59c0100e89e6a357c000000", 0x2761, 0x0) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r0, 0x800442d3, &(0x7f0000000000)={0x0, 0x3ff, 0x20000, @broadcast, 'gretap0\x00'}) [ 360.650908] ? kasan_check_write+0x14/0x20 [ 360.650926] ? do_raw_spin_lock+0xc1/0x200 [ 360.650951] __handle_mm_fault+0x45ed/0x53e0 [ 360.650966] FAULT_FLAG_ALLOW_RETRY missing 30 [ 360.650981] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 13:47:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x0) ioctl$KDDELIO(r1, 0x4b35, 0x8) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000001c0)=0x3) [ 360.650998] ? graph_lock+0x170/0x170 [ 360.651016] ? print_usage_bug+0xc0/0xc0 [ 360.651035] ? futex_wait+0x5ec/0xa50 [ 360.651052] ? graph_lock+0x170/0x170 [ 360.651066] ? graph_lock+0x170/0x170 [ 360.651105] ? handle_mm_fault+0x42a/0xc70 [ 360.651122] ? lock_downgrade+0x900/0x900 [ 360.651142] ? check_preemption_disabled+0x48/0x200 [ 360.651168] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 360.651181] ? kasan_check_read+0x11/0x20 [ 360.651198] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 360.651215] ? rcu_bh_qs+0xc0/0xc0 13:47:16 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x5450, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:16 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) get_mempolicy(&(0x7f0000000000), &(0x7f00000000c0), 0x40, &(0x7f0000ffe000/0x2000)=nil, 0x4) r1 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x401, 0x420081) r2 = accept$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000240)=0x14) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000080)=[{0x3, 0x7}], 0x1) ioctl$SG_SCSI_RESET(r2, 0x2284, 0x0) r4 = getpgid(0xffffffffffffffff) ptrace$peek(0x2, r4, &(0x7f0000000040)) sendto$packet(r1, &(0x7f00000001c0)="942fcb62ef33dc205fe2518e296b0a138ae08620bcfa7428c89740468fe3", 0x1e, 0x40000, &(0x7f0000000280)={0x11, 0x8, r3, 0x1, 0x7915, 0x6, @local}, 0xe5) getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, &(0x7f00000002c0)={'mangle\x00', 0x6d, "aa4396a4d721231058b04a883e9a09a35c4ed24bb9dac6cd8568a9bf6840531123d6553842e993975caf328b8527fead6c7453352a592d2447b3026ee6c8931895cb4335c7456c906a7e218a4a2cbd698568ca08050e72fa5e4492a9d1a54730456d8ec15bb8594f2990af9d7e"}, &(0x7f00000003c0)=0xfffffffffffffe9b) write$FUSE_OPEN(r1, &(0x7f0000000140)={0x20, 0x0, 0x1, {0x0, 0x2}}, 0x20) [ 360.651233] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 360.651252] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 360.651270] ? check_preemption_disabled+0x48/0x200 [ 360.651296] handle_mm_fault+0x54f/0xc70 [ 360.651318] ? __handle_mm_fault+0x53e0/0x53e0 [ 360.651338] ? find_vma+0x34/0x190 [ 360.651363] __do_page_fault+0x67d/0xed0 [ 360.651390] ? mm_fault_error+0x380/0x380 [ 360.651408] ? graph_lock+0x170/0x170 [ 360.651425] ? __fget+0x4aa/0x740 [ 360.651447] do_page_fault+0xf2/0x7e0 [ 360.651465] ? vmalloc_sync_all+0x30/0x30 13:47:16 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x2, 0x101000) getsockopt$inet6_dccp_int(r1, 0x21, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) [ 360.651484] ? error_entry+0x76/0xd0 [ 360.651501] ? trace_hardirqs_off_caller+0xbb/0x310 [ 360.651521] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.651538] ? trace_hardirqs_on_caller+0x310/0x310 [ 360.651569] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.651594] page_fault+0x1e/0x30 [ 360.651610] RIP: 0010:__get_user_4+0x21/0x30 [ 360.651628] Code: 50 ff 31 c0 0f 1f 00 c3 90 48 83 c0 03 72 55 65 48 8b 14 25 40 ee 01 00 48 3b 82 18 14 00 00 73 43 48 19 d2 48 21 d0 0f 1f 00 <8b> 50 fd 31 c0 0f 1f 00 c3 66 0f 1f 44 00 00 48 83 c0 07 72 25 65 [ 360.651637] RSP: 0018:ffff880183f67c10 EFLAGS: 00010206 [ 360.651654] RAX: 0000000020013003 RBX: ffff8801c0f31300 RCX: ffffc90009eda000 [ 360.651664] RDX: ffffffffffffffff RSI: ffffffff81b162e3 RDI: 0000000000000286 [ 360.651674] RBP: ffff880183f67db8 R08: 0000000000000000 R09: 0000000000000000 [ 360.651684] R10: ffff8801c8596d80 R11: de06756c5a84344a R12: 1ffff100307ecf8a [ 360.651694] R13: 0000000000005421 R14: ffff8801cca41100 R15: 0000000000005421 [ 360.651725] ? __might_fault+0x1a3/0x1e0 [ 360.651748] ? do_vfs_ioctl+0x3f0/0x1720 [ 360.651772] ? ioctl_preallocate+0x300/0x300 [ 360.651790] ? __fget_light+0x2e9/0x430 [ 360.651808] ? fget_raw+0x20/0x20 [ 360.651823] ? _copy_to_user+0xc8/0x110 [ 360.651844] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 360.651861] ? put_timespec64+0x10f/0x1b0 [ 360.651897] ? nsecs_to_jiffies+0x30/0x30 [ 360.651917] ? do_syscall_64+0x9a/0x820 [ 360.651933] ? do_syscall_64+0x9a/0x820 [ 360.651950] ? lockdep_hardirqs_on+0x421/0x5c0 [ 360.651971] ? security_file_ioctl+0x94/0xc0 [ 360.651992] ksys_ioctl+0xa9/0xd0 [ 360.652014] __x64_sys_ioctl+0x73/0xb0 [ 360.652033] do_syscall_64+0x1b9/0x820 [ 360.652047] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 360.652067] ? syscall_return_slowpath+0x5e0/0x5e0 [ 360.652082] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.652100] ? trace_hardirqs_on_caller+0x310/0x310 [ 360.652119] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 360.652138] ? prepare_exit_to_usermode+0x291/0x3b0 [ 360.652162] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.652188] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.652200] RIP: 0033:0x457579 [ 360.652216] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 360.652225] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.652241] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 360.652251] RDX: 0000000020013000 RSI: 0000000000005421 RDI: 0000000000000004 [ 360.652261] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 360.652271] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 360.652280] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 360.652323] CPU: 1 PID: 12104 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 360.652335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.652342] Call Trace: [ 360.652368] dump_stack+0x1c4/0x2b4 [ 360.652433] ? dump_stack_print_info.cold.2+0x52/0x52 [ 360.652451] ? kasan_check_write+0x14/0x20 [ 360.652468] ? do_raw_spin_lock+0xc1/0x200 [ 360.652498] handle_userfault.cold.33+0x47/0x62 [ 360.652544] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 360.652562] ? mark_held_locks+0x130/0x130 [ 360.652578] ? mark_held_locks+0x130/0x130 [ 360.652613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.652636] ? print_usage_bug+0xc0/0xc0 [ 360.652667] ? print_usage_bug+0xc0/0xc0 [ 360.652693] ? select_task_rq_fair+0x3490/0x34f0 [ 360.652726] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.652749] ? check_preemption_disabled+0x48/0x200 [ 360.652768] ? graph_lock+0x170/0x170 13:47:17 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001f3a)="ad56b6c5820faeb995298992ea54c7beef9f5d56534c90c2", 0x18) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) write$nbd(r1, &(0x7f00000002c0)={0x67446698, 0x1, 0x1, 0x0, 0x1, "654dec6e8af698a857fe81bfcc1ff6f57cc1dea0198563981b8f668b822d12e8d3a2142fbe5e1ff920dbfa55722e8e8b79f750e685fcf742baaaa71424e56e621e938afa8a12f51678a2cd6617ae28d1249460b4dcb53db8dd8f6e82e1ed8c00907213183e1de3b5b23939b439d8efc8a760e8ff118582960898ce6177557983fe9508c9815a44770fa0aab0fe6e5f92f714bfe641fee17815"}, 0xa9) ioctl$SG_SET_COMMAND_Q(r1, 0x2271, &(0x7f0000000000)) r2 = socket$inet6(0xa, 0x3, 0x800000000000004) ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r3 = socket(0x1e, 0x2, 0x0) r4 = socket(0x1e, 0x5, 0x0) listen(r4, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000200)=@req3={0x80000000}, 0x359) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0xfeda) sendmsg(r3, &(0x7f0000000140)={&(0x7f0000000080)=@generic={0x10000000001e, "0200000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f0000000780), 0x0, &(0x7f0000000380)=ANY=[]}, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x4000, 0x0) [ 360.652798] ? __lock_acquire+0x7ec/0x4ec0 [ 360.652818] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.652848] ? find_held_lock+0x36/0x1c0 [ 360.652895] ? __handle_mm_fault+0x45dc/0x53e0 [ 360.652918] ? lock_downgrade+0x900/0x900 [ 360.652946] ? kasan_check_read+0x11/0x20 [ 360.652970] ? do_raw_spin_unlock+0xa7/0x2f0 [ 360.652993] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 360.653014] ? kasan_check_write+0x14/0x20 [ 360.653036] ? do_raw_spin_lock+0xc1/0x200 [ 360.653067] __handle_mm_fault+0x45ed/0x53e0 [ 360.653098] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 360.653117] ? graph_lock+0x170/0x170 [ 360.653137] ? print_usage_bug+0xc0/0xc0 [ 360.653156] ? __switch_to_asm+0x40/0x70 [ 360.653175] ? __switch_to_asm+0x34/0x70 [ 360.653194] ? __switch_to_asm+0x40/0x70 [ 360.653213] ? graph_lock+0x170/0x170 [ 360.653232] ? graph_lock+0x170/0x170 [ 360.653272] ? handle_mm_fault+0x42a/0xc70 [ 360.653292] ? lock_downgrade+0x900/0x900 [ 360.653314] ? check_preemption_disabled+0x48/0x200 13:47:17 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r1, 0x0) write$P9_RGETLOCK(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1cedbdaf0044a67d8463b67a2b26a3aa001327fcb8ff547f90e2056ea4de5b53f47b539ca5a27ea6f5d0d1c0ec4b1bbb243106abeea9fba45f0d44140033f2d3239eaca48ab646f90289943d02abfa312937f695f12455fdce66afaa261dfb3ab24b53752fc86259e9e372c73d7cd131e3333902eef306b571439e6db1405e81833de777b3d5c7e1"], 0x1) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000140), &(0x7f0000000200), &(0x7f0000000240)) [ 360.653339] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 360.653357] ? kasan_check_read+0x11/0x20 [ 360.653379] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 360.653411] ? rcu_bh_qs+0xc0/0xc0 [ 360.653433] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 360.653455] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 360.653478] ? check_preemption_disabled+0x48/0x200 [ 360.653509] handle_mm_fault+0x54f/0xc70 [ 360.653532] ? __handle_mm_fault+0x53e0/0x53e0 [ 360.653559] ? find_vma+0x34/0x190 [ 360.653589] __do_page_fault+0x67d/0xed0 [ 360.653619] ? mm_fault_error+0x380/0x380 [ 360.653638] ? graph_lock+0x170/0x170 [ 360.653657] ? migrate_swap_stop+0x930/0x930 [ 360.653687] do_page_fault+0xf2/0x7e0 [ 360.653708] ? vmalloc_sync_all+0x30/0x30 [ 360.653727] ? error_entry+0x76/0xd0 [ 360.653748] ? trace_hardirqs_off_caller+0xbb/0x310 [ 360.653770] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.653790] ? trace_hardirqs_on_caller+0x310/0x310 [ 360.653823] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.653852] page_fault+0x1e/0x30 [ 360.653883] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 360.653913] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 360.653927] RSP: 0018:ffff880183dff7f0 EFLAGS: 00010202 [ 360.653953] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 360.653969] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880183dff890 [ 360.653979] RBP: ffff880183dff828 R08: ffffed00307bff13 R09: ffffed00307bff12 [ 360.653988] R10: ffffed00307bff12 R11: 0000000000000003 R12: 0000000020013004 [ 360.653997] R13: 0000000020013000 R14: ffff880183dff890 R15: 00007ffffffff000 [ 360.654036] ? _copy_from_user+0x10d/0x150 [ 360.654060] evdev_do_ioctl+0xb51/0x2180 [ 360.654084] ? str_to_user+0x90/0x90 [ 360.654102] ? graph_lock+0x170/0x170 [ 360.654118] ? do_futex+0x249/0x26d0 [ 360.654137] ? rcu_bh_qs+0xc0/0xc0 [ 360.654157] ? rcu_bh_qs+0xc0/0xc0 [ 360.654179] ? unwind_dump+0x190/0x190 [ 360.654209] ? find_held_lock+0x36/0x1c0 [ 360.654239] ? __fget+0x4aa/0x740 [ 360.654260] ? lock_downgrade+0x900/0x900 [ 360.654282] ? check_preemption_disabled+0x48/0x200 [ 360.654306] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 360.654325] ? kasan_check_read+0x11/0x20 [ 360.654347] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 360.654367] ? rcu_bh_qs+0xc0/0xc0 [ 360.654417] ? __fget+0x4d1/0x740 [ 360.654448] ? ksys_dup3+0x680/0x680 [ 360.654477] evdev_ioctl_handler+0x144/0x1a0 [ 360.654505] evdev_ioctl+0x27/0x2e [ 360.654526] ? evdev_ioctl_compat+0x30/0x30 [ 360.654546] do_vfs_ioctl+0x1de/0x1720 [ 360.654577] ? ioctl_preallocate+0x300/0x300 [ 360.654597] ? __fget_light+0x2e9/0x430 [ 360.654618] ? fget_raw+0x20/0x20 [ 360.654638] ? _copy_to_user+0xc8/0x110 [ 360.654659] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 360.654679] ? put_timespec64+0x10f/0x1b0 [ 360.654699] ? nsecs_to_jiffies+0x30/0x30 [ 360.654720] ? do_syscall_64+0x9a/0x820 [ 360.654741] ? do_syscall_64+0x9a/0x820 [ 360.654761] ? lockdep_hardirqs_on+0x421/0x5c0 [ 360.654782] ? security_file_ioctl+0x94/0xc0 [ 360.654812] ksys_ioctl+0xa9/0xd0 [ 360.654841] __x64_sys_ioctl+0x73/0xb0 [ 360.654862] do_syscall_64+0x1b9/0x820 [ 360.654897] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 360.654921] ? syscall_return_slowpath+0x5e0/0x5e0 [ 360.654944] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.654965] ? trace_hardirqs_on_caller+0x310/0x310 [ 360.654987] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 360.655010] ? prepare_exit_to_usermode+0x291/0x3b0 [ 360.655041] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.655071] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.655088] RIP: 0033:0x457579 [ 360.655109] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 360.655123] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.655151] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 360.655167] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 [ 360.655183] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 13:47:17 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = memfd_create(&(0x7f0000000040)="000276d43857a72667ae19eae24522680b00000000000000000000", 0x0) r2 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x101801) r3 = dup2(r2, r1) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000080)={0x0, 0x0, 0x0, 'queue1\x00'}) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x12000, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f000002b000)={0x0, 0x0, 0x0, "9ef17a8c5ae95ec86760de884e9740474a13eea165c0322901dc6bd36cde2c51d41b7f0b014f9f91eeb7c37c7340f476c8d753d000aa8faf8fb574dbcda6dc4d"}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(0xffffffffffffffff, 0xc0505350, &(0x7f00000002c0)={{}, {}, 0x0, 0x0, 0x5}) write$sndseq(r1, &(0x7f0000000080), 0xffffff17) [ 360.655199] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 360.655215] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 360.881960] FAULT_FLAG_ALLOW_RETRY missing 30 [ 360.881982] CPU: 0 PID: 12130 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 360.881992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.881998] Call Trace: [ 360.882028] dump_stack+0x1c4/0x2b4 [ 360.882053] ? dump_stack_print_info.cold.2+0x52/0x52 [ 360.882073] ? kasan_check_write+0x14/0x20 [ 360.882095] ? do_raw_spin_lock+0xc1/0x200 [ 360.882126] handle_userfault.cold.33+0x47/0x62 [ 360.882172] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 360.882191] ? mark_held_locks+0x130/0x130 [ 360.882208] ? mark_held_locks+0x130/0x130 [ 360.882248] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.882269] ? print_usage_bug+0xc0/0xc0 [ 360.882288] ? print_usage_bug+0xc0/0xc0 [ 360.882307] ? select_task_rq_fair+0x3490/0x34f0 [ 360.882335] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.882356] ? check_preemption_disabled+0x48/0x200 [ 360.882376] ? graph_lock+0x170/0x170 [ 360.882400] ? __lock_acquire+0x7ec/0x4ec0 [ 360.882419] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.882447] ? find_held_lock+0x36/0x1c0 [ 360.882477] ? __handle_mm_fault+0x45dc/0x53e0 [ 360.882496] ? lock_downgrade+0x900/0x900 [ 360.882521] ? kasan_check_read+0x11/0x20 [ 360.882540] ? do_raw_spin_unlock+0xa7/0x2f0 [ 360.882559] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 360.882579] ? kasan_check_write+0x14/0x20 [ 360.882597] ? do_raw_spin_lock+0xc1/0x200 [ 360.882626] __handle_mm_fault+0x45ed/0x53e0 [ 360.882656] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 360.882673] ? graph_lock+0x170/0x170 [ 360.882690] ? print_usage_bug+0xc0/0xc0 [ 360.882705] ? __switch_to_asm+0x40/0x70 [ 360.882718] ? __switch_to_asm+0x34/0x70 [ 360.882731] ? __switch_to_asm+0x40/0x70 [ 360.882749] ? graph_lock+0x170/0x170 [ 360.882765] ? graph_lock+0x170/0x170 [ 360.882807] ? handle_mm_fault+0x42a/0xc70 [ 360.882824] ? lock_downgrade+0x900/0x900 [ 360.882840] ? check_preemption_disabled+0x48/0x200 [ 360.882864] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 360.882899] ? kasan_check_read+0x11/0x20 [ 360.882922] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 360.882942] ? rcu_bh_qs+0xc0/0xc0 [ 360.882962] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 360.882979] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 360.883001] ? check_preemption_disabled+0x48/0x200 [ 360.883033] handle_mm_fault+0x54f/0xc70 [ 360.883059] ? __handle_mm_fault+0x53e0/0x53e0 [ 360.883084] ? find_vma+0x34/0x190 [ 360.883112] __do_page_fault+0x67d/0xed0 [ 360.883143] ? mm_fault_error+0x380/0x380 [ 360.883164] ? graph_lock+0x170/0x170 [ 360.883181] ? migrate_swap_stop+0x930/0x930 [ 360.883208] do_page_fault+0xf2/0x7e0 [ 360.883229] ? vmalloc_sync_all+0x30/0x30 [ 360.883248] ? error_entry+0x76/0xd0 [ 360.883268] ? trace_hardirqs_off_caller+0xbb/0x310 [ 360.883290] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.883310] ? trace_hardirqs_on_caller+0x310/0x310 [ 360.883346] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.883373] page_fault+0x1e/0x30 [ 360.883393] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 360.883415] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 360.883425] RSP: 0018:ffff8801870cf7f0 EFLAGS: 00010202 [ 360.883442] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 360.883455] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff8801870cf890 [ 360.883467] RBP: ffff8801870cf828 R08: ffffed0030e19f13 R09: ffffed0030e19f12 [ 360.883478] R10: ffffed0030e19f12 R11: 0000000000000003 R12: 0000000020013004 [ 360.883491] R13: 0000000020013000 R14: ffff8801870cf890 R15: 00007ffffffff000 [ 360.883534] ? _copy_from_user+0x10d/0x150 [ 360.883558] evdev_do_ioctl+0xb51/0x2180 [ 360.883585] ? str_to_user+0x90/0x90 [ 360.883605] ? graph_lock+0x170/0x170 [ 360.883626] ? do_futex+0x249/0x26d0 [ 360.883648] ? rcu_bh_qs+0xc0/0xc0 [ 360.883667] ? rcu_bh_qs+0xc0/0xc0 [ 360.883681] ? unwind_dump+0x190/0x190 [ 360.883710] ? find_held_lock+0x36/0x1c0 [ 360.883737] ? __fget+0x4aa/0x740 [ 360.883756] ? lock_downgrade+0x900/0x900 [ 360.883775] ? check_preemption_disabled+0x48/0x200 [ 360.883804] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 360.883818] ? kasan_check_read+0x11/0x20 [ 360.883839] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 360.883859] ? rcu_bh_qs+0xc0/0xc0 [ 360.883916] ? __fget+0x4d1/0x740 [ 360.883947] ? ksys_dup3+0x680/0x680 [ 360.883976] evdev_ioctl_handler+0x144/0x1a0 [ 360.884000] evdev_ioctl+0x27/0x2e [ 360.884019] ? evdev_ioctl_compat+0x30/0x30 [ 360.884039] do_vfs_ioctl+0x1de/0x1720 [ 360.884066] ? ioctl_preallocate+0x300/0x300 [ 360.884086] ? __fget_light+0x2e9/0x430 [ 360.884105] ? fget_raw+0x20/0x20 [ 360.884122] ? _copy_to_user+0xc8/0x110 [ 360.884147] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 360.884169] ? put_timespec64+0x10f/0x1b0 [ 360.884190] ? nsecs_to_jiffies+0x30/0x30 [ 360.884213] ? do_syscall_64+0x9a/0x820 [ 360.884233] ? do_syscall_64+0x9a/0x820 [ 360.884253] ? lockdep_hardirqs_on+0x421/0x5c0 [ 360.884275] ? security_file_ioctl+0x94/0xc0 [ 360.884298] ksys_ioctl+0xa9/0xd0 [ 360.884323] __x64_sys_ioctl+0x73/0xb0 [ 360.884346] do_syscall_64+0x1b9/0x820 [ 360.884363] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 360.884386] ? syscall_return_slowpath+0x5e0/0x5e0 [ 360.884407] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.884428] ? trace_hardirqs_on_caller+0x310/0x310 [ 360.884449] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 360.884469] ? prepare_exit_to_usermode+0x291/0x3b0 [ 360.884494] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.884521] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.884536] RIP: 0033:0x457579 [ 360.884555] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 360.884565] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.884585] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 360.884597] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000005 [ 360.884607] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 360.884618] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 360.884630] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:18 executing program 3: r0 = getpgrp(0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x11, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000200)='tls\x00', 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000100), 0x28) recvmmsg(r1, &(0x7f0000004bc0)=[{{&(0x7f0000004940)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000004a80), 0x0, &(0x7f0000004ac0)=""/197, 0xc5}}], 0x1300, 0x0, &(0x7f0000004dc0)={0x77359400}) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000180)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r2, 0x15) ioprio_get$pid(0x2, r0) 13:47:18 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000005c0), &(0x7f0000000280)=0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xd, 0xffffffffffffffff) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x3ff, 0x2002) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs={0x1, 0x0, 0x4e21}, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x3}, 0xa0) r3 = openat$cgroup_ro(r2, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) fcntl$setown(r2, 0x8, r1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz0\x00', 0x1ff) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x9, 0x20}, &(0x7f0000000140)=0xb) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/syz0\x00', 0x1ff) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000003c0), 0x4) ioctl$RTC_PIE_ON(r2, 0x7005) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000540)='/dev/loop-control\x00', 0x101000, 0x0) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) getresuid(&(0x7f0000000440), &(0x7f0000000600), &(0x7f0000000640)) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f00000007c0)={0x0, {{0x2, 0x4e24, @rand_addr=0xff0000000}}}, 0x88) r5 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_ADD(r4, 0x4c80, r5) mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8010, r0, 0x0) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0) bind$alg(r6, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-serpent-sse2\x00'}, 0x58) ioctl$BINDER_GET_NODE_DEBUG_INFO(r6, 0xc018620b, &(0x7f00000002c0)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f00000000c0)={r7}) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000480)={0x0, @in={{0x2, 0x0, @broadcast}}}, 0x84) ioctl$HDIO_GETGEO(r3, 0x301, &(0x7f0000000240)) socket$inet6_tcp(0xa, 0x1, 0x0) 13:47:18 executing program 2: r0 = socket$inet6(0xa, 0x100040000080806, 0x0) socket$can_raw(0x1d, 0x3, 0x1) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x7) r1 = socket$inet6(0xa, 0x6, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000f68000)={@loopback, 0x800, 0x0, 0xff, 0x1}, 0x20) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x6, 0x4) setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f000089b000)=0xffffffffffffffff, 0x4) connect$inet6(r1, &(0x7f000000cfe4)={0xa, 0x4e20, 0x807}, 0x1c) 13:47:18 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) vmsplice(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="7eb8c5ff12867245e846f472741ce195f44f4b867cb7d2abf6025f278e2a1558511a6a40eea04d4652a96d5b9ad08d2e8c19dfd1bf470f6a7630d5d430f98f1fc87994130ed103a1a2bd3b53353611dbc6263418a271b0afef916a8dd893d721558dfa75e38fed401a285f8479cea3948107b2c07d5eee7989b5d2e3fb514df6124008c7af5bc9767f17464ba554792fe56d233822cf059d5b655451d76b603513d0d8a757407a6288b5b83400399f49903c84a4ae5f6c2bc8a3352fd757", 0xbe}], 0x1, 0xc) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:18 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x7fff, 0x10000) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e22, 0x2, @mcast1, 0x4}, @in6={0xa, 0x4e23, 0x5, @mcast1, 0x8001}, @in6={0xa, 0x4e23, 0xfffffffffffeffff, @local, 0x6}, @in6={0xa, 0x4e21, 0x8, @mcast2, 0x8}, @in={0x2, 0x4e24, @broadcast}, @in6={0xa, 0x4e23, 0x101, @local, 0x1ff}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e20, 0x4, @ipv4={[], [], @remote}, 0x7}, @in6={0xa, 0x4e22, 0x3, @dev={0xfe, 0x80, [], 0xe}, 0x3f}, @in={0x2, 0x4e24, @local}], 0xf4) sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000000480), 0xc, &(0x7f0000000440)={&(0x7f0000000180)=ANY=[@ANYBLOB="0000040aaf3dcaeaab8f77b8207b1d0ab1e51a432b17481e6e820fc1fb351d663fac86b742aa61842f4fd8effb06bad8f55c9a96f5b9f5a3355fd32bf4169bc5cf870751210af234a471a80222ef7987356b7711ca7987e53f689a496869736be34c0ecd10521f47727c052c14ee7d3c1002e5e193af375ea21a0b940be912690fac13d0c2d4162b2365c1fc22cafa842a63cbab6030b166c13f510b1dd9e6722702ebf2db924fbd69f9a9c95ddf3762fdde560c0f78b5813eda34d37ac36ed1cd33349e2db13d9a460a79420cff3205e7e072ddd7c2f2f970eadbfbc392"], 0x1}}, 0x0) 13:47:18 executing program 2: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x406000, 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0xc008af12, &(0x7f0000000080)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x14, 0x28, 0xb01, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0x80045500, &(0x7f0000000180)) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000380)=""/131) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e24, @multicast2}}, [0x3, 0x9, 0xdb, 0x0, 0x3, 0x1000, 0x8000, 0x401, 0x2, 0x0, 0x4, 0x6, 0x4, 0x95ae, 0x7]}, &(0x7f00000002c0)=0x100) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000440)={'veth0_to_team\x00', @random="bcb711469e62"}) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000300)={r2, 0x2}, &(0x7f0000000340)=0x8) 13:47:18 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0xc0045878, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 362.718861] FAULT_FLAG_ALLOW_RETRY missing 30 13:47:18 executing program 0: socket$inet_sctp(0x2, 0x2000000000005, 0x84) 13:47:18 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_type(r0, &(0x7f00000000c0)='threaded\x00', 0x9) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$sock_int(r1, 0x1, 0x200000010, &(0x7f0000000080)=0x5, 0x4) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x4, 0x40000) socket$netlink(0x10, 0x3, 0x12) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffff9c, 0x84, 0x1d, &(0x7f00000001c0)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000240)=0x20) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000280)={r4, 0x27, "93cfb1f7340d88912a33bed887e3bd8143050d2d62c2659e3b634d61b244030f87af48d80f60d8"}, &(0x7f00000002c0)=0x2f) ioctl$IOC_PR_RESERVE(r3, 0x401070c9, &(0x7f0000000140)={0x80000001, 0x100000001}) recvmsg(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000340)=""/148, 0x94}, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000300)={0xf000, 0x100000}) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r3, 0x4010ae74, &(0x7f0000000180)={0x5693, 0x5, 0xc7}) [ 362.756046] CPU: 0 PID: 12178 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 362.763649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 362.773019] Call Trace: [ 362.775643] dump_stack+0x1c4/0x2b4 [ 362.779297] ? dump_stack_print_info.cold.2+0x52/0x52 [ 362.784507] ? kasan_check_write+0x14/0x20 [ 362.788771] ? do_raw_spin_lock+0xc1/0x200 [ 362.793046] handle_userfault.cold.33+0x47/0x62 [ 362.797758] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 362.802359] ? mark_held_locks+0x130/0x130 [ 362.806606] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 362.812168] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 362.817553] ? select_task_rq_fair+0x34f0/0x34f0 [ 362.822315] ? reweight_task+0x130/0x130 [ 362.826397] ? print_usage_bug+0xc0/0xc0 [ 362.830454] ? print_usage_bug+0xc0/0xc0 [ 362.834514] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 362.840062] ? find_held_lock+0x36/0x1c0 [ 362.844151] ? graph_lock+0x170/0x170 [ 362.847982] ? __lock_acquire+0x7ec/0x4ec0 [ 362.852236] ? _raw_spin_unlock_irq+0x27/0x80 13:47:18 executing program 2: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r2 = accept$nfc_llcp(0xffffffffffffff9c, 0x0, &(0x7f0000000040)) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000000c0)={{{@in=@remote, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@dev}}, &(0x7f00000001c0)=0xe8) r4 = getegid() setsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000200)={r1, r3, r4}, 0xc) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x4207, r1) ptrace$peek(0x2, r1, &(0x7f0000000640)) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)={0x0, @aes128, 0x0, "56bc3956f9126ba3"}) [ 362.856752] ? _raw_spin_unlock_irq+0x27/0x80 [ 362.861267] ? lockdep_hardirqs_on+0x421/0x5c0 [ 362.865868] ? find_held_lock+0x36/0x1c0 [ 362.869980] ? __handle_mm_fault+0x45dc/0x53e0 [ 362.874582] ? lock_downgrade+0x900/0x900 [ 362.878761] ? kasan_check_read+0x11/0x20 [ 362.882944] ? do_raw_spin_unlock+0xa7/0x2f0 [ 362.887362] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 362.891940] ? kasan_check_write+0x14/0x20 [ 362.896166] ? do_raw_spin_lock+0xc1/0x200 [ 362.900417] __handle_mm_fault+0x45ed/0x53e0 [ 362.904858] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 362.909732] ? graph_lock+0x170/0x170 [ 362.913547] ? print_usage_bug+0xc0/0xc0 [ 362.917613] ? graph_lock+0x170/0x170 [ 362.921427] ? graph_lock+0x170/0x170 [ 362.925231] ? handle_mm_fault+0x42a/0xc70 [ 362.929469] ? lock_downgrade+0x900/0x900 [ 362.939932] ? check_preemption_disabled+0x48/0x200 [ 362.944992] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 362.950781] ? kasan_check_read+0x11/0x20 [ 362.954926] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 362.960206] ? rcu_bh_qs+0xc0/0xc0 [ 362.963756] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 362.969201] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 362.974748] ? check_preemption_disabled+0x48/0x200 [ 362.979770] handle_mm_fault+0x54f/0xc70 [ 362.983888] ? __handle_mm_fault+0x53e0/0x53e0 [ 362.988488] ? find_vma+0x34/0x190 [ 362.992050] __do_page_fault+0x67d/0xed0 [ 362.996126] ? mm_fault_error+0x380/0x380 [ 363.000277] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 363.005339] ? graph_lock+0x170/0x170 [ 363.009155] do_page_fault+0xf2/0x7e0 [ 363.012951] ? vmalloc_sync_all+0x30/0x30 [ 363.017096] ? error_entry+0x76/0xd0 [ 363.020805] ? trace_hardirqs_off_caller+0xbb/0x310 [ 363.025827] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.030685] ? trace_hardirqs_on_caller+0x310/0x310 [ 363.035717] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.040583] page_fault+0x1e/0x30 [ 363.044048] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 363.049666] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 363.068559] RSP: 0018:ffff880183dff7f0 EFLAGS: 00010202 [ 363.073916] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 363.081181] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880183dff890 [ 363.088441] RBP: ffff880183dff828 R08: ffffed00307bff13 R09: ffffed00307bff12 [ 363.095712] R10: ffffed00307bff12 R11: 0000000000000003 R12: 0000000020013004 [ 363.102984] R13: 0000000020013000 R14: ffff880183dff890 R15: 00007ffffffff000 [ 363.110289] ? _copy_from_user+0x10d/0x150 [ 363.114536] evdev_do_ioctl+0xb51/0x2180 [ 363.118611] ? str_to_user+0x90/0x90 [ 363.122353] ? graph_lock+0x170/0x170 [ 363.126159] ? do_futex+0x249/0x26d0 [ 363.129898] ? rcu_bh_qs+0xc0/0xc0 [ 363.133459] ? rcu_bh_qs+0xc0/0xc0 [ 363.137007] ? unwind_dump+0x190/0x190 [ 363.140903] ? find_held_lock+0x36/0x1c0 [ 363.144968] ? __fget+0x4aa/0x740 [ 363.148418] ? lock_downgrade+0x900/0x900 [ 363.152580] ? check_preemption_disabled+0x48/0x200 [ 363.157605] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 363.163396] ? kasan_check_read+0x11/0x20 [ 363.167572] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 363.172853] ? rcu_bh_qs+0xc0/0xc0 [ 363.176401] ? __fget+0x4d1/0x740 [ 363.179855] ? ksys_dup3+0x680/0x680 [ 363.183601] evdev_ioctl_handler+0x144/0x1a0 [ 363.188028] evdev_ioctl+0x27/0x2e [ 363.191579] ? evdev_ioctl_compat+0x30/0x30 [ 363.195930] do_vfs_ioctl+0x1de/0x1720 [ 363.199831] ? ioctl_preallocate+0x300/0x300 [ 363.204245] ? __fget_light+0x2e9/0x430 [ 363.208224] ? fget_raw+0x20/0x20 [ 363.211668] ? _copy_to_user+0xc8/0x110 [ 363.215654] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 363.221210] ? put_timespec64+0x10f/0x1b0 [ 363.225359] ? nsecs_to_jiffies+0x30/0x30 [ 363.229514] ? do_syscall_64+0x9a/0x820 [ 363.233497] ? do_syscall_64+0x9a/0x820 [ 363.237477] ? lockdep_hardirqs_on+0x421/0x5c0 [ 363.242075] ? security_file_ioctl+0x94/0xc0 [ 363.246494] ksys_ioctl+0xa9/0xd0 [ 363.249972] __x64_sys_ioctl+0x73/0xb0 [ 363.253869] do_syscall_64+0x1b9/0x820 [ 363.257774] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 363.263145] ? syscall_return_slowpath+0x5e0/0x5e0 [ 363.268085] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.272932] ? trace_hardirqs_on_caller+0x310/0x310 [ 363.277960] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 363.282973] ? prepare_exit_to_usermode+0x291/0x3b0 [ 363.287990] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.292846] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.298037] RIP: 0033:0x457579 [ 363.301243] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 363.320158] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 363.327903] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 363.335181] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 [ 363.342459] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 363.349741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 363.357058] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:19 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40104593, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:19 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000000)='proc\x00', 0x2) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x8}) r1 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r2, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r1) 13:47:19 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r2 = getpid() getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0xc) removexattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=@known='com.apple.FinderInfo\x00') socket$nl_netfilter(0x10, 0x3, 0xc) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x80, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno'}}) sched_setscheduler(r2, 0x5, &(0x7f0000000200)) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000100)={0x0, @in6, 0x0, 0x0, 0x0, 0x0, 0xe4}, &(0x7f00000001c0)=0x98) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000080)={0x0, 0x7fffffff, 0x7}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x24, &(0x7f0000000240), 0x0) 13:47:19 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000005c0), &(0x7f0000000280)=0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xd, 0xffffffffffffffff) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x3ff, 0x2002) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs={0x1, 0x0, 0x4e21}, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x3}, 0xa0) r3 = openat$cgroup_ro(r2, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) fcntl$setown(r2, 0x8, r1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz0\x00', 0x1ff) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x9, 0x20}, &(0x7f0000000140)=0xb) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/syz0\x00', 0x1ff) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000003c0), 0x4) ioctl$RTC_PIE_ON(r2, 0x7005) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000540)='/dev/loop-control\x00', 0x101000, 0x0) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) getresuid(&(0x7f0000000440), &(0x7f0000000600), &(0x7f0000000640)) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f00000007c0)={0x0, {{0x2, 0x4e24, @rand_addr=0xff0000000}}}, 0x88) r5 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_ADD(r4, 0x4c80, r5) mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8010, r0, 0x0) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0) bind$alg(r6, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-serpent-sse2\x00'}, 0x58) ioctl$BINDER_GET_NODE_DEBUG_INFO(r6, 0xc018620b, &(0x7f00000002c0)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f00000000c0)={r7}) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000480)={0x0, @in={{0x2, 0x0, @broadcast}}}, 0x84) ioctl$HDIO_GETGEO(r3, 0x301, &(0x7f0000000240)) socket$inet6_tcp(0xa, 0x1, 0x0) 13:47:19 executing program 0: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000400)='/dev/uinput\x00', 0x0, 0x0) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000140)) ioctl$UI_BEGIN_FF_ERASE(r0, 0x4004556d, &(0x7f0000000040)) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x100) 13:47:19 executing program 3: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) listen(r1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) connect(r2, &(0x7f0000931ff4)=@un=@file={0x1, "e91f7189591e9233614b00"}, 0xc) connect(r0, &(0x7f0000987ff4)=@un=@file={0x1, "e91f7189591e9233614b00"}, 0xc) r3 = gettid() timer_create(0x0, &(0x7f0000000000)={0x0, 0x16, 0x1000001, @tid=r3}, &(0x7f0000000140)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, &(0x7f0000040000)) tkill(r3, 0x1000000000013) listen(r1, 0x131) [ 363.695431] FAULT_FLAG_ALLOW_RETRY missing 30 [ 363.708789] CPU: 1 PID: 12218 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 363.716184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.725549] Call Trace: [ 363.728163] dump_stack+0x1c4/0x2b4 [ 363.731820] ? dump_stack_print_info.cold.2+0x52/0x52 [ 363.737035] ? kasan_check_write+0x14/0x20 [ 363.741317] ? do_raw_spin_lock+0xc1/0x200 [ 363.741352] handle_userfault.cold.33+0x47/0x62 [ 363.750266] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 363.754874] ? mark_held_locks+0x130/0x130 [ 363.759144] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 363.764703] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 363.770096] ? select_task_rq_fair+0x34f0/0x34f0 [ 363.774869] ? reweight_task+0x130/0x130 [ 363.774915] ? print_usage_bug+0xc0/0xc0 [ 363.774936] ? print_usage_bug+0xc0/0xc0 [ 363.774956] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 363.787152] ? find_held_lock+0x36/0x1c0 [ 363.787172] ? graph_lock+0x170/0x170 [ 363.787196] ? __lock_acquire+0x7ec/0x4ec0 [ 363.804820] ? _raw_spin_unlock_irq+0x27/0x80 [ 363.809340] ? _raw_spin_unlock_irq+0x27/0x80 [ 363.813857] ? lockdep_hardirqs_on+0x421/0x5c0 [ 363.818470] ? find_held_lock+0x36/0x1c0 [ 363.818503] ? __handle_mm_fault+0x45dc/0x53e0 [ 363.818522] ? lock_downgrade+0x900/0x900 [ 363.818548] ? kasan_check_read+0x11/0x20 [ 363.818565] ? do_raw_spin_unlock+0xa7/0x2f0 [ 363.818585] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 363.818604] ? kasan_check_write+0x14/0x20 [ 363.818621] ? do_raw_spin_lock+0xc1/0x200 [ 363.818648] __handle_mm_fault+0x45ed/0x53e0 [ 363.818675] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 363.818689] ? graph_lock+0x170/0x170 [ 363.818702] ? print_usage_bug+0xc0/0xc0 [ 363.818718] ? graph_lock+0x170/0x170 [ 363.818729] ? graph_lock+0x170/0x170 [ 363.818764] ? handle_mm_fault+0x42a/0xc70 [ 363.844930] ? lock_downgrade+0x900/0x900 [ 363.844952] ? check_preemption_disabled+0x48/0x200 [ 363.844979] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 363.844994] ? kasan_check_read+0x11/0x20 [ 363.845012] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 363.845031] ? rcu_bh_qs+0xc0/0xc0 [ 363.845049] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 363.845069] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 363.845088] ? check_preemption_disabled+0x48/0x200 [ 363.845114] handle_mm_fault+0x54f/0xc70 [ 363.866619] ? __handle_mm_fault+0x53e0/0x53e0 [ 363.866640] ? find_vma+0x34/0x190 [ 363.866666] __do_page_fault+0x67d/0xed0 13:47:19 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000000), 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x103, 0x0) r2 = syz_open_dev$sndtimer(&(0x7f0000000100)='/dev/snd/timer\x00', 0x0, 0x38) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0) r5 = syz_open_dev$admmidi(&(0x7f00000002c0)='/dev/admmidi#\x00', 0x7, 0x400) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0}, &(0x7f0000000440)=0x8) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000480)={r6, 0x3}, 0x8) ioctl$UI_SET_FFBIT(r1, 0x4004556b, 0x4000001c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000f00)={{{@in6, @in6=@ipv4={[], [], @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000002040)=0xe8) r8 = getuid() setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000002080)={{{@in6, @in, 0x4e23, 0x7, 0x4e21, 0x81, 0xa, 0x80, 0x0, 0x8, r7, r8}, {0x7, 0xfffffffffffffff7, 0x429, 0x3, 0x7, 0x955c, 0x1, 0x7}, {0x7, 0xfffffffffffffff8, 0x1, 0x6}, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1}, {{@in6=@local, 0x4d4, 0x7f}, 0xa, @in6=@mcast2, 0x3507, 0x7, 0x3, 0x400, 0x8, 0x3, 0x3f5}}, 0xe8) setsockopt$inet_mreqn(r4, 0x0, 0xe368adb30c792f1f, &(0x7f0000000340)={@local, @local}, 0xc) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) ioctl$TIOCGSID(r4, 0x5429, &(0x7f0000000100)=0x0) getpeername$unix(r4, &(0x7f00000003c0)=@abs, &(0x7f0000000600)=0x6e) ioctl$sock_SIOCSPGRP(r3, 0x8902, &(0x7f0000000180)=r9) openat$cgroup_procs(r4, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, &(0x7f0000000580), &(0x7f00000005c0)=0xc) unshare(0x40000000) ioctl$sock_ifreq(0xffffffffffffffff, 0x0, &(0x7f0000000040)={'tunl0\x00', @ifru_names='bridge0\x00'}) ioctl$KVM_PPC_GET_SMMU_INFO(r4, 0x8250aea6, &(0x7f0000001040)=""/4096) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000001000)={{0x3}}) ioctl(r0, 0x2, &(0x7f0000000000)="025cc807") r10 = fcntl$getown(r1, 0x9) ptrace(0x421f, r10) clock_gettime(0x0, &(0x7f0000000080)) 13:47:19 executing program 2: r0 = inotify_init() ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000000)) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000001b80)={0x26, 'skcipher\x00', 0x0, 0x0, 'salsa20\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a933d66593ae164c990a0028e", 0x10) r2 = accept$alg(r1, 0x0, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0x100000182) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f0000002900)=""/4096, 0xfffffe6d}], 0x1, &(0x7f0000001400)=""/123, 0x7b}, 0x0) socketpair$inet6(0xa, 0x1, 0x114f, &(0x7f0000000980)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername(r1, &(0x7f0000001200)=@can={0x1d, 0x0}, &(0x7f0000001280)=0x80) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000012c0)={@mcast1, 0x59, r4}) [ 363.866693] ? mm_fault_error+0x380/0x380 [ 363.866709] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 363.866727] ? graph_lock+0x170/0x170 [ 363.874596] do_page_fault+0xf2/0x7e0 [ 363.874617] ? vmalloc_sync_all+0x30/0x30 [ 363.874637] ? error_entry+0x76/0xd0 [ 363.874656] ? trace_hardirqs_off_caller+0xbb/0x310 [ 363.874677] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.874696] ? trace_hardirqs_on_caller+0x310/0x310 [ 363.874730] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.874755] page_fault+0x1e/0x30 [ 363.882786] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 363.882804] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 363.882813] RSP: 0018:ffff880185bd77f0 EFLAGS: 00010202 [ 363.882829] RAX: ffffed0030b7af1c RBX: 0000000000000010 RCX: 0000000000000002 [ 363.882840] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff880185bd78d0 [ 363.882851] RBP: ffff880185bd7828 R08: ffffed0030b7af1c R09: ffffed0030b7af1a [ 363.882861] R10: ffffed0030b7af1b R11: ffff880185bd78df R12: 0000000020013010 [ 363.882872] R13: 0000000020013000 R14: ffff880185bd78d0 R15: 00007ffffffff000 [ 363.882924] ? _copy_from_user+0x10d/0x150 [ 363.882948] evdev_do_ioctl+0x1027/0x2180 [ 363.882972] ? str_to_user+0x90/0x90 [ 363.882990] ? graph_lock+0x170/0x170 [ 363.883013] ? do_futex+0x249/0x26d0 [ 364.077212] ? rcu_bh_qs+0xc0/0xc0 [ 364.080770] ? rcu_bh_qs+0xc0/0xc0 [ 364.084350] ? unwind_dump+0x190/0x190 [ 364.088260] ? find_held_lock+0x36/0x1c0 [ 364.092348] ? __fget+0x4aa/0x740 [ 364.095819] ? lock_downgrade+0x900/0x900 [ 364.099990] ? check_preemption_disabled+0x48/0x200 [ 364.105034] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 364.110849] ? kasan_check_read+0x11/0x20 [ 364.115031] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 364.120338] ? rcu_bh_qs+0xc0/0xc0 [ 364.123931] ? __fget+0x4d1/0x740 [ 364.127421] ? ksys_dup3+0x680/0x680 [ 364.131162] evdev_ioctl_handler+0x144/0x1a0 [ 364.135592] evdev_ioctl+0x27/0x2e [ 364.139151] ? evdev_ioctl_compat+0x30/0x30 [ 364.143487] do_vfs_ioctl+0x1de/0x1720 [ 364.147406] ? ioctl_preallocate+0x300/0x300 [ 364.151834] ? __fget_light+0x2e9/0x430 [ 364.155823] ? fget_raw+0x20/0x20 [ 364.159290] ? _copy_to_user+0xc8/0x110 [ 364.163297] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 364.168863] ? put_timespec64+0x10f/0x1b0 [ 364.173037] ? nsecs_to_jiffies+0x30/0x30 [ 364.177206] ? do_syscall_64+0x9a/0x820 [ 364.181195] ? do_syscall_64+0x9a/0x820 [ 364.185191] ? lockdep_hardirqs_on+0x421/0x5c0 [ 364.189797] ? security_file_ioctl+0x94/0xc0 [ 364.194233] ksys_ioctl+0xa9/0xd0 [ 364.196460] IPVS: ftp: loaded support on port[0] = 21 [ 364.197705] __x64_sys_ioctl+0x73/0xb0 [ 364.197748] do_syscall_64+0x1b9/0x820 [ 364.197771] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 364.216147] ? syscall_return_slowpath+0x5e0/0x5e0 [ 364.221088] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.225948] ? trace_hardirqs_on_caller+0x310/0x310 [ 364.230992] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 364.236035] ? prepare_exit_to_usermode+0x291/0x3b0 [ 364.241074] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.246029] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.251230] RIP: 0033:0x457579 [ 364.254436] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 364.273350] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 364.281079] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 364.281089] RDX: 0000000020013000 RSI: 0000000040104593 RDI: 0000000000000004 [ 364.281098] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 364.281107] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 364.281117] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 364.366228] FAULT_FLAG_ALLOW_RETRY missing 30 [ 364.372319] CPU: 1 PID: 12227 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 364.379699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.379707] Call Trace: [ 364.379739] dump_stack+0x1c4/0x2b4 [ 364.379767] ? dump_stack_print_info.cold.2+0x52/0x52 [ 364.379786] ? kasan_check_write+0x14/0x20 [ 364.379816] ? do_raw_spin_lock+0xc1/0x200 [ 364.391793] handle_userfault.cold.33+0x47/0x62 [ 364.391825] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 364.400645] ? mark_held_locks+0x130/0x130 [ 364.400665] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 364.400685] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 364.400706] ? select_task_rq_fair+0x34f0/0x34f0 [ 364.400724] ? reweight_task+0x130/0x130 [ 364.409200] ? print_usage_bug+0xc0/0xc0 [ 364.409220] ? print_usage_bug+0xc0/0xc0 [ 364.409241] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 364.409266] ? find_held_lock+0x36/0x1c0 [ 364.409285] ? graph_lock+0x170/0x170 [ 364.409309] ? __lock_acquire+0x7ec/0x4ec0 [ 364.409326] ? _raw_spin_unlock_irq+0x27/0x80 [ 364.409341] ? _raw_spin_unlock_irq+0x27/0x80 [ 364.409358] ? lockdep_hardirqs_on+0x421/0x5c0 [ 364.409380] ? find_held_lock+0x36/0x1c0 [ 364.409417] ? __handle_mm_fault+0x45dc/0x53e0 [ 364.409434] ? lock_downgrade+0x900/0x900 [ 364.409458] ? kasan_check_read+0x11/0x20 [ 364.409476] ? do_raw_spin_unlock+0xa7/0x2f0 [ 364.409496] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 364.422971] ? kasan_check_write+0x14/0x20 [ 364.422991] ? do_raw_spin_lock+0xc1/0x200 [ 364.423030] __handle_mm_fault+0x45ed/0x53e0 [ 364.433943] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 364.433961] ? graph_lock+0x170/0x170 [ 364.433978] ? print_usage_bug+0xc0/0xc0 [ 364.433997] ? graph_lock+0x170/0x170 [ 364.434012] ? graph_lock+0x170/0x170 [ 364.434051] ? handle_mm_fault+0x42a/0xc70 [ 364.434070] ? lock_downgrade+0x900/0x900 [ 364.456551] ? check_preemption_disabled+0x48/0x200 [ 364.482189] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 364.482204] ? kasan_check_read+0x11/0x20 [ 364.482222] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 364.482243] ? rcu_bh_qs+0xc0/0xc0 [ 364.490925] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 364.490944] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 364.490963] ? check_preemption_disabled+0x48/0x200 [ 364.490991] handle_mm_fault+0x54f/0xc70 [ 364.491012] ? __handle_mm_fault+0x53e0/0x53e0 [ 364.499300] ? find_vma+0x34/0x190 [ 364.499325] __do_page_fault+0x67d/0xed0 [ 364.499353] ? mm_fault_error+0x380/0x380 [ 364.499369] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 364.499388] ? graph_lock+0x170/0x170 [ 364.499421] do_page_fault+0xf2/0x7e0 [ 364.499440] ? vmalloc_sync_all+0x30/0x30 [ 364.499460] ? error_entry+0x76/0xd0 [ 364.499478] ? trace_hardirqs_off_caller+0xbb/0x310 [ 364.499499] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.499518] ? trace_hardirqs_on_caller+0x310/0x310 [ 364.508516] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.508548] page_fault+0x1e/0x30 [ 364.517036] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 364.517055] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 364.517064] RSP: 0018:ffff8801813377f0 EFLAGS: 00010202 [ 364.517079] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 364.517089] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880181337890 [ 364.517099] RBP: ffff880181337828 R08: ffffed0030266f13 R09: ffffed0030266f12 13:47:20 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffff7fffff}, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x7003, 0x6c00000000000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000240)="5500000018007f5e00fe01b2a4a280930a600800ffa84302910000002d00090023000c000b0000000d000500fe8000000000c78b80082314e9030b9d566885b167320b00dc1338d54400009b84136ef75afb83de44", 0x55}], 0x1, &(0x7f0000000080)}, 0x0) io_setup(0x5, &(0x7f0000000180)=0x0) io_pgetevents(r1, 0x5, 0x3, &(0x7f00000002c0)=[{}, {}, {}], &(0x7f00000001c0)={0x0, 0x1c9c380}, &(0x7f0000000380)={&(0x7f0000000340)={0x2}, 0x8}) mount$9p_rdma(&(0x7f0000000000)='127.0.0.1\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000002c0)=ANY=[]) [ 364.517109] R10: ffffed0030266f12 R11: 0000000000000003 R12: 0000000020013004 [ 364.517119] R13: 0000000020013000 R14: ffff880181337890 R15: 00007ffffffff000 [ 364.517158] ? _copy_from_user+0x10d/0x150 [ 364.517181] evdev_do_ioctl+0xb51/0x2180 [ 364.517204] ? str_to_user+0x90/0x90 [ 364.517222] ? graph_lock+0x170/0x170 [ 364.517241] ? do_futex+0x249/0x26d0 [ 364.517260] ? rcu_bh_qs+0xc0/0xc0 [ 364.517278] ? rcu_bh_qs+0xc0/0xc0 [ 364.517292] ? unwind_dump+0x190/0x190 [ 364.517318] ? find_held_lock+0x36/0x1c0 [ 364.517347] ? __fget+0x4aa/0x740 [ 364.517379] ? lock_downgrade+0x900/0x900 [ 364.517402] ? check_preemption_disabled+0x48/0x200 [ 364.517424] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 364.526685] ? kasan_check_read+0x11/0x20 [ 364.526703] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 364.526721] ? rcu_bh_qs+0xc0/0xc0 [ 364.526751] ? __fget+0x4d1/0x740 [ 364.526775] ? ksys_dup3+0x680/0x680 [ 364.534633] evdev_ioctl_handler+0x144/0x1a0 [ 364.534657] evdev_ioctl+0x27/0x2e [ 364.534673] ? evdev_ioctl_compat+0x30/0x30 [ 364.534696] do_vfs_ioctl+0x1de/0x1720 [ 364.546558] ? ioctl_preallocate+0x300/0x300 [ 364.546576] ? __fget_light+0x2e9/0x430 [ 364.546595] ? fget_raw+0x20/0x20 [ 364.555752] ? _copy_to_user+0xc8/0x110 [ 364.555777] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 364.555794] ? put_timespec64+0x10f/0x1b0 [ 364.555812] ? nsecs_to_jiffies+0x30/0x30 [ 364.555832] ? do_syscall_64+0x9a/0x820 [ 364.555849] ? do_syscall_64+0x9a/0x820 [ 364.555870] ? lockdep_hardirqs_on+0x421/0x5c0 [ 364.565830] ? security_file_ioctl+0x94/0xc0 [ 364.565852] ksys_ioctl+0xa9/0xd0 [ 364.574672] __x64_sys_ioctl+0x73/0xb0 [ 364.574693] do_syscall_64+0x1b9/0x820 [ 364.574711] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 364.574731] ? syscall_return_slowpath+0x5e0/0x5e0 [ 364.574747] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.574767] ? trace_hardirqs_on_caller+0x310/0x310 [ 364.574786] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 364.574805] ? prepare_exit_to_usermode+0x291/0x3b0 [ 364.574830] ? trace_hardirqs_off_thunk+0x1a/0x1c 13:47:20 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x80044501, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 364.574857] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.585857] RIP: 0033:0x457579 [ 364.585897] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 364.585906] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 364.585923] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 364.585944] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000007 13:47:20 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") r3 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x2, 0x0, &(0x7f0000000080)={0x0, 0x6, 0x4}) mq_unlink(&(0x7f00000000c0)='eth0\x00') mq_timedsend(r3, &(0x7f00000e6000), 0x0, 0x0, &(0x7f0000000040)) mq_timedsend(r3, &(0x7f0000000040), 0x0, 0x4a8b, &(0x7f0000fbc000)) close(r3) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x0, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) chdir(&(0x7f0000000300)='./file0\x00') r7 = open(&(0x7f00000000c0)='./file0\x00', 0x141042, 0x0) write$binfmt_elf64(r7, &(0x7f0000000480)=ANY=[@ANYBLOB="7f454c4673000200faff3c46dc000000006e0100000000a4e24000000000000000f4010000000000f336f1aa00030038000100ffff0000d9ba05000070010000004000000000000000050000000000000001800000000000000100000000000000060000ec05000000000000800000000005402fc8e76d86f7afad21f1dfde89256d81fe0fe797a94935e51d088d8fa16dd8cbf0d6b2054d53e2c8b190c043c04c206c9657712327654e700dac038bc9905e26f80000003d47c9ad1d000000000000000000004d86a89ba98dde0000000000000000000000000000000000fd393752000000000000000000000000000000700c00000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000c099170ad72987c0ad12cec8cf55f7f7a4d07701493c46d3fd2937d0c6bff2bc0e7917e744205ea6021a8d1fe4819ac6a3cc19e7207b7822b8f246adbab32e37e5d32f960147ebac19659cf6db1e8e62e0584f9e3b55cf8cb5bbc5cc0864184032c5eafa9716c275721fbdb865f0e16d8ac1c5d54d31d5d84803167a7e9dfc76e069b53501689e69a7bd4feb7fed31278b2f7ae1198465ad21fb3d0026c8da782b36a3ebff45c914a1294ccfbfbd0b0b7572a816476aecd756e5dd8650abfb0f4643dd31334ddd8bc17f6290eda2f74e76cbac5d608f3638c9b4a5306618fb1d18198ab911aadbb86e7d280b1d3071fa0306f2b1dbea86e36757cbbd677c9ae7b8a4251262c525d93daa9f107eb5403f6e3c784625d521cee80c91abbd25ac8e0bb6fd4c9dd91ea7c04aca17d9f3651457031527a8c40b3231b0299a8aae38b20e61f18317de7c19831a4ee7fec77affd33cc3d331ac74"], 0x27e) sendfile(r7, r7, &(0x7f0000000080), 0x10001) r8 = socket$packet(0x11, 0x3, 0x300) setsockopt$inet_sctp6_SCTP_NODELAY(r4, 0x84, 0x3, &(0x7f0000000180)=0x10000, 0xfffffffffffffeb5) getsockname$packet(r7, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) ioctl$EXT4_IOC_MOVE_EXT(r5, 0xc028660f, &(0x7f0000000100)={0x0, r6, 0x0, 0x0, 0x37, 0x81}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'lo\x00', 0x0}) setsockopt$packet_add_memb(r8, 0x107, 0x1, &(0x7f0000000440)={r9, 0x1, 0x6}, 0x1de) setsockopt$packet_add_memb(r8, 0x107, 0x1, &(0x7f0000000080)={r9, 0x1, 0xfffffffffffffffa, @link_local}, 0xfffffffffffffe30) write(0xffffffffffffffff, &(0x7f0000fa8000)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27) listen(r5, 0xea) [ 364.585953] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 364.585967] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 364.599619] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 364.812515] IPVS: ftp: loaded support on port[0] = 21 13:47:20 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000005c0), &(0x7f0000000280)=0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xd, 0xffffffffffffffff) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x3ff, 0x2002) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs={0x1, 0x0, 0x4e21}, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x3}, 0xa0) r3 = openat$cgroup_ro(r2, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) fcntl$setown(r2, 0x8, r1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz0\x00', 0x1ff) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x9, 0x20}, &(0x7f0000000140)=0xb) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/syz0\x00', 0x1ff) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000003c0), 0x4) ioctl$RTC_PIE_ON(r2, 0x7005) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000540)='/dev/loop-control\x00', 0x101000, 0x0) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) getresuid(&(0x7f0000000440), &(0x7f0000000600), &(0x7f0000000640)) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f00000007c0)={0x0, {{0x2, 0x4e24, @rand_addr=0xff0000000}}}, 0x88) r5 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_ADD(r4, 0x4c80, r5) mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8010, r0, 0x0) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0) bind$alg(r6, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-serpent-sse2\x00'}, 0x58) ioctl$BINDER_GET_NODE_DEBUG_INFO(r6, 0xc018620b, &(0x7f00000002c0)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f00000000c0)={r7}) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000480)={0x0, @in={{0x2, 0x0, @broadcast}}}, 0x84) ioctl$HDIO_GETGEO(r3, 0x301, &(0x7f0000000240)) socket$inet6_tcp(0xa, 0x1, 0x0) [ 365.142819] netlink: 9 bytes leftover after parsing attributes in process `syz-executor2'. [ 365.240173] netlink: 9 bytes leftover after parsing attributes in process `syz-executor2'. 13:47:21 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha256_mb\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="79823e28923cfd98c3b8ecf9e1735582f39cb902024c2a1644548b2c902612397503f54239e086442a30039d8c6525a6a56d7c1da8941f00bc7cba64647d5e4368f489f9a17b07440d47be93fce63c157e646136c6f511613f4b7a84ab3f3f302efb732a8d988575d77709725c58d78e8ef6eb401cfcafb9450735affc8cdc15ddab04b0fc065a376a454814980bc1667604b8eade80e80a32fbe4342455cfce327dc1eb099f57c71474fdcc2106c9bcff02025dd5f8b02a1164d7b0663df44072b96cd4722d4238747ecba7a8208040fc5de7693a48f86cba80c55a1439ab501bc4f1097978bfaeb4ae51468175ea20066d32b165b30e028596f83a5a5e822184fd2e5a7cef15057bf0985d8741f8a793f19d8942d9ac9669e03ebdf97dda51376a2f5ab7852a703e7fbfe3633c557317d13f470000000000edb65acbaaa7c4013c216119a6454f247152c8cee754615d8a6dd5"], 0xfffffe5b) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x4800) ioctl$UI_SET_FFBIT(r2, 0x4004556b, 0x6f) 13:47:21 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0xc020660b, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:21 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000005c0), &(0x7f0000000280)=0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xd, 0xffffffffffffffff) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) r2 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x3ff, 0x2002) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000880)={@un=@abs={0x1, 0x0, 0x4e21}, {&(0x7f0000000680)=""/183, 0xb7}, &(0x7f0000000300), 0x3}, 0xa0) r3 = openat$cgroup_ro(r2, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) fcntl$setown(r2, 0x8, r1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz0\x00', 0x1ff) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x9, 0x20}, &(0x7f0000000140)=0xb) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/syz0\x00', 0x1ff) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000003c0), 0x4) ioctl$RTC_PIE_ON(r2, 0x7005) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000540)='/dev/loop-control\x00', 0x101000, 0x0) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) getresuid(&(0x7f0000000440), &(0x7f0000000600), &(0x7f0000000640)) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f00000007c0)={0x0, {{0x2, 0x4e24, @rand_addr=0xff0000000}}}, 0x88) r5 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_ADD(r4, 0x4c80, r5) mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8010, r0, 0x0) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0) bind$alg(r6, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-serpent-sse2\x00'}, 0x58) ioctl$BINDER_GET_NODE_DEBUG_INFO(r6, 0xc018620b, &(0x7f00000002c0)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f00000000c0)={r7}) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000480)={0x0, @in={{0x2, 0x0, @broadcast}}}, 0x84) ioctl$HDIO_GETGEO(r3, 0x301, &(0x7f0000000240)) socket$inet6_tcp(0xa, 0x1, 0x0) 13:47:21 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r0, 0x400445a0, &(0x7f0000000040)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:21 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40044581, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:22 executing program 3: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/vga_arbiter\x00', 0x80000, 0x0) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) sendmmsg$unix(r2, &(0x7f00000005c0)=[{&(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000080)}], 0x1, 0x800) fchmod(0xffffffffffffffff, 0x4c) ioctl$IOC_PR_REGISTER(0xffffffffffffffff, 0x401870c8, &(0x7f0000000180)={0x4e3}) ioctl$KVM_GET_MSR_INDEX_LIST(r2, 0xc004ae02, &(0x7f0000000080)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) umount2(&(0x7f0000000780)='./file0\x00', 0x0) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000600)="9502223cd3dc8685f97b674d8caafe04ad0ea5e6d46ba5aa5117817a5685e0731a5c4f41fa0f309a9f7711f743a83b802e5b3e924059056beda769f2e9b14d6222aa5c4a805b8c80b8184ca62e4b58ad0d653935f971060a304f645df9eefd50d0530859d2af9e2182704457e914b1eefa6d5e6cd48e8b93598e1e7a4e815c3845525778fdf967c30dca9935036839db122e2ff9c2402f4c91fef8379525fbe1a3b826c799f92d80eb82b06ebf85256a72ea22a28c12e00414a64f49d6092e0e9426bee90f38487c9bf87fd7e9640bb8c85a9a6e2a211551cc9c9fcdb08e1960cc2ec692e28e50ddb9b4794611b54812c1ae272887d838945b83a27fa666664f") 13:47:22 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) listen(r0, 0xa) io_setup(0x2, &(0x7f00000000c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000500)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000200)='D', 0x1}]) 13:47:22 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40044591, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:22 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0xfb) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xd}}, 0x232) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xfffffffffffffffe}, 0x14) dup2(r2, r1) 13:47:22 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$poke(0xfffffffffffffffd, r1, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) r2 = syz_open_procfs(r1, &(0x7f0000000140)='timers\x00') fcntl$setpipe(r2, 0x407, 0x6) ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f0000000180)={0x5ad, 0x6, 0x2, 0x0, 0x7}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r3 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) r4 = getuid() ioctl$DRM_IOCTL_GET_CLIENT(r3, 0xc0286405, &(0x7f0000000000)={0x9, 0x4, r1, 0x9, r4, 0xc46, 0x2, 0x3f}) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000040)={0xffffffffffffffff}) r6 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x8004, 0x0) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000100)=r6, 0x4) ioctl$EVIOCGMTSLOTS(r3, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:22 executing program 3: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/vga_arbiter\x00', 0x80000, 0x0) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) sendmmsg$unix(r2, &(0x7f00000005c0)=[{&(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000080)}], 0x1, 0x800) fchmod(0xffffffffffffffff, 0x4c) ioctl$IOC_PR_REGISTER(0xffffffffffffffff, 0x401870c8, &(0x7f0000000180)={0x4e3}) ioctl$KVM_GET_MSR_INDEX_LIST(r2, 0xc004ae02, &(0x7f0000000080)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) umount2(&(0x7f0000000780)='./file0\x00', 0x0) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000600)="9502223cd3dc8685f97b674d8caafe04ad0ea5e6d46ba5aa5117817a5685e0731a5c4f41fa0f309a9f7711f743a83b802e5b3e924059056beda769f2e9b14d6222aa5c4a805b8c80b8184ca62e4b58ad0d653935f971060a304f645df9eefd50d0530859d2af9e2182704457e914b1eefa6d5e6cd48e8b93598e1e7a4e815c3845525778fdf967c30dca9935036839db122e2ff9c2402f4c91fef8379525fbe1a3b826c799f92d80eb82b06ebf85256a72ea22a28c12e00414a64f49d6092e0e9426bee90f38487c9bf87fd7e9640bb8c85a9a6e2a211551cc9c9fcdb08e1960cc2ec692e28e50ddb9b4794611b54812c1ae272887d838945b83a27fa666664f") [ 367.265305] FAULT_FLAG_ALLOW_RETRY missing 30 [ 367.276451] CPU: 0 PID: 12311 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 367.283832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.283840] Call Trace: [ 367.283872] dump_stack+0x1c4/0x2b4 [ 367.283920] ? dump_stack_print_info.cold.2+0x52/0x52 [ 367.283942] ? kasan_check_write+0x14/0x20 [ 367.283964] ? do_raw_spin_lock+0xc1/0x200 13:47:23 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x800000000000004) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x0, 0x691abe22}, 0x8) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d5c6070") r1 = socket$nl_generic(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000100)=0x4, 0x4) sendmsg$nl_generic(r1, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x1c, 0x22, 0x1, 0x0, 0x0, {0x4}, [@typed={0x8, 0xc, @pid}]}, 0x1c}}, 0x0) [ 367.283997] handle_userfault.cold.33+0x47/0x62 [ 367.284034] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 367.284056] ? mark_held_locks+0x130/0x130 [ 367.284089] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 367.296172] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 367.296196] ? select_task_rq_fair+0x34f0/0x34f0 [ 367.296213] ? reweight_task+0x130/0x130 [ 367.296244] ? print_usage_bug+0xc0/0xc0 [ 367.296265] ? print_usage_bug+0xc0/0xc0 [ 367.296292] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 367.360392] ? find_held_lock+0x36/0x1c0 [ 367.364484] ? graph_lock+0x170/0x170 [ 367.368315] ? __lock_acquire+0x7ec/0x4ec0 [ 367.372565] ? _raw_spin_unlock_irq+0x27/0x80 [ 367.377079] ? _raw_spin_unlock_irq+0x27/0x80 [ 367.381593] ? lockdep_hardirqs_on+0x421/0x5c0 [ 367.381616] ? find_held_lock+0x36/0x1c0 [ 367.381648] ? __handle_mm_fault+0x45dc/0x53e0 [ 367.381667] ? lock_downgrade+0x900/0x900 [ 367.381692] ? kasan_check_read+0x11/0x20 [ 367.381713] ? do_raw_spin_unlock+0xa7/0x2f0 [ 367.381731] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 367.390621] ? kasan_check_write+0x14/0x20 [ 367.390640] ? do_raw_spin_lock+0xc1/0x200 [ 367.390668] __handle_mm_fault+0x45ed/0x53e0 [ 367.390697] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 367.390714] ? graph_lock+0x170/0x170 [ 367.390734] ? print_usage_bug+0xc0/0xc0 [ 367.399472] ? graph_lock+0x170/0x170 [ 367.399489] ? graph_lock+0x170/0x170 [ 367.399530] ? handle_mm_fault+0x42a/0xc70 [ 367.399548] ? lock_downgrade+0x900/0x900 [ 367.399568] ? check_preemption_disabled+0x48/0x200 [ 367.399595] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 367.408134] ? kasan_check_read+0x11/0x20 [ 367.408154] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 367.408173] ? rcu_bh_qs+0xc0/0xc0 [ 367.408193] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 367.408212] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 367.408233] ? check_preemption_disabled+0x48/0x200 [ 367.417050] handle_mm_fault+0x54f/0xc70 [ 367.417074] ? __handle_mm_fault+0x53e0/0x53e0 [ 367.417096] ? find_vma+0x34/0x190 [ 367.417120] __do_page_fault+0x67d/0xed0 [ 367.417147] ? mm_fault_error+0x380/0x380 [ 367.514507] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 367.519549] ? graph_lock+0x170/0x170 [ 367.523381] do_page_fault+0xf2/0x7e0 [ 367.527204] ? vmalloc_sync_all+0x30/0x30 [ 367.531375] ? error_entry+0x76/0xd0 [ 367.535109] ? trace_hardirqs_off_caller+0xbb/0x310 [ 367.540151] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.545013] ? trace_hardirqs_on_caller+0x310/0x310 [ 367.550062] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.554959] page_fault+0x1e/0x30 [ 367.558434] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 367.564078] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 367.582996] RSP: 0018:ffff8801795df7f0 EFLAGS: 00010202 [ 367.588373] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 367.595661] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff8801795df890 [ 367.602939] RBP: ffff8801795df828 R08: ffffed002f2bbf13 R09: ffffed002f2bbf12 [ 367.610215] R10: ffffed002f2bbf12 R11: 0000000000000003 R12: 0000000020013004 [ 367.617500] R13: 0000000020013000 R14: ffff8801795df890 R15: 00007ffffffff000 [ 367.624820] ? _copy_from_user+0x10d/0x150 [ 367.629076] evdev_do_ioctl+0xb51/0x2180 [ 367.633161] ? str_to_user+0x90/0x90 [ 367.636906] ? graph_lock+0x170/0x170 [ 367.640727] ? do_futex+0x249/0x26d0 [ 367.644458] ? __fget+0x4aa/0x740 [ 367.647941] ? lock_downgrade+0x900/0x900 [ 367.652107] ? check_preemption_disabled+0x48/0x200 [ 367.657148] ? find_held_lock+0x36/0x1c0 [ 367.661240] ? __fget+0x4aa/0x740 [ 367.664711] ? lock_downgrade+0x900/0x900 [ 367.668875] ? check_preemption_disabled+0x48/0x200 [ 367.673942] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 367.679756] ? kasan_check_read+0x11/0x20 [ 367.683938] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 367.689236] ? rcu_bh_qs+0xc0/0xc0 [ 367.692804] ? __fget+0x4d1/0x740 [ 367.696288] ? ksys_dup3+0x680/0x680 [ 367.700030] evdev_ioctl_handler+0x144/0x1a0 [ 367.704460] evdev_ioctl+0x27/0x2e [ 367.708016] ? evdev_ioctl_compat+0x30/0x30 [ 367.712354] do_vfs_ioctl+0x1de/0x1720 [ 367.716267] ? ioctl_preallocate+0x300/0x300 [ 367.720699] ? __fget_light+0x2e9/0x430 [ 367.724691] ? fget_raw+0x20/0x20 [ 367.728164] ? _copy_to_user+0xc8/0x110 [ 367.732159] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 367.737712] ? put_timespec64+0x10f/0x1b0 [ 367.741873] ? nsecs_to_jiffies+0x30/0x30 [ 367.746061] ? do_syscall_64+0x9a/0x820 [ 367.750056] ? do_syscall_64+0x9a/0x820 [ 367.754052] ? lockdep_hardirqs_on+0x421/0x5c0 [ 367.758655] ? security_file_ioctl+0x94/0xc0 [ 367.763088] ksys_ioctl+0xa9/0xd0 [ 367.766561] __x64_sys_ioctl+0x73/0xb0 [ 367.770464] do_syscall_64+0x1b9/0x820 [ 367.774367] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 367.779752] ? syscall_return_slowpath+0x5e0/0x5e0 [ 367.784697] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.789557] ? trace_hardirqs_on_caller+0x310/0x310 [ 367.794596] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 367.799625] ? prepare_exit_to_usermode+0x291/0x3b0 [ 367.804671] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.809542] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 367.814745] RIP: 0033:0x457579 [ 367.817952] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 367.836859] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 367.844602] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 367.851892] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000005 [ 367.859178] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 367.866456] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 367.873734] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff [ 367.977452] FAULT_FLAG_ALLOW_RETRY missing 30 [ 367.985032] CPU: 0 PID: 12322 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 367.992431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 368.001792] Call Trace: [ 368.004408] dump_stack+0x1c4/0x2b4 [ 368.008068] ? dump_stack_print_info.cold.2+0x52/0x52 [ 368.013316] ? kasan_check_write+0x14/0x20 [ 368.017573] ? do_raw_spin_lock+0xc1/0x200 [ 368.021840] handle_userfault.cold.33+0x47/0x62 [ 368.026542] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 368.031146] ? mark_held_locks+0x130/0x130 [ 368.035397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 368.040966] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 368.046340] ? select_task_rq_fair+0x34f0/0x34f0 [ 368.051093] ? reweight_task+0x130/0x130 [ 368.055176] ? print_usage_bug+0xc0/0xc0 [ 368.059443] ? print_usage_bug+0xc0/0xc0 [ 368.063515] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 368.069051] ? find_held_lock+0x36/0x1c0 [ 368.073110] ? graph_lock+0x170/0x170 [ 368.076955] ? __lock_acquire+0x7ec/0x4ec0 [ 368.081214] ? _raw_spin_unlock_irq+0x27/0x80 [ 368.085700] ? _raw_spin_unlock_irq+0x27/0x80 [ 368.090189] ? lockdep_hardirqs_on+0x421/0x5c0 [ 368.094765] ? find_held_lock+0x36/0x1c0 [ 368.098824] ? __handle_mm_fault+0x45dc/0x53e0 [ 368.103403] ? lock_downgrade+0x900/0x900 [ 368.107566] ? kasan_check_read+0x11/0x20 [ 368.111706] ? do_raw_spin_unlock+0xa7/0x2f0 [ 368.116111] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 368.120687] ? kasan_check_write+0x14/0x20 [ 368.124928] ? do_raw_spin_lock+0xc1/0x200 [ 368.129162] __handle_mm_fault+0x45ed/0x53e0 [ 368.133568] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 368.138403] ? graph_lock+0x170/0x170 [ 368.142208] ? print_usage_bug+0xc0/0xc0 [ 368.146275] ? graph_lock+0x170/0x170 [ 368.150079] ? graph_lock+0x170/0x170 [ 368.153928] ? handle_mm_fault+0x42a/0xc70 [ 368.158160] ? lock_downgrade+0x900/0x900 [ 368.162304] ? check_preemption_disabled+0x48/0x200 [ 368.167315] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 368.173115] ? kasan_check_read+0x11/0x20 [ 368.177279] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 368.182570] ? rcu_bh_qs+0xc0/0xc0 [ 368.186108] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 368.191574] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 368.197107] ? check_preemption_disabled+0x48/0x200 [ 368.202125] handle_mm_fault+0x54f/0xc70 [ 368.206194] ? __handle_mm_fault+0x53e0/0x53e0 [ 368.210803] ? find_vma+0x34/0x190 [ 368.214360] __do_page_fault+0x67d/0xed0 [ 368.218422] ? mm_fault_error+0x380/0x380 [ 368.222563] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 368.227593] ? graph_lock+0x170/0x170 [ 368.231413] do_page_fault+0xf2/0x7e0 [ 368.235238] ? vmalloc_sync_all+0x30/0x30 [ 368.239383] ? error_entry+0x76/0xd0 [ 368.243096] ? trace_hardirqs_off_caller+0xbb/0x310 [ 368.248107] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 368.252947] ? trace_hardirqs_on_caller+0x310/0x310 [ 368.257975] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 368.262827] page_fault+0x1e/0x30 [ 368.266275] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 368.271908] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 368.290810] RSP: 0018:ffff88017945f7f0 EFLAGS: 00010202 [ 368.296181] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 368.303449] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff88017945f890 [ 368.310743] RBP: ffff88017945f828 R08: ffffed002f28bf13 R09: ffffed002f28bf12 [ 368.318026] R10: ffffed002f28bf12 R11: 0000000000000003 R12: 0000000020013004 [ 368.325298] R13: 0000000020013000 R14: ffff88017945f890 R15: 00007ffffffff000 [ 368.332589] ? _copy_from_user+0x10d/0x150 [ 368.336830] evdev_do_ioctl+0xb51/0x2180 [ 368.340957] ? str_to_user+0x90/0x90 [ 368.344685] ? graph_lock+0x170/0x170 [ 368.348482] ? do_futex+0x249/0x26d0 [ 368.352209] ? __fget+0x4aa/0x740 [ 368.355697] ? lock_downgrade+0x900/0x900 [ 368.359850] ? check_preemption_disabled+0x48/0x200 [ 368.364952] ? find_held_lock+0x36/0x1c0 [ 368.369015] ? __fget+0x4aa/0x740 [ 368.372486] ? lock_downgrade+0x900/0x900 [ 368.376633] ? check_preemption_disabled+0x48/0x200 [ 368.381656] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 368.387448] ? kasan_check_read+0x11/0x20 [ 368.391618] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 368.396917] ? rcu_bh_qs+0xc0/0xc0 [ 368.400460] ? __fget+0x4d1/0x740 [ 368.403932] ? ksys_dup3+0x680/0x680 [ 368.407665] evdev_ioctl_handler+0x144/0x1a0 [ 368.412087] evdev_ioctl+0x27/0x2e [ 368.415639] ? evdev_ioctl_compat+0x30/0x30 [ 368.419967] do_vfs_ioctl+0x1de/0x1720 [ 368.423866] ? ioctl_preallocate+0x300/0x300 [ 368.428282] ? __fget_light+0x2e9/0x430 [ 368.432250] ? fget_raw+0x20/0x20 [ 368.435697] ? _copy_to_user+0xc8/0x110 [ 368.439671] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 368.445203] ? put_timespec64+0x10f/0x1b0 [ 368.449367] ? nsecs_to_jiffies+0x30/0x30 [ 368.453515] ? do_syscall_64+0x9a/0x820 [ 368.457496] ? do_syscall_64+0x9a/0x820 [ 368.461478] ? lockdep_hardirqs_on+0x421/0x5c0 [ 368.466056] ? security_file_ioctl+0x94/0xc0 [ 368.470464] ksys_ioctl+0xa9/0xd0 [ 368.473924] __x64_sys_ioctl+0x73/0xb0 [ 368.477821] do_syscall_64+0x1b9/0x820 [ 368.481726] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 368.487091] ? syscall_return_slowpath+0x5e0/0x5e0 [ 368.492034] ? trace_hardirqs_on_caller+0x310/0x310 [ 368.497043] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 368.502071] ? recalc_sigpending_tsk+0x180/0x180 [ 368.506819] ? kasan_check_write+0x14/0x20 [ 368.511051] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 368.515913] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.521102] RIP: 0033:0x457579 [ 368.524291] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 368.543187] RSP: 002b:00007fd1b7320c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 368.550911] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 368.558169] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000008 [ 368.565436] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 368.572697] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73216d4 13:47:24 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0xfffffffffffffffd, 0x10100) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000380)=ANY=[@ANYBLOB="4a8cf8c6beb2e46a88000000d53a06ef533830f8bd7262a76eb42f839bb4b1a326b6f35cec03fac1ac540dfe7d35f18d5b5b983023cd9ea7ba338b220b34ff1b105ed38a6e8cc1b9389232d6dfcbb3c7b7d55752a33c0bce36bdb1cc0a36ac162c51c8ec6c124a97e543e8b69460f22b42cd88d7e8f6bfb01e1a83681d4889", @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000280)=0x3) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r4 = socket$unix(0x1, 0x1, 0x0) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000240)) bind$unix(r4, &(0x7f0000000040)=@abs={0x1}, 0x6e) r5 = syz_open_procfs(0x0, &(0x7f0000a92ff7)='net/unix\x00') sendfile(r3, r5, &(0x7f0000000340)=0x102, 0x800009) ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f00000000c0)=""/120) ftruncate(r0, 0x1000) r6 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00') preadv(r6, &(0x7f0000000480), 0x1000000000000298, 0x0) 13:47:24 executing program 3: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/vga_arbiter\x00', 0x80000, 0x0) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) sendmmsg$unix(r2, &(0x7f00000005c0)=[{&(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000080)}], 0x1, 0x800) fchmod(0xffffffffffffffff, 0x4c) ioctl$IOC_PR_REGISTER(0xffffffffffffffff, 0x401870c8, &(0x7f0000000180)={0x4e3}) ioctl$KVM_GET_MSR_INDEX_LIST(r2, 0xc004ae02, &(0x7f0000000080)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) umount2(&(0x7f0000000780)='./file0\x00', 0x0) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000600)="9502223cd3dc8685f97b674d8caafe04ad0ea5e6d46ba5aa5117817a5685e0731a5c4f41fa0f309a9f7711f743a83b802e5b3e924059056beda769f2e9b14d6222aa5c4a805b8c80b8184ca62e4b58ad0d653935f971060a304f645df9eefd50d0530859d2af9e2182704457e914b1eefa6d5e6cd48e8b93598e1e7a4e815c3845525778fdf967c30dca9935036839db122e2ff9c2402f4c91fef8379525fbe1a3b826c799f92d80eb82b06ebf85256a72ea22a28c12e00414a64f49d6092e0e9426bee90f38487c9bf87fd7e9640bb8c85a9a6e2a211551cc9c9fcdb08e1960cc2ec692e28e50ddb9b4794611b54812c1ae272887d838945b83a27fa666664f") 13:47:24 executing program 0: pipe(&(0x7f00000000c0)) syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x8001, 0x402080) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uinput\x00', 0x2, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000180)={0x4, {0x9, 0xd85, 0x3ee, 0x80, 0x7, 0x8}}) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ppp\x00', 0x902, 0x0) lseek(r1, 0x14000000, 0x76e76d3085536d1d) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000040), &(0x7f0000000080)=0x4) ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f0000000000)={0x2, 0x4}) 13:47:24 executing program 5: openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/current\x00', 0x2, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000200)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f0000000140)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)) r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) fstatfs(r0, &(0x7f0000000240)=""/112) [ 368.579961] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:24 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x40284504, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 368.692147] ntfs: (device loop5): ntfs_fill_super(): Unable to determine device size. 13:47:24 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000ef8cfd)={0xa, 0x0, 0x0, @loopback}, 0x1c) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r0, 0x0) r1 = getpid() perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2}, r1, 0xa, 0xffffffffffffffff, 0x0) setgid(0x0) accept4(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x0) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0) 13:47:24 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000000)='trusted.overlay.nlink\x00', &(0x7f0000000040)={'U-', 0x8}, 0x28, 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 368.770240] overlayfs: missing 'lowerdir' [ 368.900323] FAULT_FLAG_ALLOW_RETRY missing 30 [ 368.904906] CPU: 1 PID: 12352 Comm: syz-executor4 Not tainted 4.19.0-rc5+ #261 [ 368.912282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 368.921666] Call Trace: [ 368.924313] dump_stack+0x1c4/0x2b4 [ 368.927973] ? dump_stack_print_info.cold.2+0x52/0x52 [ 368.933188] ? kasan_check_write+0x14/0x20 [ 368.937452] ? do_raw_spin_lock+0xc1/0x200 [ 368.941728] handle_userfault.cold.33+0x47/0x62 [ 368.946458] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 368.951262] ? mark_held_locks+0x130/0x130 [ 368.955520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 368.961083] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 368.966473] ? select_task_rq_fair+0x34f0/0x34f0 [ 368.971247] ? reweight_task+0x130/0x130 [ 368.975345] ? print_usage_bug+0xc0/0xc0 [ 368.979438] ? print_usage_bug+0xc0/0xc0 [ 368.983523] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 368.989089] ? find_held_lock+0x36/0x1c0 [ 368.993177] ? graph_lock+0x170/0x170 [ 368.997017] ? __lock_acquire+0x7ec/0x4ec0 [ 369.001268] ? _raw_spin_unlock_irq+0x27/0x80 [ 369.005780] ? _raw_spin_unlock_irq+0x27/0x80 [ 369.010297] ? lockdep_hardirqs_on+0x421/0x5c0 [ 369.014914] ? find_held_lock+0x36/0x1c0 [ 369.019015] ? __handle_mm_fault+0x45dc/0x53e0 [ 369.023617] ? lock_downgrade+0x900/0x900 [ 369.027795] ? kasan_check_read+0x11/0x20 [ 369.031964] ? do_raw_spin_unlock+0xa7/0x2f0 [ 369.036405] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 369.041013] ? kasan_check_write+0x14/0x20 [ 369.045271] ? do_raw_spin_lock+0xc1/0x200 [ 369.049540] __handle_mm_fault+0x45ed/0x53e0 [ 369.053984] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 369.058846] ? graph_lock+0x170/0x170 [ 369.062682] ? print_usage_bug+0xc0/0xc0 [ 369.066765] ? graph_lock+0x170/0x170 [ 369.070581] ? graph_lock+0x170/0x170 [ 369.074442] ? handle_mm_fault+0x42a/0xc70 [ 369.078828] ? lock_downgrade+0x900/0x900 [ 369.082998] ? check_preemption_disabled+0x48/0x200 [ 369.088048] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 369.093862] ? kasan_check_read+0x11/0x20 [ 369.098040] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 369.103338] ? rcu_bh_qs+0xc0/0xc0 [ 369.106906] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 369.112380] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 369.117948] ? check_preemption_disabled+0x48/0x200 [ 369.122993] handle_mm_fault+0x54f/0xc70 [ 369.127077] ? __handle_mm_fault+0x53e0/0x53e0 [ 369.131681] ? find_vma+0x34/0x190 [ 369.135249] __do_page_fault+0x67d/0xed0 [ 369.139341] ? mm_fault_error+0x380/0x380 [ 369.143512] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 369.148550] ? graph_lock+0x170/0x170 [ 369.152382] do_page_fault+0xf2/0x7e0 [ 369.156212] ? vmalloc_sync_all+0x30/0x30 [ 369.160384] ? error_entry+0x76/0xd0 [ 369.164131] ? trace_hardirqs_off_caller+0xbb/0x310 [ 369.169172] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.174041] ? trace_hardirqs_on_caller+0x310/0x310 [ 369.179090] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.183968] page_fault+0x1e/0x30 [ 369.187444] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 369.193085] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 369.211996] RSP: 0018:ffff88017945f7f0 EFLAGS: 00010206 [ 369.217376] RAX: ffffed002f28bf5b RBX: 0000000000000028 RCX: 0000000000000005 [ 369.224661] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88017945fab0 [ 369.231959] RBP: ffff88017945f828 R08: ffffed002f28bf5b R09: ffffed002f28bf56 [ 369.239279] R10: ffffed002f28bf5a R11: ffff88017945fad7 R12: 0000000020013028 13:47:24 executing program 3: r0 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x801, 0x1) ioctl$UI_SET_SWBIT(r0, 0xc0105512, 0x0) getsockopt$inet6_tcp_buf(r0, 0x6, 0xb, &(0x7f0000000080)=""/118, &(0x7f0000000000)=0x76) ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f0000000140)={0x2, 0x6, {0x55, 0x3, 0x9, {0x9, 0x2}, {0x2, 0x3}, @cond=[{0x9, 0x8001, 0x5, 0x7, 0x3}, {0x62b51199, 0x1ab2, 0x4, 0x0, 0x9, 0x10001}]}, {0x51, 0x8, 0xfb, {0xffffffffffff0000, 0x8}, {0x3ff, 0xfffffffffffffffb}, @const={0x5, {0x20, 0x100000000, 0x6, 0xfffffffffffffff7}}}}) 13:47:24 executing program 0: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000040)="153f6234488dd25d766070") r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) accept4(r0, &(0x7f0000000080)=@can={0x1d, 0x0}, &(0x7f0000000100)=0x80, 0x800) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000140)={@mcast2, 0x40, r2}) mmap$binder(&(0x7f0000ff7000/0x9000)=nil, 0x9000, 0x0, 0x8092, r1, 0x0) mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff7000/0x3000)=nil) [ 369.246562] R13: 0000000020013000 R14: ffff88017945fab0 R15: 00007ffffffff000 [ 369.253895] ? _copy_from_user+0x10d/0x150 [ 369.258155] evdev_do_ioctl+0xa8f/0x2180 [ 369.258180] ? str_to_user+0x90/0x90 [ 369.258201] ? graph_lock+0x170/0x170 [ 369.258221] ? do_futex+0x249/0x26d0 [ 369.258242] ? rcu_bh_qs+0xc0/0xc0 [ 369.277047] ? rcu_bh_qs+0xc0/0xc0 [ 369.280606] ? unwind_dump+0x190/0x190 [ 369.284522] ? find_held_lock+0x36/0x1c0 [ 369.288617] ? __fget+0x4aa/0x740 [ 369.292089] ? lock_downgrade+0x900/0x900 [ 369.292107] ? check_preemption_disabled+0x48/0x200 [ 369.292132] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 369.292147] ? kasan_check_read+0x11/0x20 [ 369.292166] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 369.292185] ? rcu_bh_qs+0xc0/0xc0 [ 369.292221] ? __fget+0x4d1/0x740 [ 369.323592] ? ksys_dup3+0x680/0x680 [ 369.327336] evdev_ioctl_handler+0x144/0x1a0 [ 369.331771] evdev_ioctl+0x27/0x2e [ 369.331790] ? evdev_ioctl_compat+0x30/0x30 [ 369.331808] do_vfs_ioctl+0x1de/0x1720 [ 369.331834] ? ioctl_preallocate+0x300/0x300 [ 369.331852] ? __fget_light+0x2e9/0x430 13:47:25 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x121000, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000001900)={{{@in6=@ipv4={[], [], @local}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@local}}, &(0x7f0000001a00)=0xe8) bind$bt_hci(r1, &(0x7f0000001a40)={0x1f, r2, 0x3}, 0xc) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000200)={&(0x7f0000000400)=""/181, 0x100000, 0x1800}, 0x18) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @local}}, 0x0, 0x1f, 0x0, "e948f6abe4f393cecae62418b1c2c0200ebceea0b263266c314dc35fb4782eeee84a21e2f38cdb48302b37cb25f8b59a11b4738aa9e1aaa43deab559419a818e3d5ae0337b3b63866604743e18866c44"}, 0xd8) close(r0) setsockopt$inet6_tcp_int(r0, 0x6, 0x4000000000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x17}}}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000180)='tls\x00', 0xff37) socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100), 0x28) r3 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0xc0400) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f00000004c0)={0xd2, 0x7f5a, 0x2, 0x8001, 0x7, [{0x8, 0x0, 0xb9, 0x0, 0x0, 0x2}, {0xff, 0x7, 0x492, 0x0, 0x0, 0x200}, {0x101, 0x100000000, 0x3f, 0x0, 0x0, 0x200}, {0x81, 0x9, 0x80000001, 0x0, 0x0, 0x1801}, {0x80, 0x7ff, 0x400, 0x0, 0x0, 0x1000}, {0x5, 0xe28, 0x2, 0x0, 0x0, 0x1081}, {0x5, 0x40, 0x7fffffff, 0x0, 0x0, 0x4}]}) ioctl$TUNGETIFF(r3, 0x800454d2, &(0x7f00000001c0)) mmap(&(0x7f0000000000/0x8b000)=nil, 0x8b000, 0x4, 0x10000032, 0xffffffffffffffff, 0x0) sendto$inet6(r0, &(0x7f00000005c0), 0xfffffdef, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c) [ 369.331873] ? fget_raw+0x20/0x20 [ 369.352013] ? _copy_to_user+0xc8/0x110 [ 369.352041] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 369.352059] ? put_timespec64+0x10f/0x1b0 [ 369.352077] ? nsecs_to_jiffies+0x30/0x30 [ 369.352100] ? do_syscall_64+0x9a/0x820 [ 369.377821] ? do_syscall_64+0x9a/0x820 [ 369.381818] ? lockdep_hardirqs_on+0x421/0x5c0 [ 369.386434] ? security_file_ioctl+0x94/0xc0 [ 369.390872] ksys_ioctl+0xa9/0xd0 [ 369.394373] __x64_sys_ioctl+0x73/0xb0 [ 369.398311] do_syscall_64+0x1b9/0x820 [ 369.402216] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 369.407602] ? syscall_return_slowpath+0x5e0/0x5e0 [ 369.412549] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.417429] ? trace_hardirqs_on_caller+0x310/0x310 [ 369.422473] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 369.427508] ? prepare_exit_to_usermode+0x291/0x3b0 [ 369.432554] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.437434] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.442637] RIP: 0033:0x457579 [ 369.445850] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 369.465820] RSP: 002b:00007fd9995c4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 369.473551] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 369.480835] RDX: 0000000020013000 RSI: 0000000040284504 RDI: 0000000000000004 [ 369.488117] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 369.495410] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9995c56d4 [ 369.502697] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:25 executing program 5: r0 = socket$inet6(0xa, 0x1000000000003, 0x40000000003) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") recvmmsg(0xffffffffffffffff, &(0x7f0000005440)=[{{&(0x7f0000001bc0)=@alg, 0x80, &(0x7f0000003cc0)=[{&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f0000002c40)=""/4096, 0x1000}], 0x2, &(0x7f0000003d00)=""/115, 0x73}}], 0x1, 0x0, &(0x7f00000055c0)={0x0, 0x989680}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(serpent)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000180)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r2 = add_key(&(0x7f0000000000)='.dead\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f00000001c0)="f353cec42b359be9d0295f3c388b91cf9a5d05082af4adafe8ce761f8064bd2858bef0efa88bdc3247924df3261df482f944851a0781f4faa80c050930b86beb95b7ea7afefaded4ca3c29f2e06f7d971a22cc681a8ee9e23b9967c2e3b25d42e100ffc612a0c67bc7a5b68c694ade647b7c4e5834ce047e6a271792d17fa9609f873d1c74755adc2b85d27a1896ee884f714d906f2553b9096669a04c3cb6e0c79d9f0b35effb17563c51df552708f80dd2d759eff221697f2319", 0xbb, 0xfffffffffffffffa) keyctl$setperm(0x5, r2, 0x2000010) r3 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x390, &(0x7f0000000100)=[@op={0x18}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000003940)=[{{&(0x7f00000016c0)=@nfc_llcp, 0x80, &(0x7f0000002900)=[{&(0x7f0000001740)=""/50, 0x32}, {&(0x7f0000001780)=""/4096, 0x2000}], 0x2, &(0x7f0000002940)=""/4096, 0x1000}}], 0x1, 0x0, 0x0) [ 369.567631] FAULT_FLAG_ALLOW_RETRY missing 30 [ 369.577355] CPU: 0 PID: 12359 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 369.584740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 369.594104] Call Trace: [ 369.596721] dump_stack+0x1c4/0x2b4 [ 369.600381] ? dump_stack_print_info.cold.2+0x52/0x52 [ 369.605610] ? trace_hardirqs_off+0x310/0x310 [ 369.610151] handle_userfault.cold.33+0x47/0x62 [ 369.614845] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 369.619635] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 369.624238] ? mark_held_locks+0x130/0x130 [ 369.628503] ? _raw_spin_unlock_irq+0x56/0x80 [ 369.633012] ? _raw_spin_unlock_irq+0x60/0x80 [ 369.637529] ? finish_task_switch+0x1f5/0x900 [ 369.642040] ? finish_task_switch+0x1b5/0x900 [ 369.646561] ? __switch_to_asm+0x34/0x70 [ 369.650643] ? preempt_notifier_register+0x200/0x200 [ 369.655762] ? __switch_to_asm+0x34/0x70 [ 369.659841] ? __switch_to_asm+0x34/0x70 [ 369.663933] ? __switch_to_asm+0x40/0x70 [ 369.668009] ? __switch_to_asm+0x34/0x70 [ 369.672085] ? __switch_to_asm+0x40/0x70 [ 369.676162] ? __switch_to_asm+0x34/0x70 [ 369.680237] ? __switch_to_asm+0x40/0x70 [ 369.684321] ? print_usage_bug+0xc0/0xc0 [ 369.688397] ? __switch_to_asm+0x40/0x70 [ 369.692478] ? __switch_to_asm+0x34/0x70 [ 369.696551] ? entry_SYSCALL_64_after_hwframe+0xbc/0xbe [ 369.701935] ? __switch_to_asm+0x34/0x70 [ 369.706013] ? __switch_to_asm+0x40/0x70 [ 369.710092] ? __schedule+0x874/0x1ed0 [ 369.710111] ? find_held_lock+0x36/0x1c0 [ 369.710130] ? graph_lock+0x170/0x170 [ 369.710152] ? __lock_acquire+0x7ec/0x4ec0 [ 369.726147] ? _raw_spin_unlock_irq+0x27/0x80 [ 369.730663] ? graph_lock+0x170/0x170 [ 369.734480] ? lockdep_hardirqs_on+0x421/0x5c0 [ 369.739092] ? find_held_lock+0x36/0x1c0 [ 369.743190] ? __handle_mm_fault+0x45dc/0x53e0 [ 369.747791] ? lock_downgrade+0x900/0x900 [ 369.747818] ? kasan_check_read+0x11/0x20 [ 369.747836] ? do_raw_spin_unlock+0xa7/0x2f0 [ 369.747856] ? do_raw_spin_trylock+0x1c0/0x1c0 13:47:25 executing program 0: r0 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0xf4a5, 0x400) ioctl$TCXONC(r0, 0x540a, 0x5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) socket$l2tp(0x18, 0x1, 0x1) sendmsg$nl_xfrm(r3, &(0x7f000014f000)={&(0x7f00003c7ff4), 0xc, &(0x7f00000bfff0)={&(0x7f0000006440)=ANY=[@ANYBLOB="b8000000190001000000000000000000ff010000000000000000000000000001e000000100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xb8}}, 0x0) setsockopt$inet6_mtu(r2, 0x29, 0x13, &(0x7f0000000000), 0x1d) [ 369.747874] ? kasan_check_write+0x14/0x20 [ 369.747914] ? do_raw_spin_lock+0xc1/0x200 [ 369.756212] __handle_mm_fault+0x45ed/0x53e0 [ 369.756243] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 369.756256] ? kasan_check_write+0x14/0x20 [ 369.756273] ? graph_lock+0x170/0x170 [ 369.756291] ? print_usage_bug+0xc0/0xc0 [ 369.756310] ? rt_mutex_futex_unlock+0x120/0x120 [ 369.799851] ? graph_lock+0x170/0x170 [ 369.803689] ? graph_lock+0x170/0x170 [ 369.807531] ? handle_mm_fault+0x42a/0xc70 [ 369.811793] ? lock_downgrade+0x900/0x900 13:47:25 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0xfffffffffffffffd, 0x10100) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000380)=ANY=[@ANYBLOB="4a8cf8c6beb2e46a88000000d53a06ef533830f8bd7262a76eb42f839bb4b1a326b6f35cec03fac1ac540dfe7d35f18d5b5b983023cd9ea7ba338b220b34ff1b105ed38a6e8cc1b9389232d6dfcbb3c7b7d55752a33c0bce36bdb1cc0a36ac162c51c8ec6c124a97e543e8b69460f22b42cd88d7e8f6bfb01e1a83681d4889", @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000280)=0x3) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r4 = socket$unix(0x1, 0x1, 0x0) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000240)) bind$unix(r4, &(0x7f0000000040)=@abs={0x1}, 0x6e) r5 = syz_open_procfs(0x0, &(0x7f0000a92ff7)='net/unix\x00') sendfile(r3, r5, &(0x7f0000000340)=0x102, 0x800009) ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f00000000c0)=""/120) ftruncate(r0, 0x1000) r6 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00') preadv(r6, &(0x7f0000000480), 0x1000000000000298, 0x0) [ 369.815965] ? check_preemption_disabled+0x48/0x200 [ 369.821005] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 369.826814] ? kasan_check_read+0x11/0x20 [ 369.830985] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 369.836282] ? rcu_bh_qs+0xc0/0xc0 [ 369.839842] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 369.845345] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 369.850926] ? check_preemption_disabled+0x48/0x200 [ 369.855978] handle_mm_fault+0x54f/0xc70 [ 369.860069] ? __handle_mm_fault+0x53e0/0x53e0 [ 369.864676] ? find_vma+0x34/0x190 [ 369.868240] __do_page_fault+0x67d/0xed0 [ 369.872332] ? mm_fault_error+0x380/0x380 [ 369.876497] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 369.881541] ? graph_lock+0x170/0x170 [ 369.885373] do_page_fault+0xf2/0x7e0 [ 369.889201] ? vmalloc_sync_all+0x30/0x30 [ 369.893373] ? error_entry+0x76/0xd0 [ 369.897110] ? trace_hardirqs_off_caller+0xbb/0x310 [ 369.902151] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.907012] ? trace_hardirqs_on_caller+0x310/0x310 [ 369.912061] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.916950] page_fault+0x1e/0x30 [ 369.920420] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 369.926066] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 369.944979] RSP: 0018:ffff880184d877f0 EFLAGS: 00010202 [ 369.950857] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 369.958161] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff880184d87890 [ 369.965445] RBP: ffff880184d87828 R08: ffffed00309b0f13 R09: ffffed00309b0f12 [ 369.972727] R10: ffffed00309b0f12 R11: 0000000000000003 R12: 0000000020013004 [ 369.980019] R13: 0000000020013000 R14: ffff880184d87890 R15: 00007ffffffff000 [ 369.987342] ? _copy_from_user+0x10d/0x150 [ 369.991603] evdev_do_ioctl+0xb51/0x2180 [ 369.995688] ? str_to_user+0x90/0x90 [ 369.999421] ? graph_lock+0x170/0x170 [ 370.003246] ? do_futex+0x249/0x26d0 [ 370.006982] ? rcu_bh_qs+0xc0/0xc0 [ 370.010545] ? rcu_bh_qs+0xc0/0xc0 [ 370.014105] ? unwind_dump+0x190/0x190 [ 370.018024] ? find_held_lock+0x36/0x1c0 [ 370.022115] ? __fget+0x4aa/0x740 [ 370.025590] ? lock_downgrade+0x900/0x900 [ 370.029757] ? check_preemption_disabled+0x48/0x200 [ 370.034797] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 370.040618] ? kasan_check_read+0x11/0x20 [ 370.044785] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 370.050080] ? rcu_bh_qs+0xc0/0xc0 [ 370.053649] ? __fget+0x4d1/0x740 [ 370.057310] ? ksys_dup3+0x680/0x680 [ 370.061051] evdev_ioctl_handler+0x144/0x1a0 [ 370.065484] evdev_ioctl+0x27/0x2e [ 370.069041] ? evdev_ioctl_compat+0x30/0x30 [ 370.073379] do_vfs_ioctl+0x1de/0x1720 [ 370.077293] ? ioctl_preallocate+0x300/0x300 [ 370.081728] ? __fget_light+0x2e9/0x430 [ 370.085718] ? fget_raw+0x20/0x20 [ 370.089185] ? _copy_to_user+0xc8/0x110 [ 370.093188] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 370.098746] ? put_timespec64+0x10f/0x1b0 [ 370.102949] ? nsecs_to_jiffies+0x30/0x30 [ 370.107119] ? do_syscall_64+0x9a/0x820 [ 370.111108] ? do_syscall_64+0x9a/0x820 [ 370.115104] ? lockdep_hardirqs_on+0x421/0x5c0 [ 370.119713] ? security_file_ioctl+0x94/0xc0 [ 370.124150] ksys_ioctl+0xa9/0xd0 [ 370.127627] __x64_sys_ioctl+0x73/0xb0 [ 370.131534] do_syscall_64+0x1b9/0x820 [ 370.135438] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 370.140825] ? syscall_return_slowpath+0x5e0/0x5e0 [ 370.145774] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.150642] ? trace_hardirqs_on_caller+0x310/0x310 [ 370.155679] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 370.160768] ? prepare_exit_to_usermode+0x291/0x3b0 13:47:25 executing program 2: r0 = socket(0x1e, 0x80005, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x140) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f0000000180)={{0x3, 0xfffffffffffffffb}, {0x80000001, 0x2}, 0x11e8, 0x1, 0x9}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req={0x80000000, 0x2}, 0x3) sendmsg(r0, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f0000000480), 0x0, &(0x7f00006e9c68)}, 0x0) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) write$FUSE_NOTIFY_DELETE(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="30000000000000060000000000000001000000000000000700000000000000000000000000000000"], 0x30) rt_sigtimedwait(&(0x7f0000000100), 0x0, &(0x7f0000000240)={r2, r3+30000000}, 0x8) ppoll(&(0x7f0000000000)=[{r0, 0x40}, {r0, 0x400}, {r0, 0x2002}, {r0, 0x104}], 0x4, &(0x7f0000000040)={0x77359400}, &(0x7f0000000080)={0xffffffffffffffb5}, 0x8) [ 370.165810] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.170686] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.175916] RIP: 0033:0x457579 [ 370.179143] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 370.198061] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 370.205791] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 370.213081] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000004 [ 370.220360] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 370.220371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 370.220381] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:25 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RWALK(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="090100006f01000000"], 0x9) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any='access=any'}]}}) chmod(&(0x7f00000006c0)='./file0\x00', 0x0) 13:47:25 executing program 3: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f00000002c0)='./file0/file0\x00', 0x800000000000, 0x0) getsockopt$bt_BT_POWER(0xffffffffffffffff, 0x112, 0x9, &(0x7f0000000740)=0x9, &(0x7f0000000780)=0x1) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000700000/0x1000)=nil, 0x1000, 0x0, 0x10, r1, 0x0) symlinkat(&(0x7f0000000040)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", r1, &(0x7f00000000c0)='./file0\x00') mkdirat(r1, &(0x7f0000000200)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", 0x0) open(&(0x7f0000000000)='./file0/file0\x00', 0xf4, 0x0) renameat2(r1, &(0x7f0000000140)='./file0/file0\x00', r1, &(0x7f0000000180)='./file0\x00', 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)=@ipx={0x4, 0x80000001, 0x0, "0950fe4adba7"}, 0x16, &(0x7f0000000000), 0x0, &(0x7f0000000240)}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x6, 0x0, 0x9, 0x10001}, 0x2c) sendmsg(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)=@sco={0x1f, {0x8, 0x0, 0x2}}, 0x80, &(0x7f0000000300)}, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000003840)=[{&(0x7f00000004c0)=""/158, 0x9e}, {&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000002740)=""/98, 0x62}, {&(0x7f00000027c0)=""/4096, 0x1000}, {&(0x7f00000037c0)=""/115, 0x73}], 0x5}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000000c0)=@in6={0x31100, 0x894f, 0x5, @dev={0xfe, 0x80, [0x7fffefff, 0x0, 0x0, 0x329]}}, 0x80, &(0x7f0000000340), 0x3c1, &(0x7f0000000380)}, 0x0) socketpair(0x5, 0x3, 0xde9, &(0x7f00000005c0)) 13:47:26 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445ef, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:26 executing program 3: r0 = inotify_init1(0x800) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f000045fff8)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x4207, r1) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@mcast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@loopback}}, &(0x7f0000000140)=0xe8) ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8936, &(0x7f0000000180)={@loopback, 0x33, r3}) ptrace$cont(0x21, r1, 0x0, 0x0) ptrace(0x8, r1) 13:47:26 executing program 5: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x0, 0x0, 0x7, 0x1}, 0x2c) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000000)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x202000, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000100)={0x0, 0x0, 0x800, &(0x7f0000000080)}) open_by_handle_at(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="f7ffaef9fffffeff"], 0x0) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x4, @tick=0x8, 0x3ff, {0x8, 0xbe}, 0x5, 0x1, 0x4}) 13:47:26 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000440)='/dev/zero\x00', 0x244000, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000180)={0x0}, &(0x7f00000001c0)=0xc) stat(&(0x7f0000000480)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getegid() ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f00000004c0)={{0x20, 0x8}, {0x5, 0x5}, 0x0, 0x1, 0x47}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000280)={0x6, r1, 0x1}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000400)={r2, r3, r4}, 0xc) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r5 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x52001, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0x8) ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000015000/0x2000)=nil, 0x2000}}) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000000100)={r7}, 0x8) ioctl$EVIOCGMTSLOTS(r5, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) [ 370.593971] FAULT_FLAG_ALLOW_RETRY missing 30 [ 370.599672] CPU: 0 PID: 12422 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 370.607062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.616429] Call Trace: [ 370.619045] dump_stack+0x1c4/0x2b4 [ 370.622700] ? dump_stack_print_info.cold.2+0x52/0x52 [ 370.627927] ? kasan_check_write+0x14/0x20 [ 370.632273] ? do_raw_spin_lock+0xc1/0x200 [ 370.636540] handle_userfault.cold.33+0x47/0x62 [ 370.641248] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 370.645849] ? mark_held_locks+0x130/0x130 [ 370.650120] ? mark_held_locks+0x130/0x130 [ 370.654397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 370.659962] ? print_usage_bug+0xc0/0xc0 [ 370.664050] ? print_usage_bug+0xc0/0xc0 [ 370.668131] ? select_task_rq_fair+0x3490/0x34f0 [ 370.672930] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 370.678491] ? check_preemption_disabled+0x48/0x200 [ 370.683526] ? graph_lock+0x170/0x170 [ 370.687348] ? __lock_acquire+0x7ec/0x4ec0 [ 370.691612] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 370.697168] ? find_held_lock+0x36/0x1c0 [ 370.701258] ? __handle_mm_fault+0x45dc/0x53e0 [ 370.705858] ? lock_downgrade+0x900/0x900 [ 370.710017] ? kasan_check_read+0x11/0x20 [ 370.714155] ? do_raw_spin_unlock+0xa7/0x2f0 [ 370.718555] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 370.723130] ? kasan_check_write+0x14/0x20 [ 370.727359] ? do_raw_spin_lock+0xc1/0x200 [ 370.731648] __handle_mm_fault+0x45ed/0x53e0 [ 370.736062] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 370.740910] ? graph_lock+0x170/0x170 [ 370.744717] ? print_usage_bug+0xc0/0xc0 [ 370.748799] ? __switch_to_asm+0x40/0x70 [ 370.752863] ? __switch_to_asm+0x34/0x70 [ 370.756958] ? __switch_to_asm+0x40/0x70 [ 370.761028] ? graph_lock+0x170/0x170 [ 370.764835] ? graph_lock+0x170/0x170 [ 370.768681] ? handle_mm_fault+0x42a/0xc70 [ 370.772946] ? lock_downgrade+0x900/0x900 [ 370.777111] ? check_preemption_disabled+0x48/0x200 [ 370.782129] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 370.787932] ? kasan_check_read+0x11/0x20 [ 370.792101] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 370.797389] ? rcu_bh_qs+0xc0/0xc0 [ 370.800940] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 370.806398] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 370.811949] ? check_preemption_disabled+0x48/0x200 [ 370.816970] handle_mm_fault+0x54f/0xc70 [ 370.821029] ? __handle_mm_fault+0x53e0/0x53e0 [ 370.825602] ? find_vma+0x34/0x190 [ 370.829152] __do_page_fault+0x67d/0xed0 [ 370.833330] ? mm_fault_error+0x380/0x380 [ 370.837486] ? graph_lock+0x170/0x170 [ 370.841291] ? migrate_swap_stop+0x930/0x930 [ 370.845695] do_page_fault+0xf2/0x7e0 [ 370.849504] ? vmalloc_sync_all+0x30/0x30 [ 370.853657] ? error_entry+0x76/0xd0 [ 370.857378] ? trace_hardirqs_off_caller+0xbb/0x310 [ 370.862409] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.867265] ? trace_hardirqs_on_caller+0x310/0x310 [ 370.872300] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.877145] page_fault+0x1e/0x30 [ 370.880596] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 370.886214] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 370.905120] RSP: 0018:ffff88017945f7f0 EFLAGS: 00010202 [ 370.910491] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 370.917759] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff88017945f890 [ 370.925036] RBP: ffff88017945f828 R08: ffffed002f28bf13 R09: ffffed002f28bf12 [ 370.932302] R10: ffffed002f28bf12 R11: 0000000000000003 R12: 0000000020013004 [ 370.939575] R13: 0000000020013000 R14: ffff88017945f890 R15: 00007ffffffff000 [ 370.946869] ? _copy_from_user+0x10d/0x150 [ 370.951138] evdev_do_ioctl+0xb51/0x2180 [ 370.955207] ? str_to_user+0x90/0x90 [ 370.958943] ? graph_lock+0x170/0x170 [ 370.962752] ? do_futex+0x249/0x26d0 [ 370.966486] ? __fget+0x4aa/0x740 [ 370.969978] ? lock_downgrade+0x900/0x900 [ 370.974132] ? check_preemption_disabled+0x48/0x200 [ 370.979151] ? find_held_lock+0x36/0x1c0 [ 370.983208] ? __fget+0x4aa/0x740 [ 370.986653] ? lock_downgrade+0x900/0x900 [ 370.990824] ? check_preemption_disabled+0x48/0x200 [ 370.995852] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 371.001664] ? kasan_check_read+0x11/0x20 [ 371.005813] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 371.011100] ? rcu_bh_qs+0xc0/0xc0 [ 371.014659] ? __fget+0x4d1/0x740 [ 371.018106] ? ksys_dup3+0x680/0x680 [ 371.021830] evdev_ioctl_handler+0x144/0x1a0 [ 371.026239] evdev_ioctl+0x27/0x2e [ 371.029788] ? evdev_ioctl_compat+0x30/0x30 [ 371.034105] do_vfs_ioctl+0x1de/0x1720 [ 371.038001] ? ioctl_preallocate+0x300/0x300 [ 371.042437] ? __fget_light+0x2e9/0x430 [ 371.046414] ? fget_raw+0x20/0x20 [ 371.049875] ? _copy_to_user+0xc8/0x110 [ 371.053858] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 371.059448] ? put_timespec64+0x10f/0x1b0 [ 371.063607] ? nsecs_to_jiffies+0x30/0x30 [ 371.067791] ? do_syscall_64+0x9a/0x820 [ 371.071788] ? do_syscall_64+0x9a/0x820 [ 371.075789] ? lockdep_hardirqs_on+0x421/0x5c0 [ 371.080393] ? security_file_ioctl+0x94/0xc0 [ 371.084822] ksys_ioctl+0xa9/0xd0 [ 371.088310] __x64_sys_ioctl+0x73/0xb0 [ 371.092218] do_syscall_64+0x1b9/0x820 13:47:26 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @local}, 0x10) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00?\x00', {0x2, 0x0, @loopback}}) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @local}}) semget(0x2, 0x1, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x80000, 0x0) write$FUSE_INIT(r1, &(0x7f00000001c0)={0x50, 0x0, 0x4, {0x7, 0x1b, 0xc1, 0x100, 0x200, 0x2, 0x357, 0x333c}}, 0x50) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000140)={0x1e, 0x7, 0x4}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) write$FUSE_WRITE(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, 0x1, {0x36}}, 0x18) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000180)={'veth1_to_bridge\x00', {0x2, 0x4e22}}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000280)={0x0, 0x7}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000300)={r2, 0x7, 0x0, 0x3, 0x100000001}, &(0x7f0000000340)=0x18) [ 371.096124] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 371.101506] ? syscall_return_slowpath+0x5e0/0x5e0 [ 371.106439] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.111281] ? trace_hardirqs_on_caller+0x310/0x310 [ 371.116296] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 371.121308] ? prepare_exit_to_usermode+0x291/0x3b0 [ 371.126333] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.131218] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.136426] RIP: 0033:0x457579 [ 371.139638] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 371.158542] RSP: 002b:00007fd1b7341c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 371.166280] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 371.173558] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000005 [ 371.180828] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 371.188086] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73426d4 [ 371.195341] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:26 executing program 5: pselect6(0x40, &(0x7f0000000080)={0x0, 0x6, 0x0, 0x5e, 0x0, 0x100000002}, &(0x7f00000000c0)={0x0, 0x4}, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x994d}, &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000200)={&(0x7f00000001c0)={0xfffffffffffffffa}, 0xffffffffffffff7f}) r0 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0xa, 0x4000000000042) ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f0000000140)={0x0, 0x20, 0x2, &(0x7f0000000100)=0x6}) ioctl(r0, 0x2000000008001, &(0x7f0000000280)="68488928f882b658e8ba221df0095c627dd355f77519a1f41e2b48e44f4410b9bab3f7e8") [ 371.282557] FAULT_FLAG_ALLOW_RETRY missing 30 [ 371.287112] CPU: 0 PID: 12432 Comm: syz-executor1 Not tainted 4.19.0-rc5+ #261 [ 371.294484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.303853] Call Trace: [ 371.306485] dump_stack+0x1c4/0x2b4 [ 371.310145] ? dump_stack_print_info.cold.2+0x52/0x52 [ 371.315365] ? kasan_check_write+0x14/0x20 [ 371.319620] ? do_raw_spin_lock+0xc1/0x200 [ 371.323904] handle_userfault.cold.33+0x47/0x62 [ 371.328610] ? userfaultfd_ioctl+0x54a0/0x54a0 [ 371.333208] ? mark_held_locks+0x130/0x130 [ 371.337462] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.343016] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 371.348403] ? select_task_rq_fair+0x34f0/0x34f0 [ 371.353178] ? reweight_task+0x130/0x130 [ 371.357272] ? print_usage_bug+0xc0/0xc0 [ 371.361356] ? print_usage_bug+0xc0/0xc0 [ 371.365438] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.371004] ? find_held_lock+0x36/0x1c0 [ 371.375086] ? graph_lock+0x170/0x170 [ 371.378927] ? __lock_acquire+0x7ec/0x4ec0 [ 371.383179] ? _raw_spin_unlock_irq+0x27/0x80 [ 371.387697] ? _raw_spin_unlock_irq+0x27/0x80 [ 371.392240] ? lockdep_hardirqs_on+0x421/0x5c0 [ 371.396841] ? find_held_lock+0x36/0x1c0 [ 371.400943] ? __handle_mm_fault+0x45dc/0x53e0 [ 371.405545] ? lock_downgrade+0x900/0x900 [ 371.409731] ? kasan_check_read+0x11/0x20 [ 371.413913] ? do_raw_spin_unlock+0xa7/0x2f0 [ 371.418343] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 371.422941] ? kasan_check_write+0x14/0x20 [ 371.427201] ? do_raw_spin_lock+0xc1/0x200 [ 371.431463] __handle_mm_fault+0x45ed/0x53e0 [ 371.435923] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 371.440782] ? graph_lock+0x170/0x170 [ 371.444603] ? print_usage_bug+0xc0/0xc0 [ 371.448686] ? graph_lock+0x170/0x170 [ 371.452505] ? graph_lock+0x170/0x170 [ 371.456343] ? handle_mm_fault+0x42a/0xc70 [ 371.460602] ? lock_downgrade+0x900/0x900 [ 371.464770] ? check_preemption_disabled+0x48/0x200 [ 371.469815] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 371.475624] ? kasan_check_read+0x11/0x20 [ 371.479795] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 371.485093] ? rcu_bh_qs+0xc0/0xc0 [ 371.488651] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 371.494122] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 371.499676] ? check_preemption_disabled+0x48/0x200 [ 371.504721] handle_mm_fault+0x54f/0xc70 [ 371.508808] ? __handle_mm_fault+0x53e0/0x53e0 [ 371.513414] ? find_vma+0x34/0x190 [ 371.516981] __do_page_fault+0x67d/0xed0 [ 371.521074] ? mm_fault_error+0x380/0x380 [ 371.525233] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 371.530262] ? graph_lock+0x170/0x170 [ 371.534092] do_page_fault+0xf2/0x7e0 [ 371.537928] ? vmalloc_sync_all+0x30/0x30 [ 371.542106] ? error_entry+0x76/0xd0 [ 371.545842] ? trace_hardirqs_off_caller+0xbb/0x310 [ 371.550876] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.555765] ? trace_hardirqs_on_caller+0x310/0x310 [ 371.560812] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.565687] page_fault+0x1e/0x30 [ 371.569158] RIP: 0010:copy_user_generic_unrolled+0x9e/0xc0 [ 371.574798] Code: 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 <8a> 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 31 c0 0f 1f 00 c3 0f 1f [ 371.593711] RSP: 0018:ffff88018388f7f0 EFLAGS: 00010202 [ 371.599089] RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000004 [ 371.606371] RDX: 0000000000000004 RSI: 0000000020013000 RDI: ffff88018388f890 [ 371.613649] RBP: ffff88018388f828 R08: ffffed0030711f13 R09: ffffed0030711f12 [ 371.620947] R10: ffffed0030711f12 R11: 0000000000000003 R12: 0000000020013004 [ 371.628230] R13: 0000000020013000 R14: ffff88018388f890 R15: 00007ffffffff000 [ 371.635544] ? _copy_from_user+0x10d/0x150 [ 371.639804] evdev_do_ioctl+0xb51/0x2180 [ 371.643903] ? str_to_user+0x90/0x90 [ 371.647639] ? graph_lock+0x170/0x170 [ 371.651460] ? do_futex+0x249/0x26d0 [ 371.655187] ? __fget+0x4aa/0x740 [ 371.658656] ? lock_downgrade+0x900/0x900 [ 371.662824] ? check_preemption_disabled+0x48/0x200 [ 371.667868] ? find_held_lock+0x36/0x1c0 [ 371.671977] ? __fget+0x4aa/0x740 [ 371.675453] ? lock_downgrade+0x900/0x900 [ 371.679619] ? check_preemption_disabled+0x48/0x200 [ 371.684667] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 371.690483] ? kasan_check_read+0x11/0x20 [ 371.694651] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 371.699947] ? rcu_bh_qs+0xc0/0xc0 [ 371.703517] ? __fget+0x4d1/0x740 [ 371.706993] ? ksys_dup3+0x680/0x680 [ 371.710732] evdev_ioctl_handler+0x144/0x1a0 [ 371.715164] evdev_ioctl+0x27/0x2e [ 371.718724] ? evdev_ioctl_compat+0x30/0x30 [ 371.723064] do_vfs_ioctl+0x1de/0x1720 [ 371.726989] ? ioctl_preallocate+0x300/0x300 13:47:27 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @local}, 0x10) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00?\x00', {0x2, 0x0, @loopback}}) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @local}}) semget(0x2, 0x1, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x80000, 0x0) write$FUSE_INIT(r1, &(0x7f00000001c0)={0x50, 0x0, 0x4, {0x7, 0x1b, 0xc1, 0x100, 0x200, 0x2, 0x357, 0x333c}}, 0x50) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000140)={0x1e, 0x7, 0x4}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) write$FUSE_WRITE(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, 0x1, {0x36}}, 0x18) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000180)={'veth1_to_bridge\x00', {0x2, 0x4e22}}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000280)={0x0, 0x7}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000300)={r2, 0x7, 0x0, 0x3, 0x100000001}, &(0x7f0000000340)=0x18) [ 371.731424] ? __fget_light+0x2e9/0x430 [ 371.735422] ? fget_raw+0x20/0x20 [ 371.738913] ? _copy_to_user+0xc8/0x110 [ 371.742930] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 371.748485] ? put_timespec64+0x10f/0x1b0 [ 371.752652] ? nsecs_to_jiffies+0x30/0x30 [ 371.756823] ? do_syscall_64+0x9a/0x820 [ 371.760815] ? do_syscall_64+0x9a/0x820 [ 371.764807] ? lockdep_hardirqs_on+0x421/0x5c0 [ 371.769412] ? security_file_ioctl+0x94/0xc0 [ 371.773845] ksys_ioctl+0xa9/0xd0 [ 371.777341] __x64_sys_ioctl+0x73/0xb0 13:47:27 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @local}, 0x10) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00?\x00', {0x2, 0x0, @loopback}}) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @local}}) semget(0x2, 0x1, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x80000, 0x0) write$FUSE_INIT(r1, &(0x7f00000001c0)={0x50, 0x0, 0x4, {0x7, 0x1b, 0xc1, 0x100, 0x200, 0x2, 0x357, 0x333c}}, 0x50) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000140)={0x1e, 0x7, 0x4}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) write$FUSE_WRITE(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, 0x1, {0x36}}, 0x18) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000180)={'veth1_to_bridge\x00', {0x2, 0x4e22}}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000280)={0x0, 0x7}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000300)={r2, 0x7, 0x0, 0x3, 0x100000001}, &(0x7f0000000340)=0x18) [ 371.781248] do_syscall_64+0x1b9/0x820 [ 371.785157] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 371.790543] ? syscall_return_slowpath+0x5e0/0x5e0 [ 371.795488] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.795512] ? trace_hardirqs_on_caller+0x310/0x310 [ 371.795531] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 371.795550] ? prepare_exit_to_usermode+0x291/0x3b0 [ 371.795573] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.805467] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.825518] RIP: 0033:0x457579 [ 371.828729] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 371.847642] RSP: 002b:00007fd1b7320c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 371.855372] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 371.862658] RDX: 0000000020013000 RSI: 00000000400445a0 RDI: 0000000000000007 [ 371.869940] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 371.877223] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1b73216d4 [ 371.884502] R13: 00000000004bf3f1 R14: 00000000004cf1f0 R15: 00000000ffffffff 13:47:27 executing program 4: getuid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0), 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ptrace$poke(0x5, 0x0, &(0x7f00000003c0), 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x400445f3, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) close(r0) 13:47:27 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = openat$cgroup_int(0xffffffffffffff9c, &(0x7f0000000040)='notify_on_release\x00', 0x2, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4, 0x34, r1, 0x0) openat$uhid(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uhid\x00', 0x2, 0x0) r2 = userfaultfd(0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) ptrace$poke(0xffffffffffffffff, 0x0, &(0x7f00000003c0), 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)) ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f0000000000)={0x8, 0x4, 0x10001, 0xe2b, 0x8, 0x4c}) r3 = accept4(r0, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000280)=0x80, 0x800) r4 = accept4$inet(r3, &(0x7f00000002c0)={0x2, 0x0, @multicast1}, &(0x7f0000000300)=0x10, 0x800) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r5 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000100)) ioctl$EVIOCGMTSLOTS(r5, 0x400445a0, &(0x7f0000013000)) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000240)={&(0x7f0000012000/0x4000)=nil, 0x4000}) write$FUSE_WRITE(r4, &(0x7f0000000400)={0x18, 0x0, 0x101, {0x5}}, 0x18) close(r2) openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x4102, 0x0) [ 467.141615] device bridge_slave_1 left promiscuous mode [ 467.147237] bridge0: port 2(bridge_slave_1) entered disabled state [ 467.180401] device bridge_slave_0 left promiscuous mode [ 467.185867] bridge0: port 1(bridge_slave_0) entered disabled state [ 469.269149] team0 (unregistering): Port device team_slave_1 removed [ 469.279063] team0 (unregistering): Port device team_slave_0 removed [ 469.288583] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 469.333546] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 469.386259] bond0 (unregistering): Released all slaves [ 515.169757] INFO: task syz-executor0:12437 blocked for more than 140 seconds. [ 515.177063] Not tainted 4.19.0-rc5+ #261 [ 515.181711] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 515.189715] syz-executor0 D25400 12437 5400 0x00000004 [ 515.195397] Call Trace: [ 515.197984] __schedule+0x86c/0x1ed0 [ 515.201773] ? __sched_text_start+0x8/0x8 [ 515.205945] ? mark_held_locks+0x130/0x130 [ 515.210313] ? graph_lock+0x170/0x170 [ 515.214193] ? print_usage_bug+0xc0/0xc0 [ 515.218249] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 515.223868] ? check_preemption_disabled+0x48/0x200 [ 515.228931] ? check_preemption_disabled+0x48/0x200 [ 515.234087] ? find_held_lock+0x36/0x1c0 [ 515.238150] schedule+0xfe/0x460 [ 515.241616] ? __schedule+0x1ed0/0x1ed0 [ 515.245599] ? lockdep_hardirqs_on+0x421/0x5c0 [ 515.250261] ? trace_hardirqs_on+0xbd/0x310 [ 515.254628] ? kasan_check_read+0x11/0x20 [ 515.258823] ? __rwsem_down_write_failed_common+0x8db/0x1670 [ 515.264688] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 515.270228] ? kasan_check_write+0x14/0x20 [ 515.274463] ? do_raw_spin_lock+0xc1/0x200 [ 515.278709] __rwsem_down_write_failed_common+0xbb9/0x1670 [ 515.284402] ? find_held_lock+0x36/0x1c0 [ 515.288477] ? rwsem_spin_on_owner+0xa30/0xa30 [ 515.293110] ? __lock_acquire+0x7ec/0x4ec0 [ 515.297341] ? check_preemption_disabled+0x48/0x200 [ 515.302410] ? mark_held_locks+0x130/0x130 [ 515.306636] ? mark_held_locks+0x130/0x130 [ 515.311044] ? kernel_text_address+0x79/0xf0 [ 515.315462] ? __kernel_text_address+0xd/0x40 [ 515.319993] ? unwind_get_return_address+0x61/0xa0 [ 515.324922] ? __save_stack_trace+0x8d/0xf0 [ 515.329237] ? save_stack+0xa9/0xd0 [ 515.332907] ? save_stack+0x43/0xd0 [ 515.336524] ? __kasan_slab_free+0x102/0x150 [ 515.340985] ? kasan_slab_free+0xe/0x10 [ 515.344962] ? kmem_cache_free+0x83/0x290 [ 515.349095] ? putname+0xf2/0x130 [ 515.352586] ? filename_lookup+0x39a/0x520 [ 515.356811] ? user_path_at_empty+0x40/0x50 [ 515.361265] ? graph_lock+0x170/0x170 [ 515.365065] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 515.370494] ? trace_hardirqs_off+0xb8/0x310 [ 515.375146] ? do_raw_spin_unlock+0xa7/0x2f0 [ 515.379602] ? trace_hardirqs_on+0x310/0x310 [ 515.384024] ? __lock_is_held+0xb5/0x140 [ 515.388091] ? lock_acquire+0x1ed/0x520 [ 515.392164] ? chmod_common+0x1b1/0x590 [ 515.396140] ? lock_release+0x970/0x970 [ 515.400162] ? arch_local_save_flags+0x40/0x40 [ 515.404740] rwsem_down_write_failed+0xe/0x10 [ 515.409221] ? rwsem_down_write_failed+0xe/0x10 [ 515.413974] call_rwsem_down_write_failed+0x17/0x30 [ 515.418988] down_write+0xa5/0x130 [ 515.422590] ? chmod_common+0x1b1/0x590 [ 515.426562] ? down_read+0x1d0/0x1d0 [ 515.430342] ? __sb_start_write+0x1b2/0x370 [ 515.434662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 515.440278] chmod_common+0x1b1/0x590 [ 515.444083] ? filp_close+0x250/0x250 [ 515.447880] ? kmem_cache_alloc+0x33a/0x730 [ 515.452334] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 515.457876] ? getname_flags+0x26e/0x5a0 [ 515.462042] do_fchmodat+0xc3/0x160 [ 515.465686] ? __ia32_sys_fchmod+0x80/0x80 [ 515.469986] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 515.475351] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 515.480850] __x64_sys_chmod+0x5c/0x80 [ 515.484733] do_syscall_64+0x1b9/0x820 [ 515.488609] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 515.494145] ? syscall_return_slowpath+0x5e0/0x5e0 [ 515.499070] ? trace_hardirqs_on_caller+0x310/0x310 [ 515.504140] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 515.509198] ? recalc_sigpending_tsk+0x180/0x180 [ 515.514007] ? kasan_check_write+0x14/0x20 [ 515.518249] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 515.523143] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 515.528325] RIP: 0033:0x457579 [ 515.531556] Code: 24 08 48 89 01 e8 d7 2d fc ff e8 22 7a fc ff b8 02 00 00 00 48 8d 0d 6a 60 09 01 87 01 8b 05 62 60 09 01 83 f8 01 0f 85 8a 00 <00> 00 b8 01 00 00 00 88 05 9e 65 09 01 84 c0 74 72 b8 01 00 00 00 [ 515.550497] RSP: 002b:00007f34bd569c78 EFLAGS: 00000246 ORIG_RAX: 000000000000005a [ 515.558207] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000457579 [ 515.565541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200006c0 [ 515.572845] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000 [ 515.580175] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f34bd56a6d4 [ 515.587434] R13: 00000000004bd346 R14: 00000000004cc388 R15: 00000000ffffffff [ 515.594790] [ 515.594790] Showing all locks held in the system: [ 515.601152] 1 lock held by khungtaskd/982: [ 515.605372] #0: 0000000032e727e8 (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x424 [ 515.614047] 1 lock held by rsyslogd/5272: [ 515.618181] #0: 000000009f893fe5 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1bb/0x200 [ 515.626229] 2 locks held by getty/5362: [ 515.630221] #0: 0000000070b718f1 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 515.638694] #1: 000000009e848b0a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 515.647913] 2 locks held by getty/5363: [ 515.651931] #0: 00000000989ef4ed (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 515.660231] #1: 00000000b3f78a09 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 515.669088] 2 locks held by getty/5364: [ 515.673090] #0: 00000000234ca3e3 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 515.681370] #1: 0000000076ac8fc2 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 515.690336] 2 locks held by getty/5365: [ 515.694301] #0: 0000000087c8e264 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 515.702597] #1: 00000000118cbb5d (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 515.711499] 2 locks held by getty/5366: [ 515.715463] #0: 000000009ae82b41 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 515.723759] #1: 00000000ca68d765 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 515.732785] 2 locks held by getty/5367: [ 515.736743] #0: 000000005b9bf1ab (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 515.745118] #1: 00000000e25196db (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 515.754025] 2 locks held by getty/5368: [ 515.757981] #0: 0000000039c65a2a (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 515.766275] #1: 0000000090c3dda1 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 515.775201] 2 locks held by syz-executor0/12406: [ 515.780000] #0: 0000000000942602 (sb_writers#19){.+.+}, at: mnt_want_write+0x3f/0xc0 [ 515.788000] #1: 00000000da0bde5d (&sb->s_type->i_mutex_key#26){+.+.}, at: chmod_common+0x1b1/0x590 [ 515.797276] 2 locks held by syz-executor0/12437: [ 515.802152] #0: 0000000000942602 (sb_writers#19){.+.+}, at: mnt_want_write+0x3f/0xc0 [ 515.810289] #1: 00000000da0bde5d (&sb->s_type->i_mutex_key#26){+.+.}, at: chmod_common+0x1b1/0x590 [ 515.819625] [ 515.821247] ============================================= [ 515.821247] [ 515.828245] NMI backtrace for cpu 0 [ 515.831909] CPU: 0 PID: 982 Comm: khungtaskd Not tainted 4.19.0-rc5+ #261 [ 515.838823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 515.848214] Call Trace: [ 515.850801] dump_stack+0x1c4/0x2b4 [ 515.854416] ? dump_stack_print_info.cold.2+0x52/0x52 [ 515.859599] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 515.865135] nmi_cpu_backtrace.cold.3+0x63/0xa2 [ 515.869802] ? lapic_can_unplug_cpu.cold.27+0x3f/0x3f [ 515.874982] nmi_trigger_cpumask_backtrace+0x1b3/0x1ed [ 515.880251] arch_trigger_cpumask_backtrace+0x14/0x20 [ 515.885435] watchdog+0xb3e/0x1050 [ 515.888975] ? reset_hung_task_detector+0xd0/0xd0 [ 515.893817] ? __kthread_parkme+0xce/0x1a0 [ 515.898100] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 515.903350] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 515.908506] ? lockdep_hardirqs_on+0x421/0x5c0 [ 515.913085] ? trace_hardirqs_on+0xbd/0x310 [ 515.917395] ? kasan_check_read+0x11/0x20 [ 515.921528] ? __kthread_parkme+0xce/0x1a0 [ 515.925760] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 515.931266] ? kasan_check_write+0x14/0x20 [ 515.935524] ? do_raw_spin_lock+0xc1/0x200 [ 515.939751] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 515.944961] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 515.950536] ? __kthread_parkme+0xfb/0x1a0 [ 515.954766] kthread+0x35a/0x420 [ 515.958134] ? reset_hung_task_detector+0xd0/0xd0 [ 515.962972] ? kthread_bind+0x40/0x40 [ 515.966755] ret_from_fork+0x3a/0x50 [ 515.970601] Sending NMI from CPU 0 to CPUs 1: [ 515.975165] NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0x6/0x10 [ 515.976112] Kernel panic - not syncing: hung_task: blocked tasks [ 515.988876] CPU: 0 PID: 982 Comm: khungtaskd Not tainted 4.19.0-rc5+ #261 [ 515.995797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 516.005131] Call Trace: [ 516.007705] dump_stack+0x1c4/0x2b4 [ 516.011321] ? dump_stack_print_info.cold.2+0x52/0x52 [ 516.016497] ? printk_safe_log_store+0x2f0/0x2f0 [ 516.021241] panic+0x238/0x4e7 [ 516.024471] ? add_taint.cold.5+0x16/0x16 [ 516.028620] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 516.034151] ? nmi_trigger_cpumask_backtrace+0x173/0x1ed [ 516.039609] ? nmi_trigger_cpumask_backtrace+0x16a/0x1ed [ 516.045053] watchdog+0xb4f/0x1050 [ 516.048652] ? reset_hung_task_detector+0xd0/0xd0 [ 516.053552] ? __kthread_parkme+0xce/0x1a0 [ 516.057785] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 516.062882] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 516.067975] ? lockdep_hardirqs_on+0x421/0x5c0 [ 516.072545] ? trace_hardirqs_on+0xbd/0x310 [ 516.076854] ? kasan_check_read+0x11/0x20 [ 516.080993] ? __kthread_parkme+0xce/0x1a0 [ 516.085221] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 516.090657] ? kasan_check_write+0x14/0x20 [ 516.094960] ? do_raw_spin_lock+0xc1/0x200 [ 516.099190] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 516.104288] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 516.109814] ? __kthread_parkme+0xfb/0x1a0 [ 516.114042] kthread+0x35a/0x420 [ 516.117404] ? reset_hung_task_detector+0xd0/0xd0 [ 516.122236] ? kthread_bind+0x40/0x40 [ 516.126031] ret_from_fork+0x3a/0x50 [ 516.130889] Kernel Offset: disabled [ 516.134524] Rebooting in 86400 seconds..