INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.62' (ECDSA) to the list of known hosts. 2018/04/21 02:35:12 fuzzer started 2018/04/21 02:35:13 dialing manager at 10.128.0.26:39431 syzkaller login: [ 43.488539] random: crng init done [ 57.244618] can: request_module (can-proto-0) failed. [ 57.253981] can: request_module (can-proto-0) failed. 2018/04/21 02:35:42 kcov=true, comps=true 2018/04/21 02:35:47 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f00003fd000), 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc)) syz_open_pts(0xffffffffffffffff, 0x2) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f0000c34fff), 0xffffff0b) r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = syz_open_dev$tun(&(0x7f0000000180)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller0\x00', 0x3}) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000240)={{0x2, 0x0, @rand_addr}, {}, 0x8, {0x2, 0x0, @multicast2=0xe0000002}, 'syzkaller0\x00'}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r2, 0x8953, &(0x7f0000000240)={{0x2, 0x0, @rand_addr}, {}, 0x8, {0x2, 0x0, @multicast2=0xe0000002}, 'syzkaller0\x00'}) 2018/04/21 02:35:47 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00003e2ff6)='net/ptype\x00') pread64(r0, &(0x7f0000000040), 0x2bc, 0xd3) 2018/04/21 02:35:47 executing program 7: r0 = syz_open_dev$sndtimer(&(0x7f0000014000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) socketpair$inet_sctp(0x2, 0x0, 0x84, &(0x7f0000000040)) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000080)={0x0, @in6={{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}}, &(0x7f0000000140)=0x84) setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000180), 0x8) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) clock_gettime(0x0, &(0x7f00000002c0)) utimes(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={{}, {0x0, 0x7530}}) 2018/04/21 02:35:47 executing program 4: mkdir(&(0x7f00007ef000)='./file0\x00', 0x0) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000300)='./file0\x00', &(0x7f0000000000)='securityfs\x00', 0x0, &(0x7f0000000a00)) 2018/04/21 02:35:47 executing program 5: perf_event_open(&(0x7f000025c000)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000340)) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x5e}]}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000003c0)) 2018/04/21 02:35:47 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)=@ipv6_newaddr={0x40, 0x14, 0x101, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r1}, [@IFA_LOCAL={0x14, 0x2, @dev={0xfe, 0x80}}, @IFA_CACHEINFO={0x14, 0x6, {0x8, 0x3}}]}, 0x40}, 0x1}, 0x0) 2018/04/21 02:35:47 executing program 2: syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="4244d6e42a80d6e42a87010000050003000fe0fa00000f", 0x17, 0x400}], 0x0, &(0x7f0000011700)) 2018/04/21 02:35:47 executing program 3: r0 = syz_open_dev$binder(&(0x7f000000cff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000004000)={0x4, 0x0, &(0x7f000000cf90)=[@enter_looper={0x630c}], 0x0, 0x0, &(0x7f0000005000)}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f000000ffd0)={0x0, 0x0, &(0x7f000000f000), 0x1, 0x0, &(0x7f000000ef31)='b'}) mmap$binder(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000000)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f0000011f9d)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380), 0x1, 0x0, &(0x7f00000003c0)="95"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4c, 0x0, &(0x7f00000004c0)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000440)}}}], 0x0, 0x0, &(0x7f00000000c0)}) [ 64.529961] IPVS: ftp: loaded support on port[0] = 21 [ 64.533049] IPVS: ftp: loaded support on port[0] = 21 [ 64.569583] IPVS: ftp: loaded support on port[0] = 21 [ 64.581828] IPVS: ftp: loaded support on port[0] = 21 [ 64.587469] IPVS: ftp: loaded support on port[0] = 21 [ 64.607080] IPVS: ftp: loaded support on port[0] = 21 [ 64.623720] IPVS: ftp: loaded support on port[0] = 21 [ 64.633239] IPVS: ftp: loaded support on port[0] = 21 [ 66.568386] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.574916] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.584782] device bridge_slave_0 entered promiscuous mode [ 66.651177] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.657633] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.688548] device bridge_slave_0 entered promiscuous mode [ 66.702611] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.709088] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.717721] device bridge_slave_0 entered promiscuous mode [ 66.726577] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.732983] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.742822] device bridge_slave_1 entered promiscuous mode [ 66.757838] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.764881] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.772661] device bridge_slave_0 entered promiscuous mode [ 66.809415] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.815830] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.849292] device bridge_slave_1 entered promiscuous mode [ 66.895774] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.902173] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.920370] device bridge_slave_1 entered promiscuous mode [ 66.941970] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 66.960318] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.966730] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.981957] device bridge_slave_1 entered promiscuous mode [ 66.998487] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.004924] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.019683] device bridge_slave_0 entered promiscuous mode [ 67.027624] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 67.036534] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.042938] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.064964] device bridge_slave_0 entered promiscuous mode [ 67.077711] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 67.085304] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.091711] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.109435] device bridge_slave_0 entered promiscuous mode [ 67.118317] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 67.126551] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.132973] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.143661] device bridge_slave_0 entered promiscuous mode [ 67.153009] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 67.161218] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.167588] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.201821] device bridge_slave_1 entered promiscuous mode [ 67.215693] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.222089] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.233544] device bridge_slave_1 entered promiscuous mode [ 67.246778] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 67.255394] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 67.271240] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.277645] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.306395] device bridge_slave_1 entered promiscuous mode [ 67.321171] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.327598] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.339704] device bridge_slave_1 entered promiscuous mode [ 67.350975] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 67.373168] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 67.383293] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 67.411447] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 67.461697] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 67.520459] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 67.536115] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 67.557496] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 67.569157] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 67.581484] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 67.624936] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 67.680212] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 67.707939] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 67.719981] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 67.749859] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 67.833627] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 67.902282] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 67.909246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 67.934482] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 67.946741] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 67.957091] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 67.977174] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 67.985695] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 67.993712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.022907] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 68.031453] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 68.038323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.051945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.079872] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 68.091169] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 68.102370] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 68.110753] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 68.118857] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.152883] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 68.161907] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 68.168911] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.237540] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 68.246256] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 68.253143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.261681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.287198] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 68.294639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.308479] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 68.323905] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 68.337452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.404328] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 68.411485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.424635] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 68.432754] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 68.441815] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 68.449279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.468585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.492332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.512723] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 68.521118] team0: Port device team_slave_0 added [ 68.533891] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 68.544992] team0: Port device team_slave_0 added [ 68.618854] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 68.639699] team0: Port device team_slave_0 added [ 68.652091] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 68.662547] team0: Port device team_slave_1 added [ 68.701932] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 68.712644] team0: Port device team_slave_1 added [ 68.747362] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 68.772901] team0: Port device team_slave_1 added [ 68.798917] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 68.841883] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 68.856708] team0: Port device team_slave_0 added [ 68.877656] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 68.887081] team0: Port device team_slave_0 added [ 68.893503] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 68.911892] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 68.926776] team0: Port device team_slave_0 added [ 68.938743] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 68.946084] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 68.953233] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 68.961356] team0: Port device team_slave_0 added [ 68.975564] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 68.982584] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.005583] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.021116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.035348] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.042863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.050626] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.059824] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 69.066945] team0: Port device team_slave_1 added [ 69.073071] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 69.080997] team0: Port device team_slave_0 added [ 69.088281] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 69.097662] team0: Port device team_slave_1 added [ 69.108783] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 69.115788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.125530] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.143729] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 69.151587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.171362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.190639] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 69.199976] team0: Port device team_slave_1 added [ 69.206686] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 69.213833] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.222463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.235104] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 69.243000] team0: Port device team_slave_1 added [ 69.250143] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 69.257079] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.269196] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.287689] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 69.294708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.318722] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.333919] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 69.342465] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 69.349811] team0: Port device team_slave_1 added [ 69.358348] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 69.369155] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 69.376552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.395995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.411168] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.422839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.435505] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.444128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.452582] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 69.459758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.468263] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.476708] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 69.483574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.497743] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.507643] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 69.516467] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 69.523362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.531577] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.550883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.564650] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.582145] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 69.589201] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 69.602513] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 69.611464] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 69.619204] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 69.626763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.649738] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.676599] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.698719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.716460] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.724326] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.731784] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.739625] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.747452] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.755315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.764056] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 69.770983] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.779314] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.799578] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 69.814428] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 69.824696] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 69.832846] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.858275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.881689] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.901896] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.917599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.925469] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.934787] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 69.946382] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 69.953860] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 69.963487] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 69.978145] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.010261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.044612] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.070625] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 70.083868] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.091671] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 70.099464] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.107304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.132793] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 70.156406] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 70.163764] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.176868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.212155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.223657] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 71.029952] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.036496] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.043536] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.049944] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.073499] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 71.082823] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.089209] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.095827] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.102191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.115156] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 71.122052] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 71.133578] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 71.384135] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.390540] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.397226] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.403619] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.423544] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 71.433817] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.440218] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.446892] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.453275] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.461923] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 71.477044] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.483460] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.490161] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.496556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.541163] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 71.610873] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.617295] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.623977] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.630378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.665623] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 71.676318] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.682733] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.689390] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.695753] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.703577] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 71.716567] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.722977] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.729677] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.736089] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.766787] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 72.162737] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 72.175661] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 72.209228] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 72.228548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 72.239539] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 72.246549] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 76.257475] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.550438] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.586653] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.615836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.647895] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.697130] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.760513] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 76.807453] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.872215] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.032378] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.056928] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.095801] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.119628] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.166817] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.244861] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.251152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.266780] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.288345] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.312251] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.523323] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.529717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.540570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.563365] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.589871] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.596402] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.606615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.648403] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.676007] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.720195] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.732645] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.747380] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.753604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.767544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.793403] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.809923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.835320] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.841626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.860737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.964087] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.975353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.988219] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.025868] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.064922] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.089105] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.245267] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.259717] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.372786] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.549118] 8021q: adding VLAN 0 to HW filter on device team0 2018/04/21 02:36:04 executing program 4: r0 = socket$can_bcm(0x1d, 0x2, 0x2) recvmmsg(r0, &(0x7f000020c000)=[{{0x0, 0x0, &(0x7f0000001280), 0x0, &(0x7f0000087000)=""/164, 0xffffffffffffffb7}}, {{&(0x7f00009a5ff8)=@un=@abs, 0x80, &(0x7f0000000000), 0x3b5, &(0x7f000023bfc3)=""/61, 0x3d}}], 0x2, 0x2003, &(0x7f000082f000)={0x77359400}) recvmmsg(0xffffffffffffffff, &(0x7f000000b580)=[{{&(0x7f0000002700)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000002900)=[{&(0x7f0000002800)=""/232, 0xe8}], 0x1, &(0x7f0000002940)=""/199, 0xc7}}], 0x1, 0x0, &(0x7f000000b800)) connect$can_bcm(r0, &(0x7f0000002ff0)={0x1d}, 0x10) connect$inet6(0xffffffffffffffff, &(0x7f0000003000)={0xa, 0x0, 0x0, @empty, 0x2}, 0x1c) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000005ff0)={&(0x7f0000003000)={0x5, 0x0, 0x0, 0x0, 0x7}, 0x38}, 0x1}, 0x0) [ 80.807572] hfs: bad allocation block size 3840 [ 80.812442] hfs: can't find a HFS filesystem on dev loop2 [ 80.896805] hfs: bad allocation block size 3840 [ 80.901580] hfs: can't find a HFS filesystem on dev loop2 2018/04/21 02:36:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f00000005c0)={0x0, 0x0}, 0x0) sendto(0xffffffffffffffff, &(0x7f0000000080)="ac0fbf55c3", 0x5, 0x0, &(0x7f0000000200)=@pppoe={0x18, 0x0, {0x0, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, 'ipddp0\x00'}}, 0x80) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = dup3(r3, r2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000decfe0)={0x10005, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SMI(r4, 0xaeb7) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000100)="0fae0c662e8100ff6af08e9d9936600f3567dbce0f00d3260f1a0c670fa1", 0x1e}], 0x1, 0x0, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe0000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000000)="c4e24947470d66b8bf000f00d8653ef767fc66baf80cb8e0fb4f8bef66bafc0c66edb97e0b0000b82ff11332ba000000000f30440f20c03503000000440f22c0c4c185e955d666b8ad000f00d8673636f46485af0c000000", 0x58}], 0x1, 0x0, &(0x7f00000001c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:04 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000000)="c7c604000000660f38823bf30f011fb9730200000f32360f07b9d80a00000f3265660f2ed10f090f0092ffffffffc1b28f00000001", 0x35}], 0x1, 0xe8414d58d2b3f0ec, &(0x7f00000000c0), 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000280)={0x80000a0003}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 82.032484] binder: 6604:6639 got new transaction with bad transaction stack, transaction 2 has target 6604:6606 [ 82.043011] binder: 6604:6639 transaction failed 29201/-71, size 0-0 line 2875 [ 82.155202] binder: BINDER_SET_CONTEXT_MGR already set [ 82.160633] binder: 6604:6640 ioctl 40046207 0 returned -16 [ 82.170655] binder_alloc: binder_alloc_mmap_handler: 6604 2000c000-2000e000 already mapped failed -16 [ 82.183598] binder: 6604:6639 got new transaction with bad transaction stack, transaction 2 has target 6604:6606 [ 82.193996] binder: 6604:6639 transaction failed 29201/-71, size 0-0 line 2875 2018/04/21 02:36:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000000280)={0x0, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) connect$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x7, 0x7fffffff, @random="54fd259a39ae"}, 0x10) r4 = dup3(r3, r2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000decfe0)={0x10005, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SMI(r4, 0xaeb7) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, &(0x7f0000000040)="f2ad3e650f3266b8010000000f01c1f4f20f01c90f1753010fc759047d4966b8007000000f23d00f21f86635300000090f23f8360fae59fe", 0x38}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:05 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000001300)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, 0x7}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0xc3, 0x80003}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00004d1ff0)='/dev/sequencer2\x00', 0x1, 0x0) close(r1) readv(r0, &(0x7f0000001240)=[{&(0x7f0000001200)=""/64, 0x40}], 0x1) 2018/04/21 02:36:05 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) capset(&(0x7f00000fc000)={0x19980330}, &(0x7f0000c83000)) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f00000004c0), 0x10) 2018/04/21 02:36:05 executing program 6: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000583000)={0x5, 0x80000000005, 0x4000, 0x1}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x18) socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$l2tp(0x18, 0x1, 0x1) r4 = socket(0x9, 0x7, 0x10000) socketpair(0x8, 0x3, 0x2, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_GEM_FLINK(r5, 0xc008640a, &(0x7f0000000380)={0x0, 0x0}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f00000003c0)={0x0, 0x80000, r5}) ioctl$DRM_IOCTL_GEM_OPEN(r6, 0xc010640b, &(0x7f0000000400)={r7, r8, 0x5706}) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e23, 0x8, @empty, 0x10000}}}, &(0x7f0000000140)=0x84) r10 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r10, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) listen(r10, 0x20000003) r11 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r11, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) close(r11) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000480)=0x1, 0x4) r12 = accept4(r10, &(0x7f0000660ff4)=@nl=@unspec, &(0x7f0000000040)=0xf5b19b4c0b1ce647, 0x0) recvfrom$inet(r12, &(0x7f00000002c0)=""/12, 0xb, 0x2, 0x0, 0xfffffe99) ioctl$DRM_IOCTL_RM_MAP(r4, 0x4028641b, &(0x7f0000000440)={0x0, 0x4, 0x7, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x6}) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f00000002c0)={r9, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}}, 0x6, 0x400, 0x1ff, 0x401, 0x4}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000004c0)={0x7fff, 0x2, 0x2, 0x4, 0x6, 0x6, 0x1, 0x1, r9}, &(0x7f0000000500)=0x20) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x1, 0x0, 0x2, 0x8000}) ioctl$DRM_IOCTL_SG_FREE(r6, 0x40106439, &(0x7f0000000100)={0x2e2, r13}) r14 = socket$unix(0x1, 0x5, 0x0) connect$l2tp(r3, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r14, 0x2, 0x0, 0x0, 0x0, {0xa, 0x4e21, 0x9, @mcast2={0xff, 0x2, [], 0x1}, 0x20}}}, 0x32) 2018/04/21 02:36:05 executing program 5: perf_event_open(&(0x7f000025c000)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000340)) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x5e}]}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000003c0)) 2018/04/21 02:36:05 executing program 7: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x7f, 0x7, 0x5, 0x1}, 0x2c) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000200)={'ip6_vti0\x00', 0x100}) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r0, &(0x7f00000000c0)="4b1de9a3e07567778e06c3c3003e12896e2e12a8c30eb23f159bfe8171f4b4877d19222b3c75e1011d5b4c2132fbc512a8b82cc4aba21007040443a35cb36aca052291f33b24ceea32cfb9f4", &(0x7f0000000380)=""/198}, 0x18) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r0, &(0x7f0000000180)='?', &(0x7f0000000200)}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000000), &(0x7f0000000280)=""/208}, 0x18) 2018/04/21 02:36:05 executing program 4: r0 = userfaultfd(0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fcbff7)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa}) dup2(r0, r2) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fde000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000140)="baf80c66b8621f398e66efbafc0ced66b97c0a000066b80040000066ba000000000f30dfe9baf80c66b8f025208b66efbafc0c66ed0f01c90fb248e2baf80c66b82a7cc48266efbafc0cec66b93503000066b88f5d162266ba18fd05600f3066b8009000000f23d80f21f86635000000400f23f80f017d7e", 0x78}], 0x1, 0x0, &(0x7f0000000080), 0x0) 2018/04/21 02:36:05 executing program 3: r0 = syz_open_dev$binder(&(0x7f000000cff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000004000)={0x4, 0x0, &(0x7f000000cf90)=[@enter_looper={0x630c}], 0x0, 0x0, &(0x7f0000005000)}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f000000ffd0)={0x0, 0x0, &(0x7f000000f000), 0x1, 0x0, &(0x7f000000ef31)='b'}) mmap$binder(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000000)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f0000011f9d)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380), 0x1, 0x0, &(0x7f00000003c0)="95"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4c, 0x0, &(0x7f00000004c0)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000440)}}}], 0x0, 0x0, &(0x7f00000000c0)}) [ 82.220343] binder: release 6604:6606 transaction 2 in, still active [ 82.227083] binder: send failed reply for transaction 2 to 6604:6639 [ 82.233775] binder: undelivered TRANSACTION_ERROR: 29201 [ 82.239371] binder: undelivered TRANSACTION_ERROR: 29189 [ 82.266497] capability: warning: `syz-executor1' uses 32-bit capabilities (legacy support in use) [ 83.148400] binder: 6661:6676 got new transaction with bad transaction stack, transaction 6 has target 6661:6662 [ 83.158812] binder: 6661:6676 transaction failed 29201/-71, size 0-0 line 2875 2018/04/21 02:36:06 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_type(r0, &(0x7f00000003c0)='cgroup.type\x00', 0x2, 0x0) write$cgroup_type(r1, &(0x7f0000000400)='threaded\x00', 0x9) 2018/04/21 02:36:06 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000001300)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, 0x7}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0xc3, 0x80003}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00004d1ff0)='/dev/sequencer2\x00', 0x1, 0x0) close(r1) readv(r0, &(0x7f0000001240)=[{&(0x7f0000001200)=""/64, 0x40}], 0x1) 2018/04/21 02:36:06 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000001300)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, 0x7}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0xc3, 0x80003}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00004d1ff0)='/dev/sequencer2\x00', 0x1, 0x0) close(r1) readv(r0, &(0x7f0000001240)=[{&(0x7f0000001200)=""/64, 0x40}], 0x1) 2018/04/21 02:36:06 executing program 5: perf_event_open(&(0x7f000025c000)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000340)) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x5e}]}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000003c0)) 2018/04/21 02:36:06 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x5, 0x9}, 0x14) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x6, 0x4, 0x2100000001, 0x0, r0}, 0x191) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00005f1000)={r1, &(0x7f0000eed000), &(0x7f0000b88000)="13"}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, &(0x7f00000000c0)}, 0x10) 2018/04/21 02:36:06 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000966fe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) r1 = dup(r0) shutdown(r1, 0x1) sendto$inet(r1, &(0x7f0000000200)="c7", 0x1, 0x0, &(0x7f0000000300)={0x2, 0x0, @dev={0xac, 0x14, 0x14}}, 0x10) 2018/04/21 02:36:06 executing program 3: r0 = syz_open_dev$binder(&(0x7f000000cff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000004000)={0x4, 0x0, &(0x7f000000cf90)=[@enter_looper={0x630c}], 0x0, 0x0, &(0x7f0000005000)}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f000000ffd0)={0x0, 0x0, &(0x7f000000f000), 0x1, 0x0, &(0x7f000000ef31)='b'}) mmap$binder(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000000)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f0000011f9d)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380), 0x1, 0x0, &(0x7f00000003c0)="95"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4c, 0x0, &(0x7f00000004c0)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000440)}}}], 0x0, 0x0, &(0x7f00000000c0)}) 2018/04/21 02:36:06 executing program 6: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000583000)={0x5, 0x80000000005, 0x4000, 0x1}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x18) socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$l2tp(0x18, 0x1, 0x1) r4 = socket(0x9, 0x7, 0x10000) socketpair(0x8, 0x3, 0x2, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_GEM_FLINK(r5, 0xc008640a, &(0x7f0000000380)={0x0, 0x0}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f00000003c0)={0x0, 0x80000, r5}) ioctl$DRM_IOCTL_GEM_OPEN(r6, 0xc010640b, &(0x7f0000000400)={r7, r8, 0x5706}) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e23, 0x8, @empty, 0x10000}}}, &(0x7f0000000140)=0x84) r10 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r10, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) listen(r10, 0x20000003) r11 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r11, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) close(r11) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000480)=0x1, 0x4) r12 = accept4(r10, &(0x7f0000660ff4)=@nl=@unspec, &(0x7f0000000040)=0xf5b19b4c0b1ce647, 0x0) recvfrom$inet(r12, &(0x7f00000002c0)=""/12, 0xb, 0x2, 0x0, 0xfffffe99) ioctl$DRM_IOCTL_RM_MAP(r4, 0x4028641b, &(0x7f0000000440)={0x0, 0x4, 0x7, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x6}) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f00000002c0)={r9, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}}, 0x6, 0x400, 0x1ff, 0x401, 0x4}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000004c0)={0x7fff, 0x2, 0x2, 0x4, 0x6, 0x6, 0x1, 0x1, r9}, &(0x7f0000000500)=0x20) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x1, 0x0, 0x2, 0x8000}) ioctl$DRM_IOCTL_SG_FREE(r6, 0x40106439, &(0x7f0000000100)={0x2e2, r13}) r14 = socket$unix(0x1, 0x5, 0x0) connect$l2tp(r3, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r14, 0x2, 0x0, 0x0, 0x0, {0xa, 0x4e21, 0x9, @mcast2={0xff, 0x2, [], 0x1}, 0x20}}}, 0x32) [ 83.277006] binder: release 6661:6662 transaction 6 in, still active [ 83.283696] binder: send failed reply for transaction 6 to 6661:6676 [ 83.290249] binder: undelivered TRANSACTION_COMPLETE [ 83.295398] binder: undelivered TRANSACTION_ERROR: 29201 [ 83.300894] binder: undelivered TRANSACTION_ERROR: 29189 2018/04/21 02:36:06 executing program 7: openat$dsp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp\x00', 0x40, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x4000000000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5, 0x7f, 0x1, 0x3}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xc, 0x4, 0x4, 0x8000000000009, 0x0, r0, 0x0, [0x305f, 0xa]}, 0x2c) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f00000000c0)=0x7, &(0x7f0000000100)=0x2) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) ioctl$sock_netrom_SIOCGSTAMPNS(r2, 0x8907, &(0x7f0000000180)) r3 = msgget(0x2, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000380)={{{@in6=@local, @in6=@dev}}, {{}, 0x0, @in=@local}}, &(0x7f0000000480)=0xe8) fstat(r2, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000600)=0x0) r7 = getpgrp(0x0) msgctl$IPC_SET(r3, 0x1, &(0x7f0000000640)={{0x9, 0x0, r4, 0x0, r5, 0x50, 0x498}, 0x80000001, 0x0, 0x9, 0x24c, 0xce, 0x1ff, r6, r7}) ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f0000000280)={0x7fff, 0x3ff, 0xd1}) 2018/04/21 02:36:06 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000a8eff8)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000ac5000), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r1, &(0x7f00002ffff6)=@file={0x0, './file0\x00'}, 0xa) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000a8cff0)={0x1, &(0x7f0000528000)=[{0x6}]}, 0x10) close(r0) 2018/04/21 02:36:06 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x5, 0x9}, 0x14) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x6, 0x4, 0x2100000001, 0x0, r0}, 0x191) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00005f1000)={r1, &(0x7f0000eed000), &(0x7f0000b88000)="13"}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, &(0x7f00000000c0)}, 0x10) 2018/04/21 02:36:06 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000001300)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, 0x7}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0xc3, 0x80003}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00004d1ff0)='/dev/sequencer2\x00', 0x1, 0x0) close(r1) readv(r0, &(0x7f0000001240)=[{&(0x7f0000001200)=""/64, 0x40}], 0x1) 2018/04/21 02:36:06 executing program 5: perf_event_open(&(0x7f000025c000)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000340)) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x5e}]}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000003c0)) 2018/04/21 02:36:06 executing program 6: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000583000)={0x5, 0x80000000005, 0x4000, 0x1}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x18) socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$l2tp(0x18, 0x1, 0x1) r4 = socket(0x9, 0x7, 0x10000) socketpair(0x8, 0x3, 0x2, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_GEM_FLINK(r5, 0xc008640a, &(0x7f0000000380)={0x0, 0x0}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f00000003c0)={0x0, 0x80000, r5}) ioctl$DRM_IOCTL_GEM_OPEN(r6, 0xc010640b, &(0x7f0000000400)={r7, r8, 0x5706}) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e23, 0x8, @empty, 0x10000}}}, &(0x7f0000000140)=0x84) r10 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r10, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) listen(r10, 0x20000003) r11 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r11, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) close(r11) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000480)=0x1, 0x4) r12 = accept4(r10, &(0x7f0000660ff4)=@nl=@unspec, &(0x7f0000000040)=0xf5b19b4c0b1ce647, 0x0) recvfrom$inet(r12, &(0x7f00000002c0)=""/12, 0xb, 0x2, 0x0, 0xfffffe99) ioctl$DRM_IOCTL_RM_MAP(r4, 0x4028641b, &(0x7f0000000440)={0x0, 0x4, 0x7, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x6}) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f00000002c0)={r9, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}}, 0x6, 0x400, 0x1ff, 0x401, 0x4}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000004c0)={0x7fff, 0x2, 0x2, 0x4, 0x6, 0x6, 0x1, 0x1, r9}, &(0x7f0000000500)=0x20) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x1, 0x0, 0x2, 0x8000}) ioctl$DRM_IOCTL_SG_FREE(r6, 0x40106439, &(0x7f0000000100)={0x2e2, r13}) r14 = socket$unix(0x1, 0x5, 0x0) connect$l2tp(r3, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r14, 0x2, 0x0, 0x0, 0x0, {0xa, 0x4e21, 0x9, @mcast2={0xff, 0x2, [], 0x1}, 0x20}}}, 0x32) 2018/04/21 02:36:06 executing program 5: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2}, @random="e2701bb60689", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @broadcast=0xffffffff}, @icmp=@parameter_prob={0x21, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x1c00, 0x0, 0x0, 0x0, 0x0, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}, @multicast1=0xe0000001}}}}}}, &(0x7f0000ea3000)) 2018/04/21 02:36:06 executing program 7: r0 = getpid() sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0x81) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r1, 0x800000c004500a, &(0x7f0000006000)) read(r1, &(0x7f0000000200)=""/90, 0xedf40ca8) r2 = memfd_create(&(0x7f0000f9dffe)="c403", 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000180)=""/102, 0x66}], 0x1) mmap(&(0x7f0000000000/0xaa7000)=nil, 0xaa7000, 0x0, 0x12, r2, 0x0) 2018/04/21 02:36:06 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x5, 0x9}, 0x14) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x6, 0x4, 0x2100000001, 0x0, r0}, 0x191) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00005f1000)={r1, &(0x7f0000eed000), &(0x7f0000b88000)="13"}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, &(0x7f00000000c0)}, 0x10) [ 84.192371] binder: 6696:6737 got new transaction with bad transaction stack, transaction 9 has target 6696:6697 [ 84.202845] binder: 6696:6737 transaction failed 29201/-71, size 0-0 line 2875 [ 84.324094] binder: release 6696:6697 transaction 9 in, still active [ 84.330728] binder: send failed reply for transaction 9 to 6696:6737 [ 84.337317] binder: undelivered TRANSACTION_COMPLETE [ 84.342482] binder: undelivered TRANSACTION_ERROR: 29201 [ 84.348006] binder: undelivered TRANSACTION_ERROR: 29189 2018/04/21 02:36:07 executing program 6: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000583000)={0x5, 0x80000000005, 0x4000, 0x1}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x18) socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$l2tp(0x18, 0x1, 0x1) r4 = socket(0x9, 0x7, 0x10000) socketpair(0x8, 0x3, 0x2, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_GEM_FLINK(r5, 0xc008640a, &(0x7f0000000380)={0x0, 0x0}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f00000003c0)={0x0, 0x80000, r5}) ioctl$DRM_IOCTL_GEM_OPEN(r6, 0xc010640b, &(0x7f0000000400)={r7, r8, 0x5706}) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e23, 0x8, @empty, 0x10000}}}, &(0x7f0000000140)=0x84) r10 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r10, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) listen(r10, 0x20000003) r11 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r11, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) close(r11) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000480)=0x1, 0x4) r12 = accept4(r10, &(0x7f0000660ff4)=@nl=@unspec, &(0x7f0000000040)=0xf5b19b4c0b1ce647, 0x0) recvfrom$inet(r12, &(0x7f00000002c0)=""/12, 0xb, 0x2, 0x0, 0xfffffe99) ioctl$DRM_IOCTL_RM_MAP(r4, 0x4028641b, &(0x7f0000000440)={0x0, 0x4, 0x7, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x6}) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f00000002c0)={r9, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}}, 0x6, 0x400, 0x1ff, 0x401, 0x4}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000004c0)={0x7fff, 0x2, 0x2, 0x4, 0x6, 0x6, 0x1, 0x1, r9}, &(0x7f0000000500)=0x20) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x1, 0x0, 0x2, 0x8000}) ioctl$DRM_IOCTL_SG_FREE(r6, 0x40106439, &(0x7f0000000100)={0x2e2, r13}) r14 = socket$unix(0x1, 0x5, 0x0) connect$l2tp(r3, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r14, 0x2, 0x0, 0x0, 0x0, {0xa, 0x4e21, 0x9, @mcast2={0xff, 0x2, [], 0x1}, 0x20}}}, 0x32) 2018/04/21 02:36:07 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000380)={0x10, 0x3}, 0xc, &(0x7f00000014c0)={&(0x7f0000001380)=@newsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000001, @in=@local={0xac, 0x14, 0x14, 0xaa}}, {@in=@multicast1=0xe0000001, 0x0, 0x3c}, @in=@rand_addr, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in=@rand_addr}]}, 0x104}, 0x1}, 0x0) 2018/04/21 02:36:07 executing program 0: perf_event_open(&(0x7f0000348f88)={0x2, 0x39b, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000fcdfe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f000086c000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) read(r0, &(0x7f0000465f8e)=""/114, 0x72) ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000c22ff0)={&(0x7f000001d000/0xc00000)=nil, 0xc00000}) 2018/04/21 02:36:07 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x1, 0x5, 0x9}, 0x14) r1 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x6, 0x4, 0x2100000001, 0x0, r0}, 0x191) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00005f1000)={r1, &(0x7f0000eed000), &(0x7f0000b88000)="13"}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r1, &(0x7f00000000c0)}, 0x10) 2018/04/21 02:36:07 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000001300)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, 0x7}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0xc3, 0x80003}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00004d1ff0)='/dev/sequencer2\x00', 0x1, 0x0) close(r1) readv(r0, &(0x7f0000001240)=[{&(0x7f0000001200)=""/64, 0x40}], 0x1) 2018/04/21 02:36:07 executing program 3: r0 = syz_open_dev$binder(&(0x7f000000cff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000004000)={0x4, 0x0, &(0x7f000000cf90)=[@enter_looper={0x630c}], 0x0, 0x0, &(0x7f0000005000)}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f000000ffd0)={0x0, 0x0, &(0x7f000000f000), 0x1, 0x0, &(0x7f000000ef31)='b'}) mmap$binder(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000000)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f0000011f9d)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380), 0x1, 0x0, &(0x7f00000003c0)="95"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x4c, 0x0, &(0x7f00000004c0)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000440)}}}], 0x0, 0x0, &(0x7f00000000c0)}) 2018/04/21 02:36:07 executing program 7: r0 = getpid() sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0x81) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r1, 0x800000c004500a, &(0x7f0000006000)) read(r1, &(0x7f0000000200)=""/90, 0xedf40ca8) r2 = memfd_create(&(0x7f0000f9dffe)="c403", 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000180)=""/102, 0x66}], 0x1) mmap(&(0x7f0000000000/0xaa7000)=nil, 0xaa7000, 0x0, 0x12, r2, 0x0) 2018/04/21 02:36:07 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000001300)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, 0x7}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0xc3, 0x80003}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00004d1ff0)='/dev/sequencer2\x00', 0x1, 0x0) close(r1) readv(r0, &(0x7f0000001240)=[{&(0x7f0000001200)=""/64, 0x40}], 0x1) 2018/04/21 02:36:07 executing program 5: shmctl$SHM_LOCK(0x0, 0x4) 2018/04/21 02:36:07 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000001300)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, 0x7}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0xc3, 0x80003}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00004d1ff0)='/dev/sequencer2\x00', 0x1, 0x0) close(r1) readv(r0, &(0x7f0000001240)=[{&(0x7f0000001200)=""/64, 0x40}], 0x1) 2018/04/21 02:36:07 executing program 4: syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='/\x00', 0x0, 0x0, &(0x7f00000012c0), 0x828020, &(0x7f0000000080)={[{@delalloc='delalloc', 0x2c}]}) 2018/04/21 02:36:07 executing program 5: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) vmsplice(r0, &(0x7f0000e79000)=[{&(0x7f00003fb000)="f7", 0x1}], 0x1, 0x0) mbind(&(0x7f00003b5000/0x800000)=nil, 0x800000, 0x0, &(0x7f0000001ff8), 0x1, 0x2) 2018/04/21 02:36:07 executing program 6: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f000045fff8)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) ioctl$DRM_IOCTL_SET_UNIQUE(0xffffffffffffffff, 0x40106410, &(0x7f0000000040)) ptrace(0x4207, r1) ptrace$poke(0x5, r1, &(0x7f0000001140), 0xffff) [ 84.665648] EXT4-fs (sda1): re-mounted. Opts: delalloc, 2018/04/21 02:36:08 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x18, 0x1, 0x2, 0x8000000000001, 0x0, 0x0, {}, [@nested={0x4, 0xffffffff00000001}]}, 0x18}, 0x1}, 0x0) 2018/04/21 02:36:08 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000a80)={&(0x7f00000000c0)={0x10}, 0xc, &(0x7f0000000a40)={&(0x7f0000000140)={0x14, r1, 0x921, 0x0, 0x0, {0x1}}, 0x14}, 0x1}, 0x0) [ 84.726878] EXT4-fs (sda1): re-mounted. Opts: delalloc, 2018/04/21 02:36:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00009a9000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, &(0x7f0000000000)={0x0, r0}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000040)="0f060f20dac5330f2293660f3a448a0a0000000066baf80cb81686848aef66bafc0c66b8060066ef660f3837d836f40fc75ce12ec4c18c5eec", 0x39}], 0x1, 0x0, &(0x7f00000001c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:08 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x82) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e21, @loopback=0x7f000001}}, 0x7, 0x3c35, 0x14d, 0x2, 0xc1a}, &(0x7f0000000200)=0x98) pwritev(0xffffffffffffffff, &(0x7f0000f50f90)=[{&(0x7f0000000040)='s', 0x1}], 0x1, 0x81006) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff) sendfile(r0, r0, &(0x7f0000000080), 0x102000004) [ 85.329528] binder: 6748:6805 got new transaction with bad transaction stack, transaction 12 has target 6748:6750 [ 85.340140] binder: 6748:6805 transaction failed 29201/-71, size 0-0 line 2875 2018/04/21 02:36:08 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) io_setup(0x2, &(0x7f0000000080)=0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)}, &(0x7f0000000100)=0x10) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(0xffffffffffffffff, 0x800443d3, &(0x7f0000000040)={{}, 0x0, 0x2}) io_submit(r1, 0x12f, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000001000)}]) 2018/04/21 02:36:08 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f000000a000)={0x6, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/21 02:36:08 executing program 4: futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000dac000)={0x77359400}, &(0x7f0000048000), 0x0) 2018/04/21 02:36:08 executing program 2: r0 = memfd_create(&(0x7f0000813ffa)='ramfs\x00', 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r1, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)}}, 0x20) write$rdma_cm(r1, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x48) perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00003c4ff7)='/dev/kvm\x00', 0x0, 0x0) write$rdma_cm(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="07000000080000fa"], 0x8) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r2, r1) ioctl$TCSETA(r0, 0x4030582a, &(0x7f0000760000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000d5}) ftruncate(r0, 0xaf) lseek(r0, 0x0, 0x4) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000240)={0x0, 0x81, 0x6, 0x5, 0x6, 0xfffffffffffffffa, 0x7, 0x0, {0x0, @in6={{0xa, 0x4e21, 0x6556, @empty, 0x4}}, 0x5, 0x54a4, 0xe2, 0x1, 0x8}}, &(0x7f0000000300)=0xb0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000340)={0x100, 0x0, 0x0, 0x20}, &(0x7f0000000380)=0x10) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000004c0)={0x0, 0x7f, 0x10}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000540)={0x0, 0x5, 0x1, 0x401}, &(0x7f0000000580)=0x10) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000005c0)={0x0, 0x2}, &(0x7f0000000600)=0x8) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000640)={0x0, 0xb0, "0135ad76ac98546b1ab173bc75616afd39bb63b1c2916623ce668048116bf03c7aec7740a9c946cceac11b6b360eadad5ada2e900d9708b717cf75af1108e7642a2a64f135a9f2edd18699e08ef277c5bd07b685e1b01bf20f88aae826245cabad1c2dcdc489a65e87ddbc6c668f65b40b9d37263b864740e476400524a1b1940221b5ab3ecf6fc18acaf225e58655f7870286fa55a14425adfdef385dbf178a4aaf21402f4735ce9f33eaad7bc4dd81"}, &(0x7f0000000700)=0xb8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000740)={0x0, @in6={{0xa, 0x4e20, 0x6, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, 0xcd}}, 0x80000001, 0x0, 0x8, 0x0, 0x20}, &(0x7f0000000800)=0x98) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000a80)={0x0, @in6={{0xa, 0x0, 0x5, @dev={0xfe, 0x80, [], 0x19}, 0x100000001}}, [0x2, 0x6, 0x5, 0x5, 0x7fff, 0x0, 0x1, 0x6, 0x5, 0x17, 0x200, 0x0, 0x7, 0x0, 0x2]}, &(0x7f0000000b80)=0x100) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000bc0)={0x0, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xc}}}, [0x4, 0xff, 0x7, 0x80000001, 0x1000, 0x1, 0x2, 0x4, 0xfff, 0x10001, 0x2, 0x6, 0xd5c, 0xffffffffffff8c6c]}, &(0x7f0000000cc0)=0x100) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000001340)={0x0, 0x555}, &(0x7f0000001380)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000013c0)={0x0, 0x9}, &(0x7f0000001400)=0x8) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000001880)={0x0, @in={{0x2, 0x4e21, @loopback=0x7f000001}}}, &(0x7f0000001940)=0x84) 2018/04/21 02:36:08 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000044ff8)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f00000bc000)=@abs, 0x8) connect$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000681000)=@file={0x1, './file0\x00'}, 0x6e) 2018/04/21 02:36:08 executing program 0: shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000400)=""/72) 2018/04/21 02:36:08 executing program 7: r0 = getpid() sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0x81) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r1, 0x800000c004500a, &(0x7f0000006000)) read(r1, &(0x7f0000000200)=""/90, 0xedf40ca8) r2 = memfd_create(&(0x7f0000f9dffe)="c403", 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000180)=""/102, 0x66}], 0x1) mmap(&(0x7f0000000000/0xaa7000)=nil, 0xaa7000, 0x0, 0x12, r2, 0x0) 2018/04/21 02:36:08 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x0) read(r0, &(0x7f0000005000), 0x0) [ 85.458624] binder: release 6748:6750 transaction 12 in, still active [ 85.465325] binder: send failed reply for transaction 12 to 6748:6805 [ 85.471973] binder: undelivered TRANSACTION_COMPLETE [ 85.477113] binder: undelivered TRANSACTION_ERROR: 29201 [ 85.482612] binder: undelivered TRANSACTION_ERROR: 29189 2018/04/21 02:36:08 executing program 6: socket$alg(0x26, 0x5, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000fa000)={&(0x7f0000c1b000)={0x10}, 0xc, &(0x7f000052aff0)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="1c0000001d000103000000000000000000eac842616acfe2cfd0adef9ded9cf5f6ca0c7bec39875d33dda233ee680ada71e6e835e28a1eb4feeb989b1fce5e95d52be4db6e6d0f178ec03af52919973402c60a40b0789c15be9d049113d906eebfcd78aba7c3025be567bcc21c0bce331579d2aaca672a6758b0713e706d956bf899dcc51a9d23aa20e8165f97923829ab9470ecb841413c530458d2f97e6778e7cda76a5ca4860890460cff5cfdb8bf716ba3a425cbf9dcdb7e77a1b606b5ae6aa1cad59c383df45a48539dba2c888bf3cae399091b5f718d2d222ee1a8de7b6998d597c8"], 0x1}, 0x1}, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) symlink(&(0x7f0000000240)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f", &(0x7f0000000100)='./control\x00') splice(0xffffffffffffffff, &(0x7f00000005c0), 0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x0) socketpair(0x0, 0x0, 0x6, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) execveat(0xffffffffffffffff, &(0x7f0000010000)='./control\x00', &(0x7f000003f000), &(0x7f0000001fe8), 0x0) acct(&(0x7f0000000300)='/') mkdir(&(0x7f0000014000)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000c40000)='./file0\x00', &(0x7f0000014000)='ramfs\x00', 0x0, &(0x7f000000a000)) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000180)={0x0, 0x4, 0x10}, &(0x7f00000001c0)=0xc) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f0000000200)={0x1, 0x1, 0xf16d, 0x1cf6, r5}, &(0x7f00000002c0)=0x10) chroot(&(0x7f0000000140)='./file0\x00') r6 = getuid() getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000004c0)={0x0, 0x0, 0x0}, &(0x7f0000000500)=0xc) fchownat(r4, &(0x7f0000000480)='./control\x00', r6, r7, 0xc00) umount2(&(0x7f0000000100)='/', 0x0) mount(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)="84a7267300fc6bbd68ba4d73d94720ac94f2fa6c48c1b6af07bc87fb6437bce5327bd0362fa180f70b9b522b09f05393dc532b4df8b5e1891519751b1f349ae0e530b549f8152e5ea498e53d9287252d6225c2801e8725360c61a0491c8ea852c676aa2407bd8c73db3f1aec9317ff4f9192ddb5ad6a155f28c1fcac4bfa65543a985eed05daa2d332ce0a1b5f0cd98f217fedcce0fb8af5f5247bbae6fcaf2f271b6c5fa7d2bc0ba52f6c44a828f05c3e7dfbfd548a346802990b8dbaa3ef425dee72620293faeeba9f37b6a2875acab954913cf916e8f9292f9f2228c71484d1b60fec3112f2d7c761303ba8e33fe2cc8c757a712e4a73bc2c22d28a8bd8ceb7e60fe1c3dbf4a8e40f10fdd6e617964c2b0ca6643d81a35637f1e67662fc7cf1", 0x2080, 0x0) rename(&(0x7f0000000540)='./control\x00', &(0x7f0000000580)='./control\x00') syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x5, 0x202) r8 = shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x0) shmdt(r8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={0x0, 0x3}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000100)={r9}, 0x8) write$rdma_cm(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000180000fa0300000000000000", @ANYBLOB="e4ff000000000000e6003de4e3d93537bab4584c45dff6a841bf8818326d1aec0faea6bfe970784ae2d18ede88bc47d62873ebdbf8ab9e8f44b9b89cf27005c7a5c2f40a69089790b5724d78ad1c416a27cfa8834e0500000000000000bb94b8986136995ec185143a034b4c4e0252e15425602866b6417934"], 0x89) write$rdma_cm(r1, &(0x7f00000003c0)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x48) write$rdma_cm(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="0c000000080000fa77791cf4dc1cb177a5d77c77d0c0d9d2d63fc05010bb64d3614903f50c3974c8067c353f1d39adb774510432d2ab4289554f9939d508e2269a7de538eb24e405cb127ec8233e768b1b94206e7edb304a2c707f77b3dcaf0fb77a579586103f02a000aa9f328eaa3d6e91000a42246cf3721bb59dd42298d96ec4cdede3dc01e1d44c90aa905848ff6e8598ad4d24b234ae89fd49a3aa721a1235eecd6bbb9133fecd9a600eca3f53bc101ed9c4"], 0xb5) socket$inet_tcp(0x2, 0x1, 0x0) 2018/04/21 02:36:08 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0x14, 0x23, 0xffffffffffffffff, 0x0, 0x0, {0x4}}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:08 executing program 5: r0 = memfd_create(&(0x7f000088f000)='b\n\x00', 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x5011, r0, 0x0) ftruncate(r0, 0x1000000) 2018/04/21 02:36:08 executing program 3: r0 = socket(0x40000000015, 0x5, 0x0) recvmsg$netrom(r0, &(0x7f0000b2b000)={&(0x7f0000d24ff0)=@ax25={0x3, {"837bf46e6dc7a8"}}, 0x10, &(0x7f0000bc4000), 0x0, &(0x7f00002bacc0)}, 0x0) close(r0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000a00ff8)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f) recvmsg$netrom(r0, &(0x7f00002dcfc8)={&(0x7f0000cf1000)=@ax25={0x3, {"2f3971fbb37657"}}, 0x10, &(0x7f000059a000), 0x0, &(0x7f00005cf000)}, 0x0) recvfrom(r3, &(0x7f0000ef3000), 0x0, 0x0, &(0x7f000002cff0)=@alg={0x26, 'hash\x00', 0x0, 0x0, "6c7a0700000c19e30000000000001302000000000000e2ffffffffffffff0000000000000000000000000000000000000000200000000000000000000e000800"}, 0x58) fcntl$setown(r2, 0x8, r1) fcntl$setsig(r2, 0xa, 0x12) dup2(r2, r3) tkill(r1, 0x13) 2018/04/21 02:36:08 executing program 1: openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc\x00', 0x0, 0x0) r0 = socket$inet6(0xa, 0x806, 0x0) connect$inet6(r0, &(0x7f000000cfe4)={0xa}, 0x1c) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) pselect6(0x40, &(0x7f00000abfc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f00007fbfc0), &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000f14000)={&(0x7f0000553ff8), 0x8}) 2018/04/21 02:36:08 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={r1}, 0xc) 2018/04/21 02:36:09 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) sendmmsg(r0, &(0x7f0000006780)=[{{&(0x7f0000000340)=@in={0x2}, 0x10, &(0x7f00000008c0), 0x0, &(0x7f0000000940)}}, {{&(0x7f0000005140)=@ax25={0x3, {"d162919bab73ac"}}, 0xf, &(0x7f0000006600), 0x0, &(0x7f0000006680)}}], 0x2, 0x0) 2018/04/21 02:36:09 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0x0, 0x0}) socket$kcm(0x29, 0x2, 0x0) socket$kcm(0x2, 0x2, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x202}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x16, 0x541f, 0x0, &(0x7f0000000080)) 2018/04/21 02:36:09 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r1, 0xfffffffffffffffe) setsockopt$inet6_tcp_int(r1, 0x6, 0x1b, &(0x7f0000483ffc)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000eb9fff), 0xfffffd65, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x2000004, 0x32, 0xffffffffffffffff, 0x0) r2 = accept4(r1, &(0x7f00003ad000)=ANY=[], &(0x7f00008f1ffc), 0x0) getsockopt$inet6_tcp_buf(r2, 0x6, 0x1c, &(0x7f0000000180)=""/106, &(0x7f0000000140)=0x41) 2018/04/21 02:36:09 executing program 0: r0 = socket$inet(0x2, 0x1, 0x0) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000180)={'sit0\x00', @ifru_names='sit0\x00'}) 2018/04/21 02:36:09 executing program 4: syz_emit_ethernet(0x66, &(0x7f0000001280)={@random="dee93e6cbff1", @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x11, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @dev={0xac, 0x14, 0x14}}, @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}}, &(0x7f0000000000)={0x0, 0xffffffffffffffff, [0x3, 0x349]}) 2018/04/21 02:36:09 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000), 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$can_raw(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x1d}, 0x10, &(0x7f0000000240)={&(0x7f0000000140)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "b5a419fb5df128c83ad9430362a22a5abf1e4123efccc641602c2da3630b58d04766c58b254ff2a965ccb226c8c7355c33306c99adaa0aa59006f8dc9b01b737"}, 0xfffffff0}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003340)=[{{&(0x7f00000003c0)=@pptp={0x0, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000003200)=[{&(0x7f0000003100)=""/226, 0xe2}], 0x1, &(0x7f0000000440)=""/239, 0xef}}], 0x1, 0x0, 0x0) 2018/04/21 02:36:09 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001aff8)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) sendfile(r0, r1, &(0x7f0000000040), 0x80000001) 2018/04/21 02:36:09 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x6, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) 2018/04/21 02:36:09 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xa9, 0xa, 0x16, 0x7, "9d96e20349b23a4c725338fe6df18aff8b6cbc10394842b9b11ac86152b157fcd17f0ea446783e4401aa5e812410f3fa61053e3549b9dffdf42c74be66e7668b", "8419a2713d469851fba79535af6fa19a819f73e3f0a091d42c6fa63e334a775a", [0x5, 0xffffffff]}) 2018/04/21 02:36:09 executing program 7: r0 = getpid() sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0x81) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r1, 0x800000c004500a, &(0x7f0000006000)) read(r1, &(0x7f0000000200)=""/90, 0xedf40ca8) r2 = memfd_create(&(0x7f0000f9dffe)="c403", 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000180)=""/102, 0x66}], 0x1) mmap(&(0x7f0000000000/0xaa7000)=nil, 0xaa7000, 0x0, 0x12, r2, 0x0) 2018/04/21 02:36:09 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x102) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) clone(0x0, &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)) 2018/04/21 02:36:11 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = getpgrp(0x0) fcntl$setownex(r0, 0xf, &(0x7f0000ec5000)={0x2, r1}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000ecaffc)=0x0) setpriority(0x0, r2, 0x0) 2018/04/21 02:36:11 executing program 5: syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0xffffff84, 0x0, @local={0xac, 0x223, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14}}, @udp={0x0, 0x0, 0x8}}}}}, &(0x7f00000000c0)) 2018/04/21 02:36:11 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000ff5ffc), 0x4) setsockopt$packet_buf(r0, 0x107, 0x16, &(0x7f0000000000), 0x0) 2018/04/21 02:36:11 executing program 4: r0 = socket$inet(0x15, 0x80005, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) getpeername$inet(r0, &(0x7f0000000000)={0x0, 0x0, @multicast2}, &(0x7f0000000080)=0x10) 2018/04/21 02:36:11 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001aff8)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) sendfile(r0, r1, &(0x7f0000000040), 0x80000001) 2018/04/21 02:36:11 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x102) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) clone(0x0, &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)) 2018/04/21 02:36:11 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10}, 0x247, &(0x7f0000000100)={&(0x7f0000000540)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@multicast2=0xe0000002, @in=@rand_addr}, {@in6=@ipv4={[0xfffffff0], [0xff, 0xff], @broadcast=0xffffffff}, 0x0, 0x32}, @in6=@ipv4={[], [0xff, 0xff]}, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1}, 0x0) 2018/04/21 02:36:11 executing program 1: r0 = syz_open_dev$tun(&(0x7f00000004c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syz+aller0\x00', 0x3202}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x118) close(r0) 2018/04/21 02:36:11 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) mount(&(0x7f0000000280)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='mqueue\x00', 0x0, &(0x7f0000000000)) r0 = open(&(0x7f0000f04ff8)='./file0\x00', 0x0, 0x0) lseek(r0, 0x6, 0x0) lseek(r0, 0x0, 0x0) 2018/04/21 02:36:11 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001aff8)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) sendfile(r0, r1, &(0x7f0000000040), 0x80000001) 2018/04/21 02:36:11 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x100011, @remote={0xac, 0x14, 0x14, 0xbb}, 0x0, 0xaa010000, 'dh\x00'}, 0x2c) 2018/04/21 02:36:11 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x2, 0x32, 0xffffffffffffffff, 0x0) ioctl(r0, 0xc0984124, &(0x7f0000000000)) [ 88.249337] can: notifier: receive list not found for dev syz+aller0 2018/04/21 02:36:12 executing program 2: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_PROT_MASK(r0, 0x40087705, &(0x7f0000000180)) 2018/04/21 02:36:12 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x0, 0x1b071, 0xffffffffffffffff, 0x0) syz_fuseblk_mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/21 02:36:12 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001aff8)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) sendfile(r0, r1, &(0x7f0000000040), 0x80000001) 2018/04/21 02:36:12 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x100011, @remote={0xac, 0x14, 0x14, 0xbb}, 0x0, 0xaa010000, 'dh\x00'}, 0x2c) 2018/04/21 02:36:12 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000040), 0xc539) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000f53fff), 0xfffffffffffffc64, 0x20000802, &(0x7f000006d000)={0x2, 0x4e23}, 0x10) 2018/04/21 02:36:12 executing program 7: r0 = getpgid(0x0) sched_setattr(r0, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x0, 0x3}, 0x0) clone(0x200, &(0x7f0000fbf000), &(0x7f0000000000), &(0x7f0000000100), &(0x7f00000000c0)) mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000a7bfc8), &(0x7f00006fcff0)) process_vm_readv(0x0, &(0x7f00000003c0), 0x0, &(0x7f0000001580), 0x0, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x78, 0x312}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0) 2018/04/21 02:36:12 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x102) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) clone(0x0, &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)) 2018/04/21 02:36:12 executing program 1: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x2000000000000003, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 'syz_tun\x00'}}, 0x1e) syz_emit_ethernet(0x14, &(0x7f00000c5fe8)={@dev={[0xaa, 0xaa, 0xaa, 0xaa]}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@generic={0x8863, "94a7030000e8"}}}, &(0x7f0000000000)) [ 89.359886] can: notifier: receive list not found for dev syz+aller0 2018/04/21 02:36:12 executing program 1: syz_mount_image$xfs(&(0x7f0000000080)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x1100000, 0x1, &(0x7f0000000200)=[{&(0x7f0000001740)="584653420000100000000000000010000000000000000000000000000000000034fb8fb9e4bf48b6ad26c597eb4f5c1900000000000000040000000000000d880000000000000d890000000000000d8a000000010000100000000001000000000000035ab4240200040000040000000000000000000000000c090a020c", 0x7d}], 0x0, &(0x7f0000001700)={'nouuid,'}) 2018/04/21 02:36:12 executing program 5: socket$inet_smc(0x2b, 0x1, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) fanotify_init(0x0, 0x0) unshare(0x400) pselect6(0x40, &(0x7f0000f33fc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000349000), &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8}) 2018/04/21 02:36:12 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x100011, @remote={0xac, 0x14, 0x14, 0xbb}, 0x0, 0xaa010000, 'dh\x00'}, 0x2c) 2018/04/21 02:36:13 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x100011, @remote={0xac, 0x14, 0x14, 0xbb}, 0x0, 0xaa010000, 'dh\x00'}, 0x2c) 2018/04/21 02:36:13 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0x0, 0x0}) socket$kcm(0x29, 0x2, 0x0) socket$kcm(0xa, 0x3, 0x11) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x21e}, 0xffffffffffffff4d) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0xffffffffffffffcc, &(0x7f0000001300)=""/251}, 0x14) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x16, 0x3a, 0x0, &(0x7f0000000080)) 2018/04/21 02:36:13 executing program 0: r0 = syz_open_dev$tun(&(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x4001}) ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000000)) 2018/04/21 02:36:13 executing program 3: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='hybla\x00', 0x12c) connect$inet(r0, &(0x7f00000dcff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) shutdown(r0, 0x0) 2018/04/21 02:36:13 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x40, 0xa9, 0xa37, 0x1, 0x1}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18550d00000000000000000002800000850000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000040)=@raw=[@map={0x18, 0x2, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x2c}], &(0x7f0000000140)="4750c3ff", 0x41, 0xffc4, &(0x7f00000004c0)=""/167}, 0x48) [ 89.929074] XFS (loop1): Mounting V4 Filesystem 2018/04/21 02:36:13 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000000)=0xffffff24, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820faeb995298992ea54c7beef915d56534c90c2", 0x18) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x4) sendto(r1, &(0x7f0000000300)="ea155f8f", 0x4, 0x0, &(0x7f0000000380)=@ipx={0x4, 0x0, 0x0, "3c8ebed02b29"}, 0x80) recvmmsg(r1, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000001780)=""/163, 0xa3}}, {{&(0x7f0000006a80)=@rc, 0x80, &(0x7f0000006b40)=[{&(0x7f0000006b00)=""/55, 0x37}], 0x1, &(0x7f0000006b80)=""/194, 0xc2}}], 0x2, 0x0, &(0x7f0000006dc0)={0x77359400}) 2018/04/21 02:36:13 executing program 3: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='io.weight\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000380)=ANY=[@ANYBLOB='8:0\r1'], 0x5) [ 90.098280] XFS (loop1): totally zeroed log [ 90.104857] XFS (loop1): Metadata corruption detected at xfs_agi_verify+0x187/0x4f0, xfs_agi block 0x2 [ 90.114711] XFS (loop1): Unmount and run xfs_repair [ 90.119761] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 90.126476] 00000000b9dbcc76: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.135343] 00000000579c5a2a: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.144208] 00000000a2026fa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.153107] 00000000f1b81d4c: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.161979] 000000005af457a2: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.171075] 000000003e3e0ba2: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.179975] 00000000262f4e51: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.188902] 00000000aa1c750f: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.201925] XFS (loop1): metadata I/O error in "xfs_trans_read_buf_map" at daddr 0x2 len 1 error 117 [ 90.211488] XFS (loop1): xfs_imap_lookup: xfs_ialloc_read_agi() returned error -117, agno 0 [ 90.220373] XFS (loop1): failed to read root inode 2018/04/21 02:36:13 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000018c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000001880)={&(0x7f00000004c0)=@setlink={0x2c, 0x13, 0x105, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_XDP={0xc, 0x2b, [@nested={0x8, 0x1, [@generic="4b97e19e"]}]}]}, 0x2c}, 0x1}, 0x0) 2018/04/21 02:36:13 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000ff7)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f00000004c0)=""/246) ioctl$EVIOCGREP(r0, 0x4010744d, &(0x7f0000000080)=""/174) 2018/04/21 02:36:13 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000e3eff8)={0x0, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000040)=ANY=[@ANYBLOB="001b4a6c006103bf623f97227e1ddd2a48953756a6512ba5552d89ac1a479c6d38bdfe3991766ceb"], &(0x7f0000000440)=0x1) r4 = dup3(r3, r2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000decfe0)={0x10005, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000240)="0f0097fd050000c4c2fd38407cb8010000000f01d9b9800000c00f3235000800000f3066ba420066b8c00066eff326f4b9800000c00f3235004000000f30660f3881a7621c96dd66baf80cb8385d3080ef66bafc0cedb9800000c00f3235004000000f30", 0x64}], 0x1, 0x1c, &(0x7f0000000200), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2018/04/21 02:36:14 executing program 7: r0 = getpgid(0x0) sched_setattr(r0, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x0, 0x3}, 0x0) clone(0x200, &(0x7f0000fbf000), &(0x7f0000000000), &(0x7f0000000100), &(0x7f00000000c0)) mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000a7bfc8), &(0x7f00006fcff0)) process_vm_readv(0x0, &(0x7f00000003c0), 0x0, &(0x7f0000001580), 0x0, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x78, 0x312}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0) 2018/04/21 02:36:15 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x102) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) clone(0x0, &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)) 2018/04/21 02:36:15 executing program 7: r0 = getpgid(0x0) sched_setattr(r0, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x0, 0x3}, 0x0) clone(0x200, &(0x7f0000fbf000), &(0x7f0000000000), &(0x7f0000000100), &(0x7f00000000c0)) mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000a7bfc8), &(0x7f00006fcff0)) process_vm_readv(0x0, &(0x7f00000003c0), 0x0, &(0x7f0000001580), 0x0, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x78, 0x312}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0) 2018/04/21 02:36:15 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000a40)=0x214) sendto$inet6(r1, &(0x7f0000eb9fff), 0xfffffd65, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) 2018/04/21 02:36:15 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x40, 0xa9, 0xa37, 0x1, 0x1}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18550d00000000000000000002800000850000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000040)=@raw=[@map={0x18, 0x2, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x2c}], &(0x7f0000000140)="4750c3ff", 0x41, 0xffc4, &(0x7f00000004c0)=""/167}, 0x48) 2018/04/21 02:36:15 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00005d5ff3)={0x2, 0x4e20, @rand_addr}, 0x10) sendto$inet(r0, &(0x7f0000de1fff), 0x4e, 0x20008005, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) recvmsg(r0, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000002f40)=[{&(0x7f0000002e40)=""/255, 0xff}], 0x1, &(0x7f0000002fc0)=""/205, 0xcd}, 0x0) recvmsg(r0, &(0x7f0000000b40)={&(0x7f00000008c0)=@ethernet={0x0, @broadcast}, 0x80, &(0x7f0000000a00)=[{&(0x7f0000000940)=""/139, 0x8b}], 0x1, &(0x7f0000000a40)=""/242, 0xf2}, 0x0) sendto$inet(r0, &(0x7f0000000040)="11a58fde7649496403db92ed306004b3d3cbfc195485c3b895d864ab91a3aebde4f70a917a91ec9612d004000a7b43a35bb73249ede41bf5c05ab608fb7b74ffd57f6e8e43cf9cb723fc0d8d8cabbbbae3a5fde8ad6f52d667c512596f50b9962aa2193688d872a7eeca57801742d74d39c4b003a5e292e077ed102e7999329aab95a3d96363505f76c86a6d2352dd8025207ae531701f1ce353d6b017eb64000000bc2e9f8b66fe4a8e64f0fc7a0aa55d4103e1d7d5b0dd5750071e9b3a786021678a86fcbb0b9f9364ec0f0310306fef9c21b3b20d8b44423b495299cea2c6f40c377a72534453ad7f5af27b1efb2514ace1f9a68cf205a9ddb8fd954e34bde3612e6e05686cf3b968a14bd3a356f7b8d20214c0f7a388ef5ea8d063c65f2aabff685e69f86b4a0b3697f8bfbfe66796f0489ad2e49bdbc1742941c28c88cb93e1f8ccc3db4782cdf9cbd797ddc8d7b1364da50ad48e081a38622280169eba5c6a3bf9b5f15bdf8a8b6483340a3297c31154905db209195c28f15d10153204fbe0586516c714ddc939e0eb68c73969e81fc6f215b476ddf3fcf1a604603360089dadba2779cfed9027ac163067fc0d7592ac8a013b907372a42b242405241ac1f63f85a52fff2d78b30e87a156b5cfa133dabc259bb027bec5eb8c8eb623e9776a13d3ce972a6769de8a78153f498084a244b0146b77be3d1cba7b02fe8906ed8a88f105c763d1772825b986d52823bf38b6f95eca494fd9c64497874b9f450bec65311493cc108b27611eaa6819305a3730d29368f25f7e816d60884a1e0271c3c786ad36391366ac3b65f04c148974f6973005c5ff73d6f0b3f7e44c65da7c4115c4ee543991e4ad26938384cafffffffc8f7e79aaf1b8ef37f627e3c7168ecda2cf224a491bea6129fcd954b88dbb2d29464931bcd5378041db67ddc70ee856ae09c1b26b9ada008a7d52bf1a160606865a29794f36b2a3811c66e9fe27af8fc8356374e37f3eca244367fb535dde71fae4683710761b89f18820d4f06065450c3d1f76fa26ef28320edf6c36480af14f4444edb40ebb3f8ea264486ec31c40c7f0007a69c24da10db6f60da3e648f16b5fc6b5a5c6217e46c1f3ff354a8b49beb3b46a69dcb4c5d547a7b7ba8fe22da0173f9fe80f4bd47afbec4d2e0d3c91b1a326d8bb9fded873e87f847032af52bd6d129f3ce3f11ea9d0b4250af7eaa2649d9972b9b8dc773c869b3a431eac7f55d6bb92dc29f08d7d8959e2af7571efb7ec88eac4b62850e8f6b60d4a5d06d66875b4bd260a9014a2eb88621f4c6eb3f9ed2190b48acf0358d8b82fb4794535fcb8dd50ba86d23d230a94f07a768142ff3b4c8558dac21726b6279980c238041f26e86c8e3fa83028345999464e3e37d610ab7c15daaffb744a505a3dd9802b3721f29553ee23e1cf376f12cc3fe6b7ac76bd13da44356855be096155e355c9cad31fcdeedc6679c531bc1a2765dc8777108ec5e31d793005e718a9ced77d6505e44f649128a29f5264fecba132f9f5016eaf690751edd64d903b36ceb2b08042c60e9e97f8bc985476e6088a5ebd3743c2358171b30b16d730a5dd49c92fa19cc267e2c1927f200fc3d23a804f0a12b06a6a88a2685051ab28f1721209ada2c14b557a49423795b07040d510bb21ce5d15acedd18cb7cb7a93389ceb934206e4ffb220048a7a82fb3c251d0a31ba5af9eb0c16e29f33f9d0a78f5e6300cf04d17eb5f67711cafa0d4e99eeaf0f8fdbd34170318879a0d12c01891127ba7b677d204268524c5af1d7dc27176826302e34f9d35d2f2eefad5f22f68929d3456c11d5f00d4a8ce8b784bca8088805731eff2d47024c2da68abc2d2c0f7806d7d76cdf489f3bffa75cb826bc0809331d89a3255a498b8150d4ae31d03414ab244939455b6377c2917cb2d8a9f9ebf282657e417860e49ac94f4a838aefd34f28960a78da47933252d8cb2fdb27d413ee54502cd1bf75585468b77b8dca627cab29ef0a5297ee3dcb4c987520804e9a5f45e8241019281bab7e30f4b008bf0edf3b6fb5e8d1c2ab619b2eb84293d636a6a37d716cd8e102b7099676693cb7b01031b57ee93fd22cb18229893fd4d4ef87f1596879ac9f61b2f0c35be34cb6e6f75087ff963c188d43bcb464a95e956e75559eb1f6f2224fb2ca8f0bdc90ae5c2ce712498ee4026b13b8f3137000aa1545a75e5b48e80da30e6dac5529cac1099244e79ad542f45dcfbf16c62b5eb63daee8185c5e79ebfa1ca60880f9e2895f54ab95bbae38ae62200c1e439d73fa63d0bff75935a8ad2ae73b82132e8d4eb4bd55844b2f55c65d5ffa0c65aaf0cc5bc73925d05cf7c1c4383af074feb3a53919d2a3b5bef96115aab966821dbfc4577d19d85911a485c58a5b87cf44d230cfdc255486bb09d5c16f2164397f0fc5f652a171f0269bdcd98291410c010cc377d2690a6032fe5701117adbd0f6b847c9617a9b3d20529024d8d9749b9c49827694d346d3b1bbe434122331986b9f6e84430dfd75d123f3e307d6f5514f3da09b527408bfb6816da54beeefad160e4b095517f3292c2e17fb3bba47527671d0afe7c35d54d25ab307b15d069a05395a9cddd4b519224fe3c689d14827ede6d91ebace2a80afaad3dcd1f8ce20e92012b8934d7ff3ebdd285cc24202a86d70b96674a6af05a3c29065afa4e38b9c34006cb3eb9c880756825cf68859889c694cf54ffc170e71617bea30", 0x799, 0x10, 0x0, 0x0) 2018/04/21 02:36:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000e3eff8)={0x0, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000040)=ANY=[@ANYBLOB="001b4a6c006103bf623f97227e1ddd2a48953756a6512ba5552d89ac1a479c6d38bdfe3991766ceb"], &(0x7f0000000440)=0x1) r4 = dup3(r3, r2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000decfe0)={0x10005, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000240)="0f0097fd050000c4c2fd38407cb8010000000f01d9b9800000c00f3235000800000f3066ba420066b8c00066eff326f4b9800000c00f3235004000000f30660f3881a7621c96dd66baf80cb8385d3080ef66bafc0cedb9800000c00f3235004000000f30", 0x64}], 0x1, 0x1c, &(0x7f0000000200), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2018/04/21 02:36:15 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000b96000)={0xffffffffffffffff}) getsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000), &(0x7f0000000040)=0x4) 2018/04/21 02:36:15 executing program 5: r0 = socket$pptp(0x18, 0x1, 0x2) r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x0) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) r2 = perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = dup3(r2, r0, 0x0) r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$pptp(r4, &(0x7f0000000040)={0x18, 0x2, {0x0, @rand_addr}}, 0x74) r5 = openat$cgroup_int(r3, &(0x7f00000000c0)='memory.swap.max\x00', 0x2, 0x0) preadv(r5, &(0x7f00000004c0)=[{&(0x7f0000000100)=""/47, 0x2f}, {&(0x7f00000001c0)=""/225, 0xe1}, {&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/99, 0x63}, {&(0x7f00000003c0)=""/140, 0x8c}, {&(0x7f0000000480)=""/8, 0x8}], 0x6, 0x0) getsockname$packet(r1, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000640)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000680)={'rose0\x00', r6}) ioctl$LOOP_SET_FD(r3, 0x4c00, r5) bind(r0, &(0x7f0000000140)=@nfc={0x27, 0x1, 0x2, 0x7}, 0x80) [ 92.154019] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 2018/04/21 02:36:15 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000b96000)={0xffffffffffffffff}) getsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000), &(0x7f0000000040)=0x4) 2018/04/21 02:36:15 executing program 5: r0 = socket$pptp(0x18, 0x1, 0x2) r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x0) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) r2 = perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = dup3(r2, r0, 0x0) r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$pptp(r4, &(0x7f0000000040)={0x18, 0x2, {0x0, @rand_addr}}, 0x74) r5 = openat$cgroup_int(r3, &(0x7f00000000c0)='memory.swap.max\x00', 0x2, 0x0) preadv(r5, &(0x7f00000004c0)=[{&(0x7f0000000100)=""/47, 0x2f}, {&(0x7f00000001c0)=""/225, 0xe1}, {&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/99, 0x63}, {&(0x7f00000003c0)=""/140, 0x8c}, {&(0x7f0000000480)=""/8, 0x8}], 0x6, 0x0) getsockname$packet(r1, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000640)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000680)={'rose0\x00', r6}) ioctl$LOOP_SET_FD(r3, 0x4c00, r5) bind(r0, &(0x7f0000000140)=@nfc={0x27, 0x1, 0x2, 0x7}, 0x80) 2018/04/21 02:36:15 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x40, 0xa9, 0xa37, 0x1, 0x1}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18550d00000000000000000002800000850000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000040)=@raw=[@map={0x18, 0x2, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x2c}], &(0x7f0000000140)="4750c3ff", 0x41, 0xffc4, &(0x7f00000004c0)=""/167}, 0x48) 2018/04/21 02:36:15 executing program 1: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$nfc_llcp(r0, &(0x7f0000000040)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "d5e03eb5f683b6f216a898c4d34ab03dba348c57e5859f5f5955aa5047d220d5047a38bd289ccbcc61a14a91a679711c1fea3d6a1a1741acd590e49c665a72", 0x3c}, 0x60) 2018/04/21 02:36:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000e3eff8)={0x0, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000040)=ANY=[@ANYBLOB="001b4a6c006103bf623f97227e1ddd2a48953756a6512ba5552d89ac1a479c6d38bdfe3991766ceb"], &(0x7f0000000440)=0x1) r4 = dup3(r3, r2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000decfe0)={0x10005, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000240)="0f0097fd050000c4c2fd38407cb8010000000f01d9b9800000c00f3235000800000f3066ba420066b8c00066eff326f4b9800000c00f3235004000000f30660f3881a7621c96dd66baf80cb8385d3080ef66bafc0cedb9800000c00f3235004000000f30", 0x64}], 0x1, 0x1c, &(0x7f0000000200), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2018/04/21 02:36:15 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000b96000)={0xffffffffffffffff}) getsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000), &(0x7f0000000040)=0x4) 2018/04/21 02:36:15 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@loopback={0x0, 0x1}, 0x0, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f000087d000)=0xffffffffffffffff, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x80000000, @loopback={0x0, 0x1}}, 0x1c) 2018/04/21 02:36:15 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000b96000)={0xffffffffffffffff}) getsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000), &(0x7f0000000040)=0x4) 2018/04/21 02:36:17 executing program 7: r0 = getpgid(0x0) sched_setattr(r0, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x0, 0x3}, 0x0) clone(0x200, &(0x7f0000fbf000), &(0x7f0000000000), &(0x7f0000000100), &(0x7f00000000c0)) mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000a7bfc8), &(0x7f00006fcff0)) process_vm_readv(0x0, &(0x7f00000003c0), 0x0, &(0x7f0000001580), 0x0, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x78, 0x312}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0) 2018/04/21 02:36:17 executing program 5: r0 = socket$pptp(0x18, 0x1, 0x2) r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x0) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) r2 = perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = dup3(r2, r0, 0x0) r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$pptp(r4, &(0x7f0000000040)={0x18, 0x2, {0x0, @rand_addr}}, 0x74) r5 = openat$cgroup_int(r3, &(0x7f00000000c0)='memory.swap.max\x00', 0x2, 0x0) preadv(r5, &(0x7f00000004c0)=[{&(0x7f0000000100)=""/47, 0x2f}, {&(0x7f00000001c0)=""/225, 0xe1}, {&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/99, 0x63}, {&(0x7f00000003c0)=""/140, 0x8c}, {&(0x7f0000000480)=""/8, 0x8}], 0x6, 0x0) getsockname$packet(r1, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000640)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000680)={'rose0\x00', r6}) ioctl$LOOP_SET_FD(r3, 0x4c00, r5) bind(r0, &(0x7f0000000140)=@nfc={0x27, 0x1, 0x2, 0x7}, 0x80) 2018/04/21 02:36:17 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x40000000015, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8943, &(0x7f0000000000)={'syz_tun\x00', &(0x7f00000001c0)=@ethtool_regs={0xe}}) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x4) 2018/04/21 02:36:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000e3eff8)={0x0, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000040)=ANY=[@ANYBLOB="001b4a6c006103bf623f97227e1ddd2a48953756a6512ba5552d89ac1a479c6d38bdfe3991766ceb"], &(0x7f0000000440)=0x1) r4 = dup3(r3, r2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000decfe0)={0x10005, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000240)="0f0097fd050000c4c2fd38407cb8010000000f01d9b9800000c00f3235000800000f3066ba420066b8c00066eff326f4b9800000c00f3235004000000f30660f3881a7621c96dd66baf80cb8385d3080ef66bafc0cedb9800000c00f3235004000000f30", 0x64}], 0x1, 0x1c, &(0x7f0000000200), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2018/04/21 02:36:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000000340)=@ioapic) 2018/04/21 02:36:17 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00005a5000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f00000005c0)={0x14, 0x26, 0x109, 0x0, 0x0, {0x44000002}}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:17 executing program 6: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000040)=0x80) 2018/04/21 02:36:17 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x40, 0xa9, 0xa37, 0x1, 0x1}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18550d00000000000000000002800000850000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000040)=@raw=[@map={0x18, 0x2, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x2c}], &(0x7f0000000140)="4750c3ff", 0x41, 0xffc4, &(0x7f00000004c0)=""/167}, 0x48) 2018/04/21 02:36:17 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = accept(r0, &(0x7f0000000340), &(0x7f0000000100)=0x80) setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000280)=0xffffffff, 0x1) sendmsg$nl_route(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000080)=@mpls_newroute={0x1c, 0x18, 0x409, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x8001}}, 0x1c}, 0x1}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=0x0) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r2, 0x7, &(0x7f0000000180)=""/194) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x80, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r3, 0x28, 0x6, &(0x7f00000000c0)={0x0, 0x7530}, 0x10) 2018/04/21 02:36:17 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000580)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_NET_NS_PID={0x8, 0x13}]}, 0x28}, 0x1}, 0x0) 2018/04/21 02:36:17 executing program 5: r0 = socket$pptp(0x18, 0x1, 0x2) r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x0) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) r2 = perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = dup3(r2, r0, 0x0) r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$pptp(r4, &(0x7f0000000040)={0x18, 0x2, {0x0, @rand_addr}}, 0x74) r5 = openat$cgroup_int(r3, &(0x7f00000000c0)='memory.swap.max\x00', 0x2, 0x0) preadv(r5, &(0x7f00000004c0)=[{&(0x7f0000000100)=""/47, 0x2f}, {&(0x7f00000001c0)=""/225, 0xe1}, {&(0x7f00000002c0)=""/68, 0x44}, {&(0x7f0000000340)=""/99, 0x63}, {&(0x7f00000003c0)=""/140, 0x8c}, {&(0x7f0000000480)=""/8, 0x8}], 0x6, 0x0) getsockname$packet(r1, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000640)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000680)={'rose0\x00', r6}) ioctl$LOOP_SET_FD(r3, 0x4c00, r5) bind(r0, &(0x7f0000000140)=@nfc={0x27, 0x1, 0x2, 0x7}, 0x80) 2018/04/21 02:36:17 executing program 6: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000040)=0x80) 2018/04/21 02:36:17 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x15, 0x5, 0x0) open(&(0x7f0000000340)='./file0\x00', 0x400800, 0x8) bind$inet(r0, &(0x7f000001bff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) connect$inet(r0, &(0x7f0000024ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f00000014c0)=[{0x10}], 0x10}, 0x0) 2018/04/21 02:36:17 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000002c0)) 2018/04/21 02:36:17 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0) capset(&(0x7f0000a31000)={0x19980330}, &(0x7f00009b3000)) ioctl$LOOP_SET_DIRECT_IO(r0, 0x125d, 0x0) 2018/04/21 02:36:17 executing program 3: r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) listen(r0, 0xfffffffffffffe01) r1 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) 2018/04/21 02:36:17 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x3, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) connect$unix(r0, &(0x7f0000000000)=@file={0x1, "e91f7189591e9233614b00"}, 0x6e) 2018/04/21 02:36:17 executing program 5: r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000ff0)={0x28, 0x0, 0x0, @hyper}, 0xf) 2018/04/21 02:36:17 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000400000084) bind$inet6(r0, &(0x7f00001c1000)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, &(0x7f00009f1000)='G', 0x1, 0x0, &(0x7f0000108fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) writev(r0, &(0x7f00007f2000)=[{&(0x7f0000001f40)="b6", 0x1}], 0x1) sendto$inet6(r0, &(0x7f0000000000)="eb", 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x0, 0x20}, 0xc) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000b40)='#', 0x1}], 0x1) shutdown(r0, 0x1) 2018/04/21 02:36:17 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x15, 0x5, 0x0) open(&(0x7f0000000340)='./file0\x00', 0x400800, 0x8) bind$inet(r0, &(0x7f000001bff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) connect$inet(r0, &(0x7f0000024ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f00000014c0)=[{0x10}], 0x10}, 0x0) 2018/04/21 02:36:17 executing program 4: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="cc1373fc000000000000000000000000000000000000000000000000000000003030b86e0d5f4090902c6457136cf04d000001000000000001000000000000005f42485266535f4d070000000000000000204000000000000000020000000000000000000000000000000000000000000000c0010000000000700000000000000600000000000000010000000000000000100000001000000010000000100000610000000500000000000000000000000000000000000000000000004503000000000000000000000001", 0xca, 0x10000}], 0x0, &(0x7f0000016000)) 2018/04/21 02:36:17 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000ed4000)=0x78, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00003d1ffc)='bbr\x00', 0x4) sendmmsg(r0, &(0x7f00000025c0)=[{{&(0x7f0000000300)=@pppoe={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000380)=[{&(0x7f00000010c0)="9421e5271f45907f567d604a09fe27abfa55e2aebecfe4a0aeda13b3d2418870405797686467855ad166a77fa809f72ab92d438b38975596f98c0c03126989f5a4a3fe4878335988dfb98b11d880cc928c21fccdcf2086d98e2ac4ab265ff234ba0a86ee14bbb2bf4cc210f6ca6a5d3d18d3110ac82704ac8a979bebe6ea1a803cb5a21babf0a28c6741f5493a7189c764564aa039257ce92830f1a25bb6fb553231195be0ff72269d4b8503dbb0bc6c23f0341aa626735a002006f6c2b036efa5d1e087ee6181ffb3d0f5f569629e1691681449dc33e4b96e7d71acec3270c46c74442fbb78a39abcddd7c12b184b60f369e4cbf65bddc6e709130c8664607bf74f8e51b570d3a12155be268339d9e2012ee5e7f8ac4696119e847f2fc96f6006cbda28c502d7ee34fcabbbb5c303f7cd3292aabb74a7bff1f76fce1b1fe13482fda1408973de9868e96c630ff08bd68c3a98d07ce0662997755f039a7ee45bdae739d3f3b1cbd5ecfa8825b540b6417c730ec4a8204ce2ba6ebd0c9452b0cc1273bbd591314867c54abafc48697fed81bfeec349729da076218770bb7ba8a2aedca9000638018a28abcaa3dc6642db8097039f0f9f6fdd1ab481507e5796d65b2a81bd38b11c518feed59fce3147bb2bd31518c6032745185a44a98ec2efe3f8eb27709c2e70cfef9a971f97159e74868d6a55e1a8e6e7b500d7c116f02594a58e3dceb86175af56c7502287ddab530acb67386725e0d6b2e317cb0b87affd30d4ff210024287c19d27033b7a11bf18d1ce1e23f618476b15c3a5574fdc0f238f2ec1c3cd2784fd3d8235278bd957c929021d97da58459f921a47002a4841ff77262b7150c5fbda7f8bf6801c22adfb0bc96f7a2d8527aaf00ae5b663eb0f69914dc722b2d7b1e4861ed66168b7c6afa56fff36de7c842f3d24ecc65d25f24917f0867f6a2fb7c5a02335ff1870d35c3aba978208c118fb5ed56f102cf9bfde60786175bc25ebba02aaa4cbbdc95afa96c3449e53c5ea7e92bdabc8ae8b28370cdefc009698f8f870da37e1b188a5439428b619618179900e03df2d5926bd0a69fe94b5553ce84323a03b371d35d4984daa8e4f52cbc75d05dbd12d3bdcc5125ea53559ae82593a6a8d9812ea99d4166451edc55e5dd97f98b7e5c6527658765d14c9c5be3fc4153881d666dbf5eb45c1cbde2781a985f59e7e5aab7d9398dcc21e1d7495047a5afb84727aadc86854edd5a5a645ca3715b2c78ef32702231aa8be45cf97ac787765bbb631f6a357d292bbe97e7d3ec6d15b82f0985f7c0fe679b9788674b80312b5f365dbcf1a8eb5e295084485dcc92f2b905cdded6e2e81cfc7e9d29ec61fd893d120c31b9101770f4cb2e38a8a518295d373f9e6ba8a7226542c67a2ea423f1a32722260ad533435f903933a70906b10e7e5efac4ba3830e242919997a34044cb831a59186eeb68a93ff9eac431e938b48b810a08aab9730597e196127e4b64a6fd8b431a79f8253b031a59c22e3eeeeb5267441e8c962c8db6ba0bc5b4cc3291aa1672049cec15d0272d4441cbb2412b4a3456935403429aeb7644edc9ef26a9096c87632c4458335949fd2a27fa89c78353ae5adab7594eff5b7e8cd8bc43cc602f914e61b04d8c6e24bd7ef078e3b1b02f61df5c6e6f1648fa6a6022c045390ba8c61b73538f8975142eeba57a52d0d038014010a05ec1e16691a81a748bb222068f08b593a5b3f421767c6611fd3799794be1b0aa2b4d66f65bb4c6ee7a17c44dca1bd6a3fe2159b0ad427097f63f6f8df4852e66b34bc787dc2e236308e56d70e608f97ee4da5b631eaa26582d9bbc86e9f51554f2eec09bbb497fd114e200465d9fb75426a84f7d1ef4b967763e628774f59eeac514fc0d83e952b54b91696e80ce73c6d8b7ef4cd2225fb5ad6f837fa9ddd5428cfe1b7c8113c5fdec44dfbc08b4dcd8deeb7ee0a20063994de4bbdc2a54b4522fab89f43122becda26248b2fc4c9b40fc772a54405c23d248c228c557f7d6c7829928c908babf440101171defbf93b88b2df9c01402bf7ba72be3c28100a83f747160bf64769155329af77b1588c65e7eb81b45c2341976a003a15477b239601e890fee9b3d03dd6db89bb8e3815fd9d6eae54ec94821dca6a9204a448b1a3e3f95aac1fc2e739cf72c9c2c7e9d718d8f03d00fe4a9c1161d0eb24c46c9f0167b6277854f80a8af9540a8ee3ffa0c8648be1cf9436061a92f4b219eb20647d9ba686ec9abc218aa0a9e6188924929e149564e2fb48df003c3c9f064323a07a4a91b4988e37662a380318add9717c93decccf70540b2fdfeb278c5e9c4b36d50de76cc15f2214cc73f4a70fff7a44cd98d32c5e3b65f60acb8f5ca8cd189e2c8ceb331351af5295663f3d89bc9f4e3eb97a9c66d0ad36c006f4b366eb143c3d55276a43daedef2e624b1976b25ae440173cdba5de98b701a1cb6eda6d5ef401fac7d139ad19bf15d42013333a3d96287ec8caecd6c8cb6e78e1de8fc9740efcff01fe54faeec096615b152e765b8dea9c7b4aad8aca2a8c66cc8659e6d8f3ecf4f706a61b7fe1d4cc83f154254fc5c95ca6f84ed01b692a5e62eb9f3cfefa538d3afb478ad094edbc0f399ecb989aa46fb13191c0c1b5a0eea7a2b550ec1b0dd2d10dd2a5ed8f1f8e83139d76c2cb8eb7e047e683309ce903f3cb773d2ad6cbc2cad67b34ebf8411e1b2bf23897b0793f82df3eb09ac88c306a2d2e4f5958e12ee894049cc0815ac3d22634a5b444fbb80bdff04587aaad6c5e77382799e3770eab3254881d0d059444e073f228d1ca2c1d157463e11783fcbe08ec2bfda0073acfdc2ec80a759137d6468e9f3712f3c97d7d254f7f56e3a1f6bc68b2a79a0e5201555b6872bd0b7e8a63bd8bc2bf87afde9dff9516e67b191f974d3e70df8521a28730f4e3ef7da6064437a2733edbc886ab62d96d075be506a948cf58e5c7a1fd95d1f2b0493ff5e81e79d742fc97c22b8fe7ec1cee5f585e13ede78d3c7e9dba5d4154a80b8523a87a7aaf37f4f40e1fd1fc2d320ee0e079b7d80a05d42334df689cee8dcb964d0e72af76ede33b57a49a6aa14b068b45d03", 0x89a}], 0x1}}], 0x1, 0x4000) recvfrom$inet(r0, &(0x7f00009be000)=""/11, 0xe8, 0x0, 0x0, 0xffffffffffffff4e) shutdown(r0, 0x1) 2018/04/21 02:36:17 executing program 6: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000040)=0x80) 2018/04/21 02:36:17 executing program 7: capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000b9c000)) getgroups(0x2, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff]) setresgid(0x0, 0x0, r0) [ 94.653454] BTRFS: device fsid 3030b86e-0d5f-4090-902c-6457136cf04d devid 1 transid 7 /dev/loop4 [ 94.749559] BTRFS error (device loop4): superblock checksum mismatch [ 94.770745] BTRFS error (device loop4): open_ctree failed 2018/04/21 02:36:18 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x3, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) connect$unix(r0, &(0x7f0000000000)=@file={0x1, "e91f7189591e9233614b00"}, 0x6e) 2018/04/21 02:36:18 executing program 7: setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000002000)="24b38b20d0ef3254115223ef6cf758327575c041e002a8089496079b1b45009349041eca724fdec73fab9b04e4a4a5af1d03000000000000007faa62b9c0d263274f4a010c4f93ef85516b042511f32764171ba9bd278cbe360c22f184073fe215dee02fe37161246323ee9c82c790add905b90a64adab9fef855d72abb637d460fc6fb5a9eec5535b119c9dfbde3f76323a5af634e4235a33d57e226460104ca0dedf1f0e8365cd43d106c41d009976034d6557bf8917cad630598f6e58fd1770012d78aabb64ffffffed0000464caeedf840d001fe92b08c3f7b8e1596417d7dcd645413be450000000000000001c122283846253398a04d99ca8680deb20632834bc027c44d4cf3fd102724d6748de61eebb06801048dea7636f3a248a9bf3123882ca9fc66b4e70b06d43045", 0x12e) setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000002000)={{0xa}, {0xa, 0x0, 0x0, @empty, 0x1}}, 0x5c) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000002000)={0x0, 0x4, 0x9}, 0x14) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x40, &(0x7f0000001fde), 0x4) 2018/04/21 02:36:18 executing program 5: munmap(&(0x7f00008ba000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0xffffffffffffffff) setrlimit(0x2, &(0x7f0000e63ff0)={0x2000000, 0x20080000000}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) 2018/04/21 02:36:18 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x15, 0x5, 0x0) open(&(0x7f0000000340)='./file0\x00', 0x400800, 0x8) bind$inet(r0, &(0x7f000001bff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) connect$inet(r0, &(0x7f0000024ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f00000014c0)=[{0x10}], 0x10}, 0x0) 2018/04/21 02:36:18 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000ed4000)=0x78, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00003d1ffc)='bbr\x00', 0x4) sendmmsg(r0, &(0x7f00000025c0)=[{{&(0x7f0000000300)=@pppoe={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000380)=[{&(0x7f00000010c0)="9421e5271f45907f567d604a09fe27abfa55e2aebecfe4a0aeda13b3d2418870405797686467855ad166a77fa809f72ab92d438b38975596f98c0c03126989f5a4a3fe4878335988dfb98b11d880cc928c21fccdcf2086d98e2ac4ab265ff234ba0a86ee14bbb2bf4cc210f6ca6a5d3d18d3110ac82704ac8a979bebe6ea1a803cb5a21babf0a28c6741f5493a7189c764564aa039257ce92830f1a25bb6fb553231195be0ff72269d4b8503dbb0bc6c23f0341aa626735a002006f6c2b036efa5d1e087ee6181ffb3d0f5f569629e1691681449dc33e4b96e7d71acec3270c46c74442fbb78a39abcddd7c12b184b60f369e4cbf65bddc6e709130c8664607bf74f8e51b570d3a12155be268339d9e2012ee5e7f8ac4696119e847f2fc96f6006cbda28c502d7ee34fcabbbb5c303f7cd3292aabb74a7bff1f76fce1b1fe13482fda1408973de9868e96c630ff08bd68c3a98d07ce0662997755f039a7ee45bdae739d3f3b1cbd5ecfa8825b540b6417c730ec4a8204ce2ba6ebd0c9452b0cc1273bbd591314867c54abafc48697fed81bfeec349729da076218770bb7ba8a2aedca9000638018a28abcaa3dc6642db8097039f0f9f6fdd1ab481507e5796d65b2a81bd38b11c518feed59fce3147bb2bd31518c6032745185a44a98ec2efe3f8eb27709c2e70cfef9a971f97159e74868d6a55e1a8e6e7b500d7c116f02594a58e3dceb86175af56c7502287ddab530acb67386725e0d6b2e317cb0b87affd30d4ff210024287c19d27033b7a11bf18d1ce1e23f618476b15c3a5574fdc0f238f2ec1c3cd2784fd3d8235278bd957c929021d97da58459f921a47002a4841ff77262b7150c5fbda7f8bf6801c22adfb0bc96f7a2d8527aaf00ae5b663eb0f69914dc722b2d7b1e4861ed66168b7c6afa56fff36de7c842f3d24ecc65d25f24917f0867f6a2fb7c5a02335ff1870d35c3aba978208c118fb5ed56f102cf9bfde60786175bc25ebba02aaa4cbbdc95afa96c3449e53c5ea7e92bdabc8ae8b28370cdefc009698f8f870da37e1b188a5439428b619618179900e03df2d5926bd0a69fe94b5553ce84323a03b371d35d4984daa8e4f52cbc75d05dbd12d3bdcc5125ea53559ae82593a6a8d9812ea99d4166451edc55e5dd97f98b7e5c6527658765d14c9c5be3fc4153881d666dbf5eb45c1cbde2781a985f59e7e5aab7d9398dcc21e1d7495047a5afb84727aadc86854edd5a5a645ca3715b2c78ef32702231aa8be45cf97ac787765bbb631f6a357d292bbe97e7d3ec6d15b82f0985f7c0fe679b9788674b80312b5f365dbcf1a8eb5e295084485dcc92f2b905cdded6e2e81cfc7e9d29ec61fd893d120c31b9101770f4cb2e38a8a518295d373f9e6ba8a7226542c67a2ea423f1a32722260ad533435f903933a70906b10e7e5efac4ba3830e242919997a34044cb831a59186eeb68a93ff9eac431e938b48b810a08aab9730597e196127e4b64a6fd8b431a79f8253b031a59c22e3eeeeb5267441e8c962c8db6ba0bc5b4cc3291aa1672049cec15d0272d4441cbb2412b4a3456935403429aeb7644edc9ef26a9096c87632c4458335949fd2a27fa89c78353ae5adab7594eff5b7e8cd8bc43cc602f914e61b04d8c6e24bd7ef078e3b1b02f61df5c6e6f1648fa6a6022c045390ba8c61b73538f8975142eeba57a52d0d038014010a05ec1e16691a81a748bb222068f08b593a5b3f421767c6611fd3799794be1b0aa2b4d66f65bb4c6ee7a17c44dca1bd6a3fe2159b0ad427097f63f6f8df4852e66b34bc787dc2e236308e56d70e608f97ee4da5b631eaa26582d9bbc86e9f51554f2eec09bbb497fd114e200465d9fb75426a84f7d1ef4b967763e628774f59eeac514fc0d83e952b54b91696e80ce73c6d8b7ef4cd2225fb5ad6f837fa9ddd5428cfe1b7c8113c5fdec44dfbc08b4dcd8deeb7ee0a20063994de4bbdc2a54b4522fab89f43122becda26248b2fc4c9b40fc772a54405c23d248c228c557f7d6c7829928c908babf440101171defbf93b88b2df9c01402bf7ba72be3c28100a83f747160bf64769155329af77b1588c65e7eb81b45c2341976a003a15477b239601e890fee9b3d03dd6db89bb8e3815fd9d6eae54ec94821dca6a9204a448b1a3e3f95aac1fc2e739cf72c9c2c7e9d718d8f03d00fe4a9c1161d0eb24c46c9f0167b6277854f80a8af9540a8ee3ffa0c8648be1cf9436061a92f4b219eb20647d9ba686ec9abc218aa0a9e6188924929e149564e2fb48df003c3c9f064323a07a4a91b4988e37662a380318add9717c93decccf70540b2fdfeb278c5e9c4b36d50de76cc15f2214cc73f4a70fff7a44cd98d32c5e3b65f60acb8f5ca8cd189e2c8ceb331351af5295663f3d89bc9f4e3eb97a9c66d0ad36c006f4b366eb143c3d55276a43daedef2e624b1976b25ae440173cdba5de98b701a1cb6eda6d5ef401fac7d139ad19bf15d42013333a3d96287ec8caecd6c8cb6e78e1de8fc9740efcff01fe54faeec096615b152e765b8dea9c7b4aad8aca2a8c66cc8659e6d8f3ecf4f706a61b7fe1d4cc83f154254fc5c95ca6f84ed01b692a5e62eb9f3cfefa538d3afb478ad094edbc0f399ecb989aa46fb13191c0c1b5a0eea7a2b550ec1b0dd2d10dd2a5ed8f1f8e83139d76c2cb8eb7e047e683309ce903f3cb773d2ad6cbc2cad67b34ebf8411e1b2bf23897b0793f82df3eb09ac88c306a2d2e4f5958e12ee894049cc0815ac3d22634a5b444fbb80bdff04587aaad6c5e77382799e3770eab3254881d0d059444e073f228d1ca2c1d157463e11783fcbe08ec2bfda0073acfdc2ec80a759137d6468e9f3712f3c97d7d254f7f56e3a1f6bc68b2a79a0e5201555b6872bd0b7e8a63bd8bc2bf87afde9dff9516e67b191f974d3e70df8521a28730f4e3ef7da6064437a2733edbc886ab62d96d075be506a948cf58e5c7a1fd95d1f2b0493ff5e81e79d742fc97c22b8fe7ec1cee5f585e13ede78d3c7e9dba5d4154a80b8523a87a7aaf37f4f40e1fd1fc2d320ee0e079b7d80a05d42334df689cee8dcb964d0e72af76ede33b57a49a6aa14b068b45d03", 0x89a}], 0x1}}], 0x1, 0x4000) recvfrom$inet(r0, &(0x7f00009be000)=""/11, 0xe8, 0x0, 0x0, 0xffffffffffffff4e) shutdown(r0, 0x1) 2018/04/21 02:36:18 executing program 6: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000040)=0x80) 2018/04/21 02:36:18 executing program 4: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="cc1373fc000000000000000000000000000000000000000000000000000000003030b86e0d5f4090902c6457136cf04d000001000000000001000000000000005f42485266535f4d070000000000000000204000000000000000020000000000000000000000000000000000000000000000c0010000000000700000000000000600000000000000010000000000000000100000001000000010000000100000610000000500000000000000000000000000000000000000000000004503000000000000000000000001", 0xca, 0x10000}], 0x0, &(0x7f0000016000)) 2018/04/21 02:36:18 executing program 0: set_mempolicy(0x4001, &(0x7f0000000000)=0x4, 0x8) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000fc9000)={0x1, 0x9, 0x800000209e1f, 0x8000000001}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f00000000c0), &(0x7f0000000040)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={r0, &(0x7f00000000c0), &(0x7f0000000140)=""/67}, 0x18) [ 94.881207] mmap: syz-executor5 (7243): VmData 35201024 exceed data ulimit 33554432. Update limits or use boot option ignore_rlimit_data. 2018/04/21 02:36:18 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x15, 0x5, 0x0) open(&(0x7f0000000340)='./file0\x00', 0x400800, 0x8) bind$inet(r0, &(0x7f000001bff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) connect$inet(r0, &(0x7f0000024ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f00000014c0)=[{0x10}], 0x10}, 0x0) 2018/04/21 02:36:18 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x14) listen(r0, 0x3) r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) 2018/04/21 02:36:18 executing program 5: munmap(&(0x7f00008ba000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0xffffffffffffffff) setrlimit(0x2, &(0x7f0000e63ff0)={0x2000000, 0x20080000000}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) 2018/04/21 02:36:18 executing program 6: mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x18071, 0xffffffffffffffff, 0x0) mlock2(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0) remap_file_pages(&(0x7f0000002000/0x5000)=nil, 0x5000, 0x0, 0x0, 0x0) 2018/04/21 02:36:18 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x3, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) connect$unix(r0, &(0x7f0000000000)=@file={0x1, "e91f7189591e9233614b00"}, 0x6e) [ 94.981214] BTRFS error (device loop4): superblock checksum mismatch [ 95.009777] BTRFS error (device loop4): open_ctree failed 2018/04/21 02:36:18 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000ed4000)=0x78, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00003d1ffc)='bbr\x00', 0x4) sendmmsg(r0, &(0x7f00000025c0)=[{{&(0x7f0000000300)=@pppoe={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000380)=[{&(0x7f00000010c0)="9421e5271f45907f567d604a09fe27abfa55e2aebecfe4a0aeda13b3d2418870405797686467855ad166a77fa809f72ab92d438b38975596f98c0c03126989f5a4a3fe4878335988dfb98b11d880cc928c21fccdcf2086d98e2ac4ab265ff234ba0a86ee14bbb2bf4cc210f6ca6a5d3d18d3110ac82704ac8a979bebe6ea1a803cb5a21babf0a28c6741f5493a7189c764564aa039257ce92830f1a25bb6fb553231195be0ff72269d4b8503dbb0bc6c23f0341aa626735a002006f6c2b036efa5d1e087ee6181ffb3d0f5f569629e1691681449dc33e4b96e7d71acec3270c46c74442fbb78a39abcddd7c12b184b60f369e4cbf65bddc6e709130c8664607bf74f8e51b570d3a12155be268339d9e2012ee5e7f8ac4696119e847f2fc96f6006cbda28c502d7ee34fcabbbb5c303f7cd3292aabb74a7bff1f76fce1b1fe13482fda1408973de9868e96c630ff08bd68c3a98d07ce0662997755f039a7ee45bdae739d3f3b1cbd5ecfa8825b540b6417c730ec4a8204ce2ba6ebd0c9452b0cc1273bbd591314867c54abafc48697fed81bfeec349729da076218770bb7ba8a2aedca9000638018a28abcaa3dc6642db8097039f0f9f6fdd1ab481507e5796d65b2a81bd38b11c518feed59fce3147bb2bd31518c6032745185a44a98ec2efe3f8eb27709c2e70cfef9a971f97159e74868d6a55e1a8e6e7b500d7c116f02594a58e3dceb86175af56c7502287ddab530acb67386725e0d6b2e317cb0b87affd30d4ff210024287c19d27033b7a11bf18d1ce1e23f618476b15c3a5574fdc0f238f2ec1c3cd2784fd3d8235278bd957c929021d97da58459f921a47002a4841ff77262b7150c5fbda7f8bf6801c22adfb0bc96f7a2d8527aaf00ae5b663eb0f69914dc722b2d7b1e4861ed66168b7c6afa56fff36de7c842f3d24ecc65d25f24917f0867f6a2fb7c5a02335ff1870d35c3aba978208c118fb5ed56f102cf9bfde60786175bc25ebba02aaa4cbbdc95afa96c3449e53c5ea7e92bdabc8ae8b28370cdefc009698f8f870da37e1b188a5439428b619618179900e03df2d5926bd0a69fe94b5553ce84323a03b371d35d4984daa8e4f52cbc75d05dbd12d3bdcc5125ea53559ae82593a6a8d9812ea99d4166451edc55e5dd97f98b7e5c6527658765d14c9c5be3fc4153881d666dbf5eb45c1cbde2781a985f59e7e5aab7d9398dcc21e1d7495047a5afb84727aadc86854edd5a5a645ca3715b2c78ef32702231aa8be45cf97ac787765bbb631f6a357d292bbe97e7d3ec6d15b82f0985f7c0fe679b9788674b80312b5f365dbcf1a8eb5e295084485dcc92f2b905cdded6e2e81cfc7e9d29ec61fd893d120c31b9101770f4cb2e38a8a518295d373f9e6ba8a7226542c67a2ea423f1a32722260ad533435f903933a70906b10e7e5efac4ba3830e242919997a34044cb831a59186eeb68a93ff9eac431e938b48b810a08aab9730597e196127e4b64a6fd8b431a79f8253b031a59c22e3eeeeb5267441e8c962c8db6ba0bc5b4cc3291aa1672049cec15d0272d4441cbb2412b4a3456935403429aeb7644edc9ef26a9096c87632c4458335949fd2a27fa89c78353ae5adab7594eff5b7e8cd8bc43cc602f914e61b04d8c6e24bd7ef078e3b1b02f61df5c6e6f1648fa6a6022c045390ba8c61b73538f8975142eeba57a52d0d038014010a05ec1e16691a81a748bb222068f08b593a5b3f421767c6611fd3799794be1b0aa2b4d66f65bb4c6ee7a17c44dca1bd6a3fe2159b0ad427097f63f6f8df4852e66b34bc787dc2e236308e56d70e608f97ee4da5b631eaa26582d9bbc86e9f51554f2eec09bbb497fd114e200465d9fb75426a84f7d1ef4b967763e628774f59eeac514fc0d83e952b54b91696e80ce73c6d8b7ef4cd2225fb5ad6f837fa9ddd5428cfe1b7c8113c5fdec44dfbc08b4dcd8deeb7ee0a20063994de4bbdc2a54b4522fab89f43122becda26248b2fc4c9b40fc772a54405c23d248c228c557f7d6c7829928c908babf440101171defbf93b88b2df9c01402bf7ba72be3c28100a83f747160bf64769155329af77b1588c65e7eb81b45c2341976a003a15477b239601e890fee9b3d03dd6db89bb8e3815fd9d6eae54ec94821dca6a9204a448b1a3e3f95aac1fc2e739cf72c9c2c7e9d718d8f03d00fe4a9c1161d0eb24c46c9f0167b6277854f80a8af9540a8ee3ffa0c8648be1cf9436061a92f4b219eb20647d9ba686ec9abc218aa0a9e6188924929e149564e2fb48df003c3c9f064323a07a4a91b4988e37662a380318add9717c93decccf70540b2fdfeb278c5e9c4b36d50de76cc15f2214cc73f4a70fff7a44cd98d32c5e3b65f60acb8f5ca8cd189e2c8ceb331351af5295663f3d89bc9f4e3eb97a9c66d0ad36c006f4b366eb143c3d55276a43daedef2e624b1976b25ae440173cdba5de98b701a1cb6eda6d5ef401fac7d139ad19bf15d42013333a3d96287ec8caecd6c8cb6e78e1de8fc9740efcff01fe54faeec096615b152e765b8dea9c7b4aad8aca2a8c66cc8659e6d8f3ecf4f706a61b7fe1d4cc83f154254fc5c95ca6f84ed01b692a5e62eb9f3cfefa538d3afb478ad094edbc0f399ecb989aa46fb13191c0c1b5a0eea7a2b550ec1b0dd2d10dd2a5ed8f1f8e83139d76c2cb8eb7e047e683309ce903f3cb773d2ad6cbc2cad67b34ebf8411e1b2bf23897b0793f82df3eb09ac88c306a2d2e4f5958e12ee894049cc0815ac3d22634a5b444fbb80bdff04587aaad6c5e77382799e3770eab3254881d0d059444e073f228d1ca2c1d157463e11783fcbe08ec2bfda0073acfdc2ec80a759137d6468e9f3712f3c97d7d254f7f56e3a1f6bc68b2a79a0e5201555b6872bd0b7e8a63bd8bc2bf87afde9dff9516e67b191f974d3e70df8521a28730f4e3ef7da6064437a2733edbc886ab62d96d075be506a948cf58e5c7a1fd95d1f2b0493ff5e81e79d742fc97c22b8fe7ec1cee5f585e13ede78d3c7e9dba5d4154a80b8523a87a7aaf37f4f40e1fd1fc2d320ee0e079b7d80a05d42334df689cee8dcb964d0e72af76ede33b57a49a6aa14b068b45d03", 0x89a}], 0x1}}], 0x1, 0x4000) recvfrom$inet(r0, &(0x7f00009be000)=""/11, 0xe8, 0x0, 0x0, 0xffffffffffffff4e) shutdown(r0, 0x1) 2018/04/21 02:36:18 executing program 0: socketpair$unix(0x1, 0x80000000005, 0x0, &(0x7f0000000140)={0x0, 0x0}) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) sendmsg(r0, &(0x7f0000002740)={&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x80, &(0x7f0000000100), 0x0, &(0x7f00000028c0)=ANY=[]}, 0x0) recvmsg(r1, &(0x7f0000000000)={&(0x7f0000000180)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @multicast1}}}, 0x80, &(0x7f00000007c0), 0x0, &(0x7f0000000840)=""/122, 0x7a}, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0xc0189436, &(0x7f0000000040)) [ 95.107735] mmap: syz-executor6 (7266) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. 2018/04/21 02:36:18 executing program 4: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="cc1373fc000000000000000000000000000000000000000000000000000000003030b86e0d5f4090902c6457136cf04d000001000000000001000000000000005f42485266535f4d070000000000000000204000000000000000020000000000000000000000000000000000000000000000c0010000000000700000000000000600000000000000010000000000000000100000001000000010000000100000610000000500000000000000000000000000000000000000000000004503000000000000000000000001", 0xca, 0x10000}], 0x0, &(0x7f0000016000)) 2018/04/21 02:36:18 executing program 5: munmap(&(0x7f00008ba000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0xffffffffffffffff) setrlimit(0x2, &(0x7f0000e63ff0)={0x2000000, 0x20080000000}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) 2018/04/21 02:36:18 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000ed4000)=0x78, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00003d1ffc)='bbr\x00', 0x4) sendmmsg(r0, &(0x7f00000025c0)=[{{&(0x7f0000000300)=@pppoe={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000380)=[{&(0x7f00000010c0)="9421e5271f45907f567d604a09fe27abfa55e2aebecfe4a0aeda13b3d2418870405797686467855ad166a77fa809f72ab92d438b38975596f98c0c03126989f5a4a3fe4878335988dfb98b11d880cc928c21fccdcf2086d98e2ac4ab265ff234ba0a86ee14bbb2bf4cc210f6ca6a5d3d18d3110ac82704ac8a979bebe6ea1a803cb5a21babf0a28c6741f5493a7189c764564aa039257ce92830f1a25bb6fb553231195be0ff72269d4b8503dbb0bc6c23f0341aa626735a002006f6c2b036efa5d1e087ee6181ffb3d0f5f569629e1691681449dc33e4b96e7d71acec3270c46c74442fbb78a39abcddd7c12b184b60f369e4cbf65bddc6e709130c8664607bf74f8e51b570d3a12155be268339d9e2012ee5e7f8ac4696119e847f2fc96f6006cbda28c502d7ee34fcabbbb5c303f7cd3292aabb74a7bff1f76fce1b1fe13482fda1408973de9868e96c630ff08bd68c3a98d07ce0662997755f039a7ee45bdae739d3f3b1cbd5ecfa8825b540b6417c730ec4a8204ce2ba6ebd0c9452b0cc1273bbd591314867c54abafc48697fed81bfeec349729da076218770bb7ba8a2aedca9000638018a28abcaa3dc6642db8097039f0f9f6fdd1ab481507e5796d65b2a81bd38b11c518feed59fce3147bb2bd31518c6032745185a44a98ec2efe3f8eb27709c2e70cfef9a971f97159e74868d6a55e1a8e6e7b500d7c116f02594a58e3dceb86175af56c7502287ddab530acb67386725e0d6b2e317cb0b87affd30d4ff210024287c19d27033b7a11bf18d1ce1e23f618476b15c3a5574fdc0f238f2ec1c3cd2784fd3d8235278bd957c929021d97da58459f921a47002a4841ff77262b7150c5fbda7f8bf6801c22adfb0bc96f7a2d8527aaf00ae5b663eb0f69914dc722b2d7b1e4861ed66168b7c6afa56fff36de7c842f3d24ecc65d25f24917f0867f6a2fb7c5a02335ff1870d35c3aba978208c118fb5ed56f102cf9bfde60786175bc25ebba02aaa4cbbdc95afa96c3449e53c5ea7e92bdabc8ae8b28370cdefc009698f8f870da37e1b188a5439428b619618179900e03df2d5926bd0a69fe94b5553ce84323a03b371d35d4984daa8e4f52cbc75d05dbd12d3bdcc5125ea53559ae82593a6a8d9812ea99d4166451edc55e5dd97f98b7e5c6527658765d14c9c5be3fc4153881d666dbf5eb45c1cbde2781a985f59e7e5aab7d9398dcc21e1d7495047a5afb84727aadc86854edd5a5a645ca3715b2c78ef32702231aa8be45cf97ac787765bbb631f6a357d292bbe97e7d3ec6d15b82f0985f7c0fe679b9788674b80312b5f365dbcf1a8eb5e295084485dcc92f2b905cdded6e2e81cfc7e9d29ec61fd893d120c31b9101770f4cb2e38a8a518295d373f9e6ba8a7226542c67a2ea423f1a32722260ad533435f903933a70906b10e7e5efac4ba3830e242919997a34044cb831a59186eeb68a93ff9eac431e938b48b810a08aab9730597e196127e4b64a6fd8b431a79f8253b031a59c22e3eeeeb5267441e8c962c8db6ba0bc5b4cc3291aa1672049cec15d0272d4441cbb2412b4a3456935403429aeb7644edc9ef26a9096c87632c4458335949fd2a27fa89c78353ae5adab7594eff5b7e8cd8bc43cc602f914e61b04d8c6e24bd7ef078e3b1b02f61df5c6e6f1648fa6a6022c045390ba8c61b73538f8975142eeba57a52d0d038014010a05ec1e16691a81a748bb222068f08b593a5b3f421767c6611fd3799794be1b0aa2b4d66f65bb4c6ee7a17c44dca1bd6a3fe2159b0ad427097f63f6f8df4852e66b34bc787dc2e236308e56d70e608f97ee4da5b631eaa26582d9bbc86e9f51554f2eec09bbb497fd114e200465d9fb75426a84f7d1ef4b967763e628774f59eeac514fc0d83e952b54b91696e80ce73c6d8b7ef4cd2225fb5ad6f837fa9ddd5428cfe1b7c8113c5fdec44dfbc08b4dcd8deeb7ee0a20063994de4bbdc2a54b4522fab89f43122becda26248b2fc4c9b40fc772a54405c23d248c228c557f7d6c7829928c908babf440101171defbf93b88b2df9c01402bf7ba72be3c28100a83f747160bf64769155329af77b1588c65e7eb81b45c2341976a003a15477b239601e890fee9b3d03dd6db89bb8e3815fd9d6eae54ec94821dca6a9204a448b1a3e3f95aac1fc2e739cf72c9c2c7e9d718d8f03d00fe4a9c1161d0eb24c46c9f0167b6277854f80a8af9540a8ee3ffa0c8648be1cf9436061a92f4b219eb20647d9ba686ec9abc218aa0a9e6188924929e149564e2fb48df003c3c9f064323a07a4a91b4988e37662a380318add9717c93decccf70540b2fdfeb278c5e9c4b36d50de76cc15f2214cc73f4a70fff7a44cd98d32c5e3b65f60acb8f5ca8cd189e2c8ceb331351af5295663f3d89bc9f4e3eb97a9c66d0ad36c006f4b366eb143c3d55276a43daedef2e624b1976b25ae440173cdba5de98b701a1cb6eda6d5ef401fac7d139ad19bf15d42013333a3d96287ec8caecd6c8cb6e78e1de8fc9740efcff01fe54faeec096615b152e765b8dea9c7b4aad8aca2a8c66cc8659e6d8f3ecf4f706a61b7fe1d4cc83f154254fc5c95ca6f84ed01b692a5e62eb9f3cfefa538d3afb478ad094edbc0f399ecb989aa46fb13191c0c1b5a0eea7a2b550ec1b0dd2d10dd2a5ed8f1f8e83139d76c2cb8eb7e047e683309ce903f3cb773d2ad6cbc2cad67b34ebf8411e1b2bf23897b0793f82df3eb09ac88c306a2d2e4f5958e12ee894049cc0815ac3d22634a5b444fbb80bdff04587aaad6c5e77382799e3770eab3254881d0d059444e073f228d1ca2c1d157463e11783fcbe08ec2bfda0073acfdc2ec80a759137d6468e9f3712f3c97d7d254f7f56e3a1f6bc68b2a79a0e5201555b6872bd0b7e8a63bd8bc2bf87afde9dff9516e67b191f974d3e70df8521a28730f4e3ef7da6064437a2733edbc886ab62d96d075be506a948cf58e5c7a1fd95d1f2b0493ff5e81e79d742fc97c22b8fe7ec1cee5f585e13ede78d3c7e9dba5d4154a80b8523a87a7aaf37f4f40e1fd1fc2d320ee0e079b7d80a05d42334df689cee8dcb964d0e72af76ede33b57a49a6aa14b068b45d03", 0x89a}], 0x1}}], 0x1, 0x4000) recvfrom$inet(r0, &(0x7f00009be000)=""/11, 0xe8, 0x0, 0x0, 0xffffffffffffff4e) shutdown(r0, 0x1) 2018/04/21 02:36:18 executing program 6: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) dup3(r0, r1, 0x0) 2018/04/21 02:36:18 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x14) listen(r0, 0x3) r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) 2018/04/21 02:36:18 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000001c000000150000000000000095000090052330ae"], &(0x7f0000000080)='GPL\x00', 0x8, 0xf9, &(0x7f00000001c0)=""/249}, 0x48) 2018/04/21 02:36:18 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x3, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) connect$unix(r0, &(0x7f0000000000)=@file={0x1, "e91f7189591e9233614b00"}, 0x6e) 2018/04/21 02:36:18 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) add_key$user(&(0x7f0000c24ffb)='user\x00', &(0x7f00003ebffb)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000d6c000)="0000000000000001e3a255ec4a8d9d652d0536c67b9695cfb4c29da627ab9e5e0587e50ec159997396abc344a7d9f563a3e3af2d90a5dfcade859e4717cdf8f03fdf022186424d68996f51a7b3f20108f152bfd57ac5a50be84a106249d0216d5c98c41df97cd7d5032e9c632e4715a226907aabbfc5b3f2e96bf3039474801053b87fbf8674e100", 0x88, r1) r2 = add_key$user(&(0x7f0000ef5000)='user\x00', &(0x7f00008fa000)={0x73, 0x79, 0x7a}, &(0x7f0000000080)='u', 0x1, r1) r3 = add_key$user(&(0x7f0000688000)='user\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000001c0)="b33ab76079ebe0d14f729cd653e520d29ad7ef0000000000000044c249b544230b9387fb8bd6ed266ccf59ef70995bf2e8e2ecd3fff32853747eda22d2818d08ca27e0ec821620e365a0e6b9485f2d925493f62113e33e5f8c7eba67fc19a9497f5b07e5849d2e875b0687d6401d36616fe0f3c3002801b4627ee7597689525e8e81f750a86eb580fb46c1523b8a25e71690ea52246bd3d32b1a91f944edb74b1f50ae08c5387ed8fd0598b600579f3af3f864e1c324f6928f6672f98f7e149bd61bd78b506e8bd71824cec9a8db26823cdd5259e688752d5491bd542b2ca7d08bdb777695db99f0401294aca81ab60da1240088cff9a340e1d6a89e7b09cfd51d", 0x101, r1) r4 = request_key(&(0x7f0000a98ffb)='user\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000dde000)="2f6465612f7675746f66730719", 0x0) keyctl$dh_compute(0x17, &(0x7f00004c8ff4)={r2, r3, r4}, &(0x7f00005cd000), 0x0, &(0x7f000010c000)={&(0x7f0000bf4ff3)={'ghash-generic\x00'}, &(0x7f0000000000)}) [ 95.429120] BTRFS error (device loop4): superblock checksum mismatch 2018/04/21 02:36:18 executing program 0: capset(&(0x7f0000000080)={0x19980330}, &(0x7f00000000c0)) semget(0x3, 0x0, 0x20) 2018/04/21 02:36:18 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f000000eff0)={0x2, 0x4e21}, 0x10) listen(r0, 0x0) r1 = socket$inet(0x2, 0x400080001, 0x0) connect$inet(r1, &(0x7f000024dff0)={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) connect(r0, &(0x7f0000000000)=@nl=@unspec, 0x80) 2018/04/21 02:36:18 executing program 5: munmap(&(0x7f00008ba000/0x3000)=nil, 0x3000) pkey_mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0xffffffffffffffff) setrlimit(0x2, &(0x7f0000e63ff0)={0x2000000, 0x20080000000}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) 2018/04/21 02:36:18 executing program 3: capset(&(0x7f0000594ff8)={0x19980330}, &(0x7f0000244000)) sched_setattr(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x80000001}, 0x0) [ 95.483018] BTRFS error (device loop4): open_ctree failed 2018/04/21 02:36:18 executing program 2: clone(0x200, &(0x7f0000151000), &(0x7f0000000080), &(0x7f0000f8b000), &(0x7f0000000100)) mknod(&(0x7f0000b75ff8)='./file0\x00', 0x2001001, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000000), &(0x7f0000000140)) r0 = getpgid(0x0) sched_setaffinity(r0, 0x8, &(0x7f00009ad000)=0x1) kcmp(r0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000600), &(0x7f0000000680)) creat(&(0x7f0000b7a000)='./file0\x00', 0x0) 2018/04/21 02:36:18 executing program 1: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x3fffa, 0x0) r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) close(r0) open_by_handle_at(r1, &(0x7f0000000000)={0x9, 0x1, '\v'}, 0x0) getdents(r0, &(0x7f0000000040)=""/47, 0x2f) [ 95.581905] TCP: request_sock_TCP: Possible SYN flooding on port 20001. Sending cookies. Check SNMP counters. 2018/04/21 02:36:19 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00006a4ff7)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000e3eff8)={0x0, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = dup3(r3, r2, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000340)={0x1, 0x0, [{0x20040000000}]}) 2018/04/21 02:36:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000e3eff8)={0x0, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = dup3(r3, r2, 0x0) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x4b564d02}]}) 2018/04/21 02:36:19 executing program 4: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="cc1373fc000000000000000000000000000000000000000000000000000000003030b86e0d5f4090902c6457136cf04d000001000000000001000000000000005f42485266535f4d070000000000000000204000000000000000020000000000000000000000000000000000000000000000c0010000000000700000000000000600000000000000010000000000000000100000001000000010000000100000610000000500000000000000000000000000000000000000000000004503000000000000000000000001", 0xca, 0x10000}], 0x0, &(0x7f0000016000)) 2018/04/21 02:36:19 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}, 0x0, 0x0, 0x0, 0x400000}}, &(0x7f0000000140)=0xb0) sendmsg$nfc_llcp(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000180)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "bca44b88632ca53d2123f1f17d6e00b757a73e9f9419fbf7c9239ea6f217002f1b8b4ded642b09f136146366be5929cc638f66d1ee325da6e4e6f71ff9213b"}, 0x60, &(0x7f00000006c0), 0x0, &(0x7f0000000740)={0x10}, 0x10}, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000100)=[@in6={0xa, 0x0, 0xffff, @dev={0xfe, 0x80}}], 0x1c) setsockopt$inet_buf(r0, 0x0, 0x60, &(0x7f00000000c0), 0x0) 2018/04/21 02:36:19 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x14) listen(r0, 0x3) r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) [ 95.866722] BTRFS error (device loop4): superblock checksum mismatch [ 95.917323] BTRFS error (device loop4): open_ctree failed 2018/04/21 02:36:19 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f000000eff0)={0x2, 0x4e21}, 0x10) listen(r0, 0x0) r1 = socket$inet(0x2, 0x400080001, 0x0) connect$inet(r1, &(0x7f000024dff0)={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) connect(r0, &(0x7f0000000000)=@nl=@unspec, 0x80) 2018/04/21 02:36:19 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(ecb-camellia-asm)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7295df0df8217ad4000000000000000e6", 0x20) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000180)=[{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)="a7118230eef5e420406dc6a099da077d64d054e0293b261fd23e223ac994e771d39076c63413ac4c3797871c905a3788788903cb54e0b814d561537a2e51405ff0b5bbcb5fe7f41a21b44db2d47be29e7e805a6d3d2a98cea5945db9b758fad872a60d0c8531afe1dbf4d5962f155c685eb8975a7feafedf838264a64caf9ed61617b79b77d069e76fd54e623a555cba8ba8ca09edd10a35df95900f9d33c0a1432915befb630f3817870dd103772719fa860c424444da74127123d602411922ba69da4be74592a2633006173e3032637897f2b2c854f198ba142ec086f77c7e30554da81ed8e909212eb2741f5ead4e7826952da178501059ce35b6a7dad2492d6c300d7e3a79db4dbbcb077f7bd5155698c60f0f67aadd05b74021e51bb42bc76aff6b00934ccd3fd43c68f93fb297a3fc9dc07f703f71b3341914bcf9fa416488e25137c1fcd0ab2eeba0daba608a7d4b7fcefe1795bf172103383dc8244b07bd111b8c02971f3b5d39b75f0469b8b1f5c9752a82588556630412895521c47e4380fa879878b030df6a5c0d1c90c644ee38cef883b494bb804386bab3a4c4d8eddbf004c229c835b76841aec0169f7b84bc1d5e9b350673591e30c2764e389f20b0517201e5229dfe74f85c337fe98fecce8094f44057ade7cfb2242abd5f3e6cda843b91b129cd22d35614135637c0ace0ab6597b7b17e457b0a9e033d7ddaffb3e0bc990a17971e8d32003e08b0e5c25b17b69853325c912d0a1c1a53332c428db887922385e08a4cc0bc37215582f19ab59849188e7ddefbc3a7277beb7ec2ea3fa77b1de525d88b54757af0948c95cf2c6feea18071e479a0de1902089bff7c6ec3e338d52ddec29c124545881b5b9e3a56b221695e5d97024c47763c4927bbfd88d6ce901dde80956cc0dd9a4d820ed5da40ac4d12835999ad4d7b817cffba97b5ec9ed549083217029d522245335b181a9d90ce5c9271209aa89988458891424f0d7d11fa48f04e461fdeacf1367b2f3b71e168a501a5c0a8fa0a950047874651fedcaf2dfb490a0881e449070976c75546c691be5d32718ad4b49961d66adb0e75d0cfc570187e6930f0bd3fe6398c167f81c51d3804e741f825960e1c89bbf590731a61c21ac00e435d493ab66263a96b3b4f7ecccb1ef5550c782bde990e4bd3b738b652abcf99b88e81523abd30531a225575f31213f08cb8f88b77b35a8e332e47c41d01bda34d67e9caee3b3decf81bb42f58a0610f8cd56ec13d8d6effa7b8c7710cf31bc69ecea380613e9ac69142fedf1a39e6e83b6dc84882c537f23c8e6601412330d44696d711587cfd2433530ed7f9cdfbceb9af4babb5f74c4070df26e859e0564ee71ab1bdcb2b954ad12504614a7d0efebbc5a793d475ff5a7aa368e35def723102c7b4221248105db2dc39c14e8338167fc906939730708203bdac46bd37e3f97b8a7e0efb49279ee031a0732f1d1ef3c877447b432958bcd9f5d0febc59b439b4fa0bb9ab1bfeb451c3f203f1aee804ca7e41a2379da0e89d3216cd96f9aebc38a5a330e7bea1f8016d655fe60d7077fe8b7aff504533d17f393af11e5fd350f3c5f4ac26c2102396408d8f7136f8a9e05cd45ae6ba1b277f684708136fe75c9a2d19961ff9f3a1c8d92ebcded91cf3fd8dd15ee8e736fe3f395e6eb8bde95ddd24258fb68bad6d5a508b68b77ffa8ed7f25c43343757833df59e024d551772f94a69929ce720d993b9e853b625af04b47e91a59a3c1b1b29c39796199b41aa72390c87919338b0b2f595c73a810231dffe470b4374023487a1a90bff58ba3e4e3ed0cc6b67dbdca0628885a010cf8cf092fb13181a4d6a8eba473989ca29b8b8ae6042d6f455768c19a602f9d47df0f3d4e36a26db745facc0bf5c4ccd880438352e92a1144dcde4e63c1e4f7b42b6c5ae6df876ad4f5f5533deef339ba7d14d6867897421146d5d96b8bcb63b97d73835be1a4334df9ade8bd100a9d2f9126aefa031a320707e8b29d48257913bb37b8f83260e4ad88db013ade6f4952cc8c397465fe03b21ef2e935480c32eb1fb71cdb0dd87420360c8e984b9b07c9dfb4b7b40c42dff2693c029eeb9b77cadb8d408d73f005d25ad479360a01a2731a2207a1d60481b9d59b5ef54d995f8b67a905a747a4fda15fde7a432232e3cc32561b344dee355cc7e32bbd5fc1ad75288391df78017171dd228e1d368ab8969b0e23f7a16c5d6e67800d98b6c3dea15a6c7b76a25ea69c9cb75e7934a6adc326d6224d7ab2948eebc6f0a729c960e1c0c3c4eb5f89934ab7d3e67eafacb96387999be29f77685a99886f4131090a7cbc4ef0900dfcef0653ec51970ae8cb5f8f08c71e9b825fddffa9893dd95f3acc3a7fbab91d8ce44080eb0a2f66b7b064d74591ec06be4b043d9fb157294f4650c2a543e9696a5140ca128688472df977fa4c1667ad7a0986699a15578f5efa8267d581fd5267e4927a6fc073202289fd948e5ed9ff638f3ffed87764f3f7a371b2f30f1d906477a19dd93145e0d977f55939eb6ea2b05fc47704e720deaa229ca9b18bef779163ad80974d0be2251314a4bd2a3af946738f0b18c1134898d5b8e1d2e74e51552e0f1103c9870a5087e9487e0d33efcb922197bc10aafcecc6d0e116baa301b1f2b7c845d181572f4514c6b4a0d1b206074104ce0c7ec8b0a9b22290c94d14212c3f03752ce2e9cdab9608373508407d42366f1576b1c698209a5ebc570e60f94995c8cba57f02a637bb0fbdd2a3e33ec1c11ecf4ecc146e6bebc1222c6173718340f990cd905a62f9b375a93bcc80bb7b9816937e0243bae776fb7d98080bd0b7f324425725521c8e8bb906cf9517947eec7b2cfd18a8a93645254d8e914ae411080b001355c44d5a6ffdec77651b941696a4770e794213b487bc7604f94726e095d105ad22cbd663f251516262225793ccd9833628a759fffe91e54aae2aff28de63844edb24fb0bffeaf984cd52d30ef3aa7ff9072059dbef925e2554e8ed6cf200120f32edd0a90936fc5b0881370ecaaaf3f3314304947d98688428e33387d47392eb32f9715734b056987ab9618f83cf010de3a6b87ef60273add766e719defdbd9ebb68746b476080f9c1b10578255cb962df386387f87ed4a9322d76798995053dfe68cdd1e3855d14cbe8dbcc1cc968d20e9954dfa5f279bc49b96fb1df74683a78eb1f0a668fb29c339a5baeb79c3d8030749ce8b90b73bfed120bd50fc7754c63c0690e1d8ab7299d4f95e84e97bc674c950a9e1d1541d5e0df6ce4e0a92b0f55a74b9bbed3d2dda26340ad4a2fe65d2c71c658cbd7e35ec7f006ea0e2caa06565b2147848cf0cf4a01ba2f17b6eae932c2d86cbef2fa071521da849cdcdbb5d9e0984f35198dbcc80538b1e406e742dded107d52bab2dbd2a9e4d48f51e7ffd5566619392ac2938d6f56b292ed34b633cbdf3a3907a7a4e9cfd770a097889818342ea1b7740fb79da30918b18b0e688ba82f454c6e2b23fb73a3bd407b3e4ac9fe8d785ebd2fb66b4834b78e47a545ec30da7f644368c17406af028ff4844eaa28fd051acf91f65bbbcc44fad7ed3781fcc6fba610e4fb29f1011ba96912d6b0fd3cd3e17773422c82d6ac47f876ee17932bd3ccf3df163150c22c54df4fb7289d0ed2d6e1df655cb1bf8ebe13b6410e56ac4b04fb84273d43008eb2872c7bdad9832b43c19c870bbf48f04211c2a778665d8ef3553b19b2beff91766cd203920a3e12b23a17ca30bd801d486aab6a5f12b938612913eb5507fd952ffbab2e76f3eee5de82e9a40a0ea45112ceb4204b0e2a3da1be128810973f5664bb2e7560be7c8835261b1b20909fb862101e34059964907b000b18c39a41566c51287c38c933a532726e58347e6f9dce930b10b74148999ec0093b2132d47d77f647304b2cb9539a8c98e9d0afe9f2743b4afd5b9b1ef8e3e0ca93de83b682657c6319ea1c9871f2b5094e30d61164e66ea4b6dd20104509955d61f91d14aa2e941fda2c64830178daff905ab163f6168f34b08d729ab7b65e2a8953be9028521ae53239b8af653521d2e07f1cb7704c31b95d8582849a72217ecaca777d73280daef123fba0e1a0166159f67f16d5c82e3a5dbc715b2e8f9e291a541330fc438943f3ce88d0ea448c200e6946d08bc50d1ceab202e84b05044bde6828ee6bc876eae1bbfdbf7268ab9fec11007ed2b39b86c20f39a186c2516bb7e6e67a7050b14537c1c26179d93ce411f016682e66e9a3e33f149bdd8a1701c0403453c5f3e7dc25e34acea7f05152f67fd766a04cb23f4ee7e006893b0b3d207268b82e2125f2bf0d1328b1f20c925592471f5eb1bab8c1450e181c15bff5847c7ba00ff26ebd61d6838b5879c123a5037d13b3bcbe989428d68d700693aa8196a67d304b116711f81f6f61a36c7f0f748dbfa1340b740818fab5dc4916a95622ab9f8e2c942a204bad25b06e3f255de10bd84f9f7cdcfea84c98afb4770840bf5330c6548631f0aebad9625415885dcc857506298c172eef922a7934ba086976e81ae7edfd3ee3bcf54e07fd952ae5b7b641bdfefffc06323c6e5c6acf338a7f934bee681570bce05638c6405fa7bfddc60a151c7f89b858037a12c61b3bd5245850db831c68a2faab54094b2025777a328fb285781bd761eb4ce7d34816265db102212a3e4f6a085871b3a3c20d2565efd39d8bafea36f18a78b34a9e841839f2ec096ea2fd7f74a32f2d2a18830c54d7e7fa9bb9f3eed3c0e23a27fcaf8d7b2170a8f1700000000d070853427df05d933b00151da7256e14a16cb8814264da2c341075fcc15b07505be23f45cba12e6af5a606e3bf4709532b5e118aa41762f2234957559936cf6339629e55940ded5bc1b9c85c60384a391f0e9785f878dcd94cf5526b3574b47226b4eb6638c333fe658e0feb9c3007b8963fa8040684ec26cd17761d3a59b2b3879cdc08e84dde92c43831f169748b7927231adc8fa62914a685da299c746a5aebc527da570a3d5d36bca3f9f74a5ee86ac671e6b001887aa16266210eede6ab8cc3aa34b3ce1d442b8271db73772bdac9eb8cd0a61f257c5802046553cd660629d76114d054687e56a20d567f2362cf71c72d7b7b898c2c3e88474df942d6c3c76b753339cfffe3e99eda176e451bd5d5b90a5fe4d39294a299c1dfc6686a7c2ccd827886d6d145cc4412e4aa23319aeba46bf07960a49b7eb962b57c536fdfe0ab64b52535ae1978bcab3eded29b15fac4a3826b0b62fdc3d0784144eefb57be2f4e9b8868db11e69565b05197d7232a8b96b43fc6a52d7cc89ae8545145f41f1c47343f67837bfc4f2af87d8b8f066092858f6ff905b32801d9e424db8b48933a5c3b9e1ac001f1487c0694d4108f2033ddf2483514a9e2ddb43face0586bacdc77c7da3890626237311a4507f782edbf235159329397f29863cd64910a4b348083d52f9174718e1dabc0e028ec617926c4acb949d9ce65f969deb6c8bce742f2e5bc0beec3f063156b2e13abaaa38b599781020503cd198176ad9d99798b07754ab366322e39ac06b7f2d32f675c1680c0c9bd5f3ae7005426a45014421a18980442a0671ec260cf1a778f5835e725ed93eb2236bd7b208094e93e8cf2b1a78c9a13096adf98eec7e3319cb60c43c72ceecba9f1a9e5dd98dcc3c1fe03a39483b6d2e2c780968c510b853d8d1e2e3f5d6a2f2e65d13b7f55a00000000000000000000000000005c596e520a0189461ad8758476061372739dc2af9fcdf013404900adbc1104", 0x1010}], 0x1, &(0x7f0000001340)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000003780)={&(0x7f0000000000)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000003700)=[{&(0x7f0000000140)=""/5, 0x5}, {&(0x7f0000000200)=""/15, 0xf}, {&(0x7f0000002700)=""/4096, 0x1000}], 0x3, &(0x7f0000000240)=""/5, 0x5}, 0x0) 2018/04/21 02:36:19 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a)}, @ptr={0x77622a85, 0x0, &(0x7f0000007f72)}], &(0x7f000000afd0)=[0x0, 0x28]}}], 0x0, 0x0, &(0x7f0000009000)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000004580)={0x1c, 0x0, &(0x7f0000003500)=[@increfs_done={0x40106308}, @decrefs={0x40046307, 0x3}], 0x0, 0x0, &(0x7f0000003580)}) 2018/04/21 02:36:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="0f0154"], 0x3) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000010000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000100)="0f09c744240000380000c74424028f000000c7442406000000000f0114240f9a9f00800000670f209a642e3e0f01f7670f080fc7aeb2440000660f388153940f30ad", 0x42}], 0x59, 0x0, &(0x7f00000001c0), 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:19 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x90, [], 0x0, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 2018/04/21 02:36:19 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0xdc, 0x40}, 0x341) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/04/21 02:36:19 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x14) listen(r0, 0x3) r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) 2018/04/21 02:36:19 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000eb0fb8)={0x1, 0x3, &(0x7f00009ff000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [], {0x95}}, &(0x7f0000000000)='syzkaller\x00', 0x4, 0xb7, &(0x7f00006ab000)=""/183}, 0x48) sendto$inet(r0, &(0x7f0000000040), 0xffffffffffffff8b, 0x0, 0x0, 0xfffffd4a) r2 = socket$kcm(0x29, 0x1000000000000005, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f000031aff8)={r0, r1}) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000540)={0xffffffffffffffff}) recvfrom$packet(r3, &(0x7f0000000440)=""/87, 0x57, 0x40010162, 0x0, 0x0) [ 96.618612] TCP: request_sock_TCP: Possible SYN flooding on port 20001. Sending cookies. Check SNMP counters. [ 96.627701] binder: 7378:7384 BC_INCREFS_DONE node 14 has no pending increfs request [ 96.637066] binder: 7378:7384 DecRefs 0 refcount change on invalid ref 3 ret -22 2018/04/21 02:36:20 executing program 5: r0 = socket$can_bcm(0x1d, 0x2, 0x2) close(r0) 2018/04/21 02:36:20 executing program 2: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000001000)={{0x100000001}}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80605414, &(0x7f0000000040)=""/33) [ 96.725841] binder: BINDER_SET_CONTEXT_MGR already set 2018/04/21 02:36:20 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f000000eff0)={0x2, 0x4e21}, 0x10) listen(r0, 0x0) r1 = socket$inet(0x2, 0x400080001, 0x0) connect$inet(r1, &(0x7f000024dff0)={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) connect(r0, &(0x7f0000000000)=@nl=@unspec, 0x80) [ 96.755526] binder_alloc: 7378: binder_alloc_buf, no vma [ 96.761327] binder: 7378:7384 transaction failed 29189/-3, size 80-16 line 2963 [ 96.764473] binder: 7378:7394 ioctl 40046207 0 returned -16 2018/04/21 02:36:20 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) write(r0, &(0x7f0000000000)="240000001a0025e00000001318edfc0e0a0af5000004dcf501ffff0e08001000481836f0", 0x24) 2018/04/21 02:36:20 executing program 5: r0 = socket$inet6(0xa, 0x80000000003, 0x3) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0xfffffffffffffffd}, 0x1c) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x11, &(0x7f0000005f18)={{{@in6=@empty={[0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @in6=@mcast2={0xff, 0x2, [], 0x1}}}, {{@in=@multicast1=0xe0000001}, 0x0, @in6=@loopback={0x0, 0x1}}}, 0xe8) 2018/04/21 02:36:20 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00') bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58) r2 = accept4$alg(r0, 0x0, 0x0, 0x0) sendfile(r2, r1, &(0x7f0000a2effc), 0x8) [ 96.829192] binder: 7378:7400 BC_INCREFS_DONE u0000000000000000 no match [ 96.836218] binder: 7378:7400 DecRefs 0 refcount change on invalid ref 3 ret -22 [ 96.852232] TCP: request_sock_TCP: Possible SYN flooding on port 20001. Sending cookies. Check SNMP counters. [ 97.013145] binder: undelivered TRANSACTION_ERROR: 29189 [ 97.019456] binder: release 7378:7384 transaction 15 out, still active [ 97.026214] binder: unexpected work type, 4, not freed [ 97.031551] binder: unexpected work type, 4, not freed [ 97.036893] binder: undelivered TRANSACTION_COMPLETE [ 97.042349] binder: send failed reply for transaction 15, target dead 2018/04/21 02:36:20 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000000)=0x3, 0x4) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000080)=0x2, 0x4) 2018/04/21 02:36:20 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000023000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000023ff0)={&(0x7f0000000040)={0x1c, 0x2e, 0xaff, 0x0, 0x0, {0x3}, [@nested={0x8, 0x0, [@typed={0x4, 0x8, @binary}]}]}, 0x1c}, 0x1}, 0x0) 2018/04/21 02:36:20 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) mmap$binder(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x2013, r0, 0x0) ppoll(&(0x7f0000004fc8), 0x0, &(0x7f0000004ff0)={0x0, 0x989680}, &(0x7f0000000000), 0x8) 2018/04/21 02:36:20 executing program 5: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0) write$vnet(r0, &(0x7f0000000340)={0x1, {&(0x7f00000002c0)=""/89, 0xfffffffffffffd9f, &(0x7f0000000680)=""/191, 0x0, 0x3}}, 0x68) 2018/04/21 02:36:20 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f000000eff0)={0x2, 0x4e21}, 0x10) listen(r0, 0x0) r1 = socket$inet(0x2, 0x400080001, 0x0) connect$inet(r1, &(0x7f000024dff0)={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) connect(r0, &(0x7f0000000000)=@nl=@unspec, 0x80) 2018/04/21 02:36:20 executing program 1: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r0, &(0x7f0000001000)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000fc0)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r0, &(0x7f0000001040)=@query={0x13, 0x10, 0xfa00, {&(0x7f0000000180), r1, 0x3}}, 0x18) 2018/04/21 02:36:20 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x60, &(0x7f0000000140)="53eb7517caf508f5c138efd44fa35028edfe1a554763ccf9a0da296fd67a6e59b2778f9b68ee0160abbb9766f3e1947ca79df6213ede6fc07bd9e74e153b66391cfac5dad8", 0x45) 2018/04/21 02:36:20 executing program 7: mmap$binder(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x80010000002, 0x100000002132, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000004000/0x2000)=nil) r0 = syz_open_dev$dspn(&(0x7f0000006ff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r0, 0x800000c0045009, &(0x7f0000000000)) 2018/04/21 02:36:20 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000023000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000023ff0)={&(0x7f0000000040)={0x1c, 0x2e, 0xaff, 0x0, 0x0, {0x3}, [@nested={0x8, 0x0, [@typed={0x4, 0x8, @binary}]}]}, 0x1c}, 0x1}, 0x0) 2018/04/21 02:36:20 executing program 4: openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mremap(&(0x7f000053b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00000cc000/0x4000)=nil) madvise(&(0x7f00000cc000/0x4000)=nil, 0x4000, 0x3) [ 97.583161] TCP: request_sock_TCP: Possible SYN flooding on port 20001. Sending cookies. Check SNMP counters. 2018/04/21 02:36:20 executing program 3: ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000002000)={0x0, 0x0, 0x0, 0x501371}) bpf$PROG_LOAD(0x5, &(0x7f00006f4fb8)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000003ff6)='syzkaller\x00', 0xea4f, 0x164, &(0x7f000000a000)=""/195}, 0x48) 2018/04/21 02:36:21 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000006c0)=@broute={'bro.te\x00', 0x20, 0x1, 0x220, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000740], 0x0, &(0x7f0000000240), &(0x7f0000000740)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x11, 0x0, 0x0, 'ip6gretap0\x00', "73cb000000756e00000000c200", 'bond0\x00', 'syz_tun\x00', @link_local={0x1, 0x80, 0xc2}, [], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], 0xb0, 0x140, 0x190, [@quota={'quota\x00', 0x18, {{0x0, 0x0, 0x0, 0xffff}}}]}, [@common=@RATEEST={'RATEEST\x00', 0x20, {{'syz0\x00'}}}, @common=@ERROR={'ERROR\x00', 0x20, {"086f355ce7fb0846226009eb52535fca9c64597ee3f646889db720d5deb3"}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x0, 'syz0\x00'}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}]}, 0x298) 2018/04/21 02:36:21 executing program 5: r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)=@delneigh={0x2c, 0x1d, 0x21, 0x0, 0x0, {}, [@NDA_VLAN={0x8, 0x5}, @NDA_DST_IPV4={0x8, 0x1, @loopback=0x7f000001}]}, 0x2c}, 0x1}, 0x0) 2018/04/21 02:36:21 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) mmap$binder(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x2013, r0, 0x0) ppoll(&(0x7f0000004fc8), 0x0, &(0x7f0000004ff0)={0x0, 0x989680}, &(0x7f0000000000), 0x8) 2018/04/21 02:36:21 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000080), 0x4) 2018/04/21 02:36:21 executing program 3: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fcbff7)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000b80)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281ca6100b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d5816f2fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f38377382ea7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6df64f28d75d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7e70733538a8eec8fb17616d2198d02ba4e7690fab7933b676deddb27755d6a8f29c643dfff0e4bd7c2b13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd42688b08ff0a6575a31f7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0075506a1fd25799f1637b1bafaf09954ef"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:21 executing program 4: clone(0x50200100, &(0x7f0000a93fff), &(0x7f0000000000), &(0x7f000029e000), &(0x7f0000000040)) [ 97.911183] IPVS: ftp: loaded support on port[0] = 21 [ 98.018059] IPVS: ftp: loaded support on port[0] = 21 2018/04/21 02:36:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000023000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000023ff0)={&(0x7f0000000040)={0x1c, 0x2e, 0xaff, 0x0, 0x0, {0x3}, [@nested={0x8, 0x0, [@typed={0x4, 0x8, @binary}]}]}, 0x1c}, 0x1}, 0x0) 2018/04/21 02:36:21 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f000026cfff)="c6", 0x1, 0x0, &(0x7f0000033ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10) shutdown(r0, 0x1) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000200)={0x0, @in={{0x2}}, 0x0, 0x0, 0x0, 0x0, 0x30}, 0x98) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa}}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x98) 2018/04/21 02:36:21 executing program 6: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000001}, 0x1c) bind$packet(r0, &(0x7f00004a9000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}}, 0x0) close(r0) 2018/04/21 02:36:21 executing program 7: r0 = socket$can_raw(0x1d, 0x3, 0x1) accept4(r0, 0x0, &(0x7f0000000040), 0x0) 2018/04/21 02:36:21 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) mmap$binder(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x2013, r0, 0x0) ppoll(&(0x7f0000004fc8), 0x0, &(0x7f0000004ff0)={0x0, 0x989680}, &(0x7f0000000000), 0x8) 2018/04/21 02:36:21 executing program 1: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, &(0x7f0000000400)='\x00', 0x1, r1) r3 = openat$vnet(0xffffffffffffff9c, &(0x7f00003de000)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r3, 0x40000000af01, &(0x7f0000c97ff8)) r4 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x0, 0x0) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000380)={r4, 0x1, 0x0, r4}) close(r4) syz_open_dev$tun(&(0x7f0000000340)='/dev/net/tun\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000040)=""/254, &(0x7f0000000140)=""/119, &(0x7f00000001c0)=""/150}) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000300)={'dummy0\x00', 0x1}) ioctl$VHOST_NET_SET_BACKEND(r3, 0x4008af30, &(0x7f0000f1dff8)={0x1, r4}) ioctl$VHOST_RESET_OWNER(r3, 0xaf02, 0x0) r5 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000140)="b3", 0x1, r1) keyctl$update(0x2, r5, &(0x7f0000000240)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r5, r5, r2}, &(0x7f0000a53ffb)=""/5, 0x4, &(0x7f00000001c0)={&(0x7f0000a3dffa)={'sha224-generic\x00'}}) 2018/04/21 02:36:21 executing program 3: syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x4000001, 0x1, &(0x7f00000001c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000540)=ANY=[]) open(&(0x7f0000000300)='./file0/fil.0\x00', 0x800000000002040, 0x0) mkdir(&(0x7f00000009c0)='./file0/file1\x00', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='vfat\x00', 0x200030, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0/file0\x00', 0x0) truncate(&(0x7f0000000280)='./file0/fil.0\x00', 0xffff) 2018/04/21 02:36:21 executing program 4: clone(0x50200100, &(0x7f0000a93fff), &(0x7f0000000000), &(0x7f000029e000), &(0x7f0000000040)) 2018/04/21 02:36:21 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) mmap$binder(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x2013, r0, 0x0) ppoll(&(0x7f0000004fc8), 0x0, &(0x7f0000004ff0)={0x0, 0x989680}, &(0x7f0000000000), 0x8) 2018/04/21 02:36:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000023000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000023ff0)={&(0x7f0000000040)={0x1c, 0x2e, 0xaff, 0x0, 0x0, {0x3}, [@nested={0x8, 0x0, [@typed={0x4, 0x8, @binary}]}]}, 0x1c}, 0x1}, 0x0) 2018/04/21 02:36:21 executing program 6: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000001}, 0x1c) bind$packet(r0, &(0x7f00004a9000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}}, 0x0) close(r0) [ 98.231020] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000020) [ 98.238409] FAT-fs (loop3): Filesystem has been set read-only 2018/04/21 02:36:21 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000001}, 0x1c) bind$packet(r0, &(0x7f00004a9000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}}, 0x0) close(r0) 2018/04/21 02:36:21 executing program 0: r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x3, 0x28000) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0086426, &(0x7f0000000100)={0x7, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}]}) socket$netlink(0x10, 0x3, 0xc) writev(0xffffffffffffffff, &(0x7f00000021c0), 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000f6fff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, {0x0, 0xba52, 0x7, 0x3f8, 0x0, 0x7}}, 0xe) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000a8d000)={&(0x7f0000c78ff4)={0x10}, 0xc, &(0x7f0000df6000)={&(0x7f0000000640)=ANY=[@ANYBLOB="71d0385325e40636fa5b4e7ccdf561d2200b96fdec15365d03080343931dd765acc95ec5337c4646665ab91532f3c25f664ffff86a17bb1cacec90d3e5c2622a9490ac4731b92be01fb3d80189149e4ca2fb87b92fc733f7f93199657355c5e70d"], 0x61}, 0x1}, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000002540)=0x14, 0x80000) sendmsg$inet_sctp(r1, &(0x7f0000001f00)={&(0x7f0000001840)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14}}, 0x10, &(0x7f0000001c40)=[{&(0x7f0000001880)='[', 0x1}], 0x1, &(0x7f0000001e40)}, 0x40) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000540)=@nat={'nat\x00', 0x19, 0x3, 0x370, [0x20000140, 0x0, 0x0, 0x20000170, 0x200002d0], 0x0, &(0x7f0000000100), &(0x7f0000000140)=[{}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x11, 0x0, 0x0, 'nr0\x00', 'gretap0\x00', 'tunl0\x00', 'syzkaller0\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [0x0, 0x0, 0xff, 0x0, 0x0, 0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0xff, 0xff, 0x0, 0x0, 0xff, 0xff], 0x70, 0xb8, 0xe8}, [@common=@IDLETIMER={'IDLETIMER\x00', 0x24, {{0x81, 'syz0\x00', 0x100000001}}}]}, @arpreply={'arpreply\x00', 0xc, {{@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x2, [{{{0x0, 0x2, 0x8808, 'dummy0\x00', 'bpq0\x00', 'ip6tnl0\x00', 'sit0\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0xff, 0xff, 0xff, 0xff, 0x0, 0xff], 0x70, 0x70, 0x98}}, @common=@redirect={'redirect\x00', 0x4, {{0xfffffffffffffffc}}}}, {{{0x9, 0x8, 0x0, 'bridge0\x00', 'ip6tnl0\x00', 'bcsh0\x00', 'vlan0\x00', @empty, [0xff, 0x0, 0x0, 0x0, 0xff, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [0x0, 0xff, 0xff, 0xff, 0xff], 0x108, 0x108, 0x130, [@ipvs={'ipvs\x00', 0x28, {{@ipv4=@local={0xac, 0x14, 0x14, 0xaa}, [0xffffffff, 0xffffff00, 0x0, 0xff000000], 0x4e24, 0x0, 0x0, 0x4e24, 0x0, 0x8}}}, @ipvs={'ipvs\x00', 0x28, {{@ipv4=@multicast1=0xe0000001, [0xffffffff, 0xff, 0xffffffff, 0xff000000], 0x4e21, 0x2b, 0x5, 0x4e20, 0x1f, 0x12}}}]}}, @common=@AUDIT={'AUDIT\x00', 0x4}}]}]}, 0x410) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000002980)={0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000440)={0x0, @in={{0x2, 0x4e22, @multicast2=0xe0000002}}, 0x7bb7, 0x4}, &(0x7f0000000500)=0x90) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000002240)={0x0, 0x9, 0x417}, &(0x7f00000001c0)=0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000240)='fou\x00') pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r7, 0x84, 0x15, &(0x7f0000000080)={0x401}, 0x1) syz_open_dev$sndseq(&(0x7f0000000600)='/dev/snd/seq\x00', 0x0, 0x602800) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000040)={0x1c0000, 0xffffffffffff0000}) sendmsg$FOU_CMD_GET(r4, &(0x7f0000000300)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r5, 0x321, 0x0, 0x0, {0x3}}, 0x14}, 0x1}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000002780)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000002740)={&(0x7f00000022c0)=ANY=[]}, 0x1, 0x0, 0x0, 0x4001}, 0x8000) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x7, 0x8, &(0x7f00000005c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0xd}, @map={0x18, 0x1, 0x1}, @map={0x18, 0x7, 0x1}, @exit={0x95}], &(0x7f00000006c0)='GPL\x00', 0xfffffffffffffff9, 0x98, &(0x7f0000000700)=""/152, 0x0, 0x1}, 0x48) writev(r3, &(0x7f0000000880), 0x0) 2018/04/21 02:36:21 executing program 2: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x7d}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x7fffffffefff, 0x0, 0x0, &(0x7f0000000480)) [ 98.276745] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000020) 2018/04/21 02:36:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000c9bec8)={{0xffff0000, 0x0, 0xfffff000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xfffffffffffffffd}) 2018/04/21 02:36:21 executing program 6: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000001}, 0x1c) bind$packet(r0, &(0x7f00004a9000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}}, 0x0) close(r0) 2018/04/21 02:36:21 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000001}, 0x1c) bind$packet(r0, &(0x7f00004a9000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}}, 0x0) close(r0) [ 98.399579] kernel msg: ebtables bug: please report to author: Wrong len argument [ 98.443254] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000020) [ 98.450710] FAT-fs (loop3): Filesystem has been set read-only [ 98.465753] kernel msg: ebtables bug: please report to author: Wrong len argument 2018/04/21 02:36:22 executing program 4: clone(0x50200100, &(0x7f0000a93fff), &(0x7f0000000000), &(0x7f000029e000), &(0x7f0000000040)) 2018/04/21 02:36:22 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="d8aca6420f00de0f32660f5f77f0260f01cb0f01ef0f23970f224267f265de1402b8870e8ee8", 0x26}], 0x1, 0x20, &(0x7f0000000280), 0x0) munmap(&(0x7f0000fea000/0x3000)=nil, 0x3000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:22 executing program 5: syz_emit_ethernet(0x3e, &(0x7f00000001c0)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0x2b, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @local={0xfe, 0x80, [], 0xaa}, {[], @udp={0xffffa888, 0x0, 0x8}}}}}}, &(0x7f0000000040)) 2018/04/21 02:36:22 executing program 2: perf_event_open(&(0x7f0000014f88)={0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/21 02:36:22 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000001}, 0x1c) bind$packet(r0, &(0x7f00004a9000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}}, 0x0) close(r0) 2018/04/21 02:36:22 executing program 0: mq_open(&(0x7f0000000200)='^\x00', 0x40, 0x0, &(0x7f0000000240)={0x0, 0x100000000, 0x3ff}) 2018/04/21 02:36:22 executing program 6: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000001}, 0x1c) bind$packet(r0, &(0x7f00004a9000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}}, 0x0) close(r0) 2018/04/21 02:36:22 executing program 3: r0 = socket(0x10, 0x2, 0x0) write(r0, &(0x7f00000000c0)="2600000022004701050007008980e8ff06006d20002b1f00c0e9ff094a51f10101c7033500b0", 0x26) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4) sendto(r0, &(0x7f0000000140)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000006740), 0x0, 0x0, &(0x7f0000006940)) recvmsg(r0, &(0x7f0000001740)={&(0x7f0000000180)=@ipx, 0x80, &(0x7f0000001580), 0x0, &(0x7f0000001600)=""/185, 0xb9}, 0x0) 2018/04/21 02:36:22 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000bf5ff3)='/dev/usbmon#\x00', 0x0, 0x0) preadv(r0, &(0x7f0000215fc0)=[{&(0x7f000087ef6a)=""/1, 0x1}], 0x1, 0x0) preadv(r0, &(0x7f00000000c0)=[{&(0x7f00002ac000)=""/106, 0x6a}], 0x100000000000025a, 0x0) timer_create(0x0, &(0x7f00000001c0)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000080)) r1 = getpgid(0x0) tkill(r1, 0x15) [ 99.443364] IPVS: ftp: loaded support on port[0] = 21 2018/04/21 02:36:22 executing program 2: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040), 0x10) 2018/04/21 02:36:22 executing program 1: r0 = syz_open_dev$dspn(&(0x7f0000006ff6)='/dev/dsp#\x00', 0x1, 0x2) ioctl$int_in(r0, 0x80000000005016, &(0x7f0000003ff8)) 2018/04/21 02:36:22 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f00000000c0)=@ethtool_modinfo={0x42, 0x0, 0x0, "92871254acc4d46b"}}) 2018/04/21 02:36:22 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, &(0x7f0000000000)={0x77359400}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xa, 0x0, &(0x7f00006f7000)={0xfffffffffffffffc, 0x100000000000000}, &(0x7f0000000080), 0x20) 2018/04/21 02:36:23 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x1, 0x0) getsockopt(r0, 0x800000010f, 0x0, &(0x7f00000000c0), &(0x7f0000000100)=0xfffffffffffffe78) 2018/04/21 02:36:23 executing program 2: r0 = socket$inet(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback=0x7f000001}, 0x10) connect$inet(r0, &(0x7f0000001080)={0x2, 0x0, @multicast1=0xe0000001}, 0x10) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000100)={@multicast1=0xe0000001, @loopback=0x7f000001, @multicast1=0xe0000001}, 0xc) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast1=0xe0000001, @loopback=0x7f000001}, 0xc) 2018/04/21 02:36:23 executing program 7: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup2(r0, r0) bind$bt_l2cap(r1, &(0x7f0000000040)={0x1f}, 0xe) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f}, 0xe) 2018/04/21 02:36:23 executing program 3: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000f74fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, @in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x2c) 2018/04/21 02:36:23 executing program 1: r0 = socket$inet(0x2, 0x80003, 0xab) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000740)=@broute={'broute\x00', 0x20, 0x2, 0x3c8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000340], 0x0, &(0x7f0000000300), &(0x7f0000000340)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x3, 0x0, 0x800, 'bond0\x00', 'vlan0\x00', 'gre0\x00', 'gretap0\x00', @link_local={0x1, 0x80, 0xc2}, [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0xb8, 0x1e8, 0x230, [@ip={'ip\x00', 0x20, {{@rand_addr, @empty, 0x0, 0x0, 0x0, 0x0, 0x14, 0x9}}}]}, [@common=@SECMARK={'SECMARK\x00', 0x108, {{0x0, 0x0, 'system_u:object_r:systemd_logind_exec_t:s0\x00'}}}]}, @common=@RATEEST={'RATEEST\x00', 0x20, {{'syz0\x00'}}}}, {{{0x11, 0x0, 0x0, 'bond0\x00', 'ipddp0\x00', 'yam0\x00', 'eql\x00', @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0xa0, 0xd8}, [@common=@CLASSIFY={'CLASSIFY\x00', 0x8}]}, @common=@dnat={'dnat\x00', 0x10, {{@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}, {0x0, '\x00', 0x2, 0xffffffffffffffff}, {0x0, '\x00', 0x2, 0xffffffffffffffff}]}, 0x440) 2018/04/21 02:36:23 executing program 6: syz_read_part_table(0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="020054355ac5950e54aeff07000000000000000000000000020000000000000000000000000000560000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}]) 2018/04/21 02:36:23 executing program 4: clone(0x50200100, &(0x7f0000a93fff), &(0x7f0000000000), &(0x7f000029e000), &(0x7f0000000040)) 2018/04/21 02:36:23 executing program 0: keyctl$join(0x1, 0x0) r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x1bf00000000, 0x200) ioctl$sock_ipx_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000040)={'eql\x00', {0x4, 0x8, 0x8, "e5f130b458fc"}}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00005f4000)={0x26, 'hash\x00', 0x0, 0x0, 'rmd320\x00'}, 0x58) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000440)=[{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)="96", 0x1}], 0x1, &(0x7f0000000080)}], 0x1, 0x0) keyctl$join(0x1, &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x3}) [ 100.492672] IPVS: ftp: loaded support on port[0] = 21 [ 100.504355] loop6: p1[DM] [ 100.507473] loop6: partition table partially beyond EOD, truncated 2018/04/21 02:36:23 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000a2efc8)={&(0x7f0000f74000)={0x10}, 0xc, &(0x7f0000007000)={&(0x7f0000481000)={0x14, 0x1d, 0x10b, 0x0, 0x0, {0x1a}}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:23 executing program 1: pipe2(&(0x7f0000989000)={0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00') ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000bc8000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = creat(&(0x7f000009aff8)='./file0\x00', 0x0) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) lsetxattr(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)=@random={'security.', 'jfs\x00'}, &(0x7f0000000300)='jfs\x00', 0x4, 0x0) mount(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, 0x0) dup2(r0, r1) 2018/04/21 02:36:23 executing program 5: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x4000009d}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x21, 0x0, 0x0, &(0x7f0000000080)) 2018/04/21 02:36:23 executing program 3: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000f74fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, @in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x2c) 2018/04/21 02:36:23 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000fe9ff6)='/dev/ptmx\x00', 0x0, 0x0) r1 = epoll_create(0x10007fff) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r2 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) close(r2) [ 100.600068] loop6: p1 start 2924744341 is beyond EOD, truncated 2018/04/21 02:36:24 executing program 0: syz_mount_image$f2fs(&(0x7f00000000c0)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000022000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000540000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000080)) [ 100.703504] loop6: p1[DM] [ 100.706655] loop6: partition table partially beyond EOD, truncated 2018/04/21 02:36:24 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00009a9000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000100)="640f3806d90f07b819010f00d866b9800000c00f326635000400000f30f20fd018ba610066b80f00000066ef36f3e1720f20e06635000002000f22e02e670f01caba4100ec", 0x45}], 0x1, 0x0, &(0x7f00000001c0), 0x0) [ 100.771701] loop6: p1 start 2924744341 is beyond EOD, truncated 2018/04/21 02:36:24 executing program 5: getgroups(0x40000000000002ca, &(0x7f000045f000)) 2018/04/21 02:36:24 executing program 3: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000f74fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, @in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x2c) [ 100.831618] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 100.839520] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock 2018/04/21 02:36:24 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000fe9ff6)='/dev/ptmx\x00', 0x0, 0x0) r1 = epoll_create(0x10007fff) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r2 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) close(r2) 2018/04/21 02:36:24 executing program 6: mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x5, 0x32, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000ffb)={0x19980330}, &(0x7f0000000000)) 2018/04/21 02:36:24 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000023000)={&(0x7f0000024000)={0x10}, 0xc, &(0x7f0000023ff0)={&(0x7f0000010ec4)={0x1c, 0x20, 0x8aff, 0x0, 0x0, {0x7}, [@nested={0x8, 0x1, [@typed={0x4, 0x0, @binary}]}]}, 0x1c}, 0x1}, 0x0) [ 100.934217] F2FS-fs (loop0): Wrong SSA boundary, start(4096) end(21504) blocks(1024) [ 100.942282] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock 2018/04/21 02:36:24 executing program 5: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000100)=ANY=[]) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_pid(r1, &(0x7f0000000100)=ANY=[], 0x1023c) truncate(&(0x7f0000000040)='./file0\x00', 0x40) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) fsync(r0) [ 101.036854] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 101.044078] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock 2018/04/21 02:36:24 executing program 7: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f00000001c0)={'ip_vti0\x00', @ifru_data=&(0x7f0000000180)="d61a072afa6a2e6e9105a65cf0b08be4d57565e1a85eff283ee23d954743a2e3"}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_ifreq(r1, 0x89f3, &(0x7f00000001c0)={'ip_vti0\x00', @ifru_data=&(0x7f0000000180)="d61a072afa6a2e6e9105a65cf0b08be4d57565e1a85eff283ee23d954743a2e3"}) 2018/04/21 02:36:24 executing program 6: mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x5, 0x32, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000ffb)={0x19980330}, &(0x7f0000000000)) 2018/04/21 02:36:24 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000fe9ff6)='/dev/ptmx\x00', 0x0, 0x0) r1 = epoll_create(0x10007fff) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r2 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) close(r2) 2018/04/21 02:36:24 executing program 3: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000f74fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, @in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x2c) [ 101.160648] F2FS-fs (loop0): Wrong SSA boundary, start(4096) end(21504) blocks(1024) [ 101.168691] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 101.275966] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 101.283164] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock 2018/04/21 02:36:24 executing program 1: mkdir(&(0x7f000053bff8)='./file0\x00', 0x0) mount(&(0x7f0000000a80)='./file0\x00', &(0x7f00000008c0)='./file0\x00', &(0x7f0000000a40)='sysfs\x00', 0x0, &(0x7f0000cde000)) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f00000000c0)=""/250, 0xfa) lseek(r0, 0x3, 0x1) getdents64(r0, &(0x7f0000000ac0)=""/4096, 0x1000) 2018/04/21 02:36:24 executing program 4: syz_mount_image$ext4(&(0x7f0000000040)='ext3~', &(0x7f0000000140)='/\x00', 0x0, 0x0, &(0x7f0000000000), 0x28020, &(0x7f00000000c0)={[{@resgid={'resgid', 0x3d, [0x34]}, 0x2c}]}) 2018/04/21 02:36:24 executing program 6: mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x5, 0x32, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000ffb)={0x19980330}, &(0x7f0000000000)) 2018/04/21 02:36:24 executing program 5: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000100)=ANY=[]) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_pid(r1, &(0x7f0000000100)=ANY=[], 0x1023c) truncate(&(0x7f0000000040)='./file0\x00', 0x40) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) fsync(r0) 2018/04/21 02:36:24 executing program 7: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000100)=ANY=[]) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_pid(r1, &(0x7f0000000100)=ANY=[], 0x1023c) truncate(&(0x7f0000000040)='./file0\x00', 0x40) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) fsync(r0) 2018/04/21 02:36:24 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000fe9ff6)='/dev/ptmx\x00', 0x0, 0x0) r1 = epoll_create(0x10007fff) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r2 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) close(r2) 2018/04/21 02:36:24 executing program 3: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x10) r0 = socket(0x11, 0x4000000000080003, 0x0) setsockopt(r0, 0x107, 0x5, &(0x7f0000001000), 0xc5) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) 2018/04/21 02:36:24 executing program 0: r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000540)='/dev/mixer\x00', 0x0, 0x0) ioctl$sock_ipx_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000dfd000)={"1281b3f73a3bad4ee0e3721cacda6bdb", {0x4, 0x0, 0x0, "a29fa8ff976b"}}) timer_create(0x0, &(0x7f0000000440)={0x0, 0x0, 0x0, @thr={&(0x7f0000000240), &(0x7f0000000340)}}, &(0x7f00000004c0)) poll(&(0x7f0000e95ff8), 0x0, 0x0) timer_gettime(0x0, &(0x7f0000000100)) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000c2b000)={0x0, &(0x7f0000000140)}, 0x10) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000a4dff0), &(0x7f0000bb0000)=0x10) r2 = dup(r0) ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f000035afff)) ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0x6) openat$ppp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ppp\x00', 0x0, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000001c0), 0x4) bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00004f4fe2)=""/30) getegid() timer_gettime(0x0, &(0x7f0000bf0000)) delete_module(&(0x7f0000497000)="00aeb0aad0a59015c1", 0x4a00) sendto$inet6(r0, &(0x7f0000e77fff), 0x0, 0x20000008, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) recvfrom$ipx(r2, &(0x7f000078df0c)=""/244, 0xf4, 0x0, &(0x7f00008ceff0)={0x4, 0x0, 0x0, "b7f24b268bce"}, 0x10) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) connect$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000080)={0x1f}, 0xa) r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00007e5ffa)='vegas\x00', 0x6) ftruncate(r3, 0x7fff) sendfile(r2, r3, &(0x7f0000000040), 0x80000002) 2018/04/21 02:36:25 executing program 3: prctl$void(0x1) 2018/04/21 02:36:25 executing program 6: mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x5, 0x32, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000ffb)={0x19980330}, &(0x7f0000000000)) [ 101.663130] EXT4-fs (sda1): re-mounted. Opts: resgid=4, 2018/04/21 02:36:25 executing program 7: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000100)=ANY=[]) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_pid(r1, &(0x7f0000000100)=ANY=[], 0x1023c) truncate(&(0x7f0000000040)='./file0\x00', 0x40) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) fsync(r0) 2018/04/21 02:36:25 executing program 5: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000100)=ANY=[]) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_pid(r1, &(0x7f0000000100)=ANY=[], 0x1023c) truncate(&(0x7f0000000040)='./file0\x00', 0x40) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) fsync(r0) [ 101.725380] EXT4-fs (sda1): re-mounted. Opts: resgid=4, 2018/04/21 02:36:25 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f000027efd4)={0xa, 0x1, 0x7f, 0x9}, 0x2a) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r0, &(0x7f0000000040), &(0x7f00000000c0), 0x2}, 0x20) 2018/04/21 02:36:25 executing program 2: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'bridge0\x00', 0x22001}) r1 = socket$netlink(0x10, 0x3, 0xc) writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="1f00000002031900000007000000068100023b0509000100010100ff3ffe58", 0x1f}], 0x1) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bridge0\x00\x00 \x00'}) 2018/04/21 02:36:25 executing program 4: madvise(&(0x7f000000e000/0x4000)=nil, 0x4000, 0xc) clone(0x8040000, &(0x7f0000000380), &(0x7f0000000440), &(0x7f0000000480), &(0x7f0000000280)) 2018/04/21 02:36:25 executing program 7: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000100)=ANY=[]) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_pid(r1, &(0x7f0000000100)=ANY=[], 0x1023c) truncate(&(0x7f0000000040)='./file0\x00', 0x40) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) fsync(r0) 2018/04/21 02:36:25 executing program 6: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010400)="1020f5f20100070009000000030000000c0000000900000001000000010000000000000000280000000000000c00000013000000020000000200000002000000010000000c000000000200000002000000060000000a0000000e000000100000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000080)={[{@jqfmt_vfsold='jqfmt=vfsold', 0x2c}, {@lfs_mode='mode=lfs', 0x2c}]}) 2018/04/21 02:36:25 executing program 3: syz_emit_ethernet(0x6e, &(0x7f00000f8000)={@random="cd390b081bf2", @dev={[0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv6={0x86dd, {0x0, 0x6, "08de06", 0x38, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "9433df", 0x0, 0xffffff84, 0x0, @loopback={0x0, 0x1}, @loopback={0x0, 0x1}, [], "fca967e17f791010"}}}}}}}, 0x0) 2018/04/21 02:36:25 executing program 5: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000100)=ANY=[]) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_pid(r1, &(0x7f0000000100)=ANY=[], 0x1023c) truncate(&(0x7f0000000040)='./file0\x00', 0x40) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) fsync(r0) 2018/04/21 02:36:25 executing program 0: perf_event_open(&(0x7f00000017c0)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2100000000000002, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@ipv4={[], [0xff, 0xff], @rand_addr}, @in6=@loopback={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback={0x0, 0x1}, 0x0, 0x2b}, 0x0, @in, 0x0, 0x4, 0x0, 0x401}}, 0xe8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x2}, 0x1c) [ 102.509617] attempt to access beyond end of device [ 102.514716] loop6: rw=12288, want=4104, limit=20 [ 102.521336] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.528543] bridge0: port 1(bridge_slave_0) entered disabled state 2018/04/21 02:36:25 executing program 3: syz_emit_ethernet(0x6e, &(0x7f00000f8000)={@random="cd390b081bf2", @dev={[0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv6={0x86dd, {0x0, 0x6, "08de06", 0x38, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "9433df", 0x0, 0xffffff84, 0x0, @loopback={0x0, 0x1}, @loopback={0x0, 0x1}, [], "fca967e17f791010"}}}}}}}, 0x0) 2018/04/21 02:36:25 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f000027efd4)={0xa, 0x1, 0x7f, 0x9}, 0x2a) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r0, &(0x7f0000000040), &(0x7f00000000c0), 0x2}, 0x20) 2018/04/21 02:36:25 executing program 5: r0 = socket$packet(0x11, 0x10000000002, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={"6c6f00080000000000000100", 0x0}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, r1}, 0xc) [ 102.588545] attempt to access beyond end of device [ 102.593610] loop6: rw=12288, want=8200, limit=20 2018/04/21 02:36:26 executing program 7: r0 = creat(&(0x7f0000002540)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086610, &(0x7f00000002c0)) [ 102.646860] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.653321] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.660106] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.666507] bridge0: port 1(bridge_slave_0) entered forwarding state 2018/04/21 02:36:26 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, &(0x7f0000000180)) syz_fuse_mount(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f00000002c0), &(0x7f0000000300)=0x4) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0xfffffffffffffc7f) 2018/04/21 02:36:26 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='\x00\x00\x00\x00') fchdir(r0) syz_fuseblk_mount(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 102.695469] attempt to access beyond end of device [ 102.700587] loop6: rw=12288, want=4104, limit=20 [ 102.713896] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 102.728019] EXT4-fs warning (device sda1): ext4_resize_fs:1914: can't read last block, resize aborted 2018/04/21 02:36:26 executing program 3: syz_emit_ethernet(0x6e, &(0x7f00000f8000)={@random="cd390b081bf2", @dev={[0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv6={0x86dd, {0x0, 0x6, "08de06", 0x38, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "9433df", 0x0, 0xffffff84, 0x0, @loopback={0x0, 0x1}, @loopback={0x0, 0x1}, [], "fca967e17f791010"}}}}}}}, 0x0) 2018/04/21 02:36:26 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f000001d000)="a9", 0x1, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10) listen(r0, 0x7) r1 = accept4(r0, 0x0, &(0x7f0000021000), 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000140)={0x0, 0x0, 0x20}, &(0x7f0000000180)=0x18) 2018/04/21 02:36:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x8040ae69, &(0x7f0000005fec)={0x0, 0x0, 0x400}) pkey_mprotect(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x4, 0xffffffffffffffff) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000005fe0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000008000/0x2000)=nil}) [ 102.745735] attempt to access beyond end of device [ 102.750774] loop6: rw=12288, want=8200, limit=20 [ 102.877303] attempt to access beyond end of device [ 102.883126] loop6: rw=12288, want=4104, limit=20 [ 102.930774] syz-executor5: vmalloc: allocation failure: 8589934592 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 102.942815] syz-executor5 cpuset=syz5 mems_allowed=0 [ 102.948400] CPU: 0 PID: 7810 Comm: syz-executor5 Not tainted 4.17.0-rc1+ #10 [ 102.955599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 102.962242] attempt to access beyond end of device [ 102.964947] Call Trace: [ 102.964987] dump_stack+0x1b9/0x294 [ 102.965018] ? dump_stack_print_info.cold.2+0x52/0x52 [ 102.965042] ? perf_trace_lock_acquire+0xe3/0x980 [ 102.965065] warn_alloc.cold.118+0xb2/0x1b8 [ 102.970048] loop6: rw=12288, want=8200, limit=20 [ 102.972565] ? zone_watermark_ok_safe+0x3b0/0x3b0 [ 102.972585] ? trace_hardirqs_on+0xd/0x10 [ 102.972609] ? _raw_spin_unlock_irq+0x27/0x70 [ 103.008706] ? finish_task_switch+0x1ca/0x810 [ 103.013215] __vmalloc_node_range+0x45e/0x750 [ 103.017703] ? graph_lock+0x170/0x170 [ 103.021532] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 103.026370] __vmalloc_node_flags_caller+0x75/0x90 [ 103.031290] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 103.036125] kvmalloc_node+0xde/0x100 [ 103.039915] kvm_arch_create_memslot+0xa3/0x4e0 [ 103.044583] __kvm_set_memory_region+0x1d1b/0x2e50 [ 103.049518] ? kvm_vcpu_block+0x1050/0x1050 [ 103.053831] ? zap_class+0x720/0x720 [ 103.057533] ? perf_trace_lock+0x900/0x900 [ 103.061767] ? lock_acquire+0x1dc/0x520 [ 103.065732] ? graph_lock+0x170/0x170 [ 103.069519] ? __might_sleep+0x95/0x190 [ 103.073486] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.079015] ? futex_wait_queue_me+0x550/0x820 [ 103.083594] ? refill_pi_state_cache.part.7+0x300/0x300 [ 103.088952] ? find_held_lock+0x36/0x1c0 [ 103.093033] ? lock_downgrade+0x8e0/0x8e0 [ 103.097204] kvm_set_memory_region+0x2e/0x50 [ 103.101606] kvm_vm_ioctl+0x668/0x1d90 [ 103.105479] ? drop_futex_key_refs.isra.13+0x6d/0xe0 [ 103.110575] ? futex_wake+0x2f6/0x750 [ 103.114367] ? kvm_set_memory_region+0x50/0x50 [ 103.118942] ? get_futex_key+0x1e90/0x1e90 [ 103.123176] ? perf_trace_lock+0xd6/0x900 [ 103.127312] ? perf_trace_lock_acquire+0xe3/0x980 [ 103.132150] ? zap_class+0x720/0x720 [ 103.135857] ? perf_trace_lock+0x900/0x900 [ 103.140083] ? do_futex+0x249/0x27d0 [ 103.143787] ? kasan_check_write+0x14/0x20 [ 103.148017] ? graph_lock+0x170/0x170 [ 103.151826] ? exit_robust_list+0x290/0x290 [ 103.156141] ? find_held_lock+0x36/0x1c0 [ 103.160205] ? lock_downgrade+0x8e0/0x8e0 [ 103.164349] ? rcu_is_watching+0x85/0x140 [ 103.168487] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 103.173680] ? __fget+0x40c/0x650 [ 103.177153] ? expand_files.part.8+0x9a0/0x9a0 [ 103.181726] ? lock_downgrade+0x8e0/0x8e0 [ 103.185867] ? __split_vma+0x5ac/0x7f0 [ 103.189759] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.195288] ? vma_set_page_prot+0x183/0x260 [ 103.199693] ? kvm_set_memory_region+0x50/0x50 [ 103.204267] do_vfs_ioctl+0x1cf/0x16a0 [ 103.208164] ? ioctl_preallocate+0x2e0/0x2e0 [ 103.212564] ? fget_raw+0x20/0x20 [ 103.216024] ? __x64_sys_futex+0x477/0x680 [ 103.220263] ? do_futex+0x27d0/0x27d0 [ 103.224064] ? security_file_ioctl+0x94/0xc0 [ 103.228468] ksys_ioctl+0xa9/0xd0 [ 103.231913] __x64_sys_ioctl+0x73/0xb0 [ 103.235794] do_syscall_64+0x1b1/0x800 [ 103.239679] ? finish_task_switch+0x1ca/0x810 [ 103.244171] ? syscall_return_slowpath+0x5c0/0x5c0 [ 103.249091] ? syscall_return_slowpath+0x30f/0x5c0 [ 103.254019] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 103.259379] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 103.264215] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 103.269397] RIP: 0033:0x455389 [ 103.272573] RSP: 002b:00007f6fda82cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 103.280280] RAX: ffffffffffffffda RBX: 00007f6fda82d6d4 RCX: 0000000000455389 [ 103.287536] RDX: 0000000020005fe0 RSI: 000000004020ae46 RDI: 0000000000000014 [ 103.294792] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 103.302054] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 103.309310] R13: 0000000000000276 R14: 00000000006f6bb0 R15: 0000000000000000 [ 103.316911] Mem-Info: [ 103.319395] active_anon:119533 inactive_anon:78 isolated_anon:0 [ 103.319395] active_file:3699 inactive_file:8373 isolated_file:0 [ 103.319395] unevictable:0 dirty:187 writeback:0 unstable:0 [ 103.319395] slab_reclaimable:10862 slab_unreclaimable:105981 [ 103.319395] mapped:73864 shmem:85 pagetables:1145 bounce:0 [ 103.319395] free:1284010 free_pcp:437 free_cma:0 [ 103.329335] attempt to access beyond end of device [ 103.353091] Node 0 active_anon:478032kB inactive_anon:312kB active_file:14796kB inactive_file:33492kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:295456kB dirty:748kB writeback:0kB shmem:340kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 208896kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 103.353100] Node 0 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 103.353138] lowmem_reserve[]: [ 103.358098] loop6: rw=12288, want=4104, limit=20 [ 103.386200] 0 2830 6335 6335 2018/04/21 02:36:26 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='\x00\x00\x00\x00') fchdir(r0) syz_fuseblk_mount(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/21 02:36:26 executing program 7: perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x0, 0x0) accept4$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000200)=0x14, 0x0) r0 = socket(0x15, 0x80005, 0x0) getsockopt(r0, 0x200000000114, 0x8, &(0x7f0000ee3000)=""/4096, &(0x7f0000000000)=0x1000) [ 103.424252] Node 0 DMA32 free:2900300kB min:30116kB low:37644kB high:45172kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129292kB managed:2901152kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:852kB local_pcp:176kB free_cma:0kB [ 103.452037] lowmem_reserve[]: 0 0 3505 3505 2018/04/21 02:36:26 executing program 3: syz_emit_ethernet(0x6e, &(0x7f00000f8000)={@random="cd390b081bf2", @dev={[0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv6={0x86dd, {0x0, 0x6, "08de06", 0x38, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "9433df", 0x0, 0xffffff84, 0x0, @loopback={0x0, 0x1}, @loopback={0x0, 0x1}, [], "fca967e17f791010"}}}}}}}, 0x0) [ 103.456435] Node 0 Normal free:2219416kB min:37300kB low:46624kB high:55948kB active_anon:478120kB inactive_anon:312kB active_file:14796kB inactive_file:33492kB unevictable:0kB writepending:748kB present:4718592kB managed:3589432kB mlocked:0kB kernel_stack:5376kB pagetables:4432kB bounce:0kB free_pcp:904kB local_pcp:236kB free_cma:0kB [ 103.486285] lowmem_reserve[]: 0 0 0 0 [ 103.490156] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 103.503877] Node 0 DMA32: 5*4kB (UM) 5*8kB (UM) 3*16kB (UM) 5*32kB (UM) 3*64kB (M) 1*128kB (M) 5*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 3*2048kB (UM) 705*4096kB (M) = 2900300kB [ 103.519871] Node 0 Normal: 122*4kB (UM) 51*8kB (UM) 82*16kB (UE) 6*32kB (UE) 1*64kB (U) 6*128kB (U) 80*256kB (UME) 38*512kB (U) 16*1024kB (UME) 1*2048kB (M) 527*4096kB (UM) = 2220192kB [ 103.536698] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 103.545318] 12156 total pagecache pages [ 103.549326] 0 pages in swap cache [ 103.552817] Swap cache stats: add 0, delete 0, find 0/0 [ 103.555095] attempt to access beyond end of device [ 103.558201] Free swap = 0kB [ 103.558207] Total swap = 0kB [ 103.558215] 1965969 pages RAM [ 103.558220] 0 pages HighMem/MovableOnly [ 103.558226] 339346 pages reserved [ 103.579997] loop6: rw=12288, want=8200, limit=20 [ 103.636703] syz-executor5: vmalloc: allocation failure: 8589934592 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 103.648530] syz-executor5 cpuset=syz5 mems_allowed=0 [ 103.653874] CPU: 0 PID: 7820 Comm: syz-executor5 Not tainted 4.17.0-rc1+ #10 [ 103.661073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.670427] Call Trace: [ 103.673039] dump_stack+0x1b9/0x294 [ 103.676686] ? dump_stack_print_info.cold.2+0x52/0x52 [ 103.681893] ? kasan_check_read+0x11/0x20 [ 103.686050] warn_alloc.cold.118+0xb2/0x1b8 [ 103.690375] ? zone_watermark_ok_safe+0x3b0/0x3b0 [ 103.695227] ? trace_hardirqs_on+0xd/0x10 [ 103.699381] ? _raw_spin_unlock_irq+0x27/0x70 [ 103.703876] ? finish_task_switch+0x1ca/0x810 [ 103.708381] ? lock_repin_lock+0x410/0x410 [ 103.712626] __vmalloc_node_range+0x45e/0x750 [ 103.717125] ? graph_lock+0x170/0x170 [ 103.720930] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 103.725776] __vmalloc_node_flags_caller+0x75/0x90 [ 103.730703] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 103.735554] kvmalloc_node+0xde/0x100 [ 103.739365] kvm_arch_create_memslot+0xa3/0x4e0 [ 103.744059] __kvm_set_memory_region+0x1d1b/0x2e50 [ 103.749016] ? kvm_vcpu_block+0x1050/0x1050 [ 103.753346] ? check_same_owner+0x320/0x320 [ 103.757665] ? do_raw_spin_unlock+0x9e/0x2e0 [ 103.762080] ? rcu_note_context_switch+0x710/0x710 [ 103.767004] ? lock_acquire+0x1dc/0x520 [ 103.770982] ? graph_lock+0x170/0x170 [ 103.774779] ? __might_sleep+0x95/0x190 [ 103.778758] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.784296] ? futex_wait_queue_me+0x550/0x820 [ 103.788882] ? refill_pi_state_cache.part.7+0x300/0x300 [ 103.794253] ? find_held_lock+0x36/0x1c0 [ 103.798319] ? lock_downgrade+0x8e0/0x8e0 [ 103.802501] kvm_set_memory_region+0x2e/0x50 [ 103.806922] kvm_vm_ioctl+0x668/0x1d90 [ 103.810821] ? drop_futex_key_refs.isra.13+0x6d/0xe0 [ 103.815929] ? futex_wake+0x2f6/0x750 [ 103.819742] ? kvm_set_memory_region+0x50/0x50 [ 103.824332] ? get_futex_key+0x1e90/0x1e90 [ 103.828573] ? do_wp_page+0x42d/0x1990 [ 103.832480] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 103.837675] ? do_futex+0x249/0x27d0 [ 103.841394] ? graph_lock+0x170/0x170 [ 103.845205] ? exit_robust_list+0x290/0x290 [ 103.849526] ? find_held_lock+0x36/0x1c0 [ 103.853597] ? lock_downgrade+0x8e0/0x8e0 [ 103.857745] ? kasan_check_read+0x11/0x20 [ 103.861881] ? rcu_is_watching+0x85/0x140 [ 103.866019] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 103.871208] ? __fget+0x40c/0x650 [ 103.874666] ? expand_files.part.8+0x9a0/0x9a0 [ 103.879252] ? lock_downgrade+0x8e0/0x8e0 [ 103.883398] ? kvm_set_memory_region+0x50/0x50 [ 103.887973] do_vfs_ioctl+0x1cf/0x16a0 [ 103.891846] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 103.897370] ? ioctl_preallocate+0x2e0/0x2e0 [ 103.901761] ? fget_raw+0x20/0x20 [ 103.905208] ? __x64_sys_futex+0x477/0x680 [ 103.909426] ? do_futex+0x27d0/0x27d0 [ 103.913211] ? security_file_ioctl+0x94/0xc0 [ 103.917605] ksys_ioctl+0xa9/0xd0 [ 103.921049] __x64_sys_ioctl+0x73/0xb0 [ 103.924938] do_syscall_64+0x1b1/0x800 [ 103.928819] ? finish_task_switch+0x1ca/0x810 [ 103.933298] ? syscall_return_slowpath+0x5c0/0x5c0 [ 103.938212] ? syscall_return_slowpath+0x30f/0x5c0 [ 103.943127] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 103.948485] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 103.953313] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 103.958482] RIP: 0033:0x455389 [ 103.961650] RSP: 002b:00007f6fda80bc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 103.969340] RAX: ffffffffffffffda RBX: 00007f6fda80c6d4 RCX: 0000000000455389 [ 103.976591] RDX: 0000000020005fe0 RSI: 000000004020ae46 RDI: 0000000000000016 [ 103.983840] RBP: 000000000072bf58 R08: 0000000000000000 R09: 0000000000000000 [ 103.991089] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 103.998337] R13: 0000000000000276 R14: 00000000006f6bb0 R15: 0000000000000001 [ 104.005785] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 2018/04/21 02:36:27 executing program 7: r0 = socket$inet6(0xa, 0x40000080806, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000380)=0x2) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) listen(r0, 0x80001003) r1 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) read(r1, &(0x7f00000002c0)=""/152, 0x98) close(r1) accept(r0, 0x0, &(0x7f0000000700)) sendmmsg(r1, &(0x7f0000000900)=[{{&(0x7f0000000240)=@ax25={0x3, {"aba998cfc95797"}}, 0x80, &(0x7f00000016c0), 0x0, &(0x7f0000000ec0)}}], 0x412, 0x0) 2018/04/21 02:36:27 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) io_setup(0x2, &(0x7f0000000080)=0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x3c, &(0x7f0000000000)=[@in={0x2}, @in6={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}}, @in={0x2, 0x0, @multicast2=0xe0000002}]}, &(0x7f0000000100)=0x10) io_submit(r1, 0x12f, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000001000)}]) 2018/04/21 02:36:27 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='\x00\x00\x00\x00') fchdir(r0) syz_fuseblk_mount(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/21 02:36:27 executing program 6: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000230000000007028f88006a0a00ff7408c935dcf9"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0x228, &(0x7f0000000300)=""/187}, 0x48) 2018/04/21 02:36:27 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f000027efd4)={0xa, 0x1, 0x7f, 0x9}, 0x2a) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r0, &(0x7f0000000040), &(0x7f00000000c0), 0x2}, 0x20) 2018/04/21 02:36:27 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/current\x00') write$vnet(r0, &(0x7f0000000140)={0x1, {&(0x7f0000000040)=""/100, 0x64, &(0x7f00000000c0)=""/107}}, 0x68) 2018/04/21 02:36:27 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000340000/0xc00000)=nil, 0xc00000, 0x1000009, 0x32, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f000030fff3)='big_key\x00', &(0x7f00004cb000)={0x73, 0x79, 0x7a}, &(0x7f0000000100)="b8", 0x1, r0) 2018/04/21 02:36:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x8040ae69, &(0x7f0000005fec)={0x0, 0x0, 0x400}) pkey_mprotect(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x4, 0xffffffffffffffff) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000005fe0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000008000/0x2000)=nil}) [ 104.147803] syz-executor5: vmalloc: allocation failure: 8589934592 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 104.159669] syz-executor5 cpuset=syz5 mems_allowed=0 [ 104.164865] CPU: 0 PID: 7849 Comm: syz-executor5 Not tainted 4.17.0-rc1+ #10 [ 104.172053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.181397] Call Trace: [ 104.183979] dump_stack+0x1b9/0x294 [ 104.187600] ? dump_stack_print_info.cold.2+0x52/0x52 [ 104.192785] ? perf_trace_lock_acquire+0xe3/0x980 [ 104.197625] warn_alloc.cold.118+0xb2/0x1b8 [ 104.201948] ? zone_watermark_ok_safe+0x3b0/0x3b0 [ 104.206781] ? trace_hardirqs_on+0xd/0x10 [ 104.210926] ? _raw_spin_unlock_irq+0x27/0x70 [ 104.215411] ? finish_task_switch+0x1ca/0x810 [ 104.219927] __vmalloc_node_range+0x45e/0x750 [ 104.224424] ? graph_lock+0x170/0x170 [ 104.228223] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 104.233085] __vmalloc_node_flags_caller+0x75/0x90 [ 104.238009] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 104.242855] kvmalloc_node+0xde/0x100 [ 104.246656] kvm_arch_create_memslot+0xa3/0x4e0 [ 104.251327] __kvm_set_memory_region+0x1d1b/0x2e50 [ 104.256261] ? kvm_vcpu_block+0x1050/0x1050 [ 104.260579] ? zap_class+0x720/0x720 [ 104.264292] ? perf_trace_lock+0x900/0x900 [ 104.268516] ? lock_acquire+0x1dc/0x520 [ 104.272484] ? graph_lock+0x170/0x170 [ 104.276273] ? __might_sleep+0x95/0x190 [ 104.280240] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.285765] ? futex_wait_queue_me+0x550/0x820 [ 104.290428] ? refill_pi_state_cache.part.7+0x300/0x300 [ 104.295787] ? find_held_lock+0x36/0x1c0 [ 104.299854] ? lock_downgrade+0x8e0/0x8e0 [ 104.304035] kvm_set_memory_region+0x2e/0x50 [ 104.308441] kvm_vm_ioctl+0x668/0x1d90 [ 104.312317] ? drop_futex_key_refs.isra.13+0x6d/0xe0 [ 104.317409] ? futex_wake+0x2f6/0x750 [ 104.321206] ? kvm_set_memory_region+0x50/0x50 [ 104.325781] ? get_futex_key+0x1e90/0x1e90 [ 104.330016] ? perf_trace_lock+0xd6/0x900 [ 104.334164] ? perf_trace_lock_acquire+0xe3/0x980 [ 104.338999] ? zap_class+0x720/0x720 [ 104.342708] ? perf_trace_lock+0x900/0x900 [ 104.346938] ? do_futex+0x249/0x27d0 [ 104.350642] ? kasan_check_write+0x14/0x20 [ 104.354869] ? graph_lock+0x170/0x170 [ 104.358673] ? exit_robust_list+0x290/0x290 [ 104.362987] ? find_held_lock+0x36/0x1c0 [ 104.367056] ? lock_downgrade+0x8e0/0x8e0 [ 104.371201] ? rcu_is_watching+0x85/0x140 [ 104.375349] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 104.380539] ? __fget+0x40c/0x650 [ 104.384000] ? expand_files.part.8+0x9a0/0x9a0 [ 104.388575] ? lock_downgrade+0x8e0/0x8e0 [ 104.392715] ? __split_vma+0x5ac/0x7f0 [ 104.396609] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.402149] ? vma_set_page_prot+0x183/0x260 [ 104.406551] ? kvm_set_memory_region+0x50/0x50 [ 104.411142] do_vfs_ioctl+0x1cf/0x16a0 [ 104.415036] ? ioctl_preallocate+0x2e0/0x2e0 [ 104.419445] ? fget_raw+0x20/0x20 [ 104.422909] ? __x64_sys_futex+0x477/0x680 [ 104.427139] ? do_futex+0x27d0/0x27d0 [ 104.430933] ? security_file_ioctl+0x94/0xc0 [ 104.435338] ksys_ioctl+0xa9/0xd0 [ 104.438786] __x64_sys_ioctl+0x73/0xb0 [ 104.442665] do_syscall_64+0x1b1/0x800 [ 104.446559] ? finish_task_switch+0x1ca/0x810 [ 104.451049] ? syscall_return_slowpath+0x5c0/0x5c0 [ 104.455979] ? syscall_return_slowpath+0x30f/0x5c0 [ 104.460925] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 104.466297] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 104.471138] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 104.476316] RIP: 0033:0x455389 [ 104.479495] RSP: 002b:00007f6fda82cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 104.487196] RAX: ffffffffffffffda RBX: 00007f6fda82d6d4 RCX: 0000000000455389 2018/04/21 02:36:27 executing program 6: ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000002000)={0x0, 0x0, 0x0, 0x101371}) bpf$PROG_LOAD(0x5, &(0x7f000095c000)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, [@jmp={0x5, 0x0, 0x1, 0x0, 0x0, 0x1}], {0x95}}, &(0x7f000040dff6)='syzkaller\x00', 0x1, 0x29e, &(0x7f000000a000)=""/195}, 0x48) r0 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=0x60) accept4(r0, &(0x7f0000000200)=@alg, &(0x7f0000000280)=0x80, 0x800) [ 104.494460] RDX: 0000000020005fe0 RSI: 000000004020ae46 RDI: 0000000000000014 [ 104.501716] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 104.508974] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 104.516232] R13: 0000000000000276 R14: 00000000006f6bb0 R15: 0000000000000000 [ 104.524606] warn_alloc_show_mem: 1 callbacks suppressed [ 104.524610] Mem-Info: [ 104.532507] active_anon:119441 inactive_anon:74 isolated_anon:0 [ 104.532507] active_file:3702 inactive_file:8382 isolated_file:0 [ 104.532507] unevictable:0 dirty:197 writeback:0 unstable:0 [ 104.532507] slab_reclaimable:10920 slab_unreclaimable:105741 [ 104.532507] mapped:73819 shmem:88 pagetables:1103 bounce:0 [ 104.532507] free:1284278 free_pcp:519 free_cma:0 [ 104.566191] Node 0 active_anon:483904kB inactive_anon:296kB active_file:14808kB inactive_file:33528kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:295276kB dirty:788kB writeback:0kB shmem:352kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 204800kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 2018/04/21 02:36:27 executing program 4: unshare(0x400) r0 = socket(0x10, 0x2, 0x0) getpeername$netrom(r0, &(0x7f0000000000), &(0x7f0000000ffc)) [ 104.594333] Node 0 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 104.620527] lowmem_reserve[]: 0 2830 6335 6335 [ 104.625177] Node 0 DMA32 free:2900300kB min:30116kB low:37644kB high:45172kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129292kB managed:2901152kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:852kB local_pcp:176kB free_cma:0kB [ 104.652947] lowmem_reserve[]: 0 0 3505 3505 [ 104.657349] Node 0 Normal free:2213984kB min:37300kB low:46624kB high:55948kB active_anon:483904kB inactive_anon:296kB active_file:14808kB inactive_file:33528kB unevictable:0kB writepending:788kB present:4718592kB managed:3589432kB mlocked:0kB kernel_stack:5408kB pagetables:4560kB bounce:0kB free_pcp:968kB local_pcp:588kB free_cma:0kB [ 104.687202] lowmem_reserve[]: 0 0 0 0 2018/04/21 02:36:28 executing program 4: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "6cb782e4ad88b89d1fd309169f44812107130ee55db70510420aaa96759ecbc36eb9bb12b6124793608dd0e7316d1d4f4d89469806e405000000cefa8a934a", 0x30}, 0x60) 2018/04/21 02:36:28 executing program 6: ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000002000)={0x0, 0x0, 0x0, 0x101371}) bpf$PROG_LOAD(0x5, &(0x7f000095c000)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, [@jmp={0x5, 0x0, 0x1, 0x0, 0x0, 0x1}], {0x95}}, &(0x7f000040dff6)='syzkaller\x00', 0x1, 0x29e, &(0x7f000000a000)=""/195}, 0x48) r0 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=0x60) accept4(r0, &(0x7f0000000200)=@alg, &(0x7f0000000280)=0x80, 0x800) [ 104.691080] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 104.704818] Node 0 DMA32: 5*4kB (UM) 5*8kB (UM) 3*16kB (UM) 5*32kB (UM) 3*64kB (M) 1*128kB (M) 5*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 3*2048kB (UM) 705*4096kB (M) = 2900300kB [ 104.720826] Node 0 Normal: 65*4kB (UME) 86*8kB (UME) 54*16kB (UME) 8*32kB (UME) 2*64kB (UM) 9*128kB (UM) 81*256kB (U) 39*512kB (U) 16*1024kB (UME) 5*2048kB (M) 525*4096kB (UM) = 2221076kB [ 104.738018] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 104.746679] 12181 total pagecache pages 2018/04/21 02:36:28 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='\x00\x00\x00\x00') fchdir(r0) syz_fuseblk_mount(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 104.750717] 0 pages in swap cache [ 104.754206] Swap cache stats: add 0, delete 0, find 0/0 [ 104.759617] Free swap = 0kB [ 104.762664] Total swap = 0kB [ 104.765740] 1965969 pages RAM [ 104.768878] 0 pages HighMem/MovableOnly [ 104.772901] 339346 pages reserved 2018/04/21 02:36:28 executing program 6: ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000002000)={0x0, 0x0, 0x0, 0x101371}) bpf$PROG_LOAD(0x5, &(0x7f000095c000)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, [@jmp={0x5, 0x0, 0x1, 0x0, 0x0, 0x1}], {0x95}}, &(0x7f000040dff6)='syzkaller\x00', 0x1, 0x29e, &(0x7f000000a000)=""/195}, 0x48) r0 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=0x60) accept4(r0, &(0x7f0000000200)=@alg, &(0x7f0000000280)=0x80, 0x800) 2018/04/21 02:36:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x8040ae69, &(0x7f0000005fec)={0x0, 0x0, 0x400}) pkey_mprotect(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x4, 0xffffffffffffffff) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000005fe0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000008000/0x2000)=nil}) 2018/04/21 02:36:28 executing program 0: perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x803, 0x3) ioctl$sock_SIOCGIFINDEX(r0, 0x541b, &(0x7f0000000000)={"65727370616e3000000000000200"}) [ 104.944849] syz-executor5: vmalloc: allocation failure: 8589934592 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 104.956686] syz-executor5 cpuset=syz5 mems_allowed=0 [ 104.961898] CPU: 0 PID: 7872 Comm: syz-executor5 Not tainted 4.17.0-rc1+ #10 [ 104.969082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.978446] Call Trace: [ 104.981042] dump_stack+0x1b9/0x294 [ 104.984670] ? dump_stack_print_info.cold.2+0x52/0x52 [ 104.989855] ? kasan_check_read+0x11/0x20 [ 104.994013] warn_alloc.cold.118+0xb2/0x1b8 [ 104.998337] ? zone_watermark_ok_safe+0x3b0/0x3b0 [ 105.003174] ? trace_hardirqs_on+0xd/0x10 [ 105.007327] ? _raw_spin_unlock_irq+0x27/0x70 [ 105.011815] ? finish_task_switch+0x1ca/0x810 [ 105.016305] ? lock_repin_lock+0x410/0x410 [ 105.020550] __vmalloc_node_range+0x45e/0x750 [ 105.025042] ? graph_lock+0x170/0x170 [ 105.028839] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 105.033696] __vmalloc_node_flags_caller+0x75/0x90 [ 105.038627] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 105.043465] kvmalloc_node+0xde/0x100 [ 105.047256] kvm_arch_create_memslot+0xa3/0x4e0 [ 105.051923] __kvm_set_memory_region+0x1d1b/0x2e50 [ 105.056852] ? kvm_vcpu_block+0x1050/0x1050 [ 105.061171] ? zap_class+0x720/0x720 [ 105.064877] ? check_same_owner+0x320/0x320 [ 105.069192] ? rcu_note_context_switch+0x710/0x710 [ 105.074111] ? lock_acquire+0x1dc/0x520 [ 105.078092] ? graph_lock+0x170/0x170 [ 105.081884] ? __might_sleep+0x95/0x190 [ 105.085856] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 105.091390] ? futex_wait_queue_me+0x550/0x820 [ 105.095962] ? refill_pi_state_cache.part.7+0x300/0x300 [ 105.101319] ? find_held_lock+0x36/0x1c0 [ 105.105379] ? lock_downgrade+0x8e0/0x8e0 [ 105.109540] kvm_set_memory_region+0x2e/0x50 [ 105.113941] kvm_vm_ioctl+0x668/0x1d90 [ 105.117817] ? drop_futex_key_refs.isra.13+0x6d/0xe0 [ 105.122909] ? futex_wake+0x2f6/0x750 [ 105.126703] ? kvm_set_memory_region+0x50/0x50 [ 105.131273] ? get_futex_key+0x1e90/0x1e90 [ 105.135502] ? perf_trace_lock+0xd6/0x900 [ 105.139642] ? zap_class+0x720/0x720 [ 105.143345] ? kasan_check_write+0x14/0x20 [ 105.147573] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 105.152751] ? do_futex+0x249/0x27d0 [ 105.156465] ? kasan_check_write+0x14/0x20 [ 105.160684] ? graph_lock+0x170/0x170 [ 105.164479] ? exit_robust_list+0x290/0x290 [ 105.168792] ? find_held_lock+0x36/0x1c0 [ 105.172854] ? lock_downgrade+0x8e0/0x8e0 [ 105.176999] ? rcu_is_watching+0x85/0x140 [ 105.181146] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 105.186334] ? __fget+0x40c/0x650 [ 105.189782] ? expand_files.part.8+0x9a0/0x9a0 [ 105.194349] ? lock_downgrade+0x8e0/0x8e0 [ 105.198492] ? __split_vma+0x5ac/0x7f0 [ 105.202376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 105.207902] ? vma_set_page_prot+0x183/0x260 [ 105.212303] ? kvm_set_memory_region+0x50/0x50 [ 105.216874] do_vfs_ioctl+0x1cf/0x16a0 [ 105.220756] ? ioctl_preallocate+0x2e0/0x2e0 [ 105.225932] ? fget_raw+0x20/0x20 [ 105.229380] ? __x64_sys_futex+0x477/0x680 [ 105.233603] ? do_futex+0x27d0/0x27d0 [ 105.237391] ? security_file_ioctl+0x94/0xc0 [ 105.241792] ksys_ioctl+0xa9/0xd0 [ 105.245241] __x64_sys_ioctl+0x73/0xb0 [ 105.249119] do_syscall_64+0x1b1/0x800 [ 105.252999] ? syscall_return_slowpath+0x5c0/0x5c0 [ 105.257923] ? syscall_return_slowpath+0x30f/0x5c0 [ 105.264666] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 105.270031] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 105.274876] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 105.280053] RIP: 0033:0x455389 [ 105.283229] RSP: 002b:00007f6fda82cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 105.290928] RAX: ffffffffffffffda RBX: 00007f6fda82d6d4 RCX: 0000000000455389 [ 105.298190] RDX: 0000000020005fe0 RSI: 000000004020ae46 RDI: 0000000000000014 [ 105.305449] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 105.312792] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 105.320048] R13: 0000000000000276 R14: 00000000006f6bb0 R15: 0000000000000000 2018/04/21 02:36:28 executing program 7: socket$inet(0x2b, 0x8000000001, 0x4) 2018/04/21 02:36:28 executing program 0: perf_event_open(&(0x7f000025c000)={0x80000000002, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0106434, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8000}) r0 = socket(0xa, 0x2000000001, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000fedf98)={&(0x7f000000d000)=[0x7, 0x6], 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8cfbc89fefc282b0e9b6d1b29d5500b5ff74b06ccbd9dee8c886586975b5446e"}}) getsockopt(r0, 0x0, 0x53, &(0x7f000000d000)=""/8, &(0x7f0000fedffc)=0x28) open$dir(&(0x7f0000000140)='./file0\x00', 0xd40, 0x0) prctl$setname(0xf, &(0x7f0000000180)='\x00') syz_mount_image$minix(&(0x7f0000000000)='minix\x00', &(0x7f0000000100)='./file0\x00', 0x4181, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="10000000000001000c0005000003008b23efb77f200000005a4d", 0x1a, 0x400}], 0x0, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/vcs\x00', 0x4040, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) 2018/04/21 02:36:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x8040ae69, &(0x7f0000005fec)={0x0, 0x0, 0x400}) pkey_mprotect(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x4, 0xffffffffffffffff) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000005fe0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000008000/0x2000)=nil}) 2018/04/21 02:36:28 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f0000788ffc)=0x100000001, 0xfdf6) bind$inet(r0, &(0x7f0000738ff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000000b40)="ac", 0x1, 0x20020003, &(0x7f0000000b00)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f0000f43ffc)=0xfffffffffffffffc, 0x4) sendto$inet(r0, &(0x7f0000000dc0)="9a06ac42afee253140fed88b03cdc9d30224a0e6fd2e83b04e6c11d4893edcb09ba740bab1e35217bb94c21d1aea3bb70b876b050a63e1ecdab6bac700feb887551849aad39aa63be6259f6204d10aaede72bacbda0bcf0b80e92d370d3f1b08c17a73e8f9bca9f1e1d23ad5d57d2acfe7139f14a96685a9c33592e8a650b8e42d8710faec9be060496a11c63071f8847efea22e2a6ad4919d944124bbe01e108e8f442c5da2d9ac12ca8f547b8fc9d1a44db3288cde39d9188da405e6f939e00b4734229568ae92010d251ab1ec30774b2344d06989acd94abf2076f86b54d1d622f810e6f3128f1a0b334ce5c18ea6cc668c3feb4c2e2c7b90ee6d1a9196164e7e33239d9cfcb53160a8a80058248754ce8a45fb281e8351fba27decc1ae191ad735a6e0544d7bf98740ba661380ef0983d3e59a2375056e960ecc72bedd2c1225902ffcefb975fe1dc79caf88331ce4844659241804ca9e910cd91281c4b488e64ea9fea6a481ef9ab43e39f6b3eddae2e0b7d6695a071ed9be3573ad917f83dad89e050d6a313df63640e28407b56da0bf299683dd20f8ded01611ebc78f7929aa6816e957cf9201117f2f15af0e9a4cb2913789dcdc646c51ac6130ec32cc4d8a5ad86799ea0840a5fca4e7a08b39096bd57fab468aac886cefc2f0526b97e0b1121a72b33638940181f23b717f38ccf53d5fb41a9ba3e135fae7c02d64aaa8f857aa1a1ebbc3330821c514e85e7f29c85fa471cca434", 0x219, 0x0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000b80)="9f7845697e7dddd5cedfaf20e3a81f60ea5a414c6145d9935f70a24de18f54cf8b2eb45d067d7c6863eb78a823f9ce83ef67cbf0ccb7fe5ed25ac87367d47952a96c429b76090c0342bcf7c020412a93e61f7eae3e84fe68bdd3b1847ae1ade49ddf8686f65660ef3bffe19d040087243243b98a003f99010db5c19c543fd1aaed6bf39b0aef871f916db4f88b7f9c96b7c62a5f8ec3992a3e3a9da2720ffd6c5f557002b12ba7d5b99bffe479e3e06560caea1ff14fd9641e942b84534598f61a398c06263fe9b2562b0365f0a739ea4668b4615f40c01c5e323beb329d32e2789e1ef9e55dd07ef9165599933cf5f7c6c7a921985e5eecb7d4e56d6f94bf53cbc91e15a8cdee3fbe678ada055af48ec222eef31164bf0538a5eb3465812f190f92ccfbc93ccbd1726cd7d9bb009ace5e33d551a5a6a9e99970bb440a3a70b32250ddaff94e6fd38c8564e87a493b7a5264dcc7bb4fdbd0f5b3965e3a26a4cc7784371b8b6d04cf3fdae74f02791e7825de3b951a8357a01599cb2844bd353ebce468d1c184e67f86e37d783e099cbfcf9226828887f609355151411f1dd4e713eb94b3cf9aeb5a2292e6d318dca6b0e3333f30781cd57761f42232655b57ab07d727f1ee7a0b37c3ae0d05118af7e066949b7f9120d89c150c1cdcd3d983982fa2088ad8346a06722d0cf64975332d4ad0d2488c6311fc5e5a775fe3b3f0dccbf8d69e4735a54bfe7b22fc3024983d9ffcfbf776835a", 0x217, 0x8041, &(0x7f0000000200)={0x2, 0x0, @broadcast=0xffffffff}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x7fff, 0x80000001}, 0x14) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0xfffffffffffff001, 0x4) sendto$inet(r0, &(0x7f00000000c0)="92f4", 0x2, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14}}, 0x10) 2018/04/21 02:36:28 executing program 6: ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000002000)={0x0, 0x0, 0x0, 0x101371}) bpf$PROG_LOAD(0x5, &(0x7f000095c000)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, [@jmp={0x5, 0x0, 0x1, 0x0, 0x0, 0x1}], {0x95}}, &(0x7f000040dff6)='syzkaller\x00', 0x1, 0x29e, &(0x7f000000a000)=""/195}, 0x48) r0 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=0x60) accept4(r0, &(0x7f0000000200)=@alg, &(0x7f0000000280)=0x80, 0x800) 2018/04/21 02:36:28 executing program 2: syz_emit_ethernet(0x4a, &(0x7f0000000240)={@link_local={0x75934a1f, 0x80, 0xc2}, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x86ddffff, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @broadcast=0xffffffff}, @udp={0x6, 0x0, 0x28}}}}}, &(0x7f0000000380)) 2018/04/21 02:36:28 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f000027efd4)={0xa, 0x1, 0x7f, 0x9}, 0x2a) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r0, &(0x7f0000000040), &(0x7f00000000c0), 0x2}, 0x20) 2018/04/21 02:36:28 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000000)=0x4, 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000cecffc), 0x4) sendmsg$nl_generic(r0, &(0x7f00001cb000)={&(0x7f00008e5ff4)={0x10}, 0xc, &(0x7f0000f4a000)={&(0x7f000019bf9b)={0x14, 0x2a, 0x311}, 0x14}, 0x1}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000028fc8)={&(0x7f0000007ff4)={0x10}, 0xc, &(0x7f0000015ff0)={&(0x7f0000023000)={0x1c, 0x20, 0xaff, 0x0, 0x0, {0x1000a}, [@generic="fffffe0121"]}, 0x1c}, 0x1}, 0x0) 2018/04/21 02:36:28 executing program 2: syz_emit_ethernet(0x82, &(0x7f0000000300)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], {@ipv6={0x86dd, {0x0, 0x6, "15fdd4", 0x4c, 0x88, 0x0, @dev={0xfe, 0x80}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x8, 0x3, [], "6f500c7f620c708b"}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}}}, &(0x7f00000016c0)) [ 105.553652] syz-executor5: vmalloc: allocation failure: 8589934592 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 105.565483] syz-executor5 cpuset=syz5 mems_allowed=0 [ 105.571078] CPU: 1 PID: 7903 Comm: syz-executor5 Not tainted 4.17.0-rc1+ #10 [ 105.571090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 105.571096] Call Trace: [ 105.571121] dump_stack+0x1b9/0x294 [ 105.571144] ? dump_stack_print_info.cold.2+0x52/0x52 [ 105.571164] ? graph_lock+0x170/0x170 [ 105.571187] warn_alloc.cold.118+0xb2/0x1b8 [ 105.571205] ? zone_watermark_ok_safe+0x3b0/0x3b0 [ 105.571228] ? __update_load_avg_blocked_se.isra.33+0x460/0x460 [ 105.571253] ? update_load_avg+0x2d9/0x2570 [ 105.571273] ? __update_load_avg_se.isra.34+0x61e/0x980 [ 105.628312] __vmalloc_node_range+0x45e/0x750 [ 105.628338] ? graph_lock+0x170/0x170 [ 105.628355] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 105.628369] __vmalloc_node_flags_caller+0x75/0x90 [ 105.628382] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 105.628401] kvmalloc_node+0xde/0x100 [ 105.628416] kvm_arch_create_memslot+0xa3/0x4e0 [ 105.628442] __kvm_set_memory_region+0x1d1b/0x2e50 [ 105.628467] ? kvm_vcpu_block+0x1050/0x1050 [ 105.628477] ? print_usage_bug+0xc0/0xc0 [ 105.628490] ? zap_class+0x720/0x720 [ 105.628500] ? lock_downgrade+0x8e0/0x8e0 [ 105.628518] ? graph_lock+0x170/0x170 [ 105.628529] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 105.628545] ? __lock_acquire+0x7f5/0x5140 [ 105.628558] ? trace_hardirqs_on+0xd/0x10 [ 105.628573] ? find_held_lock+0x36/0x1c0 [ 105.628594] ? lock_downgrade+0x8e0/0x8e0 [ 105.628632] kvm_set_memory_region+0x2e/0x50 [ 105.628646] kvm_vm_ioctl+0x668/0x1d90 [ 105.628662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 105.628674] ? __perf_event_task_sched_in+0x247/0xb80 [ 105.628688] ? kvm_set_memory_region+0x50/0x50 [ 105.628705] ? find_held_lock+0x36/0x1c0 [ 105.628718] ? perf_trace_lock+0xd6/0x900 [ 105.628734] ? zap_class+0x720/0x720 [ 105.628746] ? finish_task_switch+0x182/0x810 [ 105.628764] ? kasan_check_read+0x11/0x20 [ 105.628775] ? graph_lock+0x170/0x170 [ 105.628786] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 105.628801] ? compat_start_thread+0x80/0x80 [ 105.628815] ? _raw_spin_unlock_irq+0x27/0x70 [ 105.628831] ? trace_hardirqs_on+0xd/0x10 [ 105.628844] ? _raw_spin_unlock_irq+0x27/0x70 [ 105.628857] ? find_held_lock+0x36/0x1c0 [ 105.628878] ? lock_downgrade+0x8e0/0x8e0 [ 105.628897] ? rcu_is_watching+0x85/0x140 [ 105.628910] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 105.628932] ? __fget+0x40c/0x650 [ 105.628951] ? expand_files.part.8+0x9a0/0x9a0 [ 105.628961] ? lock_downgrade+0x8e0/0x8e0 [ 105.628980] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 105.628995] ? kvm_set_memory_region+0x50/0x50 [ 105.629012] do_vfs_ioctl+0x1cf/0x16a0 [ 105.629035] ? ioctl_preallocate+0x2e0/0x2e0 [ 105.629048] ? fget_raw+0x20/0x20 [ 105.629070] ? exit_to_usermode_loop+0x87/0x310 [ 105.629088] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 105.629100] ? security_file_ioctl+0x94/0xc0 [ 105.629116] ksys_ioctl+0xa9/0xd0 [ 105.629132] __x64_sys_ioctl+0x73/0xb0 [ 105.629145] do_syscall_64+0x1b1/0x800 [ 105.629156] ? finish_task_switch+0x1ca/0x810 [ 105.629170] ? syscall_return_slowpath+0x5c0/0x5c0 [ 105.629183] ? syscall_return_slowpath+0x30f/0x5c0 [ 105.629198] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 105.629215] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 105.629232] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 105.629242] RIP: 0033:0x455389 [ 105.629248] RSP: 002b:00007f6fda82cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 105.629261] RAX: ffffffffffffffda RBX: 00007f6fda82d6d4 RCX: 0000000000455389 [ 105.629268] RDX: 0000000020005fe0 RSI: 000000004020ae46 RDI: 0000000000000014 [ 105.629275] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 105.629282] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 105.629289] R13: 0000000000000276 R14: 00000000006f6bb0 R15: 0000000000000000 [ 105.629437] warn_alloc_show_mem: 1 callbacks suppressed [ 105.629440] Mem-Info: [ 105.629477] active_anon:120454 inactive_anon:73 isolated_anon:0 [ 105.629477] active_file:3701 inactive_file:8395 isolated_file:0 [ 105.629477] unevictable:0 dirty:209 writeback:0 unstable:0 [ 105.629477] slab_reclaimable:10964 slab_unreclaimable:105710 [ 105.629477] mapped:73851 shmem:85 pagetables:1046 bounce:0 [ 105.629477] free:1283295 free_pcp:544 free_cma:0 [ 105.629505] Node 0 active_anon:481816kB inactive_anon:292kB active_file:14804kB inactive_file:33580kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:295404kB dirty:836kB writeback:0kB shmem:340kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 200704kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 105.629509] Node 0 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 105.629540] lowmem_reserve[]: 0 2830 6335 6335 [ 105.629562] Node 0 DMA32 free:2900300kB min:30116kB low:37644kB high:45172kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129292kB managed:2901152kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:852kB local_pcp:676kB free_cma:0kB [ 105.629592] lowmem_reserve[]: 0 0 3505 3505 [ 105.629615] Node 0 Normal free:2216972kB min:37300kB low:46624kB high:55948kB active_anon:481816kB inactive_anon:292kB active_file:14804kB inactive_file:33580kB unevictable:0kB writepending:836kB present:4718592kB managed:3589432kB mlocked:0kB kernel_stack:5280kB pagetables:4184kB bounce:0kB free_pcp:1324kB local_pcp:592kB free_cma:0kB [ 105.629649] lowmem_reserve[]: 0 0 0 0 [ 105.629672] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 105.629771] Node 0 DMA32: 5*4kB (UM) 5*8kB (UM) 3*16kB (UM) 5*32kB (UM) 3*64kB (M) 1*128kB (M) 5*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 3*2048kB (UM) 705*4096kB (M) = 2900300kB [ 105.629884] Node 0 Normal: 95*4kB (UM) 52*8kB (UM) 30*16kB (UM) 7*32kB (UM) 3*64kB (UME) 13*128kB (UME) 83*256kB (UE) 40*512kB (UE) 15*1024kB (UM) 3*2048kB (M) 525*4096kB (UM) = 2216988kB [ 105.630051] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 105.630055] 12181 total pagecache pages 2018/04/21 02:36:29 executing program 7: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$binder(&(0x7f0000c93000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) bind$inet(0xffffffffffffffff, &(0x7f0000516ff0)={0x2, 0x0, @rand_addr}, 0x10) shutdown(0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x3, 0x4) sendmsg$nl_xfrm(r0, &(0x7f00009d3000)={&(0x7f0000c15000)={0x10}, 0xc, &(0x7f00001e5ff0)={&(0x7f0000abdefc)=@delsa={0x28, 0x12, 0x515485708c54ddb, 0x0, 0x0, {@in=@rand_addr}}, 0x28}, 0x1}, 0x0) 2018/04/21 02:36:29 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)=@bridge_getneigh={0x20, 0x1e, 0x515, 0x0, 0x0, {0x7}}, 0x20}, 0x1}, 0x0) 2018/04/21 02:36:29 executing program 3: capset(&(0x7f00000fc000)={0x19980330}, &(0x7f000047efe8)) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) fstat(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(0x0, 0x0, r1) 2018/04/21 02:36:29 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$pptp(0xffffffffffffffff, &(0x7f0000000040)={0x18, 0x2, {0x0, @rand_addr}}, 0x1e) r0 = memfd_create(&(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c46ff000000000000000000000003003e00000000001600000000000000400000000000000000000000000000000000000000003800020000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000006000000000000000000000300000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000"], 0xb0) execveat(r0, &(0x7f0000ff7000)='./file0\x00', &(0x7f0000d0e000), &(0x7f000034bff8)=[&(0x7f0000ff7000)="00000000000000060804002000fffc0c6565643b799365005f1b76"], 0x1000) 2018/04/21 02:36:29 executing program 6: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)=@updsa={0xf0, 0x1a, 0x409, 0x0, 0x0, {{@in6=@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}, {@in6}, @in=@rand_addr, {}, {}, {}, 0x0, 0x0, 0x2}}, 0xf0}, 0x1}, 0x0) 2018/04/21 02:36:29 executing program 2: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000000040)="220000002000070700be0000090007010a0000ff0000000000200000050013800100", 0x22) 2018/04/21 02:36:29 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000005580)='./cgroup.net\x00', 0x200002, 0x0) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_pid(r1, &(0x7f0000000580)=ANY=[], 0xfffffce5) lseek(r1, 0x0, 0x4) fchmod(r1, 0x80) unlink(&(0x7f0000000100)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000000140)={0x2, 0x0, [{}, {}]}) r2 = dup2(r1, r0) ioctl$fiemap(r2, 0xc020660b, &(0x7f00000000c0)={0x7, 0xef88, 0x2, 0x8, 0x8, [{0xfff, 0x1, 0x8, 0x0, 0x0, 0x1400}, {0x4, 0xffffffff80000001, 0x1}, {0x81, 0x8, 0x40, 0x0, 0x0, 0x180}, {0x690f, 0x4, 0xffffffffffff7c66, 0x0, 0x0, 0x400}, {0xff, 0xffff, 0x5e5f, 0x0, 0x0, 0x81}, {0x8, 0x0, 0x100000000, 0x0, 0x0, 0x8}, {0xffff, 0xaf16, 0x7, 0x0, 0x0, 0x2000}, {0x4, 0x8, 0x8001, 0x0, 0x0, 0x5}]}) perf_event_open(&(0x7f000025c000)={0x5, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r3, &(0x7f0000000040)={&(0x7f00002dfff4)={0x10}, 0xc, &(0x7f0000fd1000)={&(0x7f0000000080)={0x1c, 0x7, 0xa, 0xfffffffffffffffd, 0x0, 0x0, {}, [@nested={0x8, 0x2, [@generic="c3"]}]}, 0x1c}, 0x1}, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x9) 2018/04/21 02:36:29 executing program 5: capset(&(0x7f0000000180)={0x19980330}, &(0x7f0000000040)={0x800000, 0xfffffffffff7ffe9}) setpriority(0x1, 0x0, 0x0) [ 105.630067] 0 pages in swap cache [ 105.630076] Swap cache stats: add 0, delete 0, find 0/0 [ 105.630080] Free swap = 0kB [ 105.630084] Total swap = 0kB [ 105.630089] 1965969 pages RAM [ 105.630094] 0 pages HighMem/MovableOnly [ 105.630098] 339346 pages reserved [ 106.308134] minix_free_inode: bit 1 already cleared 2018/04/21 02:36:29 executing program 6: r0 = timerfd_create(0x9, 0x0) unshare(0x40600) capset(&(0x7f00000000c0)={0x20071026}, &(0x7f0000000140)) timerfd_settime(r0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x5}}, &(0x7f0000002000)) 2018/04/21 02:36:29 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x25) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0xbe) sendto$inet(r0, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) sendto$inet(r0, &(0x7f00006fd000)="c3", 0x1, 0x0, &(0x7f0000e66000)={0x2, 0x0, @rand_addr}, 0x10) 2018/04/21 02:36:29 executing program 3: r0 = open(&(0x7f0000000000)='./file0\x00', 0x141046, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fadvise64(r0, 0x0, 0x0, 0x0) [ 106.419125] capability: warning: `syz-executor6' uses deprecated v2 capabilities in a way that may be insecure 2018/04/21 02:36:30 executing program 5: syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r0, 0x40104593, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3, "ea33ad7aea7d7a24a5f4b92aa7d65b5940dd3bf40b4e33de3e89a4aa90d11c1d"}) 2018/04/21 02:36:30 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x40180, 0x0) fcntl$setstatus(r0, 0x4, 0x40c00) 2018/04/21 02:36:30 executing program 7: syz_mount_image$jfs(&(0x7f0000000240)='jfs\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x0, &(0x7f0000000580), 0x0, &(0x7f0000000600)={[{@resize_size={'resize', 0x3d, [0x38, 0x0]}, 0x2c}]}) 2018/04/21 02:36:30 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)=@bridge_getneigh={0x20, 0x1e, 0x515, 0x0, 0x0, {0x7}}, 0x20}, 0x1}, 0x0) 2018/04/21 02:36:30 executing program 6: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00006f3ff0)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$KDGKBLED(r0, 0xc0046d00, &(0x7f0000000000)) 2018/04/21 02:36:30 executing program 3: r0 = socket$inet6_dccp(0xa, 0x6, 0x0) perf_event_open(&(0x7f0000000180)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt(r0, 0x2000000000010d, 0x100000002, &(0x7f00007e0000)=""/4, &(0x7f0000000000)=0x4) 2018/04/21 02:36:30 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='children\x00') sendfile(r0, r0, &(0x7f0000000280), 0xb) 2018/04/21 02:36:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) fremovexattr(r0, &(0x7f00005f7000)=@known='system.sockprotoname\x00') [ 106.937386] resize option for remount only 2018/04/21 02:36:30 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='cpuacct.stat\x00', 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000080)={r1, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x20) 2018/04/21 02:36:30 executing program 6: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) readv(r1, &(0x7f00003fd000)=[{&(0x7f0000853000)=""/255, 0xffffff1f}], 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000a8eff8)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000ac5000), 0x4) sendmmsg$unix(r2, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r2, &(0x7f00002ffff6)=@file={0x0, './file0\x00'}, 0xa) [ 106.981616] resize option for remount only 2018/04/21 02:36:30 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)=@bridge_getneigh={0x20, 0x1e, 0x515, 0x0, 0x0, {0x7}}, 0x20}, 0x1}, 0x0) 2018/04/21 02:36:30 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$tun(&(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) 2018/04/21 02:36:30 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'kw(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000380)="ad56b6c5820faeb9952991765a1f9922007c1a56534c90c2", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$can_raw(r1, &(0x7f0000477000)={&(0x7f0000000080)={0x1d}, 0x10, &(0x7f0000000240)={&(0x7f00000001c0)=@can={{}, 0x0, 0x0, 0x0, 0x0, "b2ebe2c0125652c7"}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003340)=[{{&(0x7f00000000c0)=@sco, 0x80, &(0x7f0000000800), 0x0, &(0x7f0000000140)=""/94, 0x5e}}, {{&(0x7f0000002f40)=@pptp={0x0, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000003200)=[{&(0x7f0000003100)=""/226, 0xe2}], 0x1, &(0x7f0000000440)=""/239, 0xef}}], 0x2, 0x0, 0x0) 2018/04/21 02:36:30 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='children\x00') sendfile(r0, r0, &(0x7f0000000280), 0xb) 2018/04/21 02:36:30 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r0, &(0x7f00000050c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000005080)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r0, &(0x7f0000005100)=@bind={0x14, 0x88, 0xfa00, {r1, 0x10, 0x0, @in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}}}, 0x90) 2018/04/21 02:36:30 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x19) 2018/04/21 02:36:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000616ff8)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000bba000)={&(0x7f00003a2000)=@abs, 0x6e, &(0x7f0000001100), 0x0, &(0x7f00009dffb8)}, 0x0) sendmsg$unix(r1, &(0x7f0000e4ffc8)={&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0xa, &(0x7f0000000140), 0x0, &(0x7f000053c000)=[@rights={0x18, 0x1, 0x1, [r0]}], 0x18}, 0x0) close(r0) close(r1) 2018/04/21 02:36:30 executing program 7: pipe(&(0x7f0000bbc000)={0xffffffffffffffff, 0xffffffffffffffff}) rt_sigprocmask(0x0, &(0x7f0000072ff8)={0x7fffffff}, &(0x7f00000c1000), 0x8) dup2(r1, r0) vmsplice(r1, &(0x7f0000000680)=[{&(0x7f0000000840)}], 0x1, 0x0) 2018/04/21 02:36:30 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r0, &(0x7f00000050c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000005080)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r0, &(0x7f0000005100)=@bind={0x14, 0x88, 0xfa00, {r1, 0x10, 0x0, @in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}}}, 0x90) 2018/04/21 02:36:30 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000000)={0x0, {{0x2, 0x0, @multicast2=0xe0000002}}, 0x0, 0x3}, 0x59f) 2018/04/21 02:36:30 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)=@bridge_getneigh={0x20, 0x1e, 0x515, 0x0, 0x0, {0x7}}, 0x20}, 0x1}, 0x0) 2018/04/21 02:36:30 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='children\x00') sendfile(r0, r0, &(0x7f0000000280), 0xb) 2018/04/21 02:36:31 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg(r0, &(0x7f0000002200)={&(0x7f0000000000)=@nl=@unspec, 0x80, &(0x7f0000002180)=[{&(0x7f0000001180)="c730", 0x2}], 0x1, &(0x7f0000002500)}, 0x810) 2018/04/21 02:36:31 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x6, 0x4, 0x4, 0x9}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000100)='\'', &(0x7f0000000080)}, 0x20) 2018/04/21 02:36:31 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='children\x00') sendfile(r0, r0, &(0x7f0000000280), 0xb) 2018/04/21 02:36:31 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x82040, 0x0) close(r0) 2018/04/21 02:36:31 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r0, &(0x7f00000050c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000005080)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r0, &(0x7f0000005100)=@bind={0x14, 0x88, 0xfa00, {r1, 0x10, 0x0, @in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}}}, 0x90) 2018/04/21 02:36:31 executing program 4: r0 = memfd_create(&(0x7f0000000040)='wlan0*mime_type-trusted}&wlan0vmnet1.trusted{\\{GPL\x00', 0x0) mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x4, 0x4011, r0, 0x0) mknod$loop(&(0x7f0000000200)='./file0\x00', 0x0, 0xffffffffffffffff) writev(r0, &(0x7f0000007000)=[{&(0x7f0000b23000)="82aaabfc6c5b1c7a6718badabd246d62c80270e00d637af19152d09e59a695e5ecb4b013dea5c5ab0458f38fca8bbf1404fe615f1e536e0f35664718", 0x3c}], 0x1) symlink(&(0x7f0000004000)='./file0\x00', &(0x7f0000002ff6)='./control\x00') rename(&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)='./control\x00') 2018/04/21 02:36:31 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem\x00', 0x0, 0x0) dup2(r0, r1) 2018/04/21 02:36:31 executing program 6: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) readv(r1, &(0x7f00003fd000)=[{&(0x7f0000853000)=""/255, 0xffffff1f}], 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000a8eff8)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000ac5000), 0x4) sendmmsg$unix(r2, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r2, &(0x7f00002ffff6)=@file={0x0, './file0\x00'}, 0xa) 2018/04/21 02:36:31 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f000000affc)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000280)='/dev/audio\x00', 0x0, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f000000afee)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f00006a6fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x40400) dup2(r2, r1) io_setup(0x4, &(0x7f0000000000)=0x0) io_submit(r4, 0x1, &(0x7f0000001440)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000100)}]) 2018/04/21 02:36:31 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, @perf_bp, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() pipe(&(0x7f0000001380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000001340)) sendmsg$nl_route(r1, &(0x7f0000001180)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x2100}, 0xc, &(0x7f0000001140)={&(0x7f0000000540)=ANY=[@ANYBLOB="fd4decbe11b0e49578d26bd69e07d179db74fc62871eb391000a00f300010000005d36838e973549fe83f93f077e000a18a3"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000001540)={0x3c, 0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="056304400300000000634040020000000000000003000000000000000000000010000000000000000000000018000000000000000800000000000000"], 0xea, 0x0, &(0x7f0000001440)="b13900275167b519accd27b2b9e1f4293e37d506832f9215a8bee7ca9a7bce2b9f2c1735dbc68f5de398f5e5f4cd713b03f7e22458668c9c43642c7313619f39f3e4885f2effdfa2933662fd446f3887b81ed97093173ce9e0063baa47f1e1d2df855a9d4d7f574c555f8ef51064c6ed8b849fb259dfae4ee893f83e7dcccf6ace1617e64d14ac68d8b80ddc371c57459dbc4fc428504234ba20155e667267d2b3f1ba2c9c80e848ae1b187e39fd2303c92a8fb282e4dafd18d56d5a8ec0d77a9b2807a3734b8f426d0b1e9f58ccb77142198a9e9d6c84ef3ac8988b15112193e9f995813a7c62593183"}) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f00000000c0)={'TPROXY\x00'}, &(0x7f0000000100)=0x1e) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000005c0)='/dev/vcs#\x00', 0x3d, 0xc01) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'sit0\x00', 0x0}) sysinfo(&(0x7f0000000580)=""/46) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000140)={@empty, 0x8, r4}) r5 = socket$inet6(0xa, 0x40000080806, 0x0) ioctl$PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f0000000200)) sync() fcntl$notify(r2, 0x402, 0x27) bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0x401, @loopback={0x0, 0x1}}, 0x1c) getsockname(r2, &(0x7f0000000440)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @broadcast}}}, &(0x7f0000000300)=0x80) listen(r5, 0x20000003) readv(r3, &(0x7f0000000400)=[{&(0x7f0000000300)}, {&(0x7f0000000340)=""/171, 0xab}], 0x2) rt_sigpending(&(0x7f0000000240), 0x8) r6 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r6, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f00000002c0)={0x0, 0x6, 0x7fffffff, &(0x7f0000000280)}) keyctl$join(0x1, &(0x7f00000004c0)={0x73, 0x79, 0x7a, 0x0}) close(r6) r7 = accept4(r5, &(0x7f0000660ff4)=@nl=@unspec, &(0x7f0000000040)=0xf5b19b4c0b1ce647, 0x0) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f00000000c0)='ip6tnl0\x00', 0x10) recvmsg$netrom(r7, &(0x7f0000000940)={&(0x7f0000000180)=@full={{0x3, {"cc71a2b0fc7562"}, 0xb81d}, [{"ca656386e14354"}, {"7876c075e97b96"}, {"4de983d35ba1d7"}, {"f6e8d540853f18"}, {"7af8c779376ac1"}, {"6e48af09618b41"}, {"cbed916ce34e67"}, {"83eff6f7aab7bc"}]}, 0x48, &(0x7f0000000580), 0x0, &(0x7f00000005c0), 0x0, 0x20000000}, 0x0) 2018/04/21 02:36:31 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x6, 0x4, 0x4, 0x9}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000100)='\'', &(0x7f0000000080)}, 0x20) 2018/04/21 02:36:31 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r0, &(0x7f00000050c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000005080)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r0, &(0x7f0000005100)=@bind={0x14, 0x88, 0xfa00, {r1, 0x10, 0x0, @in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}}}, 0x90) 2018/04/21 02:36:32 executing program 4: r0 = memfd_create(&(0x7f0000a32ff6)='/dev/ptmx\x00', 0x3) setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0xe, &(0x7f0000000180)=0x10001, 0x4) fallocate(r0, 0x0, 0x0, 0x87da) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000040)=0x51e, 0x1) getrlimit(0xf, &(0x7f0000000000)) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) fcntl$addseals(r0, 0x409, 0xf) ftruncate(r0, 0x0) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000100)=0xb, &(0x7f0000000140)=0x4) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="726177009a6b524a0000000000000000000000000000000000000000000000000300000000000000000011000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x1) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x80000, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f00000001c0)={'tujl0\x00!\x00'}) r2 = socket$netlink(0x10, 0x3, 0xa2203dce524dfc26) sendmsg$nl_route(r2, &(0x7f000001bfc8)={&(0x7f0000016000)={0x10}, 0xc, &(0x7f000000b000)={&(0x7f000000d000)=@dellink={0x28, 0x11, 0x209, 0xffffffffffffffff, 0xffffffffffffffff, {}, [@IFLA_GROUP={0x8, 0x1b, 0x4}]}, 0x28}, 0x1}, 0x0) 2018/04/21 02:36:32 executing program 5: capset(&(0x7f0000a31000)={0x19980330}, &(0x7f00009b3000)) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0xffffffffffffffff}) 2018/04/21 02:36:32 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x6, 0x4, 0x4, 0x9}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000100)='\'', &(0x7f0000000080)}, 0x20) 2018/04/21 02:36:32 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000001280)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000001240)={&(0x7f0000001140)=@polexpire={0xcc, 0x1b, 0x1, 0x0, 0x0, {{{@in=@dev={0xac, 0x14}, @in=@dev={0xac, 0x14}}}}, [@policy_type={0xc, 0x10, {0x8}}]}, 0xcc}, 0x1}, 0x0) 2018/04/21 02:36:32 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f000000affc)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000280)='/dev/audio\x00', 0x0, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f000000afee)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f00006a6fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x40400) dup2(r2, r1) io_setup(0x4, &(0x7f0000000000)=0x0) io_submit(r4, 0x1, &(0x7f0000001440)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000100)}]) 2018/04/21 02:36:32 executing program 7: clock_gettime(0x0, &(0x7f0000949ff0)={0x0, 0x0}) setitimer(0x2, &(0x7f0000dc3fe0)={{0x77359400}, {0x0, r0/1000+30000}}, &(0x7f0000b1bfe0)) setitimer(0x2, &(0x7f00000e9000), &(0x7f0000281000)) 2018/04/21 02:36:32 executing program 6: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) readv(r1, &(0x7f00003fd000)=[{&(0x7f0000853000)=""/255, 0xffffff1f}], 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000a8eff8)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000ac5000), 0x4) sendmmsg$unix(r2, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r2, &(0x7f00002ffff6)=@file={0x0, './file0\x00'}, 0xa) 2018/04/21 02:36:32 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, @perf_bp, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() pipe(&(0x7f0000001380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000001340)) sendmsg$nl_route(r1, &(0x7f0000001180)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x2100}, 0xc, &(0x7f0000001140)={&(0x7f0000000540)=ANY=[@ANYBLOB="fd4decbe11b0e49578d26bd69e07d179db74fc62871eb391000a00f300010000005d36838e973549fe83f93f077e000a18a3"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000001540)={0x3c, 0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="056304400300000000634040020000000000000003000000000000000000000010000000000000000000000018000000000000000800000000000000"], 0xea, 0x0, &(0x7f0000001440)="b13900275167b519accd27b2b9e1f4293e37d506832f9215a8bee7ca9a7bce2b9f2c1735dbc68f5de398f5e5f4cd713b03f7e22458668c9c43642c7313619f39f3e4885f2effdfa2933662fd446f3887b81ed97093173ce9e0063baa47f1e1d2df855a9d4d7f574c555f8ef51064c6ed8b849fb259dfae4ee893f83e7dcccf6ace1617e64d14ac68d8b80ddc371c57459dbc4fc428504234ba20155e667267d2b3f1ba2c9c80e848ae1b187e39fd2303c92a8fb282e4dafd18d56d5a8ec0d77a9b2807a3734b8f426d0b1e9f58ccb77142198a9e9d6c84ef3ac8988b15112193e9f995813a7c62593183"}) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f00000000c0)={'TPROXY\x00'}, &(0x7f0000000100)=0x1e) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000005c0)='/dev/vcs#\x00', 0x3d, 0xc01) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'sit0\x00', 0x0}) sysinfo(&(0x7f0000000580)=""/46) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000140)={@empty, 0x8, r4}) r5 = socket$inet6(0xa, 0x40000080806, 0x0) ioctl$PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f0000000200)) sync() fcntl$notify(r2, 0x402, 0x27) bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0x401, @loopback={0x0, 0x1}}, 0x1c) getsockname(r2, &(0x7f0000000440)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @broadcast}}}, &(0x7f0000000300)=0x80) listen(r5, 0x20000003) readv(r3, &(0x7f0000000400)=[{&(0x7f0000000300)}, {&(0x7f0000000340)=""/171, 0xab}], 0x2) rt_sigpending(&(0x7f0000000240), 0x8) r6 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r6, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f00000002c0)={0x0, 0x6, 0x7fffffff, &(0x7f0000000280)}) keyctl$join(0x1, &(0x7f00000004c0)={0x73, 0x79, 0x7a, 0x0}) close(r6) r7 = accept4(r5, &(0x7f0000660ff4)=@nl=@unspec, &(0x7f0000000040)=0xf5b19b4c0b1ce647, 0x0) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f00000000c0)='ip6tnl0\x00', 0x10) recvmsg$netrom(r7, &(0x7f0000000940)={&(0x7f0000000180)=@full={{0x3, {"cc71a2b0fc7562"}, 0xb81d}, [{"ca656386e14354"}, {"7876c075e97b96"}, {"4de983d35ba1d7"}, {"f6e8d540853f18"}, {"7af8c779376ac1"}, {"6e48af09618b41"}, {"cbed916ce34e67"}, {"83eff6f7aab7bc"}]}, 0x48, &(0x7f0000000580), 0x0, &(0x7f00000005c0), 0x0, 0x20000000}, 0x0) 2018/04/21 02:36:32 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000065fc8)={&(0x7f0000000200)={0x10}, 0xc, &(0x7f0000e2a000)={&(0x7f00000000c0)={0x14, 0x0, 0x9, 0xfffffffffffffffd}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:32 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f000000affc)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000280)='/dev/audio\x00', 0x0, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f000000afee)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f00006a6fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x40400) dup2(r2, r1) io_setup(0x4, &(0x7f0000000000)=0x0) io_submit(r4, 0x1, &(0x7f0000001440)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000100)}]) 2018/04/21 02:36:32 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x6, 0x4, 0x4, 0x9}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000100)='\'', &(0x7f0000000080)}, 0x20) 2018/04/21 02:36:32 executing program 7: mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x18071, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x3) madvise(&(0x7f0000001000/0x2000)=nil, 0x2000, 0xf) mlock2(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0) 2018/04/21 02:36:32 executing program 0: r0 = memfd_create(&(0x7f0000000180)="171ea3be32afd6214509f770293dcc47993f51cf92947035e690d118b4fe148b877e313d4afd0fd562198d88cd7c332641e790305f0f656169ea88b03d058063b92fb643", 0x0) write$binfmt_aout(r0, &(0x7f0000000000)={{0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}}, 0x20) execveat(r0, &(0x7f0000ff7000)='./file0\x00', &(0x7f0000000580), &(0x7f000034bff8)=[&(0x7f0000ff7000)="00000000000000060804002000fffc0c6565643b799365005f1b76"], 0x1000) 2018/04/21 02:36:32 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, @perf_bp, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() pipe(&(0x7f0000001380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000001340)) sendmsg$nl_route(r1, &(0x7f0000001180)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x2100}, 0xc, &(0x7f0000001140)={&(0x7f0000000540)=ANY=[@ANYBLOB="fd4decbe11b0e49578d26bd69e07d179db74fc62871eb391000a00f300010000005d36838e973549fe83f93f077e000a18a3"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000001540)={0x3c, 0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="056304400300000000634040020000000000000003000000000000000000000010000000000000000000000018000000000000000800000000000000"], 0xea, 0x0, &(0x7f0000001440)="b13900275167b519accd27b2b9e1f4293e37d506832f9215a8bee7ca9a7bce2b9f2c1735dbc68f5de398f5e5f4cd713b03f7e22458668c9c43642c7313619f39f3e4885f2effdfa2933662fd446f3887b81ed97093173ce9e0063baa47f1e1d2df855a9d4d7f574c555f8ef51064c6ed8b849fb259dfae4ee893f83e7dcccf6ace1617e64d14ac68d8b80ddc371c57459dbc4fc428504234ba20155e667267d2b3f1ba2c9c80e848ae1b187e39fd2303c92a8fb282e4dafd18d56d5a8ec0d77a9b2807a3734b8f426d0b1e9f58ccb77142198a9e9d6c84ef3ac8988b15112193e9f995813a7c62593183"}) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f00000000c0)={'TPROXY\x00'}, &(0x7f0000000100)=0x1e) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000005c0)='/dev/vcs#\x00', 0x3d, 0xc01) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'sit0\x00', 0x0}) sysinfo(&(0x7f0000000580)=""/46) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000140)={@empty, 0x8, r4}) r5 = socket$inet6(0xa, 0x40000080806, 0x0) ioctl$PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f0000000200)) sync() fcntl$notify(r2, 0x402, 0x27) bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0x401, @loopback={0x0, 0x1}}, 0x1c) getsockname(r2, &(0x7f0000000440)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @broadcast}}}, &(0x7f0000000300)=0x80) listen(r5, 0x20000003) readv(r3, &(0x7f0000000400)=[{&(0x7f0000000300)}, {&(0x7f0000000340)=""/171, 0xab}], 0x2) rt_sigpending(&(0x7f0000000240), 0x8) r6 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r6, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f00000002c0)={0x0, 0x6, 0x7fffffff, &(0x7f0000000280)}) keyctl$join(0x1, &(0x7f00000004c0)={0x73, 0x79, 0x7a, 0x0}) close(r6) r7 = accept4(r5, &(0x7f0000660ff4)=@nl=@unspec, &(0x7f0000000040)=0xf5b19b4c0b1ce647, 0x0) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f00000000c0)='ip6tnl0\x00', 0x10) recvmsg$netrom(r7, &(0x7f0000000940)={&(0x7f0000000180)=@full={{0x3, {"cc71a2b0fc7562"}, 0xb81d}, [{"ca656386e14354"}, {"7876c075e97b96"}, {"4de983d35ba1d7"}, {"f6e8d540853f18"}, {"7af8c779376ac1"}, {"6e48af09618b41"}, {"cbed916ce34e67"}, {"83eff6f7aab7bc"}]}, 0x48, &(0x7f0000000580), 0x0, &(0x7f00000005c0), 0x0, 0x20000000}, 0x0) 2018/04/21 02:36:32 executing program 4: socketpair(0x200000000000028, 0x0, 0x0, &(0x7f0000000080)) 2018/04/21 02:36:32 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0) preadv(r1, &(0x7f0000001480)=[{&(0x7f0000001380)=""/222, 0xde}], 0x1, 0x0) 2018/04/21 02:36:32 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f000000affc)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000280)='/dev/audio\x00', 0x0, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f000000afee)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f00006a6fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x40400) dup2(r2, r1) io_setup(0x4, &(0x7f0000000000)=0x0) io_submit(r4, 0x1, &(0x7f0000001440)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000100)}]) 2018/04/21 02:36:32 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000065fc8)={&(0x7f0000000200)={0x10}, 0xc, &(0x7f0000e2a000)={&(0x7f00000000c0)={0x14, 0x0, 0x9, 0xfffffffffffffffd}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:32 executing program 4: r0 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setitimer(0x1, &(0x7f0000000040)={{0x77359400}}, &(0x7f0000000080)) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x6, r0}) accept4$bt_l2cap(r1, 0x0, &(0x7f0000000140), 0x800) ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f00000000c0)={0x0, 0x2, 0x4}) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000180)=0x7) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000000)={{}, {0xe}, 0x0, 0x1}) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000100)=0x2587, 0x4) 2018/04/21 02:36:33 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f000065ffa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00001ec000)="0a0775b0d5e383e5b3b60ced5c54dbb7", 0x10) r1 = accept$alg(r0, 0x0, 0x0) io_setup(0xc2, &(0x7f0000000000)=0x0) io_submit(r2, 0x1, &(0x7f0000001280)=[&(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000040)='"', 0x1}]) 2018/04/21 02:36:33 executing program 7: mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) 2018/04/21 02:36:33 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, @perf_bp, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() pipe(&(0x7f0000001380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000001340)) sendmsg$nl_route(r1, &(0x7f0000001180)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x2100}, 0xc, &(0x7f0000001140)={&(0x7f0000000540)=ANY=[@ANYBLOB="fd4decbe11b0e49578d26bd69e07d179db74fc62871eb391000a00f300010000005d36838e973549fe83f93f077e000a18a3"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000001540)={0x3c, 0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="056304400300000000634040020000000000000003000000000000000000000010000000000000000000000018000000000000000800000000000000"], 0xea, 0x0, &(0x7f0000001440)="b13900275167b519accd27b2b9e1f4293e37d506832f9215a8bee7ca9a7bce2b9f2c1735dbc68f5de398f5e5f4cd713b03f7e22458668c9c43642c7313619f39f3e4885f2effdfa2933662fd446f3887b81ed97093173ce9e0063baa47f1e1d2df855a9d4d7f574c555f8ef51064c6ed8b849fb259dfae4ee893f83e7dcccf6ace1617e64d14ac68d8b80ddc371c57459dbc4fc428504234ba20155e667267d2b3f1ba2c9c80e848ae1b187e39fd2303c92a8fb282e4dafd18d56d5a8ec0d77a9b2807a3734b8f426d0b1e9f58ccb77142198a9e9d6c84ef3ac8988b15112193e9f995813a7c62593183"}) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f00000000c0)={'TPROXY\x00'}, &(0x7f0000000100)=0x1e) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000005c0)='/dev/vcs#\x00', 0x3d, 0xc01) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'sit0\x00', 0x0}) sysinfo(&(0x7f0000000580)=""/46) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000140)={@empty, 0x8, r4}) r5 = socket$inet6(0xa, 0x40000080806, 0x0) ioctl$PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f0000000200)) sync() fcntl$notify(r2, 0x402, 0x27) bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0x401, @loopback={0x0, 0x1}}, 0x1c) getsockname(r2, &(0x7f0000000440)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @broadcast}}}, &(0x7f0000000300)=0x80) listen(r5, 0x20000003) readv(r3, &(0x7f0000000400)=[{&(0x7f0000000300)}, {&(0x7f0000000340)=""/171, 0xab}], 0x2) rt_sigpending(&(0x7f0000000240), 0x8) r6 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r6, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f00000002c0)={0x0, 0x6, 0x7fffffff, &(0x7f0000000280)}) keyctl$join(0x1, &(0x7f00000004c0)={0x73, 0x79, 0x7a, 0x0}) close(r6) r7 = accept4(r5, &(0x7f0000660ff4)=@nl=@unspec, &(0x7f0000000040)=0xf5b19b4c0b1ce647, 0x0) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f00000000c0)='ip6tnl0\x00', 0x10) recvmsg$netrom(r7, &(0x7f0000000940)={&(0x7f0000000180)=@full={{0x3, {"cc71a2b0fc7562"}, 0xb81d}, [{"ca656386e14354"}, {"7876c075e97b96"}, {"4de983d35ba1d7"}, {"f6e8d540853f18"}, {"7af8c779376ac1"}, {"6e48af09618b41"}, {"cbed916ce34e67"}, {"83eff6f7aab7bc"}]}, 0x48, &(0x7f0000000580), 0x0, &(0x7f00000005c0), 0x0, 0x20000000}, 0x0) 2018/04/21 02:36:33 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f000000e000)={&(0x7f00000016c0)={0x18, 0x1d, 0xffffffffffffffff, 0x0, 0x0, {0x1}, [@nested={0x4, 0x1}]}, 0x18}, 0x1}, 0x0) 2018/04/21 02:36:33 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000065fc8)={&(0x7f0000000200)={0x10}, 0xc, &(0x7f0000e2a000)={&(0x7f00000000c0)={0x14, 0x0, 0x9, 0xfffffffffffffffd}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:33 executing program 4: r0 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setitimer(0x1, &(0x7f0000000040)={{0x77359400}}, &(0x7f0000000080)) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x6, r0}) accept4$bt_l2cap(r1, 0x0, &(0x7f0000000140), 0x800) ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f00000000c0)={0x0, 0x2, 0x4}) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000180)=0x7) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000000)={{}, {0xe}, 0x0, 0x1}) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000100)=0x2587, 0x4) 2018/04/21 02:36:33 executing program 6: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) readv(r1, &(0x7f00003fd000)=[{&(0x7f0000853000)=""/255, 0xffffff1f}], 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000a8eff8)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000ac5000), 0x4) sendmmsg$unix(r2, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r2, &(0x7f00002ffff6)=@file={0x0, './file0\x00'}, 0xa) 2018/04/21 02:36:33 executing program 2: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000f94fda)="26000000130047f10701c1b00ef900000700000000ffffdf09ef18ffff000700000014006e35", 0x26) mmap(&(0x7f0000f94000/0x2000)=nil, 0x2000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) recvmsg(r0, &(0x7f0000f95fd7)={&(0x7f0000f91ff0)=@ax25, 0x10, &(0x7f0000f91000), 0x0, &(0x7f0000f91000)}, 0x0) [ 110.085226] netlink: 'syz-executor1': attribute type 1 has an invalid length. 2018/04/21 02:36:33 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="1004000000100000cc000000490b0000ec0300ed00000000000000000000000000200000002000000004000000000000e95dbe5a0000ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000140)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, [0x31]}, 0x2c}]}) [ 110.221229] EXT4-fs (loop7): bad geometry: block count 4096 exceeds size of device (2 blocks) 2018/04/21 02:36:34 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f00004d1000)=0x3) 2018/04/21 02:36:34 executing program 4: r0 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setitimer(0x1, &(0x7f0000000040)={{0x77359400}}, &(0x7f0000000080)) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x6, r0}) accept4$bt_l2cap(r1, 0x0, &(0x7f0000000140), 0x800) ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f00000000c0)={0x0, 0x2, 0x4}) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000180)=0x7) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000000)={{}, {0xe}, 0x0, 0x1}) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000100)=0x2587, 0x4) 2018/04/21 02:36:34 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/icmp\x00') r1 = socket$kcm(0x29, 0x2, 0x0) sendfile(r1, r0, &(0x7f0000301ff8), 0xffffffff) 2018/04/21 02:36:34 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x3, &(0x7f0000000140)=@framed={{0x18}, [], {0x95}}, &(0x7f0000023ffc)='GPL\x00', 0x20, 0xbc, &(0x7f000008ef44)=""/188}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000a92ff0)={r0, 0x50, &(0x7f00007bffb0)}, 0xb) 2018/04/21 02:36:34 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000065fc8)={&(0x7f0000000200)={0x10}, 0xc, &(0x7f0000e2a000)={&(0x7f00000000c0)={0x14, 0x0, 0x9, 0xfffffffffffffffd}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:34 executing program 6: r0 = creat(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f000000dff6)='./control\x00', 0x0) r1 = open(&(0x7f0000000040)='./control\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000044ff6)='./control\x00', 0x0) r2 = fanotify_init(0x0, 0x0) fanotify_mark(r2, 0x15, 0x40000000, r1, &(0x7f00000002c0)='./control\x00') fallocate(r0, 0x0, 0x0, 0x5) 2018/04/21 02:36:34 executing program 3: r0 = memfd_create(&(0x7f0000a32ff6)='/dev/ptmx\x00', 0x2) fcntl$addseals(r0, 0x409, 0xf) ftruncate(r0, 0xbd1) 2018/04/21 02:36:34 executing program 7: bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x47}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x9, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x0, 0x1, 0xfa}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x1, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) 2018/04/21 02:36:34 executing program 7: r0 = socket$inet_sctp(0x2, 0x2000000000000001, 0x84) connect$inet(r0, &(0x7f000005eff0)={0x2, 0x4e20, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10) listen(r0, 0x2) r1 = accept(r0, &(0x7f0000f06000)=@rc, &(0x7f00008f4000)=0xa) setsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000000c0), 0xfe8e) 2018/04/21 02:36:34 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000004fed)='/dev/snd/controlC#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x9, 0x31, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc10c5541, &(0x7f0000003ffc)) 2018/04/21 02:36:34 executing program 4: r0 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setitimer(0x1, &(0x7f0000000040)={{0x77359400}}, &(0x7f0000000080)) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x6, r0}) accept4$bt_l2cap(r1, 0x0, &(0x7f0000000140), 0x800) ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f00000000c0)={0x0, 0x2, 0x4}) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000180)=0x7) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000000)={{}, {0xe}, 0x0, 0x1}) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000100)=0x2587, 0x4) 2018/04/21 02:36:34 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00003bcfd0)="d3ab27191a01002356ba602dff05000bfef9b9d2a4b20079fffffffffffffe00", 0x20) sendmmsg$alg(r1, &(0x7f0000002c80)=[{0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000200)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000480)={&(0x7f0000000040)=@nfc_llcp, 0x1e, &(0x7f0000b9c000)=[{&(0x7f000080f000)=""/4096, 0x1000}], 0x1, &(0x7f0000da2000)}, 0x0) socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) 2018/04/21 02:36:34 executing program 3: perf_event_open(&(0x7f00000017c0)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x14, r1, 0x715, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:34 executing program 6: syz_emit_ethernet(0xfea4, &(0x7f0000000200)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="b6992d0c6767", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}, @broadcast=0xffffffff}, @gre={{0x0, 0x0, 0x1, 0x0, 0xb, 0xffffffffffffffff, 0x0, 0x8, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x0, 0x57}}}}}}, 0x0) 2018/04/21 02:36:34 executing program 0: syz_emit_ethernet(0x9e, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2}, @link_local={0x1, 0x80, 0xc2}, [], {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @remote={0xac, 0x14, 0x14, 0xbb}, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @remote={0xac, 0x14, 0x14, 0xbb}}}}}, 0x0) 2018/04/21 02:36:34 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000005ff7)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000009fe8)={0xfffb, 0x9, 0x0, 0xffffffffffffffff}) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x6012, r1, 0x0) mremap(&(0x7f0000006000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000000000/0x1000)=nil) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00006a4ff7)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000fef000/0x2000)=nil}) [ 111.331160] x86/PAT: syz-executor1:8249 map pfn RAM range req write-combining for [mem 0x187e90000-0x187e93fff], got write-back [ 111.417412] x86/PAT: syz-executor1:8259 map pfn RAM range req write-combining for [mem 0x187e90000-0x187e93fff], got write-back 2018/04/21 02:36:35 executing program 0: pipe(&(0x7f0000000280)={0x0, 0x0}) fcntl$setpipe(r1, 0x407, 0x0) vmsplice(r1, &(0x7f0000eacfd0)=[{&(0x7f0000493f7e)="ac", 0x1}], 0x1, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) vmsplice(r3, &(0x7f0000f14000)=[{&(0x7f0000853fde)="8d", 0x1}], 0x1, 0x0) tee(r2, r1, 0x3c, 0x0) vmsplice(r0, &(0x7f0000002400)=[{&(0x7f0000002380)="7013", 0x2}], 0x1, 0x0) 2018/04/21 02:36:35 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000004fed)='/dev/snd/controlC#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x9, 0x31, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc10c5541, &(0x7f0000003ffc)) 2018/04/21 02:36:35 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vhost-net\x00', 0x2, 0x0) io_setup(0x6, &(0x7f0000000080)=0x0) io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f00000000c0)="0a20873cfa2d1bae8e6889f4264bc998abf9983affee1a9056aaabf84e5a4b339c2413d514dc9b35ca673d733fb45ff3a7df37d670762a8d51c7a45d14a01a03c85cb45c56dc61b7", 0x48}]) 2018/04/21 02:36:35 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f000000b000)={&(0x7f000000f000)={0x10}, 0xc, &(0x7f00005a6ff0)={&(0x7f0000ff4ea0)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6, @in=@multicast2=0xe0000002}, {@in6=@loopback={0x0, 0x1}, 0xffffffffffffffff, 0x6c}, @in6=@loopback={0x0, 0x1}, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1}, 0x0) 2018/04/21 02:36:35 executing program 3: perf_event_open(&(0x7f00000017c0)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x14, r1, 0x715, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:35 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000f39ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETA(r1, 0x5402, &(0x7f0000fd8000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3) 2018/04/21 02:36:35 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000480)='rdma.max\x00', 0x2, 0x0) write(r1, &(0x7f0000000180)="6b6fe16f8c6e223c33773b5e046e19c88ccb20a25dfba20fe93583499e4bea90ceca83237a62ffe3cd087e5b13d5d5624a23eaa3ba6412890a9141a48585e1f60e26db541222cace5c33d6d07c07ff8d24851f225abd51fdf3722b4213c62f784ae9a9ecaeecfbeb515915014b7b1dde5d6caff66fe94ea0eeb7687301ea9c70fd9b99d78216c1acd3aa5f1364f9db32d041af13135a372fc48f5f7cd7130fad52f8265f328a078e261e0979ca07448e191a0b42c6f81e8cefd14a872750269af4e42edf64f71b78fed9f03d", 0xcc) 2018/04/21 02:36:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000003000/0x1000)=nil}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="66bad004b0c2eeb9800000c00f3235004000000f3065260c00b9f7080000b8a7cc4293bac878cb660f303e9c0fc7ab08000000660f3a21946e04000000090fc6c3f5b805000000b951af8bbe0f01c1640f72e300", 0x54}], 0x1, 0x0, &(0x7f0000000100)=[@vmwrite={0x8}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:35 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x0, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) read(r0, &(0x7f00000000c0)=""/222, 0xde) ioctl$ASHMEM_SET_PROT_MASK(r0, 0x7005, &(0x7f0000000080)) 2018/04/21 02:36:35 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000004fed)='/dev/snd/controlC#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x9, 0x31, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc10c5541, &(0x7f0000003ffc)) 2018/04/21 02:36:35 executing program 7: syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000010400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000022000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000080)={[{@grpquota={'grpquota', 0x3d}, 0x2c}]}) 2018/04/21 02:36:35 executing program 5: r0 = socket(0xa, 0x802, 0x0) setsockopt$inet_int(r0, 0x0, 0x18, &(0x7f0000000000)=0x200, 0x4) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f00000001c0)={0x0, 0x15, 0x0, @thr={&(0x7f0000000440), &(0x7f0000000540)}}, &(0x7f0000000200)) timer_getoverrun(0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000200)='/dev/snd/controlC#\x00', 0x2, 0x0) perf_event_open(&(0x7f0000001000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000005000), 0x2}, 0x1000000000c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f00000000c0)=0x1) r2 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x1, 0x4000) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r2, 0xc04c5349, &(0x7f0000000240)={0x200, 0xfffffffffffffcdc, 0x1}) syz_open_dev$tun(&(0x7f00000003c0)='/dev/net/tun\x00', 0x0, 0x20402) ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0xc1105517, &(0x7f0000001000)=""/250) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000000)) 2018/04/21 02:36:35 executing program 3: perf_event_open(&(0x7f00000017c0)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x14, r1, 0x715, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:35 executing program 6: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000d16ff8)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r0, &(0x7f0000000400)=[{&(0x7f0000000340)="b4", 0x1}], 0x1) sendmmsg$unix(r1, &(0x7f00000bd000), 0x2359f6a290776bb, 0x0) close(r0) [ 112.479626] f2fs_msg: 26 callbacks suppressed [ 112.479640] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 112.491343] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock 2018/04/21 02:36:35 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000004fed)='/dev/snd/controlC#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x9, 0x31, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc10c5541, &(0x7f0000003ffc)) 2018/04/21 02:36:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000003000/0x1000)=nil}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="66bad004b0c2eeb9800000c00f3235004000000f3065260c00b9f7080000b8a7cc4293bac878cb660f303e9c0fc7ab08000000660f3a21946e04000000090fc6c3f5b805000000b951af8bbe0f01c1640f72e300", 0x54}], 0x1, 0x0, &(0x7f0000000100)=[@vmwrite={0x8}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 112.541182] snd_virmidi snd_virmidi.0: control 112:0:0:Î:0 is already present [ 112.548971] F2FS-fs (loop7): Unrecognized mount option "grpquota=" or missing value [ 112.558356] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 112.565510] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 112.603958] F2FS-fs (loop7): Unrecognized mount option "grpquota=" or missing value [ 112.658729] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 112.665852] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 112.710200] F2FS-fs (loop7): Unrecognized mount option "grpquota=" or missing value [ 112.718449] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) 2018/04/21 02:36:36 executing program 6: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x7fff) r2 = open(&(0x7f00002bd93e)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000008000/0x3000)=nil, 0x3000, 0x2, 0x11, r0, 0x0) mlock(&(0x7f0000008000/0x4000)=nil, 0x4000) readv(r2, &(0x7f0000c33000)=[{&(0x7f0000007000)=""/171, 0x39c9}], 0x1) 2018/04/21 02:36:36 executing program 3: perf_event_open(&(0x7f00000017c0)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x14, r1, 0x715, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000003000/0x1000)=nil}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="66bad004b0c2eeb9800000c00f3235004000000f3065260c00b9f7080000b8a7cc4293bac878cb660f303e9c0fc7ab08000000660f3a21946e04000000090fc6c3f5b805000000b951af8bbe0f01c1640f72e300", 0x54}], 0x1, 0x0, &(0x7f0000000100)=[@vmwrite={0x8}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:36 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f00000002c0)={0x79, 0x0, [0x3, 0x9, 0x40, 0x3]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x2, 0x100000000000f000, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000380)={0x5}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f0000000280)="16f20f7d28886b7f66b80500000066b9b63a9f710f01c10f0866b8020000000f23d80f21f86635c00000d00f23f80f0132ba6100ec26f26f0f01de", 0x3b}], 0x0, 0x20000000000, &(0x7f0000000040)=[@cstype3={0x5}], 0x1) ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000080)={0x6}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cuse\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) futex(&(0x7f0000000000), 0x3, 0x0, &(0x7f00000001c0)={r3, r4+10000000}, &(0x7f0000000340)=0x2, 0x0) 2018/04/21 02:36:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000003000/0x1000)=nil}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="66bad004b0c2eeb9800000c00f3235004000000f3065260c00b9f7080000b8a7cc4293bac878cb660f303e9c0fc7ab08000000660f3a21946e04000000090fc6c3f5b805000000b951af8bbe0f01c1640f72e300", 0x54}], 0x1, 0x0, &(0x7f0000000100)=[@vmwrite={0x8}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:36 executing program 0: socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg(r0, &(0x7f00000016c0)={&(0x7f0000000200)=@generic, 0x80, &(0x7f0000001880)=[{&(0x7f0000001700)=""/97, 0x61}, {&(0x7f0000000300)=""/254, 0xfe}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000000100)=""/3, 0x3}, {&(0x7f0000001400)=""/81, 0x51}, {&(0x7f0000001780)=""/254, 0xfe}, {&(0x7f0000000180)}, {&(0x7f0000001580)=""/155, 0xfffffd92}], 0x8, &(0x7f0000001b80)=""/4096, 0x371}, 0x40002100) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x28a, &(0x7f0000000000)}, 0x0) sendmsg(r0, &(0x7f0000002f00)={&(0x7f0000001a80)=@nfc_llcp={0x27, 0x0, 0x0, 0x3, 0x8001, 0xfffffffffffffe01, "d1c56029b676997b6a609782eee9e253ced0e41cbf1227ec1a4dabf7e4de19e9d134bcb7efebc712e5c0b43b043e4f094dd7b80fb5b980b7aa257038ad33d1", 0x2e}, 0x80, &(0x7f0000001b40)=[{&(0x7f0000002b80)}], 0x1, &(0x7f0000002c80)=[{0x38, 0x111, 0x1000, "277f108bf27044a8374fbcab4e6ca60b31aa223b7c9d0584120afe9a54cbc30b98f146cd657cbb"}, {0xf8, 0x0, 0x5, "ee6e786b0fb79697c812316183487567102fbc363b18b5efc639e758040298290cfb2b663f1015ad458512a96f3847a734fbd412c92ba44e1cbff2f7371b4ac1f6ce763c055a88e61093614e940da30ea6b06a804bdedd9623478d081a8d8040eed40c9641d06385f3452b586985f38b7087ff0edd622362a7c147949c9aa89b2e896ec43455c56ee137d5de2f57f5a2fd856cf3ca3845e3d496c160e7c988fd14aec68ecaa8d8edfcc89a7b617ddb9c4881037655b0a3b56d5bb5050aadc2436d31c1e6bf0d8c0969e29b6456c80a6b00239afa7a6e694d58a6c3855009df5da092a6a9"}], 0x130, 0x8010}, 0x41) recvmsg(r0, &(0x7f0000007500)={&(0x7f0000006e40)=@hci, 0x80, &(0x7f00000073c0)=[{&(0x7f0000006ec0)=""/153, 0x99}, {&(0x7f0000007040)=""/117, 0x75}, {&(0x7f00000071c0)=""/202, 0xca}, {&(0x7f0000007380)=""/10, 0xa}], 0x4, &(0x7f0000007440)=""/171, 0xab, 0x7e}, 0x10000) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000001680)=0x0) capset(&(0x7f0000001a00)={0x399f1736, r2}, &(0x7f0000001a40)={0x0, 0x3c, 0x7fff, 0x1, 0x0, 0xfffffffffffffff7}) recvmsg(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000000)=""/95, 0x5f}, {&(0x7f0000001480)=""/109, 0x6d}], 0x2}, 0xfb28822a08a39a50) close(r1) socketpair(0x0, 0xf, 0x800, &(0x7f0000001640)) 2018/04/21 02:36:36 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x0, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) read(r0, &(0x7f00000000c0)=""/222, 0xde) ioctl$ASHMEM_SET_PROT_MASK(r0, 0x7005, &(0x7f0000000080)) 2018/04/21 02:36:36 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000a40)={&(0x7f00000001c0)={0x10}, 0xc, &(0x7f0000000800)={&(0x7f0000000940)=@updpolicy={0xb8, 0x19, 0x544ca130021a2065, 0x0, 0x0, {{@in=@multicast2=0xe0000002, @in=@dev={0xac, 0x14, 0x14}, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}, 0x1}, 0x0) 2018/04/21 02:36:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3) r3 = dup2(r2, r2) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10aea61134de09d8f0e9ab67e4bb4b3c5199cadf58ab550c72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b674281395000b90f0d692d30ecfb806326f17f0a7a24aa58b111193c5f100bb2e1f3874a807d63dfb58775215937ae2b62b46c6d581600fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503b2638feeae79436a9708b3bb19f383773834a7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42350bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae158271064ea79bddf1032b6e6ac794f37ec9d0c3bc4923cc7b631c6d010100005d99443d6653db3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c90000010000000000b5bff60a0c4f4793cd6638a2a23d68cb6e86925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cded2663d17515838f8fbba284c5b4ffc5251019eaee59d117d34c7be50fbd33ceb4508cfa4eecb7d6bb11fc4a114a13542dee77b2651783f6a504000000000000005105d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6113acdf49fa0100de0f7b3717528e35b7ef0733538a8eec8fb17616d2198d02ba4e76000200003b676deddb27755d628f29c643dfff0e4bd7abb13b7a57a3120cb2cbb70200339dc0862dafad481a63e7f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf5bcd4268012c3bca447751ef7df01c13c7cb674ff41cb3c7f6890300e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f9bcaeba90315d3b3cfc24388cc15dffeda1bd610582c5b74fa6bfe789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef91b0980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8ac2f4276cb102ec89d0a5aac3d6a33e0005506a1fd25799f1637b1bafaf09954ef"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2018/04/21 02:36:36 executing program 3: mkdir(&(0x7f000000dff6)='./control\x00', 0x0) r0 = open(&(0x7f0000000040)='./control\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000044ff6)='./control\x00', 0x0) r1 = fanotify_init(0x0, 0x0) fanotify_mark(r1, 0x11, 0x40000002, r0, &(0x7f0000000000)='./control\x00') readv(r1, &(0x7f00000004c0)=[{&(0x7f00000003c0)=""/236, 0x17}], 0x1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x1, 0x0, 0x4000003) 2018/04/21 02:36:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000003000/0x1000)=nil}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="66bad004b0c2eeb9800000c00f3235004000000f3065260c00b9f7080000b8a7cc4293bac878cb660f303e9c0fc7ab08000000660f3a21946e04000000090fc6c3f5b805000000b951af8bbe0f01c1640f72e300", 0x54}], 0x1, 0x0, &(0x7f0000000100)=[@vmwrite={0x8}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:36 executing program 6: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x7fff) r2 = open(&(0x7f00002bd93e)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000008000/0x3000)=nil, 0x3000, 0x2, 0x11, r0, 0x0) mlock(&(0x7f0000008000/0x4000)=nil, 0x4000) readv(r2, &(0x7f0000c33000)=[{&(0x7f0000007000)=""/171, 0x39c9}], 0x1) 2018/04/21 02:36:36 executing program 7: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x7fff) r2 = open(&(0x7f00002bd93e)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000008000/0x3000)=nil, 0x3000, 0x2, 0x11, r0, 0x0) mlock(&(0x7f0000008000/0x4000)=nil, 0x4000) readv(r2, &(0x7f0000c33000)=[{&(0x7f0000007000)=""/171, 0x39c9}], 0x1) 2018/04/21 02:36:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000003000/0x1000)=nil}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="66bad004b0c2eeb9800000c00f3235004000000f3065260c00b9f7080000b8a7cc4293bac878cb660f303e9c0fc7ab08000000660f3a21946e04000000090fc6c3f5b805000000b951af8bbe0f01c1640f72e300", 0x54}], 0x1, 0x0, &(0x7f0000000100)=[@vmwrite={0x8}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:36 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x400442c9, &(0x7f0000000040)) 2018/04/21 02:36:37 executing program 7: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x7fff) r2 = open(&(0x7f00002bd93e)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000008000/0x3000)=nil, 0x3000, 0x2, 0x11, r0, 0x0) mlock(&(0x7f0000008000/0x4000)=nil, 0x4000) readv(r2, &(0x7f0000c33000)=[{&(0x7f0000007000)=""/171, 0x39c9}], 0x1) 2018/04/21 02:36:37 executing program 2: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x202}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x9, 0x0, 0x0, &(0x7f0000000080)) 2018/04/21 02:36:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000003000/0x1000)=nil}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="66bad004b0c2eeb9800000c00f3235004000000f3065260c00b9f7080000b8a7cc4293bac878cb660f303e9c0fc7ab08000000660f3a21946e04000000090fc6c3f5b805000000b951af8bbe0f01c1640f72e300", 0x54}], 0x1, 0x0, &(0x7f0000000100)=[@vmwrite={0x8}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:37 executing program 6: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x7fff) r2 = open(&(0x7f00002bd93e)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000008000/0x3000)=nil, 0x3000, 0x2, 0x11, r0, 0x0) mlock(&(0x7f0000008000/0x4000)=nil, 0x4000) readv(r2, &(0x7f0000c33000)=[{&(0x7f0000007000)=""/171, 0x39c9}], 0x1) 2018/04/21 02:36:37 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) r1 = perf_event_open(&(0x7f0000940000)={0x2, 0x78, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0x1, &(0x7f0000000040)=0x0) dup3(r0, r1, 0x0) io_submit(r2, 0x1, &(0x7f00000000c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000200), 0x20000338}]) 2018/04/21 02:36:37 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000f5b000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x4, 0x0, &(0x7f0000000000)=[@register_looper={0x630b}], 0x48, 0x0, &(0x7f0000000040)="200a4f7d2cd3cf681df3e40f9a52c906790667ea55684d1647b5e62cd403c20cdc7d576f7ea8e978c8aec8834536b5140fed9f16c9c0763033919c342ff0084dd944f0455006071b"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f000026c000), &(0x7f000000afd0)}}], 0x0, 0x0, &(0x7f0000009000)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000580)={0x44, 0x0, &(0x7f0000000380)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000080)}}], 0x0, 0x0, &(0x7f0000000500)}) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) 2018/04/21 02:36:37 executing program 7: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x7fff) r2 = open(&(0x7f00002bd93e)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000008000/0x3000)=nil, 0x3000, 0x2, 0x11, r0, 0x0) mlock(&(0x7f0000008000/0x4000)=nil, 0x4000) readv(r2, &(0x7f0000c33000)=[{&(0x7f0000007000)=""/171, 0x39c9}], 0x1) 2018/04/21 02:36:37 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x0, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) read(r0, &(0x7f00000000c0)=""/222, 0xde) ioctl$ASHMEM_SET_PROT_MASK(r0, 0x7005, &(0x7f0000000080)) 2018/04/21 02:36:37 executing program 0: socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg(r0, &(0x7f00000016c0)={&(0x7f0000000200)=@generic, 0x80, &(0x7f0000001880)=[{&(0x7f0000001700)=""/97, 0x61}, {&(0x7f0000000300)=""/254, 0xfe}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000000100)=""/3, 0x3}, {&(0x7f0000001400)=""/81, 0x51}, {&(0x7f0000001780)=""/254, 0xfe}, {&(0x7f0000000180)}, {&(0x7f0000001580)=""/155, 0xfffffd92}], 0x8, &(0x7f0000001b80)=""/4096, 0x371}, 0x40002100) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x28a, &(0x7f0000000000)}, 0x0) sendmsg(r0, &(0x7f0000002f00)={&(0x7f0000001a80)=@nfc_llcp={0x27, 0x0, 0x0, 0x3, 0x8001, 0xfffffffffffffe01, "d1c56029b676997b6a609782eee9e253ced0e41cbf1227ec1a4dabf7e4de19e9d134bcb7efebc712e5c0b43b043e4f094dd7b80fb5b980b7aa257038ad33d1", 0x2e}, 0x80, &(0x7f0000001b40)=[{&(0x7f0000002b80)}], 0x1, &(0x7f0000002c80)=[{0x38, 0x111, 0x1000, "277f108bf27044a8374fbcab4e6ca60b31aa223b7c9d0584120afe9a54cbc30b98f146cd657cbb"}, {0xf8, 0x0, 0x5, "ee6e786b0fb79697c812316183487567102fbc363b18b5efc639e758040298290cfb2b663f1015ad458512a96f3847a734fbd412c92ba44e1cbff2f7371b4ac1f6ce763c055a88e61093614e940da30ea6b06a804bdedd9623478d081a8d8040eed40c9641d06385f3452b586985f38b7087ff0edd622362a7c147949c9aa89b2e896ec43455c56ee137d5de2f57f5a2fd856cf3ca3845e3d496c160e7c988fd14aec68ecaa8d8edfcc89a7b617ddb9c4881037655b0a3b56d5bb5050aadc2436d31c1e6bf0d8c0969e29b6456c80a6b00239afa7a6e694d58a6c3855009df5da092a6a9"}], 0x130, 0x8010}, 0x41) recvmsg(r0, &(0x7f0000007500)={&(0x7f0000006e40)=@hci, 0x80, &(0x7f00000073c0)=[{&(0x7f0000006ec0)=""/153, 0x99}, {&(0x7f0000007040)=""/117, 0x75}, {&(0x7f00000071c0)=""/202, 0xca}, {&(0x7f0000007380)=""/10, 0xa}], 0x4, &(0x7f0000007440)=""/171, 0xab, 0x7e}, 0x10000) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000001680)=0x0) capset(&(0x7f0000001a00)={0x399f1736, r2}, &(0x7f0000001a40)={0x0, 0x3c, 0x7fff, 0x1, 0x0, 0xfffffffffffffff7}) recvmsg(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000000)=""/95, 0x5f}, {&(0x7f0000001480)=""/109, 0x6d}], 0x2}, 0xfb28822a08a39a50) close(r1) socketpair(0x0, 0xf, 0x800, &(0x7f0000001640)) 2018/04/21 02:36:37 executing program 7: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000480)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) syz_fuse_mount(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x48080) 2018/04/21 02:36:37 executing program 2: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x202}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x9, 0x0, 0x0, &(0x7f0000000080)) [ 114.414264] binder: 8404:8407 ERROR: BC_REGISTER_LOOPER called without request 2018/04/21 02:36:37 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) 2018/04/21 02:36:37 executing program 6: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x7fff) r2 = open(&(0x7f00002bd93e)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000008000/0x3000)=nil, 0x3000, 0x2, 0x11, r0, 0x0) mlock(&(0x7f0000008000/0x4000)=nil, 0x4000) readv(r2, &(0x7f0000c33000)=[{&(0x7f0000007000)=""/171, 0x39c9}], 0x1) 2018/04/21 02:36:37 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000005ff7)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000009fe8)={0x8000, 0x1e, 0x0, 0xffffffffffffffff}) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x3, 0x6013, r1, 0x0) 2018/04/21 02:36:37 executing program 7: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r0, 0x5452, &(0x7f0000e48000)=0xfffffffffffffffa) recvmsg(r0, &(0x7f0000002700)={&(0x7f0000000040)=@hci, 0x80, &(0x7f00000025c0), 0x0, &(0x7f0000002640)=""/145, 0x91}, 0x0) shutdown(r1, 0x1) 2018/04/21 02:36:37 executing program 2: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x202}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x9, 0x0, 0x0, &(0x7f0000000080)) 2018/04/21 02:36:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) 2018/04/21 02:36:38 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20}, 0x10) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000016ffc)=0xfffff7fffffffffd, 0x4) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000015000)=0x1004, 0x4) bind$inet(r0, &(0x7f0000008ff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) listen(r1, 0x0) 2018/04/21 02:36:38 executing program 6: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f000000dff6)='./control\x00', 0x0) r0 = open(&(0x7f0000000040)='./control\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000044ff6)='./control\x00', 0x0) r1 = fanotify_init(0x2a, 0x0) fanotify_mark(r1, 0x11, 0x40000002, r0, &(0x7f0000000000)='./control\x00') r2 = open(&(0x7f00006c69d0)='./file0\x00', 0x0, 0x0) fcntl$dupfd(r2, 0x800000000402, 0xffffffffffffffff) open(&(0x7f00004a3000)='./file0\x00', 0x0, 0x0) 2018/04/21 02:36:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="ea00280000b30082d6540f30ea030000002c0066b850000f00d066ba4200b802000000efc74424000a000000c7442402acc70000c7442406000000000f0114240f20e035100000000f22e03e64360f01cf0f22c7", 0x54}], 0x1, 0x0, &(0x7f00000002c0), 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x2, r2}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 115.209735] binder: release 8404:8407 transaction 23 out, still active [ 115.216546] binder: release 8404:8407 transaction 22 in, still active [ 115.223204] binder: undelivered TRANSACTION_COMPLETE [ 115.229445] binder: BINDER_SET_CONTEXT_MGR already set [ 115.234903] binder: 8404:8456 ioctl 40046207 0 returned -16 [ 115.242714] binder: 8404:8407 ERROR: BC_REGISTER_LOOPER called without request [ 115.242721] binder_alloc: 8404: binder_alloc_buf, no vma [ 115.255732] binder: 8404:8456 transaction failed 29189/-3, size 0-0 line 2963 [ 115.266693] binder_alloc: 8404: binder_alloc_buf, no vma [ 115.272273] binder: 8404:8407 transaction failed 29189/-3, size 0-0 line 2963 [ 115.299589] binder: undelivered TRANSACTION_ERROR: 29189 [ 115.305207] binder: undelivered TRANSACTION_ERROR: 29189 [ 115.318415] binder: release 8404:8456 transaction 22 out, still active [ 115.325193] binder: undelivered TRANSACTION_COMPLETE [ 115.330352] binder: send failed reply for transaction 23, target dead [ 115.336957] binder: send failed reply for transaction 22, target dead 2018/04/21 02:36:38 executing program 2: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x202}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x9, 0x0, 0x0, &(0x7f0000000080)) 2018/04/21 02:36:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) 2018/04/21 02:36:38 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000000100)=0x5, 0x4) getsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000b67000), &(0x7f00000a8000)=0x4) 2018/04/21 02:36:38 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='numa_maps\x00') pread64(r0, &(0x7f0000000000)=""/100, 0x64, 0x1) 2018/04/21 02:36:38 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x0, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) read(r0, &(0x7f00000000c0)=""/222, 0xde) ioctl$ASHMEM_SET_PROT_MASK(r0, 0x7005, &(0x7f0000000080)) 2018/04/21 02:36:38 executing program 0: socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg(r0, &(0x7f00000016c0)={&(0x7f0000000200)=@generic, 0x80, &(0x7f0000001880)=[{&(0x7f0000001700)=""/97, 0x61}, {&(0x7f0000000300)=""/254, 0xfe}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000000100)=""/3, 0x3}, {&(0x7f0000001400)=""/81, 0x51}, {&(0x7f0000001780)=""/254, 0xfe}, {&(0x7f0000000180)}, {&(0x7f0000001580)=""/155, 0xfffffd92}], 0x8, &(0x7f0000001b80)=""/4096, 0x371}, 0x40002100) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x28a, &(0x7f0000000000)}, 0x0) sendmsg(r0, &(0x7f0000002f00)={&(0x7f0000001a80)=@nfc_llcp={0x27, 0x0, 0x0, 0x3, 0x8001, 0xfffffffffffffe01, "d1c56029b676997b6a609782eee9e253ced0e41cbf1227ec1a4dabf7e4de19e9d134bcb7efebc712e5c0b43b043e4f094dd7b80fb5b980b7aa257038ad33d1", 0x2e}, 0x80, &(0x7f0000001b40)=[{&(0x7f0000002b80)}], 0x1, &(0x7f0000002c80)=[{0x38, 0x111, 0x1000, "277f108bf27044a8374fbcab4e6ca60b31aa223b7c9d0584120afe9a54cbc30b98f146cd657cbb"}, {0xf8, 0x0, 0x5, "ee6e786b0fb79697c812316183487567102fbc363b18b5efc639e758040298290cfb2b663f1015ad458512a96f3847a734fbd412c92ba44e1cbff2f7371b4ac1f6ce763c055a88e61093614e940da30ea6b06a804bdedd9623478d081a8d8040eed40c9641d06385f3452b586985f38b7087ff0edd622362a7c147949c9aa89b2e896ec43455c56ee137d5de2f57f5a2fd856cf3ca3845e3d496c160e7c988fd14aec68ecaa8d8edfcc89a7b617ddb9c4881037655b0a3b56d5bb5050aadc2436d31c1e6bf0d8c0969e29b6456c80a6b00239afa7a6e694d58a6c3855009df5da092a6a9"}], 0x130, 0x8010}, 0x41) recvmsg(r0, &(0x7f0000007500)={&(0x7f0000006e40)=@hci, 0x80, &(0x7f00000073c0)=[{&(0x7f0000006ec0)=""/153, 0x99}, {&(0x7f0000007040)=""/117, 0x75}, {&(0x7f00000071c0)=""/202, 0xca}, {&(0x7f0000007380)=""/10, 0xa}], 0x4, &(0x7f0000007440)=""/171, 0xab, 0x7e}, 0x10000) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000001680)=0x0) capset(&(0x7f0000001a00)={0x399f1736, r2}, &(0x7f0000001a40)={0x0, 0x3c, 0x7fff, 0x1, 0x0, 0xfffffffffffffff7}) recvmsg(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000000)=""/95, 0x5f}, {&(0x7f0000001480)=""/109, 0x6d}], 0x2}, 0xfb28822a08a39a50) close(r1) socketpair(0x0, 0xf, 0x800, &(0x7f0000001640)) 2018/04/21 02:36:38 executing program 7: r0 = socket(0x10, 0x200000000002, 0xc) write(r0, &(0x7f0000000040)="1f0000000007fd1a010c000000000000000706ff09000100f80007edf98000", 0x1f) 2018/04/21 02:36:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fafff7)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x48}]}) 2018/04/21 02:36:38 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000240)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000040)="2bc7660f146a00640f080f85010026ff64000f2154baf80c66b8ca55c58366efbafc0cb8145eef0f591cf30fbd5b34640f01775c"}], 0xaaaaaaaaaaaad2a, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:38 executing program 2: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000ff7)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000000)=""/246) ioctl$EVIOCGREP(r0, 0x40107446, &(0x7f00000003c0)=""/174) 2018/04/21 02:36:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) 2018/04/21 02:36:38 executing program 6: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000100)='encrypted\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, &(0x7f0000000080)='\x00', 0x1, r0) 2018/04/21 02:36:38 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000532000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) close(r0) r1 = syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00004edfd0)={0x4, 0x0, &(0x7f0000003fe8)=[@register_looper={0x630b}], 0x48, 0x0, &(0x7f00004ed000)="d8fc1dd16de371f1d99e3b4d488546c2bbb067efde9e55e9d1048602c19fe0b0078ade697201170fdbcc34816df860d3f87023a9d8567fa3297aac9d65b25106fc55ed85da8cb6f3"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000007000)={0x14, 0x0, &(0x7f0000005fd4)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f00004ee64e)}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000004000)={0x4c, 0x0, &(0x7f000000bf80)=[@reply_sg={0x40486312, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x8, &(0x7f000000a000)=[@fda={0x77622a85, 0xfffffffffffffffe}], &(0x7f000000b000)=[0x0]}}}], 0xffffffffffffff81, 0x0, &(0x7f0000450000)}) 2018/04/21 02:36:38 executing program 7: r0 = socket(0x10, 0x200000000002, 0xc) write(r0, &(0x7f0000000040)="1f0000000007fd1a010c000000000000000706ff09000100f80007edf98000", 0x1f) 2018/04/21 02:36:39 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x2a, &(0x7f00006ba000)={@link_local={0x1, 0x80, 0xc2}, @random="e2701bb60589", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x32, 0x0, @rand_addr, @broadcast=0xffffffff}, @igmp={0x0, 0x0, 0x0, @multicast1=0xe0000001}}}}}, &(0x7f0000ea3000)) 2018/04/21 02:36:39 executing program 7: r0 = socket(0x10, 0x200000000002, 0xc) write(r0, &(0x7f0000000040)="1f0000000007fd1a010c000000000000000706ff09000100f80007edf98000", 0x1f) [ 115.712009] binder: 8494:8498 ERROR: BC_REGISTER_LOOPER called without request 2018/04/21 02:36:39 executing program 6: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000100)='encrypted\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, &(0x7f0000000080)='\x00', 0x1, r0) 2018/04/21 02:36:39 executing program 2: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f0000000000)="1f00000056000d6dfcffff00bc0203030700ef2104173f8100000002000039", 0x1f) 2018/04/21 02:36:39 executing program 7: r0 = socket(0x10, 0x200000000002, 0xc) write(r0, &(0x7f0000000040)="1f0000000007fd1a010c000000000000000706ff09000100f80007edf98000", 0x1f) 2018/04/21 02:36:39 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0x0, 0x0}) socket$kcm(0x2, 0x2, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x202}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x16, 0x0, 0x0, &(0x7f0000000080)) 2018/04/21 02:36:39 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000240)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000040)="2bc7660f146a00640f080f85010026ff64000f2154baf80c66b8ca55c58366efbafc0cb8145eef0f591cf30fbd5b34640f01775c"}], 0xaaaaaaaaaaaad2a, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:39 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'seqiv(rfc4106(gcm_base(ctr(aes-aesni),ghash-generic)))\x00'}, 0x58) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x0) 2018/04/21 02:36:39 executing program 3: r0 = socket(0x11, 0x100000802, 0x0) r1 = syz_open_dev$tun(&(0x7f0000000240)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'ifb0\x00', 0x1001}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x306) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'ifb0\x00', 0xa201}) 2018/04/21 02:36:39 executing program 0: socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) recvmsg(r0, &(0x7f00000016c0)={&(0x7f0000000200)=@generic, 0x80, &(0x7f0000001880)=[{&(0x7f0000001700)=""/97, 0x61}, {&(0x7f0000000300)=""/254, 0xfe}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000000100)=""/3, 0x3}, {&(0x7f0000001400)=""/81, 0x51}, {&(0x7f0000001780)=""/254, 0xfe}, {&(0x7f0000000180)}, {&(0x7f0000001580)=""/155, 0xfffffd92}], 0x8, &(0x7f0000001b80)=""/4096, 0x371}, 0x40002100) sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x28a, &(0x7f0000000000)}, 0x0) sendmsg(r0, &(0x7f0000002f00)={&(0x7f0000001a80)=@nfc_llcp={0x27, 0x0, 0x0, 0x3, 0x8001, 0xfffffffffffffe01, "d1c56029b676997b6a609782eee9e253ced0e41cbf1227ec1a4dabf7e4de19e9d134bcb7efebc712e5c0b43b043e4f094dd7b80fb5b980b7aa257038ad33d1", 0x2e}, 0x80, &(0x7f0000001b40)=[{&(0x7f0000002b80)}], 0x1, &(0x7f0000002c80)=[{0x38, 0x111, 0x1000, "277f108bf27044a8374fbcab4e6ca60b31aa223b7c9d0584120afe9a54cbc30b98f146cd657cbb"}, {0xf8, 0x0, 0x5, "ee6e786b0fb79697c812316183487567102fbc363b18b5efc639e758040298290cfb2b663f1015ad458512a96f3847a734fbd412c92ba44e1cbff2f7371b4ac1f6ce763c055a88e61093614e940da30ea6b06a804bdedd9623478d081a8d8040eed40c9641d06385f3452b586985f38b7087ff0edd622362a7c147949c9aa89b2e896ec43455c56ee137d5de2f57f5a2fd856cf3ca3845e3d496c160e7c988fd14aec68ecaa8d8edfcc89a7b617ddb9c4881037655b0a3b56d5bb5050aadc2436d31c1e6bf0d8c0969e29b6456c80a6b00239afa7a6e694d58a6c3855009df5da092a6a9"}], 0x130, 0x8010}, 0x41) recvmsg(r0, &(0x7f0000007500)={&(0x7f0000006e40)=@hci, 0x80, &(0x7f00000073c0)=[{&(0x7f0000006ec0)=""/153, 0x99}, {&(0x7f0000007040)=""/117, 0x75}, {&(0x7f00000071c0)=""/202, 0xca}, {&(0x7f0000007380)=""/10, 0xa}], 0x4, &(0x7f0000007440)=""/171, 0xab, 0x7e}, 0x10000) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000001680)=0x0) capset(&(0x7f0000001a00)={0x399f1736, r2}, &(0x7f0000001a40)={0x0, 0x3c, 0x7fff, 0x1, 0x0, 0xfffffffffffffff7}) recvmsg(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000000)=""/95, 0x5f}, {&(0x7f0000001480)=""/109, 0x6d}], 0x2}, 0xfb28822a08a39a50) close(r1) socketpair(0x0, 0xf, 0x800, &(0x7f0000001640)) [ 116.497834] binder: BINDER_SET_CONTEXT_MGR already set [ 116.503254] binder: 8494:8498 ioctl 40046207 0 returned -16 [ 116.503266] binder_alloc: binder_alloc_mmap_handler: 8494 20000000-20002000 already mapped failed -16 [ 116.519689] binder: 8494:8498 ERROR: BC_REGISTER_LOOPER called without request [ 116.538547] binder: undelivered TRANSACTION_COMPLETE [ 116.543742] binder: undelivered transaction 28, process died. 2018/04/21 02:36:39 executing program 6: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000100)='encrypted\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, &(0x7f0000000080)='\x00', 0x1, r0) 2018/04/21 02:36:39 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) r2 = dup2(r1, r0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$GIO_CMAP(r2, 0x4b70, &(0x7f0000000000)) setsockopt$inet_mreqn(r3, 0x0, 0x27, &(0x7f00007e6000)={@multicast2=0xe0000002, @loopback=0x7f000001}, 0xc) setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f000045afc8)={@multicast2=0xe0000002, @loopback=0x7f000001, 0x0, 0x1, [@loopback=0x7f000001]}, 0x14) bind$inet(r1, &(0x7f000000f000)={0x2, 0x0, @loopback=0x7f000001}, 0x10) connect$inet(r2, &(0x7f0000f6a000)={0x2, 0x0, @multicast2=0xe0000002}, 0x10) 2018/04/21 02:36:40 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x4, 0x4, 0x9}, 0x2c) r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r0, r1, 0x5}, 0x10) 2018/04/21 02:36:40 executing program 1: recvmsg(0xffffffffffffffff, &(0x7f0000346fc8)={&(0x7f0000000000)=@ll, 0x87f2cbd2a3010587, &(0x7f0000ca3000), 0x57, &(0x7f0000a01f13)=""/237, 0xfffffffffffffdb8}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}], {0x95}}, &(0x7f00000000c0)='GPL\x00', 0xfffffffffffffffc, 0xd7bf, &(0x7f0000001780)=""/251}, 0x34) 2018/04/21 02:36:40 executing program 6: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000100)='encrypted\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, &(0x7f0000000080)='\x00', 0x1, r0) 2018/04/21 02:36:40 executing program 4: syz_emit_ethernet(0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffff"], 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) capset(&(0x7f0000000180)={0x19980330}, &(0x7f00009b3000)) bind$bt_hci(r0, &(0x7f0000000000)={0x1f}, 0xc) 2018/04/21 02:36:40 executing program 3: r0 = socket(0x2, 0x1, 0x0) setsockopt(r0, 0x6, 0xe, &(0x7f0000902000)="020008000000000000005462fa01a15eaf0d2cf653f13cc379ede4eaf40f4a95bbff850a8263357506b31e58a98399b397e695c0f03d3b3d54436fe71cbcdc6e30ac10369300f6af7d07634832b8a5c0a94c470502e9337b3e7298fc74e81b1058d02f9b14732017e2466a9fc43aea71263335960415800020f9575da602000000001f0000d1b0e6ebcb12c7291871363e97100c4a4c2e9f5c0c14f1659ce8c8bed2e97e60a3649f93ea0c8263f864802ad72fa698807ef14a4a1813e976be1d113b514dbdc05ea1309163d6a4830de8391f2ecab7bbfbcb", 0xd8) setsockopt(r0, 0x40000000000006, 0x20, &(0x7f00000000c0)="0200080000000000d9005462fa01a55eaf0d2cf653f13cc379ed80eaf40f4a95bbff850a8263357506b31e58a98399b397e695c0f03d3b3d54436fe71cbcdc6e30ac10369300f6af7d07634832b8a5c0a94c070000000000000098fc74e81b1058d02f8001732017e2466a9fc43aea71263335960415e40000f9695da601fffff9001f0000d1b0e6ebcb12c7291871363e97100c4a4c2e9f5c0c14f1659ce8c8bed2e97e60a3649f93ea0c8263f864802a602fa698807ef14a4a1813e976be1d00000006bdc05ea1309163d6a4830de8391f2ecab7bbfbcb", 0xd8) 2018/04/21 02:36:40 executing program 7: r0 = socket(0x10, 0x20000000000003, 0x0) getsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0x4) 2018/04/21 02:36:40 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000000000000000000000000000000000000000000000000000005edffffff00000044db000000000000000000000900000000000000010000000100b5cf46b47e209d98653c850345000000000000000000000000000000080060b22f4eadc0b44c000000"]) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f61fe4)={0xa, 0x8004e20}, 0x1c) r1 = syz_open_dev$loop(&(0x7f00000002c0)='/dev/loop#\x00', 0x0, 0x82) r2 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x81006) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) r3 = socket$key(0xf, 0x3, 0x2) r4 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f000052f000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) fcntl$setlease(r3, 0x400, 0x2) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000c9af18)={{{@in=@rand_addr, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast2=0xe0000002, 0x4d3, 0x3c}, 0x0, @in6=@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x0, 0x0, 0x0, 0xfffffffffffffffd}}, 0xe8) sendmsg$key(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x7, 0x0, 0x7, 0x2}, 0x10}, 0x1}, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000340)={0x4101, 0x0, 0x5, 0x0, 0x84, 0x0, 0xd624, 0x5, 0x800, 0xffff, 0x3, 0x9, 0x0, 0x8, 0x8, 0x7fff, 0x3, 0x0, 0x81}) close(r4) sendfile(r1, r1, &(0x7f0000000080), 0x102000004) r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f000008cff4)='/dev/rfkill\x00', 0x0, 0x0) r6 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f00001b6ff4)) epoll_ctl$EPOLL_CTL_ADD(r6, 0xa000, r5, &(0x7f0000d56ff4)) setsockopt$ipx_IPX_TYPE(r2, 0x100, 0x1, &(0x7f0000000440)=0x7, 0x4) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$sock_netrom_SIOCGSTAMPNS(r2, 0x8907, &(0x7f0000000000)) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000000c0)={0x0, @empty, @broadcast}, &(0x7f0000000180)=0xc) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000200)={@mcast2={0xff, 0x2, [], 0x1}, 0x4e, r7}) syz_emit_ethernet(0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa9c00081100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e2000089078000000000000000000"], &(0x7f0000000040)) mlock(&(0x7f0000723000/0x4000)=nil, 0x4000) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/21 02:36:40 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001f88)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x1ff) fallocate(r2, 0x20, 0x0, 0xfffffeff000) lseek(r2, 0x0, 0x4) setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000000), 0x4) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000240)={0x58, &(0x7f00000001c0)="c25a3afc6de4ab025862b0894f144e975528e63ea7d1442a3b0f0ed51a9a00d9b85f58e3b861c13664d32affea21828b17246a3f623bfcc930f437f6263aecdfe3e4d40a5dbfe17c23df05d10b075e8848ca915437cb7383"}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000000)=@ioapic={0x2, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x7ff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1, 0x0, [], 0x7fffffff}]}) mmap(&(0x7f0000f1f000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) mmap(&(0x7f0000f1f000/0x3000)=nil, 0x3000, 0x0, 0x400000000008011, r1, 0x0) 2018/04/21 02:36:40 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key(&(0x7f00000002c0)='asymmetric\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a}, &(0x7f0000000340)="c5", 0x1, 0xffffffffffffffff) 2018/04/21 02:36:40 executing program 6: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000080)={@multicast1=0xe0000001, @local={0xac, 0x14, 0x14, 0xaa}}, 0xc) bind$inet(r0, &(0x7f0000eed000)={0x2, 0x4e21}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1=0xe0000001}, @udp={0x0, 0x4e21, 0x8}}}}}, 0x0) 2018/04/21 02:36:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = dup3(r3, r2, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000200)="0f30f3afbaf80c66b8981d068566efbafc0c66b80d00008066ef660f320f01df650f01ca66b9800000c00f326635000100000f3066b9700900000f3266b9800000c00f326635002000000f30f30f07", 0x4f}], 0x1, 0x0, &(0x7f00000002c0), 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x490}]}) 2018/04/21 02:36:40 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f000076c000)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) perf_event_open(&(0x7f0000d2af88)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) connect$unix(r1, &(0x7f000071eff8)=@file={0x1, './file0\x00'}, 0xa) 2018/04/21 02:36:40 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000240)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000040)="2bc7660f146a00640f080f85010026ff64000f2154baf80c66b8ca55c58366efbafc0cb8145eef0f591cf30fbd5b34640f01775c"}], 0xaaaaaaaaaaaad2a, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:40 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x800448d2, &(0x7f0000000000)={"06000000e60c9b2f85651ad4ffb13500"}) 2018/04/21 02:36:40 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vcs\x00', 0x28c100, 0x0) ioctl$KVM_GET_PIT(r0, 0xc048ae65, &(0x7f00000002c0)) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x0) ioctl$EVIOCSKEYCODE_V2(r2, 0x40284504, &(0x7f000015cfd8)={0x0, 0x1000000000001, 0x0, 0x0, "cc450294828d9b0006c7c917d91a496bed9216a6f3af549d6ee1fe23a16ba2a4"}) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000500)='/dev/sequencer2\x00', 0x8000000018d002, 0x0) fcntl$getownex(r1, 0x10, &(0x7f00000000c0)={0x0, 0x0}) getresuid(&(0x7f0000000100), &(0x7f0000000140)=0x0, &(0x7f0000000180)) fstat(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={r4, r5, r6}, 0xc) openat$rtc(0xffffffffffffff9c, &(0x7f0000000340)='/dev/rtc\x00', 0x80000, 0x0) [ 117.583296] kvm: apic: phys broadcast and lowest prio 2018/04/21 02:36:40 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001540)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)="9da77f1481a35c236d76125ad10f24f1412ccd75c01b21c1ae46fcf5fe6850b9f7", 0x21}], 0x1, &(0x7f00000001c0)}, 0x0) 2018/04/21 02:36:41 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x800448d2, &(0x7f0000000000)={"06000000e60c9b2f85651ad4ffb13500"}) 2018/04/21 02:36:41 executing program 2: r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000080)=ANY=[@ANYBLOB='\b']) pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000240)='N', 0x1}], 0x1, 0x0) [ 117.662558] kvm: apic: phys broadcast and lowest prio 2018/04/21 02:36:41 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000240)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000040)="2bc7660f146a00640f080f85010026ff64000f2154baf80c66b8ca55c58366efbafc0cb8145eef0f591cf30fbd5b34640f01775c"}], 0xaaaaaaaaaaaad2a, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:41 executing program 3: r0 = add_key(&(0x7f0000000000)='ceph\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000002100)="86302a773c81e5dceb85b4181f7453aecb06f93d3d789e358955809cc2f3552b43800101b10d9688f13bbb194304f0d0d4680d11d4e8f8b4da1b23c7c0855c77fccdb848b3e42bce82187b32de299f1b23c75d9f150ce924fbb3235bc96c2ea6ae224cdc195118e00874a14b7b602ce6607b688f6a90d40021cf0106ffbb456139c7a7c288cf6698c99dc249bda46dd683ff907b8179c34cad5e01a50bbef050ec23dcca41bd7be9d52b948afa6b3372ed79da17b414d116d7eecedf81fedf7fefac1c013241b75631eced1c77c8ae94c0e77c68e2ab9240f5246ea1376c006e4c1fe819f4225b6a1452fa275392bcd36ff97ea5dc5a2f3c4c3eab84bbfb88c6f5c31f1ef41e51d9cb2938e0d7cd5180d94fb2788be42ab7813ea19eac12ec5e75ec3c8e828793545f394b8ab0759f17535fcac78a417c7e9f2d0b3c3ab529d1788c481671fbabe335b4da12a48ff09597094ca96c989da751cb1b4a0e349930861bfca4e0f5720e01101f213fb21f075980acbb8ad1951ba13ee7f0a6e98472846431dc286af588158f3f61f2165e92c4f32a0366cf7c36f73db530ce6b9d929d6a064b3cd9969db9cf8343b644a681730f64df49df6b5d46cde3b8f98e905dfb74c674837960c363283d5c6f1beb8dd03eb0a06202044c7c7bc81ae70aff6227a54036cfe75b0852fccd3133b3c44e8356ec184791579ec510dff363ba7984455a14f884416fe82ea99d0ab1af0c158b3ca0a4115b63bc7fc4f3efc8603ce5792dfaffbb2c3e0c987d8258cc2c4f7f18e96f548ae03faf76afb4fda1af0c042ee52d7777ce0681570abd90549021b1dc64ba666256b83d1fa530a0a7b89676c6c181892a5275882c06e33abf62e264378059391c7e2bfb6482ace11494de63875a815ec9215a87575c582bf497b958da917506c5211ed0a33957ffe74f8d5a607c3bdde7929efe4f726f94596e86c05afb091c5726fd9250dc2a4cb0e4ea55a4c0ec7d3161bf73d1e7195f182574f1d96304310457798293652f3c18b47c255577003870c99acdea3fc585bf54e08262b820c1b09233086753a2d8ef2304b1715f202dd6c37b2cc95a9ada5e972d66fe1f72c80c565847d7fd891f09912efbc2a83dd3e6c8b194a86de06bb776f5fdccf596ddaa4d6c3431071fbac4cd9b9c9f01026376e64b540270d607905e827cfdad8b0ad2a70b52c0028f788cdd571774fc82ae84b43084665786086df8396fc679390c6d5409f7c7cda5904dacc15850730edbc1b0d38a35af0c5c57b3ab32c351210ca0469ff9b4639992e11e6832e523a7e701700453847e4bfb8fd7e52464ac25a8768539f0ca6abd7ec8f39e0ddc569fea12ca34ffa26ffd69ffcfec44d5517c774fc77d61b2b9d7c0489d98f9550a3f2d9bfae08f12d2c72252764741187f7b6708ec00910b9f7093f15ce77eec68035c9a462fedd8ea97581c96a578c1d63f690c4120c1faad129468eef528dbc594f5416d19bb70145af93af41ffe3a72489fd5eb142e107188c775b7d81da20d2c65c40556be30fe39526d891c1ef28b194af5ce841164e1633ac209e2c8d711a50f4b429039fc5e0d402898f3e25315a1940ae870b04859464e69a9deb29dc078f538ac60a2744a2571bc9c2bd941c0c799bc00604939e9acae0c64b7da18f0c999dba6c7f70471f3ee2303cf45979f890a3ebaad23f9b51ef2b4254dabe6e5364ffaec0e66f6aea57de1ab58d58e358fbc683dc698814e5111fedd33739e56af4598a94ed5bd0ae4cc5702f5738acb11044fbaca84c869d2ae71e0d1a7bd535d63faa6fe540c3aceeb4f037a33ca02781d417af6855b8298d87fc90337473d07eb4938ad5471cbccb5f2a9130c2bbadddfce8bdff6994cbbefac219f5172aeb71a74763babb8696fb8fe6dd5f7481c56393ad5c2cfdcf7f80ebe12d2d72976723a8d7d13b9f00d70fa4d6bffbbc1d1ef70e1e749d9b266a3896737857e16d25693b58b91e8875cbc7d191e28c4fec45fa7aba8339d2343a5e092a99404ea3e5839cbda43243e7f075462b910f03c0c8ee0b587a3fa9b41e6f887fa93ea7fcb7a1a4442194e0ebe6e3f147b7fbe8cebee95142520f2a4a304e3d5349b3ef229a303a8499c10516c3cc8fb478eaba9c5aa10f6c4c0634f8c38a30338569dc5ebc034db9731b21375530e4f021465618656053554e2fbd4e83497b5bac0f9fbbda185f9971ae09825b6977befc76c3617294bc09ab524a338482d67ab81d354c852d635d9cb0d92932d4a017fe8c1a3e9f5f832f3f1a2b4a56900c39ede69e8a403d526a3d81e692327e5e6a8aa2bf4bf1beafb64bd7dc6312d32f4fb7d9324b0c6174ba77c3e1b1f805ff97c917fb80bf155ce28d331bd7271ea8d8ba6f03ab69d7c49b9d49961299a641191e3e671735a762b57f48d1a0c0318b8441c4ab346ef56b7c62db346ddd120f5e608d41317be5d6e59e3ae58f72f1e876dc2ce2835c9a132d49d162a5004a6581f590dfb8f547c45691036cd51cd8502e4f43cb70d7c8428e78e5a3ef5532fa7752b44c0c8bb05cb7b213cf0ce2377070421061a87d402eb1a8b31f6c0f69a8d635f3ddba71577132e27d649d5eb4e19c941d96b144a9dea174afbbc4c871eeb728f4e2a57bec66000eacf5c4d5db1136b51973384ba9db58650559d5b90b8043ed1a86b60c1444f1c2933a002fca7aee9dff168fbab6423a8b82e4892e620dc0807a94d018f95a32b9d158bd60f2c8099cd042d702665cc09d48c9a2c2b70586382ee0c90efd8510b88b19159375877e3680c5ce4aee8f43f10e49b8b075183b8ffde1ca2b6d03e01a0df19ea6739577b641ea66aab73e8ff426a0a1474493cb032c19287dc75496671c159d0319650ec23444c53c82057888d4fb5d4a6303e13d5304946ee310ccbe1299b24eedb2a3a60ab103be20047e5c92ffa5f0d37f387c3adf2081ce8270c0c2fd5faa4cccf29a252667eabbec0b03f7843859ee696a874eb9e15244062aa7b9987f4f08a5642105439eb8b995e92b3fd45b05badb427d1b21d8989f0f29882243dd1f24672c538cd650ce6bbdc69fdc159579a77977556150992476cffd8cd5b6691c04ecb5edb5c71a0d7c56e6e3830a8b82111ac695b71ed23695959beac8831032def0e36cc6b931065157c2a2af1d5b83f1e01210f5ccc78cea94db1bcd716c9befc4c014b238ee2ba0177ba3fbcfe994960b5e8fa1d2a98c0799cbb30ffdd7cff02d4e3a06c773003262e1effd3eaf435422733d395b7a7c9f4774c16a75cb9ed5f745b5d8877389ca5f8397e28076d44e3c1320f73c2ce9851592b9422272a7d94a5b555ebe3bba94fbcc5223780d9a0fceb29369de1bbfaf027d1e60dca100ba0ca8ae52cf81b994c28f004b98fda2497008186d01cf4f857147fcfa4cb682863b2d52eeb39f18b750a7dca78e5346c80aad20313747b84faea033f479744a6b341d84fc22a532f318449d389a8eeafabc05aac06b32f6638c6593d947e066a357cfd008ef6a8c01fdfa91349e3c2bc322edfde37cc5555b532a55ecbf4d260ed08e013785877ddf15205e0056afce99a0453aa98251e775d2c15d0cb920ec6cafa83ed278e50fd8c827048ca2c08ed576557d2acfc66085531b6d0912d214dac26903f3079668fbe338831b132640a711773397a2a2d09dba7991898126ea69b5f2651b6dd6e4280509c969e379b73b944d777e772c031f3b62e867c08b170f0e90f6d82f0a9dc5279b5219be1714049b3a0bb2e72e64da5180919a0dd7eb64ed2602d970bfff4383ddeafc903d8a01bea758321f356d9b28217ad9f7289003ca94c246a921f3944aa297c83cc362b3c5cb6c3edd74e9491dcffe35a7e987805edd0afe5f13fc9c5cb79568345dab31f5c4db01d178098b3b761ce511bd6082ff866ad4444b310311e3067b8228e49f7635ff61c0aa0e4dcca206047962a4ab4f8e0b01c38fce3e6cb65467984b41f723355f4db4af7a9564a2ef879ce5af7fb8d31c365bc627c84805ca8a6496c404ece35ed0ba8480fdd70ef5f477bf06056726297c75ce42f8196e65517325bcf5c8459437b4e9de8de3c809b731b369e479de543ee1876e65f12b60270703df39823bca52529ba9d539e8f5d7e54cfd0b4a5112832660f8c45df9632210d22627781e1d4ef65a4504e63d100d6f3816d45d1406166dd9da59677a44f2d791286ec65e0ea05268d0f611590374693d7d6f6c641e2bc08719bbc81e1b87335a330798774a1ccdae297de449a1e22eb6d3d65f58b39ea0fa2f6a33082dab4858856b301fb7a22bfc8adfa355e77fffcc9428bd0b221206f3ad268269da9093546d60b0fa5e7634c9f35a93f09f9c47feee99b7034e3eb830b1789005e78dc3b8a8c26db6c6990ba1217af2adf279c78a95a492fe1ad4583853a62e250f5ca43648b65aa1dfbbce6d4415b9766b2e825f926cadf7280d1cc4c2a6b4f854bc87c088e049f6f91405520cc1816e2472f92beea192863ec1e8bb978d1dbd0418fe25f40e828de8b535f70ea33dff82f4490b3bec19dd297b25ea825a1eafa703872663bb21c4827d4270e905bc5fe2057deea036ffbd263daaf02df8916362c19b8d4218a96816f55a35517b3c69b8196f2ebf202dab40badcbcf1bd5bcf36422fb8c8928db78ac2c40e95578badd224c3d86c4000025650c41f90c5824b1e1433528059e4194a0f86f04ccae670af828a1ad4cc4dcbe8bd9a315640123968c3f9e330d46e92051fb6b1bbecfebcfaf94b244b9848c89b0ae43cb4336df91974a2ac2a1bea825fdb8e66762048243978cf58e1884465a3933b9c9ba0dc0dddf369c446b5a1fd44dcbc976a3759a47fe192274041b3663d54ea3d1a54d74be88909cd30cb94e156e95679a96e9c13b17bc8043b5b34bc0a6e8388ef1801a340f61a05f0f431ae14ee65046876222866d8c6f10aed8976037404a0d6da211c76e9195d182272ca0f78d954d557e1873b481e88989c69cbeb4d6642f9bf64af8bc8fb9546273e4aea471511c1d7fa7bdca57a369d15b683cdf89cae67fcd1c0a0b9b5fc37229e1ea2b8b9a515b22e95bf8751b0b1eccdf2450a86a0bc14e8f207d2dcbd127d4387d8a65bb3af4a89b41b878addc9902d2220a619d61bfee51c583351c09f7bb8007ab7076f1c57894569094136d4d7170c9466df3b8cf88a22c4cccd2cb9927292dbd85d3ef73fa16baa15f2585e0dc8e03bfd0d6e000a3d312233aa4af9adf889ff39060ba81cf2c9c5a003af61c3c9afc5bf11ba1fd7939b6055b210ca85fd0467d8cbd7aea88e7cc1d355ac629efb59bb31b327ab1d6e76d4ee995fd144e4729a18c601725838559f7014f80eaaa8a19bf82460e1e314e5a0397e02871b2a5281114474e637aee793d4c42771600467c61031976bd087918f63cbede1beea4901006985b4244cb3d61e98562336efb44c5da8d79da72591574b04a3d96b54e4f79f3fe81be87e911b67018bed40188442a5634d70fb09cff63b4043604747b7f4f4a4af3d97acc7312c1bbe009f8e0e514ed6a8349e92a769ac5bc190b8f0511c2b672bf6637939a55ee7a1e8f75e6b407609b37f09690a2f9409232cccafcdffe2aec94afeb7383a6d67f5e342768384d375ba4f06061c3e685c3dcb5c46198b541587da680bcd142fae93990efb90a7a37567887ab66c602b97ac62049c303667c91d5f04b1de587715e99194ab11c78445e05649a420eea93d45c3939c0f8ae271dddf7df6c661784da96dcbd734c114aa338cf7daf", 0x1005, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000001080)='keyring\x00', &(0x7f00000010c0)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$link(0x8, r0, r1) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-vsock\x00', 0x2, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x10, r2, 0x0) r3 = socket$vsock_stream(0x28, 0x1, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f00001b3000)='/dev/vhost-vsock\x00', 0x2, 0x0) setsockopt$IP_VS_SO_SET_EDIT(0xffffffffffffffff, 0x0, 0x483, &(0x7f0000000140)={0x89, @local={0xac, 0x14, 0x14, 0xaa}, 0x4e23, 0x1, 'wrr\x00', 0x12, 0x1f, 0x53}, 0x2c) connect$vsock_stream(r3, &(0x7f0000ff8ff0)={0x28, 0x0, 0x0, @my}, 0x10) 2018/04/21 02:36:41 executing program 6: syz_emit_ethernet(0x4e, &(0x7f0000000240)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "38ef32", 0x18, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @remote={0xfe, 0x80, [], 0xbb}, {[@fragment={0x0, 0x0, 0x1, 0x9, 0x0, 0x0, 0x64}], @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "7bc6f0", 0x0, "1145a4"}}}}}}}, &(0x7f0000000200)) 2018/04/21 02:36:41 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x800448d2, &(0x7f0000000000)={"06000000e60c9b2f85651ad4ffb13500"}) 2018/04/21 02:36:41 executing program 2: r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000080)=ANY=[@ANYBLOB='\b']) pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000240)='N', 0x1}], 0x1, 0x0) 2018/04/21 02:36:41 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000000000000000000000000000000000000000000000000000005edffffff00000044db000000000000000000000900000000000000010000000100b5cf46b47e209d98653c850345000000000000000000000000000000080060b22f4eadc0b44c000000"]) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f61fe4)={0xa, 0x8004e20}, 0x1c) r1 = syz_open_dev$loop(&(0x7f00000002c0)='/dev/loop#\x00', 0x0, 0x82) r2 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x81006) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) r3 = socket$key(0xf, 0x3, 0x2) r4 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f000052f000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) fcntl$setlease(r3, 0x400, 0x2) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000c9af18)={{{@in=@rand_addr, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast2=0xe0000002, 0x4d3, 0x3c}, 0x0, @in6=@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x0, 0x0, 0x0, 0xfffffffffffffffd}}, 0xe8) sendmsg$key(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x7, 0x0, 0x7, 0x2}, 0x10}, 0x1}, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000340)={0x4101, 0x0, 0x5, 0x0, 0x84, 0x0, 0xd624, 0x5, 0x800, 0xffff, 0x3, 0x9, 0x0, 0x8, 0x8, 0x7fff, 0x3, 0x0, 0x81}) close(r4) sendfile(r1, r1, &(0x7f0000000080), 0x102000004) r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f000008cff4)='/dev/rfkill\x00', 0x0, 0x0) r6 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f00001b6ff4)) epoll_ctl$EPOLL_CTL_ADD(r6, 0xa000, r5, &(0x7f0000d56ff4)) setsockopt$ipx_IPX_TYPE(r2, 0x100, 0x1, &(0x7f0000000440)=0x7, 0x4) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$sock_netrom_SIOCGSTAMPNS(r2, 0x8907, &(0x7f0000000000)) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000000c0)={0x0, @empty, @broadcast}, &(0x7f0000000180)=0xc) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000200)={@mcast2={0xff, 0x2, [], 0x1}, 0x4e, r7}) syz_emit_ethernet(0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa9c00081100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e2000089078000000000000000000"], &(0x7f0000000040)) mlock(&(0x7f0000723000/0x4000)=nil, 0x4000) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/21 02:36:41 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0x0, 0x0}) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close(r0) socket$kcm(0x2, 0x6, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x21d}, 0x2c) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0xffffffffffffffcc, &(0x7f0000001300)=""/251}, 0x14) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x16, 0x0, 0x61, &(0x7f0000000180)) 2018/04/21 02:36:41 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x800448d2, &(0x7f0000000000)={"06000000e60c9b2f85651ad4ffb13500"}) 2018/04/21 02:36:41 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001f88)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x1ff) fallocate(r2, 0x20, 0x0, 0xfffffeff000) lseek(r2, 0x0, 0x4) setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000000), 0x4) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000240)={0x58, &(0x7f00000001c0)="c25a3afc6de4ab025862b0894f144e975528e63ea7d1442a3b0f0ed51a9a00d9b85f58e3b861c13664d32affea21828b17246a3f623bfcc930f437f6263aecdfe3e4d40a5dbfe17c23df05d10b075e8848ca915437cb7383"}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000000)=@ioapic={0x2, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x7ff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1, 0x0, [], 0x7fffffff}]}) mmap(&(0x7f0000f1f000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) mmap(&(0x7f0000f1f000/0x3000)=nil, 0x3000, 0x0, 0x400000000008011, r1, 0x0) 2018/04/21 02:36:41 executing program 5: r0 = socket(0x10, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00008cbfd8)={'vcan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={&(0x7f00000004c0)={0x10}, 0xc, &(0x7f0000883000)={&(0x7f0000000980)=@setlink={0x44, 0x13, 0x601, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_VFINFO_LIST={0x24, 0x16, [{0x20, 0x1, [@nested={0x1c, 0x5, [@typed={0x18, 0x0, @ipv6=@mcast2={0xff, 0x2, [], 0x1}}]}]}]}]}, 0x44}, 0x1}, 0x0) 2018/04/21 02:36:41 executing program 6: fanotify_init(0x0, 0xfffffffffffffffc) 2018/04/21 02:36:41 executing program 3: r0 = socket$inet(0x15, 0x5, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2=0xe0000002}, 0x10) sendmsg(r0, &(0x7f0000000200)={0x0, 0x290, &(0x7f0000000140), 0x1}, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r1, 0x1000000000016) 2018/04/21 02:36:41 executing program 6: fanotify_init(0x0, 0xfffffffffffffffc) 2018/04/21 02:36:41 executing program 2: r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000080)=ANY=[@ANYBLOB='\b']) pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000240)='N', 0x1}], 0x1, 0x0) 2018/04/21 02:36:41 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = epoll_create1(0x8000000000000000) r2 = epoll_create1(0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x10000, 0x0) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000200)) r4 = epoll_create1(0x0) ioctl$TIOCGPTPEER(r3, 0x5441, 0x4) prctl$setname(0xf, &(0x7f0000000540)="278c7070703000") epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f00000004c0)={0x20000001}) epoll_wait(r4, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x8, 0xffffffffffffffdc) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000300)={0x20000000}) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00') socketpair$inet6_sctp(0xa, 0x0, 0x84, &(0x7f0000000100)) preadv(r5, &(0x7f0000000440)=[{&(0x7f00000001c0)=""/250, 0xff2d}], 0x1, 0x0) add_key$keyring(&(0x7f0000000840)='keyring\x00', &(0x7f0000000880)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f00000007c0)='keyring\x00', &(0x7f0000000900)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0x0) r6 = open(&(0x7f00000001c0)='./file0\x00', 0x220040, 0x104) r7 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffb) epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0) keyctl$search(0xa, 0x0, &(0x7f00000000c0)='encrypted\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, r7) ioctl$VT_GETSTATE(r3, 0x5603, &(0x7f0000000400)={0x3ff, 0x9, 0x8}) setsockopt$bt_l2cap_L2CAP_CONNINFO(r6, 0x6, 0x2, &(0x7f0000000240)={0xffff, 0x40, 0x6, 0x200}, 0x6) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000580)=[@in6={0xa, 0x0, 0x4, @local={0xfe, 0x80, [], 0xaa}, 0xff}], 0x1c) ioctl$TUNSETLINK(r6, 0x400454cd, 0x323) getsockopt$inet_opts(r0, 0x0, 0x0, &(0x7f0000000340)=""/107, &(0x7f00000003c0)=0x6b) recvfrom$inet(0xffffffffffffffff, &(0x7f0000000440)=""/65, 0x41, 0x0, &(0x7f00000002c0)={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) poll(&(0x7f0000000500)=[{r2}, {r3, 0x1000}], 0x2, 0x0) [ 118.251732] kvm: apic: phys broadcast and lowest prio 2018/04/21 02:36:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text32={0x20, &(0x7f00000005c0)="2e360f350f22d2c4e17d28ffc4c12dc6010e8fe900959c8816e014ab0f30b8010000000f01c1ea150000007100ea0f0000005463c4e3f55f90b4000000cb", 0x3e}], 0x1, 0x0, &(0x7f0000000640), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x1, 0x0, 0x1000}) 2018/04/21 02:36:41 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f000039a000)={0x5, 0x100, 0x100, 0x2}, 0x2c) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000269fb8)={0x1, 0x5, &(0x7f00000affc8)=@framed={{0x18}, [@map={0x18, 0x0, 0x1, 0x0, r0}], {0x95}}, &(0x7f000039cff6)="7379e66b616c6c657200", 0x8, 0x1000, &(0x7f000039c000)=""/4096}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f000039efd8)={0xffffffffffffffff, 0x0, 0x0, 0x33, &(0x7f00002c5000), &(0x7f00003a3fcd)=""/51}, 0x28) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00003a6ff0)={r1, 0x39, &(0x7f000039efb0)}, 0x10) 2018/04/21 02:36:41 executing program 6: fanotify_init(0x0, 0xfffffffffffffffc) 2018/04/21 02:36:41 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001f88)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x1ff) fallocate(r2, 0x20, 0x0, 0xfffffeff000) lseek(r2, 0x0, 0x4) setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000000), 0x4) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000240)={0x58, &(0x7f00000001c0)="c25a3afc6de4ab025862b0894f144e975528e63ea7d1442a3b0f0ed51a9a00d9b85f58e3b861c13664d32affea21828b17246a3f623bfcc930f437f6263aecdfe3e4d40a5dbfe17c23df05d10b075e8848ca915437cb7383"}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000000)=@ioapic={0x2, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x7ff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1, 0x0, [], 0x7fffffff}]}) mmap(&(0x7f0000f1f000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) mmap(&(0x7f0000f1f000/0x3000)=nil, 0x3000, 0x0, 0x400000000008011, r1, 0x0) 2018/04/21 02:36:41 executing program 2: r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000080)=ANY=[@ANYBLOB='\b']) pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000240)='N', 0x1}], 0x1, 0x0) 2018/04/21 02:36:41 executing program 1: r0 = socket$kcm(0x29, 0x1000000000000005, 0x0) r1 = gettid() io_submit(0x0, 0x1, &(0x7f0000001dc0)=[&(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000001440)='}', 0x1}]) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) io_setup(0x2, &(0x7f0000000080)=0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0xbd, &(0x7f00000014c0)}, &(0x7f0000000100)=0x10) io_submit(r3, 0x12f, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000001000)}]) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) tkill(r1, 0x1000000000016) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000000)) r4 = shmget(0x3, 0x2000, 0x400, &(0x7f00002e7000/0x2000)=nil) r5 = geteuid() r6 = getegid() lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) r8 = getgid() shmctl$IPC_SET(r4, 0x1, &(0x7f00000001c0)={{0x0, r5, r6, r7, r8, 0x80, 0xf2}, 0x3, 0x8, 0x6, 0x4, r1, r1, 0xfc00000000000000}) [ 118.524123] kvm: apic: phys broadcast and lowest prio 2018/04/21 02:36:42 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00002f4000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000001280)=[{{&(0x7f0000000180)=@pptp={0x0, 0x0, {0x0, @loopback}}, 0x80, &(0x7f0000000200), 0x0, &(0x7f0000000240)=""/223, 0xdf}}, {{&(0x7f00000010c0)=@nfc, 0x80, &(0x7f0000001240)=[{&(0x7f0000001180)=""/161, 0xa1}], 0x1}}], 0x2, 0x0, &(0x7f0000001400)={0x0, 0x1c9c380}) 2018/04/21 02:36:42 executing program 2: clock_nanosleep(0x2, 0x0, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000180)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) munlockall() 2018/04/21 02:36:42 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001f88)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x1ff) fallocate(r2, 0x20, 0x0, 0xfffffeff000) lseek(r2, 0x0, 0x4) setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000000), 0x4) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000240)={0x58, &(0x7f00000001c0)="c25a3afc6de4ab025862b0894f144e975528e63ea7d1442a3b0f0ed51a9a00d9b85f58e3b861c13664d32affea21828b17246a3f623bfcc930f437f6263aecdfe3e4d40a5dbfe17c23df05d10b075e8848ca915437cb7383"}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000000)=@ioapic={0x2, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x7ff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1, 0x0, [], 0x7fffffff}]}) mmap(&(0x7f0000f1f000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) mmap(&(0x7f0000f1f000/0x3000)=nil, 0x3000, 0x0, 0x400000000008011, r1, 0x0) 2018/04/21 02:36:42 executing program 5: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000080)={&(0x7f0000000240)=@nl=@kern={0x10}, 0x80, &(0x7f0000000040)=[{&(0x7f00000001c0)="5500000018007f01c02d1cb2a4a280930a0600007da843cf27d0f869020009402f002140020000001900050000fc1700000000dc1338d54400009b84136ef75afb83de448daa7227c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f00000000c0)}, 0x0) 2018/04/21 02:36:42 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000000000000000000000000000000000000000000000000000005edffffff00000044db000000000000000000000900000000000000010000000100b5cf46b47e209d98653c850345000000000000000000000000000000080060b22f4eadc0b44c000000"]) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f61fe4)={0xa, 0x8004e20}, 0x1c) r1 = syz_open_dev$loop(&(0x7f00000002c0)='/dev/loop#\x00', 0x0, 0x82) r2 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x81006) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) r3 = socket$key(0xf, 0x3, 0x2) r4 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f000052f000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) fcntl$setlease(r3, 0x400, 0x2) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000c9af18)={{{@in=@rand_addr, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast2=0xe0000002, 0x4d3, 0x3c}, 0x0, @in6=@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x0, 0x0, 0x0, 0xfffffffffffffffd}}, 0xe8) sendmsg$key(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x7, 0x0, 0x7, 0x2}, 0x10}, 0x1}, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000340)={0x4101, 0x0, 0x5, 0x0, 0x84, 0x0, 0xd624, 0x5, 0x800, 0xffff, 0x3, 0x9, 0x0, 0x8, 0x8, 0x7fff, 0x3, 0x0, 0x81}) close(r4) sendfile(r1, r1, &(0x7f0000000080), 0x102000004) r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f000008cff4)='/dev/rfkill\x00', 0x0, 0x0) r6 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f00001b6ff4)) epoll_ctl$EPOLL_CTL_ADD(r6, 0xa000, r5, &(0x7f0000d56ff4)) setsockopt$ipx_IPX_TYPE(r2, 0x100, 0x1, &(0x7f0000000440)=0x7, 0x4) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$sock_netrom_SIOCGSTAMPNS(r2, 0x8907, &(0x7f0000000000)) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000000c0)={0x0, @empty, @broadcast}, &(0x7f0000000180)=0xc) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000200)={@mcast2={0xff, 0x2, [], 0x1}, 0x4e, r7}) syz_emit_ethernet(0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa9c00081100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e2000089078000000000000000000"], &(0x7f0000000040)) mlock(&(0x7f0000723000/0x4000)=nil, 0x4000) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/21 02:36:42 executing program 3: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000000)="120000001200e7ff00ffe90009144a000ae9", 0x12, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f0000001280)={&(0x7f0000000040)=@in6={0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000001240)}, 0x0) recvmsg(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f00000012c0)=""/83, 0x53}], 0x2, &(0x7f00000013c0)=""/208, 0xd0}, 0x0) recvmsg$kcm(r0, &(0x7f0000000240)={&(0x7f00000000c0)=@pptp={0x0, 0x0, {0x0, @loopback}}, 0x20, &(0x7f00000001c0), 0x0, &(0x7f0000000200)=""/27, 0x1b}, 0x0) 2018/04/21 02:36:42 executing program 1: futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000edfff0)={0x77359400}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x4, 0x1, &(0x7f0000cc3ff0), &(0x7f0000000040), 0x0) 2018/04/21 02:36:42 executing program 6: fanotify_init(0x0, 0xfffffffffffffffc) 2018/04/21 02:36:42 executing program 6: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000e87000)={0x10}, 0xc, &(0x7f0000a3bff8)={&(0x7f0000000740)=@ipv6_newaddr={0x18, 0x14, 0x0, 0x0, 0x0, {0xa}}, 0x18}, 0x1}, 0x0) r0 = syz_open_dev$binder(&(0x7f000000cff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000004000)={0x4, 0x0, &(0x7f000000cf90)=[@enter_looper={0x630c}], 0x0, 0x0, &(0x7f0000005000)}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000001c0), 0x1, 0x0, &(0x7f0000000340)="1c"}) r1 = mmap$binder(&(0x7f000000c000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x4, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11634840"], 0x0, 0x0, &(0x7f0000011f9d)}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000300)={0xc, 0x0, &(0x7f0000000180)=[@free_buffer={0x40086303, r1}], 0x0, 0x0, &(0x7f0000000240)}) 2018/04/21 02:36:42 executing program 3: r0 = memfd_create(&(0x7f000088f000)='b\n\x00', 0x4) ftruncate(r0, 0x1000000) finit_module(r0, &(0x7f0000000080)='b\n\x00', 0x0) 2018/04/21 02:36:42 executing program 0: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) io_setup(0x6, &(0x7f0000000040)=0x0) io_getevents(r1, 0x5, 0x5, &(0x7f0000000080)=[{}, {}, {}, {}, {}], &(0x7f0000000140)={0x77359400}) tkill(r0, 0x1000000000016) [ 119.515972] netlink: 57 bytes leftover after parsing attributes in process `syz-executor5'. [ 119.537804] kvm: apic: phys broadcast and lowest prio 2018/04/21 02:36:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000264ff7)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000003000)=ANY=[@ANYRES32=0x0, @ANYBLOB='oHW'], 0x2) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000002ff0)) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)={0x0, 0x4}) 2018/04/21 02:36:43 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00008f0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000510ffc)=0x1b) readv(r0, &(0x7f0000001280)=[{&(0x7f0000001180)=""/217, 0xd9}], 0x1) 2018/04/21 02:36:43 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='bridge0\x00', 0x10) sendto$inet(r0, &(0x7f0000000040), 0x3bd, 0x0, &(0x7f0000000080)={0x2, 0x4e22, @multicast1=0xe00003e8}, 0x10) 2018/04/21 02:36:43 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00008f0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000510ffc)=0x1b) readv(r0, &(0x7f0000001280)=[{&(0x7f0000001180)=""/217, 0xd9}], 0x1) 2018/04/21 02:36:43 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00008f0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000510ffc)=0x1b) readv(r0, &(0x7f0000001280)=[{&(0x7f0000001180)=""/217, 0xd9}], 0x1) 2018/04/21 02:36:43 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='bridge0\x00', 0x10) sendto$inet(r0, &(0x7f0000000040), 0x3bd, 0x0, &(0x7f0000000080)={0x2, 0x4e22, @multicast1=0xe00003e8}, 0x10) [ 120.378309] binder: 8791:8835 ioctl c0306201 20004000 returned -14 [ 120.385977] binder: BINDER_SET_CONTEXT_MGR already set [ 120.391355] binder: 8791:8793 ioctl 40046207 0 returned -16 [ 120.397541] binder_alloc: 8791: binder_alloc_buf, no vma [ 120.403113] binder: 8791:8836 transaction failed 29189/-3, size 0-0 line 2963 [ 120.431510] binder: undelivered TRANSACTION_ERROR: 29189 [ 120.438547] binder: undelivered TRANSACTION_COMPLETE 2018/04/21 02:36:43 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000ffffffff0000000000100000850000002c00000005000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x1, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r0, 0x0, 0xe, 0x12, &(0x7f0000000400)="222fea09601182605aecc6378847", &(0x7f00000003c0)=""/18}, 0x28) 2018/04/21 02:36:43 executing program 3: r0 = memfd_create(&(0x7f000088f000)='b\n\x00', 0x4) ftruncate(r0, 0x1000000) finit_module(r0, &(0x7f0000000080)='b\n\x00', 0x0) 2018/04/21 02:36:43 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000000000000000000000000000000000000000000000000000005edffffff00000044db000000000000000000000900000000000000010000000100b5cf46b47e209d98653c850345000000000000000000000000000000080060b22f4eadc0b44c000000"]) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f61fe4)={0xa, 0x8004e20}, 0x1c) r1 = syz_open_dev$loop(&(0x7f00000002c0)='/dev/loop#\x00', 0x0, 0x82) r2 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x81006) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) r3 = socket$key(0xf, 0x3, 0x2) r4 = socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f000052f000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) fcntl$setlease(r3, 0x400, 0x2) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000c9af18)={{{@in=@rand_addr, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast2=0xe0000002, 0x4d3, 0x3c}, 0x0, @in6=@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x0, 0x0, 0x0, 0xfffffffffffffffd}}, 0xe8) sendmsg$key(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x7, 0x0, 0x7, 0x2}, 0x10}, 0x1}, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000340)={0x4101, 0x0, 0x5, 0x0, 0x84, 0x0, 0xd624, 0x5, 0x800, 0xffff, 0x3, 0x9, 0x0, 0x8, 0x8, 0x7fff, 0x3, 0x0, 0x81}) close(r4) sendfile(r1, r1, &(0x7f0000000080), 0x102000004) r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f000008cff4)='/dev/rfkill\x00', 0x0, 0x0) r6 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f00001b6ff4)) epoll_ctl$EPOLL_CTL_ADD(r6, 0xa000, r5, &(0x7f0000d56ff4)) setsockopt$ipx_IPX_TYPE(r2, 0x100, 0x1, &(0x7f0000000440)=0x7, 0x4) ioctl$LOOP_CLR_FD(r1, 0x4c01) ioctl$sock_netrom_SIOCGSTAMPNS(r2, 0x8907, &(0x7f0000000000)) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000000c0)={0x0, @empty, @broadcast}, &(0x7f0000000180)=0xc) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000200)={@mcast2={0xff, 0x2, [], 0x1}, 0x4e, r7}) syz_emit_ethernet(0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa9c00081100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e2000089078000000000000000000"], &(0x7f0000000040)) mlock(&(0x7f0000723000/0x4000)=nil, 0x4000) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/21 02:36:43 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='bridge0\x00', 0x10) sendto$inet(r0, &(0x7f0000000040), 0x3bd, 0x0, &(0x7f0000000080)={0x2, 0x4e22, @multicast1=0xe00003e8}, 0x10) 2018/04/21 02:36:43 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00008f0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000510ffc)=0x1b) readv(r0, &(0x7f0000001280)=[{&(0x7f0000001180)=""/217, 0xd9}], 0x1) 2018/04/21 02:36:43 executing program 1: r0 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x1fffe, 0x0) ftruncate(r0, 0x8001) r1 = open$dir(&(0x7f0000000500)='./file0\x00', 0x2, 0x0) read(r1, &(0x7f0000003600)=""/4096, 0x1000) sendfile(r1, r1, &(0x7f0000000040), 0x7527fb3200000000) ftruncate(r0, 0x0) fallocate(r1, 0x3, 0x0, 0xffffffff000) socket$inet6_sctp(0xa, 0x0, 0x84) 2018/04/21 02:36:43 executing program 6: clone(0x0, &(0x7f000074a000), &(0x7f0000744000), &(0x7f0000f8b000), &(0x7f0000804000)) setpriority(0x1, 0x0, 0x0) 2018/04/21 02:36:43 executing program 2: r0 = shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000100)=""/108) r1 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x8001, 0x800) getpeername$inet6(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, @remote}, &(0x7f0000000340)=0x1c) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000002c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-twofish-3way\x00'}, 0x58) accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) getsockopt$packet_int(r1, 0x107, 0x1000000018, &(0x7f00000001c0), &(0x7f0000000380)=0x351) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f00000000c0)) request_key(&(0x7f0000000000)='.request_key_auth\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000080)='\x00', 0x0) 2018/04/21 02:36:44 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='bridge0\x00', 0x10) sendto$inet(r0, &(0x7f0000000040), 0x3bd, 0x0, &(0x7f0000000080)={0x2, 0x4e22, @multicast1=0xe00003e8}, 0x10) 2018/04/21 02:36:44 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f000014afe4)={&(0x7f0000b84000)={0x10, 0x34000}, 0xc, &(0x7f0000000000)={&(0x7f0000e4f000)={0x14, 0x25, 0x301, 0x0, 0x0, {0x2}}, 0x14}, 0x1}, 0x0) 2018/04/21 02:36:44 executing program 0: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) bind$llc(r0, &(0x7f0000000000)={0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x10) bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14}}, 0x10) 2018/04/21 02:36:44 executing program 2: r0 = shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000100)=""/108) r1 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x8001, 0x800) getpeername$inet6(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, @remote}, &(0x7f0000000340)=0x1c) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000002c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-twofish-3way\x00'}, 0x58) accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) getsockopt$packet_int(r1, 0x107, 0x1000000018, &(0x7f00000001c0), &(0x7f0000000380)=0x351) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f00000000c0)) request_key(&(0x7f0000000000)='.request_key_auth\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000080)='\x00', 0x0) 2018/04/21 02:36:44 executing program 5: perf_event_open(&(0x7f0000d2af88)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffd) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000aeeff8)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f00000e6ffc)=0x2000000000007, 0x9c88be9f5a8c7c99) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000080)=0x20, 0x4) write(r0, &(0x7f0000bdf000), 0x0) r1 = socket$bt_rfcomm(0x1f, 0x0, 0x3) r2 = syz_open_dev$amidi(&(0x7f0000000280)='/dev/amidi#\x00', 0x2, 0x2) readv(r1, &(0x7f0000000080), 0x22f) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0x0, &(0x7f0000000540)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x93, &(0x7f00000005c0)=""/147}, 0x48) close(r2) getsockopt$inet_mreqn(r2, 0x0, 0x0, &(0x7f00000003c0)={@remote}, &(0x7f0000000400)=0xc) ioctl$DRM_IOCTL_DMA(r2, 0xc0406429, &(0x7f0000000340)={0x0, 0x5, &(0x7f0000000140)=[0x1, 0x101, 0xfff, 0x814e, 0x2], &(0x7f0000000180)=[0x5, 0x80000000, 0x3ff], 0x10, 0x7, 0x7fff, &(0x7f00000001c0)=[0xffff, 0x4, 0x4, 0xffffffffffffffff, 0x5, 0x10000, 0x0], &(0x7f0000000200)=[0x1, 0x2, 0x5bc, 0x3, 0x8, 0xfffffffffffffff8, 0xfffffffffffffffa, 0x4]}) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={r2, 0x1, 0x1, 0x2, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r2, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000080)=0x4) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x101082, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f00000006c0)={0x0, @in6={{0xa, 0x4e24, 0xfffffffffffffffa, @mcast1={0xff, 0x1, [], 0x1}, 0x1}}, 0x5, 0x9ed}, &(0x7f0000000300)=0x90) socket$kcm(0x29, 0x5, 0x0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000440)={r3, 0x10000, 0x800, 0x4, 0xe8, 0x6}, &(0x7f0000000540)=0x14) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) getsockname$netlink(r4, &(0x7f0000000100), &(0x7f0000000240)=0xc) io_setup(0xcb, &(0x7f0000000680)) 2018/04/21 02:36:44 executing program 6: clone(0x0, &(0x7f000074a000), &(0x7f0000744000), &(0x7f0000f8b000), &(0x7f0000804000)) setpriority(0x1, 0x0, 0x0) 2018/04/21 02:36:44 executing program 0: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f000045fff8)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x4207, r1) ptrace$setregset(0x4205, r1, 0x2, &(0x7f0000000200)={&(0x7f00000001c0)}) 2018/04/21 02:36:44 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x66, &(0x7f0000015e15)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000], 0x1}, {[], @icmpv6=@dest_unreach={0xffffff81, 0x0, 0x0, 0x0, [0x14], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3], 0x1}, @mcast2={0xff, 0x2, [], 0x1}}}}}}}}, 0x0) 2018/04/21 02:36:44 executing program 3: r0 = memfd_create(&(0x7f000088f000)='b\n\x00', 0x4) ftruncate(r0, 0x1000000) finit_module(r0, &(0x7f0000000080)='b\n\x00', 0x0) 2018/04/21 02:36:44 executing program 2: r0 = shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000100)=""/108) r1 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x8001, 0x800) getpeername$inet6(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, @remote}, &(0x7f0000000340)=0x1c) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000002c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-twofish-3way\x00'}, 0x58) accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) getsockopt$packet_int(r1, 0x107, 0x1000000018, &(0x7f00000001c0), &(0x7f0000000380)=0x351) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f00000000c0)) request_key(&(0x7f0000000000)='.request_key_auth\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000080)='\x00', 0x0) 2018/04/21 02:36:44 executing program 0: r0 = socket(0x10, 0x2, 0x0) recvmmsg(r0, &(0x7f0000006940)=[{{&(0x7f0000006580)=@hci, 0x80, &(0x7f00000068c0), 0x0, &(0x7f0000006900)=""/35, 0x23}}], 0x1, 0x0, &(0x7f0000006a40)={0x0, 0x1c9c380}) write(r0, &(0x7f0000000080)="260000002200470153ff070089ffcfff02006d2000001f00c0e9ffff495180e507c7033500b0", 0x26) 2018/04/21 02:36:44 executing program 4: mkdir(&(0x7f0000000040)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000240)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000002c0)='./control/file0\x00') unlink(&(0x7f0000000140)='./control/file0\x00') llistxattr(&(0x7f0000000080)='./control/file1/file0\x00', &(0x7f0000000300)=""/242, 0xcd) close(r0) 2018/04/21 02:36:44 executing program 1: r0 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x1fffe, 0x0) ftruncate(r0, 0x8001) r1 = open$dir(&(0x7f0000000500)='./file0\x00', 0x2, 0x0) read(r1, &(0x7f0000003600)=""/4096, 0x1000) sendfile(r1, r1, &(0x7f0000000040), 0x7527fb3200000000) ftruncate(r0, 0x0) fallocate(r1, 0x3, 0x0, 0xffffffff000) socket$inet6_sctp(0xa, 0x0, 0x84) 2018/04/21 02:36:44 executing program 6: clone(0x0, &(0x7f000074a000), &(0x7f0000744000), &(0x7f0000f8b000), &(0x7f0000804000)) setpriority(0x1, 0x0, 0x0) 2018/04/21 02:36:44 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, &(0x7f00000001c0)) close(r0) 2018/04/21 02:36:45 executing program 2: r0 = shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000ffc000/0x4000)=nil) shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000100)=""/108) r1 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x8001, 0x800) getpeername$inet6(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, @remote}, &(0x7f0000000340)=0x1c) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000002c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-twofish-3way\x00'}, 0x58) accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) getsockopt$packet_int(r1, 0x107, 0x1000000018, &(0x7f00000001c0), &(0x7f0000000380)=0x351) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f00000000c0)) request_key(&(0x7f0000000000)='.request_key_auth\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000080)='\x00', 0x0) 2018/04/21 02:36:45 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x66, &(0x7f0000015e15)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000], 0x1}, {[], @icmpv6=@dest_unreach={0xffffff81, 0x0, 0x0, 0x0, [0x14], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3], 0x1}, @mcast2={0xff, 0x2, [], 0x1}}}}}}}}, 0x0) 2018/04/21 02:36:45 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4000085}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0xfffffffffffffffc, 0x188, &(0x7f00001a7f05)=""/251}, 0x48) 2018/04/21 02:36:45 executing program 6: clone(0x0, &(0x7f000074a000), &(0x7f0000744000), &(0x7f0000f8b000), &(0x7f0000804000)) setpriority(0x1, 0x0, 0x0) 2018/04/21 02:36:45 executing program 3: r0 = memfd_create(&(0x7f000088f000)='b\n\x00', 0x4) ftruncate(r0, 0x1000000) finit_module(r0, &(0x7f0000000080)='b\n\x00', 0x0) 2018/04/21 02:36:45 executing program 2: mkdir(&(0x7f0000afbff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f0000b75000)) chdir(&(0x7f0000000300)='./file0\x00') open(&(0x7f00003b6ff8)='./file0\x00', 0x10000000080040, 0x0) rename(&(0x7f0000fdbff8)='./file0\x00', &(0x7f0000887ff8)='./file1\x00') 2018/04/21 02:36:45 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x66, &(0x7f0000015e15)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000], 0x1}, {[], @icmpv6=@dest_unreach={0xffffff81, 0x0, 0x0, 0x0, [0x14], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3], 0x1}, @mcast2={0xff, 0x2, [], 0x1}}}}}}}}, 0x0) 2018/04/21 02:36:45 executing program 5: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0xe}) prlimit64(0x0, 0x7, &(0x7f00000000c0), &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000911000)={{&(0x7f0000004000/0x1000)=nil, 0x1000}, 0x1}) clone(0x0, &(0x7f0000001f37), &(0x7f0000001ffc), &(0x7f0000001000), &(0x7f0000001000)) read(r0, &(0x7f0000000300)=""/100, 0x64) 2018/04/21 02:36:45 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x66, &(0x7f0000015e15)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000], 0x1}, {[], @icmpv6=@dest_unreach={0xffffff81, 0x0, 0x0, 0x0, [0x14], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3], 0x1}, @mcast2={0xff, 0x2, [], 0x1}}}}}}}}, 0x0) 2018/04/21 02:36:45 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$inet_udp(0x2, 0x2, 0x0) sendto$inet(r1, &(0x7f0000000080), 0x0, 0x8000, &(0x7f00000000c0)={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) dup3(r0, r1, 0x0) 2018/04/21 02:36:45 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000040), 0x4) 2018/04/21 02:36:45 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f00000d3f0a)=""/246) ioctl$EVIOCGREP(r0, 0x4004743c, &(0x7f00005c8f52)=""/174) poll(&(0x7f00000023c0)=[{r0}], 0x1, 0x0) 2018/04/21 02:36:45 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fdd000)=0x3) ioctl$PIO_UNISCRNMAP(r1, 0x80047456, &(0x7f0000000280)) 2018/04/21 02:36:45 executing program 1: r0 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x1fffe, 0x0) ftruncate(r0, 0x8001) r1 = open$dir(&(0x7f0000000500)='./file0\x00', 0x2, 0x0) read(r1, &(0x7f0000003600)=""/4096, 0x1000) sendfile(r1, r1, &(0x7f0000000040), 0x7527fb3200000000) ftruncate(r0, 0x0) fallocate(r1, 0x3, 0x0, 0xffffffff000) socket$inet6_sctp(0xa, 0x0, 0x84) 2018/04/21 02:36:45 executing program 4: mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000e3eff8)={0x0, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000040)="2e65dbe10af866b9890400000f32d89f0f00ea1b00fd00d1b11c96f2662e0f21546cdbf7b839018ec8", 0x29}], 0x1, 0x0, &(0x7f00000000c0), 0x0) dup3(r3, r2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000decfe0)={0x10005, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000500)="0f005c0666b8ef0000000f23d00f21f86635300000010f23f866b9770b000066b80000008066ba000000000f30f20f35f30f1bcff4650f01cabaf80c66b8c261a58266efbafc0cb874daef0f236d0f32", 0x50}], 0x0, 0x0, &(0x7f0000000280), 0x100) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='\x00\x00\x00\afles\x00') getdents(r4, &(0x7f0000000ea9)=""/407, 0x197) 2018/04/21 02:36:46 executing program 6: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/pfkey\x00', 0x0, 0x0) mprotect(&(0x7f000000a000/0x3000)=nil, 0x3000, 0x0) bind$inet(r0, &(0x7f0000dc9ff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) sendto$inet(r0, &(0x7f000099bf26), 0x0, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000100), 0xff59, 0x4008004, 0x0, 0xffffffffffffffba) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240)='/dev/hwrng\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3b6, &(0x7f0000000100)}) [ 122.658181] PPPIOCDETACH file->f_count=2 2018/04/21 02:36:46 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000280110011772afefffff600611858"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0x228, &(0x7f0000000300)=""/187}, 0x48) 2018/04/21 02:36:46 executing program 0: r0 = socket(0x2, 0x1, 0x0) setsockopt(r0, 0x40000000000006, 0x20, &(0x7f00000ac000)="02000000", 0x4) 2018/04/21 02:36:46 executing program 7: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f000000bfc8)={&(0x7f0000000000)=@nl=@kern={0x10}, 0x80, &(0x7f0000002000)=[{&(0x7f0000b4efab)="5500000018007fafb7a41cb22da280000206000000a843096c37236939000900210008004b00ca8a9848a3090000006b7b31afdc1338d54400009b84136ef75afb83de4411003ab8220000bf0cec6bab91d4000000", 0x55}], 0x1, &(0x7f0000000080)}, 0x0) [ 122.697485] PPPIOCDETACH file->f_count=2 2018/04/21 02:36:46 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f00000d3f0a)=""/246) ioctl$EVIOCGREP(r0, 0x4004743c, &(0x7f00005c8f52)=""/174) poll(&(0x7f00000023c0)=[{r0}], 0x1, 0x0) 2018/04/21 02:36:46 executing program 6: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/pfkey\x00', 0x0, 0x0) mprotect(&(0x7f000000a000/0x3000)=nil, 0x3000, 0x0) bind$inet(r0, &(0x7f0000dc9ff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) sendto$inet(r0, &(0x7f000099bf26), 0x0, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000100), 0xff59, 0x4008004, 0x0, 0xffffffffffffffba) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240)='/dev/hwrng\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3b6, &(0x7f0000000100)}) 2018/04/21 02:36:46 executing program 4: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$revoke(0x3, r0) 2018/04/21 02:36:46 executing program 0: clone(0x200, &(0x7f0000fbf000), &(0x7f0000c53000), &(0x7f0000000180), &(0x7f000025e000)) mknod(&(0x7f0000f80000)='./file0\x00', 0x3, 0x0) r0 = getpgid(0xffffffffffffffff) ptrace$peekuser(0x3, r0, 0x2) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000ca5fe8), &(0x7f00006fcff0)) clock_gettime(0x0, &(0x7f00000001c0)) r1 = inotify_init1(0x0) r2 = socket$inet6(0xa, 0x3, 0x7) modify_ldt$write2(0x11, &(0x7f0000000080)={0x9fa2, 0x20001000, 0xffffffff, 0x3, 0x1, 0xffffffffffffff01, 0x2, 0x0, 0x5, 0x1}, 0x10) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f000045fff8)={0x0, 0x0}) r4 = getpgrp(0x0) timer_delete(0x0) kcmp(r3, r4, 0x5, r2, 0xffffffffffffffff) creat(&(0x7f0000000240)='./file0\x00', 0x0) connect(r2, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x0, 0x80020000}, 0x80) [ 122.908581] PPPIOCDETACH file->f_count=2 2018/04/21 02:36:46 executing program 7: bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x1, &(0x7f0000001fe8)=ANY=[@ANYBLOB="79ff60000000806cb7"], &(0x7f0000003ff6)='syzkaller\x00', 0x0, 0xc3, &(0x7f0000009f3d)=""/195}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000001fd8)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x25}, [@ldst={0x7}], {0x95}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x437, &(0x7f000000cf3d)=""/195}, 0x48) r1 = socket(0x10, 0x3, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r0, 0x4) write(r1, &(0x7f00000005c0)="260000005e0009000000eaf83a0000000000000001000000ffffff000008db1ee9ff4435eade", 0x26) 2018/04/21 02:36:46 executing program 2: perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xa, 0xffffffffffffffff, 0x5) 2018/04/21 02:36:46 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f00000d3f0a)=""/246) ioctl$EVIOCGREP(r0, 0x4004743c, &(0x7f00005c8f52)=""/174) poll(&(0x7f00000023c0)=[{r0}], 0x1, 0x0) 2018/04/21 02:36:46 executing program 6: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/pfkey\x00', 0x0, 0x0) mprotect(&(0x7f000000a000/0x3000)=nil, 0x3000, 0x0) bind$inet(r0, &(0x7f0000dc9ff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) sendto$inet(r0, &(0x7f000099bf26), 0x0, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000100), 0xff59, 0x4008004, 0x0, 0xffffffffffffffba) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240)='/dev/hwrng\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3b6, &(0x7f0000000100)}) 2018/04/21 02:36:46 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "6cb782e4ad88b89d1fd309169f44812107130ee55db70510420aaa96759ecbc36eb9bb12b6124793608dd0e7316d1d4f4dbac39806e4ac714b7ecefa8a934a", 0xb}, 0x60) 2018/04/21 02:36:46 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000140)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open_by_handle_at(r1, &(0x7f0000000180)={0xa, 0x1, "eb50"}, 0x0) 2018/04/21 02:36:46 executing program 1: r0 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x1fffe, 0x0) ftruncate(r0, 0x8001) r1 = open$dir(&(0x7f0000000500)='./file0\x00', 0x2, 0x0) read(r1, &(0x7f0000003600)=""/4096, 0x1000) sendfile(r1, r1, &(0x7f0000000040), 0x7527fb3200000000) ftruncate(r0, 0x0) fallocate(r1, 0x3, 0x0, 0xffffffff000) socket$inet6_sctp(0xa, 0x0, 0x84) 2018/04/21 02:36:46 executing program 5: r0 = socket(0x11, 0x4000000000080003, 0x0) setsockopt$packet_int(r0, 0x107, 0xe, &(0x7f0000788000), 0x297) 2018/04/21 02:36:47 executing program 5: r0 = socket$inet(0x2, 0x6, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x32, &(0x7f0000000100)=@filter={'filter\x00', 0xe, 0x4, 0x348, 0xffffffff, 0x208, 0x208, 0x130, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@ipv6={@mcast1={0xff, 0x1, [], 0x1}, @ipv4={[], [0xff, 0xff], @rand_addr}, [], [], 'irlan0\x00', 'eql\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@AUDIT={0x28, 'AUDIT\x00'}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x3a8) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000240)={'filter\x00', 0x7, 0x4, 0x4a8, 0x140, 0x0, 0x0, 0x3c0, 0x3c0, 0x3c0, 0x4, &(0x7f0000000200), {[{{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @dev={0xac, 0x14, 0x14}, @local={0xac, 0x14, 0x14, 0xaa}}}}, {{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @multicast1=0xe0000001}}}, {{@arp={@loopback=0x7f000001, @multicast2=0xe0000002, 0x0, 0x0, @mac=@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, {}, @empty, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 'syzkaller1\x00'}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @empty, @rand_addr}}}], {{[], 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x4f8) [ 123.701161] PPPIOCDETACH file->f_count=2 2018/04/21 02:36:47 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "6cb782e4ad88b89d1fd309169f44812107130ee55db70510420aaa96759ecbc36eb9bb12b6124793608dd0e7316d1d4f4dbac39806e4ac714b7ecefa8a934a", 0xb}, 0x60) 2018/04/21 02:36:47 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000028c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(anubis)\x00'}, 0x58) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="0a0775b005b9388ad2d6ea61ebcc080054f38021566ad9f07f0000e381e5b3b60000", 0x22) 2018/04/21 02:36:47 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000080)={0x0, 0x8000}, 0x10) 2018/04/21 02:36:47 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f00000000c0)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x4000000011) 2018/04/21 02:36:47 executing program 6: perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/pfkey\x00', 0x0, 0x0) mprotect(&(0x7f000000a000/0x3000)=nil, 0x3000, 0x0) bind$inet(r0, &(0x7f0000dc9ff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) sendto$inet(r0, &(0x7f000099bf26), 0x0, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000100), 0xff59, 0x4008004, 0x0, 0xffffffffffffffba) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240)='/dev/hwrng\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3b6, &(0x7f0000000100)}) 2018/04/21 02:36:47 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f00000d3f0a)=""/246) ioctl$EVIOCGREP(r0, 0x4004743c, &(0x7f00005c8f52)=""/174) poll(&(0x7f00000023c0)=[{r0}], 0x1, 0x0) 2018/04/21 02:36:47 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$inet_sctp(r1, &(0x7f0000000340)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000200)="93", 0x1}], 0x1}, 0x0) [ 124.016685] PPPIOCDETACH file->f_count=2 2018/04/21 02:36:48 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@mpls_getroute={0x20, 0x1a, 0x1, 0x0, 0x0, {0x1c}, [@RTA_DST={0x4, 0x1}]}, 0x20}, 0x1}, 0x0) 2018/04/21 02:36:48 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "6cb782e4ad88b89d1fd309169f44812107130ee55db70510420aaa96759ecbc36eb9bb12b6124793608dd0e7316d1d4f4dbac39806e4ac714b7ecefa8a934a", 0xb}, 0x60) 2018/04/21 02:36:48 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000740)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv6={0x86dd, {0x0, 0x6, "c997cf", 0x10, 0x6c, 0x0, @dev={0xfe, 0x80}, @mcast2={0xff, 0x2, [], 0x1}, {[], @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "8d1aaf", 0x0, "1a67c0"}}}}}}}, &(0x7f0000000640)={0x0, 0x0, [0x8f6, 0x0, 0x3f3]}) 2018/04/21 02:36:48 executing program 6: r0 = socket$unix(0x1, 0x5, 0x0) bind$unix(r0, &(0x7f0000000080)=@abs={0x0, 0x0, 0x4e21}, 0xffffffffffffff5e) listen(r0, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)) r1 = epoll_create(0x3ff) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00001e9000)={0x4}) 2018/04/21 02:36:48 executing program 5: syz_emit_ethernet(0x7a, &(0x7f0000000100)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2}, [], {@ipv6={0x86dd, {0x0, 0x6, "ecd103", 0x44, 0x67, 0x0, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}}}, &(0x7f0000000000)) 2018/04/21 02:36:48 executing program 7: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x0, {}, 0x4}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000100)={0x0, 0x401}, 0xc) 2018/04/21 02:36:48 executing program 3: pipe2(&(0x7f0000989000)={0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000bc8000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = creat(&(0x7f000009aff8)='./file0\x00', 0x0) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"410f44be5f55ea719cbb6635"}}], 0x30) link(&(0x7f0000f3bff8)='./file0\x00', &(0x7f00006b3ff0)='./file2\x00') rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file1\x00') lstat(&(0x7f0000000100)='./file1\x00', &(0x7f00000031c0)) creat(&(0x7f00000000c0)='./file1\x00', 0x0) dup2(r0, r1) 2018/04/21 02:36:48 executing program 2: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000c75ff7)='/dev/dsp\x00', 0x0, 0x0) ioctl$int_in(r0, 0x800000c0045006, &(0x7f0000789000)=0x7c) 2018/04/21 02:36:48 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000240)={0x9, 0xb, 0x1, 0x80}, 0x2c) perf_event_open(&(0x7f00000017c0)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x13, 0x0, 0x7ffff9, 0x0, 0x20000000, 0x0}, 0x2c) [ 124.808154] netlink: 'syz-executor0': attribute type 1 has an invalid length. 2018/04/21 02:36:48 executing program 6: r0 = socket$inet6(0xa, 0x5, 0x0) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000140)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, @in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}], 0x20) sendmsg$rds(r1, &(0x7f0000000300)={&(0x7f00000000c0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/27, 0x1b}], 0x1}, 0x0) 2018/04/21 02:36:48 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "6cb782e4ad88b89d1fd309169f44812107130ee55db70510420aaa96759ecbc36eb9bb12b6124793608dd0e7316d1d4f4dbac39806e4ac714b7ecefa8a934a", 0xb}, 0x60) 2018/04/21 02:36:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="66bad004b0c2eeb9800000c00f3235004000000f3065260c00b9f7080000b8a7cc4293bac878cb660f303e9c0fc7ab08000000660f3a21946e04000000090fc6c3f5b805000000b951af8bbe0f01c1640f72e300", 0x54}], 0x1, 0x0, &(0x7f0000000100), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 02:36:48 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000485000)="402670726f626b7379721a6e6700", 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000f36000)='/dev/snd/seq\x00', 0x0, 0x8000000000102) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f000030c000)={0x0, 0x0, 0x0, "98de7a8c5ae95ec8792c92150fc33a664f13eeab65c0322901ca6bd31bde2c51f06c5f0b014f9f91eeb7647c7240f476c8d75dd000aa8faf8fb5740200a6dc4d"}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r1, 0x404c534a, &(0x7f0000044000)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$sndseq(r0, &(0x7f0000e6ffd0)=[{0x1e, 0x0, 0x0, 0x3fd}], 0x30) syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x0, 0x0) 2018/04/21 02:36:48 executing program 7: r0 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000de9000)=[@text32={0x20, &(0x7f0000f59fc6)="0fc75fedc4c3c968fb6c0f9cfbb9040100c00f3266b842008ee80f230064672ec015dec4e245bea5d41e6082f9440f20c03506000000440f22c0", 0x3a}], 0x1, 0x0, &(0x7f0000000080), 0x0) [ 124.971801] ================================================================== [ 124.979406] BUG: KASAN: slab-out-of-bounds in __sctp_v6_cmp_addr+0x4c7/0x530 [ 124.986604] Read of size 8 at addr ffff8801d65c1f60 by task syz-executor6/9139 [ 124.993961] [ 124.995604] CPU: 0 PID: 9139 Comm: syz-executor6 Not tainted 4.17.0-rc1+ #10 [ 125.002793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.012154] Call Trace: [ 125.014777] dump_stack+0x1b9/0x294 2018/04/21 02:36:48 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) exit(0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ppoll(&(0x7f0000000200)=[{r0}], 0x1a1, &(0x7f0000000040), &(0x7f0000000280), 0x8) 2018/04/21 02:36:48 executing program 2: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, &(0x7f0000000140), 0xffffffffffffffff, &(0x7f0000000180), 0x2, 0x0) rmdir(&(0x7f0000000080)='./file0\x00') r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r2 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x1fffe, 0x0) fadvise64(r1, 0x0, 0x101, 0x5) r3 = open$dir(&(0x7f0000000500)='./file0\x00', 0x2, 0x0) ftruncate(r0, 0x3) write(r3, &(0x7f0000000300)="d88a8d38144e5013d473c0ac2ca61ff3b749a4f5c7e6e9c2ce586e5cfca5d60ffc9a4df71856925b300ab39b1dd592385821faecb039bcdc475ffbacb982187073fc479f1cc6ffa0000af0026e75921d8a8310071ec28e0e6292680755e470aa73", 0x61) getdents64(0xffffffffffffffff, &(0x7f00000003c0)=""/254, 0xfe) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f0000000200)) tee(r1, r0, 0x8, 0x2) sendfile(r3, r3, &(0x7f0000000040), 0x7527fb3200000000) syncfs(r2) sendfile(r3, r2, &(0x7f0000000180), 0x20000000011ffe) ftruncate(r2, 0x0) name_to_handle_at(r1, &(0x7f0000002d00)='./file0\x00', &(0x7f0000002e40)=ANY=[@ANYBLOB="9af7ff00040000001045f2e90b19709a8787351b8b1f8104f97b77fd6c3a99af823eb540a04833cad551a1b11f312b7c6383ecb35894deff6b322523c5f442e2f47d89e3dd5d578407adc92a1934a2bfed7efeec3d2887e585a9ce06c6a6413d4450863856dbbbf2b6ca529d6e9871515828eba9db9dcc7d206eb2e71d08000468a026b32928818d1bdc2d8c85f833654d49551168a3d6b16f9fea7519cd20f1db205511281c0002000071e56972f173773e77b9bc269dd0271beeae439aab5305e5dc8832c01367be795e92d21fd0b3c971b34dd3a1d14ba8810000000000000000000000000000"], &(0x7f0000002e00), 0x1400) fdatasync(r2) [ 125.018424] ? dump_stack_print_info.cold.2+0x52/0x52 [ 125.023631] ? printk+0x9e/0xba [ 125.026927] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 125.031700] ? kasan_check_write+0x14/0x20 [ 125.035947] print_address_description+0x6c/0x20b [ 125.040802] ? __sctp_v6_cmp_addr+0x4c7/0x530 [ 125.045310] kasan_report.cold.7+0x242/0x2fe [ 125.049743] __asan_report_load8_noabort+0x14/0x20 [ 125.054685] __sctp_v6_cmp_addr+0x4c7/0x530 [ 125.059021] sctp_inet6_cmp_addr+0x169/0x1a0 [ 125.063448] sctp_bind_addr_match+0x20b/0x400 [ 125.067962] ? sctp_bind_addrs_to_raw+0x370/0x370 [ 125.072823] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 125.078370] ? sctp_v4_available+0x1b1/0x200 [ 125.082796] ? sctp_inet6_bind_verify+0xb2/0x500 [ 125.087594] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 125.093146] sctp_do_bind+0x1c0/0x5f0 [ 125.096969] sctp_bindx_add+0x90/0x1a0 [ 125.100873] sctp_setsockopt_bindx+0x2ad/0x320 [ 125.105471] sctp_setsockopt+0x12c4/0x7000 [ 125.109716] ? __lock_acquire+0x7f5/0x5140 [ 125.113964] ? sctp_setsockopt_paddr_thresholds+0x560/0x560 [ 125.119699] ? debug_check_no_locks_freed+0x310/0x310 [ 125.124908] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 125.130460] ? drop_futex_key_refs.isra.13+0x6d/0xe0 [ 125.135581] ? futex_wait+0x5c1/0x9f0 [ 125.139398] ? futex_wait_setup+0x400/0x400 [ 125.143737] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 125.148937] ? perf_trace_lock+0xd6/0x900 [ 125.153106] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 125.158658] ? drop_futex_key_refs.isra.13+0x6d/0xe0 [ 125.163773] ? zap_class+0x720/0x720 [ 125.167498] ? get_futex_key+0x1e90/0x1e90 [ 125.171742] ? debug_check_no_locks_freed+0x310/0x310 [ 125.176949] ? graph_lock+0x170/0x170 [ 125.180766] ? debug_check_no_locks_freed+0x310/0x310 [ 125.185966] ? find_held_lock+0x36/0x1c0 [ 125.190046] ? lock_downgrade+0x8e0/0x8e0 [ 125.194212] ? rcu_is_watching+0x85/0x140 [ 125.198370] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 125.203583] ? __fget+0x40c/0x650 [ 125.207049] ? expand_files.part.8+0x9a0/0x9a0 [ 125.211643] ? find_held_lock+0x36/0x1c0 [ 125.215728] ? __fget_light+0x2ef/0x430 [ 125.219709] ? fget_raw+0x20/0x20 [ 125.223169] ? rcu_is_watching+0x85/0x140 [ 125.227321] ? __lock_is_held+0xb5/0x140 [ 125.231390] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 125.236601] ? __fd_install+0x2de/0x880 [ 125.240587] sock_common_setsockopt+0x9a/0xe0 [ 125.245096] __sys_setsockopt+0x1bd/0x390 [ 125.249251] ? kernel_accept+0x310/0x310 [ 125.253322] ? do_futex+0x27d0/0x27d0 [ 125.257134] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 125.262676] ? fput+0x130/0x1a0 [ 125.265970] __x64_sys_setsockopt+0xbe/0x150 [ 125.270381] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 125.275404] do_syscall_64+0x1b1/0x800 [ 125.279298] ? finish_task_switch+0x1ca/0x810 [ 125.283808] ? syscall_return_slowpath+0x5c0/0x5c0 [ 125.288745] ? syscall_return_slowpath+0x30f/0x5c0 [ 125.293684] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 125.299059] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 125.303918] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 125.309108] RIP: 0033:0x455389 [ 125.312298] RSP: 002b:00007f3989385c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 125.320018] RAX: ffffffffffffffda RBX: 00007f39893866d4 RCX: 0000000000455389 [ 125.327290] RDX: 0000000000000064 RSI: 0000000000000084 RDI: 0000000000000013 [ 125.334561] RBP: 000000000072bea0 R08: 0000000000000020 R09: 0000000000000000 [ 125.341835] R10: 0000000020000140 R11: 0000000000000246 R12: 00000000ffffffff [ 125.349108] R13: 00000000000005a3 R14: 00000000006fb7e8 R15: 0000000000000000 [ 125.356394] [ 125.358022] Allocated by task 9139: [ 125.361662] save_stack+0x43/0xd0 [ 125.365120] kasan_kmalloc+0xc4/0xe0 [ 125.368838] __kmalloc_node+0x47/0x70 [ 125.372640] kvmalloc_node+0x6b/0x100 [ 125.376441] vmemdup_user+0x2d/0xa0 [ 125.380071] sctp_setsockopt_bindx+0x5d/0x320 [ 125.384571] sctp_setsockopt+0x12c4/0x7000 [ 125.388808] sock_common_setsockopt+0x9a/0xe0 [ 125.393309] __sys_setsockopt+0x1bd/0x390 [ 125.397463] __x64_sys_setsockopt+0xbe/0x150 [ 125.401879] do_syscall_64+0x1b1/0x800 [ 125.405772] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 125.410952] [ 125.412575] Freed by task 4539: [ 125.415863] save_stack+0x43/0xd0 [ 125.419321] __kasan_slab_free+0x11a/0x170 [ 125.423560] kasan_slab_free+0xe/0x10 [ 125.427363] kfree+0xd9/0x260 [ 125.430471] kvfree+0x61/0x70 [ 125.433581] __vunmap+0x2c5/0x3c0 [ 125.437036] vfree+0x68/0x100 [ 125.440147] __do_replace+0x8b7/0xac0 [ 125.443948] do_ip6t_set_ctl+0x49c/0x64b [ 125.448015] nf_setsockopt+0x7d/0xd0 [ 125.451736] ipv6_setsockopt+0x105/0x170 [ 125.455805] tcp_setsockopt+0x93/0xe0 [ 125.459611] sock_common_setsockopt+0x9a/0xe0 [ 125.464115] __sys_setsockopt+0x1bd/0x390 [ 125.468271] __x64_sys_setsockopt+0xbe/0x150 [ 125.472689] do_syscall_64+0x1b1/0x800 [ 125.476582] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 125.481765] [ 125.483394] The buggy address belongs to the object at ffff8801d65c1f40 [ 125.483394] which belongs to the cache kmalloc-32 of size 32 [ 125.495885] The buggy address is located 0 bytes to the right of [ 125.495885] 32-byte region [ffff8801d65c1f40, ffff8801d65c1f60) [ 125.508024] The buggy address belongs to the page: [ 125.512972] page:ffffea0007597040 count:1 mapcount:0 mapping:ffff8801d65c1000 index:0xffff8801d65c1fc1 [ 125.522426] flags: 0x2fffc0000000100(slab) [ 125.526673] raw: 02fffc0000000100 ffff8801d65c1000 ffff8801d65c1fc1 0000000100000036 [ 125.534567] raw: ffffea0007521b60 ffffea00075aace0 ffff8801da8001c0 0000000000000000 [ 125.542446] page dumped because: kasan: bad access detected [ 125.548157] [ 125.549779] Memory state around the buggy address: [ 125.554711] ffff8801d65c1e00: fb fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 125.562076] ffff8801d65c1e80: 00 00 00 00 fc fc fc fc 06 fc fc fc fc fc fc fc [ 125.569441] >ffff8801d65c1f00: 00 00 fc fc fc fc fc fc 00 00 00 00 fc fc fc fc [ 125.576801] ^ [ 125.583300] ffff8801d65c1f80: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 125.590667] ffff8801d65c2000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 125.598026] ================================================================== [ 125.605382] Disabling lock debugging due to kernel taint [ 125.611048] Kernel panic - not syncing: panic_on_warn set ... [ 125.611048] [ 125.618430] CPU: 0 PID: 9139 Comm: syz-executor6 Tainted: G B 4.17.0-rc1+ #10 [ 125.627014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.636359] Call Trace: [ 125.638944] dump_stack+0x1b9/0x294 [ 125.642561] ? dump_stack_print_info.cold.2+0x52/0x52 [ 125.647739] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 125.652479] ? __sctp_v6_cmp_addr+0x4a0/0x530 [ 125.656963] panic+0x22f/0x4de [ 125.660140] ? add_taint.cold.5+0x16/0x16 [ 125.664281] ? do_raw_spin_unlock+0x9e/0x2e0 [ 125.668672] ? do_raw_spin_unlock+0x9e/0x2e0 [ 125.673062] ? __sctp_v6_cmp_addr+0x4c7/0x530 [ 125.677538] kasan_end_report+0x47/0x4f [ 125.681496] kasan_report.cold.7+0x76/0x2fe [ 125.685806] __asan_report_load8_noabort+0x14/0x20 [ 125.690715] __sctp_v6_cmp_addr+0x4c7/0x530 [ 125.695021] sctp_inet6_cmp_addr+0x169/0x1a0 [ 125.699417] sctp_bind_addr_match+0x20b/0x400 [ 125.703895] ? sctp_bind_addrs_to_raw+0x370/0x370 [ 125.708725] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 125.714244] ? sctp_v4_available+0x1b1/0x200 [ 125.718634] ? sctp_inet6_bind_verify+0xb2/0x500 [ 125.723374] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 125.728891] sctp_do_bind+0x1c0/0x5f0 [ 125.732674] sctp_bindx_add+0x90/0x1a0 [ 125.736545] sctp_setsockopt_bindx+0x2ad/0x320 [ 125.741114] sctp_setsockopt+0x12c4/0x7000 [ 125.745336] ? __lock_acquire+0x7f5/0x5140 [ 125.749612] ? sctp_setsockopt_paddr_thresholds+0x560/0x560 [ 125.755309] ? debug_check_no_locks_freed+0x310/0x310 [ 125.760483] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 125.766014] ? drop_futex_key_refs.isra.13+0x6d/0xe0 [ 125.771101] ? futex_wait+0x5c1/0x9f0 [ 125.774899] ? futex_wait_setup+0x400/0x400 [ 125.779207] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 125.784380] ? perf_trace_lock+0xd6/0x900 [ 125.788515] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 125.794055] ? drop_futex_key_refs.isra.13+0x6d/0xe0 [ 125.799140] ? zap_class+0x720/0x720 [ 125.802845] ? get_futex_key+0x1e90/0x1e90 [ 125.807062] ? debug_check_no_locks_freed+0x310/0x310 [ 125.812233] ? graph_lock+0x170/0x170 [ 125.816027] ? debug_check_no_locks_freed+0x310/0x310 [ 125.821199] ? find_held_lock+0x36/0x1c0 [ 125.825246] ? lock_downgrade+0x8e0/0x8e0 [ 125.829378] ? rcu_is_watching+0x85/0x140 [ 125.833518] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 125.838703] ? __fget+0x40c/0x650 [ 125.842144] ? expand_files.part.8+0x9a0/0x9a0 [ 125.846716] ? find_held_lock+0x36/0x1c0 [ 125.850768] ? __fget_light+0x2ef/0x430 [ 125.854729] ? fget_raw+0x20/0x20 [ 125.858168] ? rcu_is_watching+0x85/0x140 [ 125.862297] ? __lock_is_held+0xb5/0x140 [ 125.866341] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 125.871520] ? __fd_install+0x2de/0x880 [ 125.875497] sock_common_setsockopt+0x9a/0xe0 [ 125.879988] __sys_setsockopt+0x1bd/0x390 [ 125.884122] ? kernel_accept+0x310/0x310 [ 125.888169] ? do_futex+0x27d0/0x27d0 [ 125.891963] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 125.897490] ? fput+0x130/0x1a0 [ 125.900758] __x64_sys_setsockopt+0xbe/0x150 [ 125.905149] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 125.910153] do_syscall_64+0x1b1/0x800 [ 125.914027] ? finish_task_switch+0x1ca/0x810 [ 125.918510] ? syscall_return_slowpath+0x5c0/0x5c0 [ 125.923425] ? syscall_return_slowpath+0x30f/0x5c0 [ 125.928342] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 125.933701] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 125.938530] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 125.943704] RIP: 0033:0x455389 [ 125.946874] RSP: 002b:00007f3989385c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 125.954574] RAX: ffffffffffffffda RBX: 00007f39893866d4 RCX: 0000000000455389 [ 125.961832] RDX: 0000000000000064 RSI: 0000000000000084 RDI: 0000000000000013 [ 125.969086] RBP: 000000000072bea0 R08: 0000000000000020 R09: 0000000000000000 [ 125.976337] R10: 0000000020000140 R11: 0000000000000246 R12: 00000000ffffffff [ 125.983587] R13: 00000000000005a3 R14: 00000000006fb7e8 R15: 0000000000000000 [ 125.991337] Dumping ftrace buffer: [ 125.994856] (ftrace buffer empty) [ 125.998542] Kernel Offset: disabled [ 126.002154] Rebooting in 86400 seconds..