c1609ab1d1126e2d99e8eb3adb93c07a5c3606e555bfb7e9c5eaed6f38"}, {0x58, 0x116, 0x0, "73660cceabd801cef6bc2264703583c35c71a8a4f8cf52b5833f084d43ae3874b011b6b9e7393574841448cc629f7a93c86c6eefa4f47ac4ca7360ff6a58033dcd9b7f8aa658"}, {0x18, 0x1, 0x101, 'v'}, {0x1010, 0x10b, 0x11, "10de6bdfb5edc700f3a6a73bdfb54743425dd838dc8fbb639c3267a98da96de84580ef467b8a3de69a4a43d36dfbe61c32193a82b51be3b98c2d2a83ad79be5759b08c468f9cc54c732b8e59293d702a0899cc137ec70d94a691188aae7307a451db26ec835bd0217c58cbb60a12af60ba9a71e0b86017c1859e7c83b74de8fcbb264c6f736ead4becf53024cdefab3aba3c35dfe0c13243be470885f48eeed71edd4534e1161e0afa0e98e1a25720fe5acd7a02a99804c419e23b31704f927e8257ee5de4a409df593cd91a5e5dda76ab969e8843f330a2de9aa60e1a701c0327c1d203548cb75f420318bef30be45b4f1d95d131eef0e50ff876225277860daf9d4728cd764ccbec6032f0970f278b4c29de1170afcea341dd7d8158126b96a96336ce13ef510d87ba71bbb06777e307c267c6ac1766355ce5329260ce4657cecbabe59300cea5d3fe0a15af0570e801447555fc4e55b9faa63956f68b6fa23099428c3e98bf4b05ad318a52ef107d456db124284d15d6ba0c359b0800d383bd64e7794c0b6d8000f8c770bba208836cb2d012dc3a88160a64bcc05e535f614fc65e658b353c7934d29f929843c426c2c857ad851c3199383c13a3ca8cd85b1236d334b717978227a2756822039de77088e2d2ce467b8d2459af9adbbef78b48bd04cc212bde6a7e725b206b50760159e778bbc93f7a2698fd25a6a976ff967f9590fbdeff99c8e6deef3244b7e8bb9173f9b9d1716e1c1da1e472f8e552d6c4c1daf0c82a9607d9b66192ca25740a103d2ca33d029445874c84e41bb0d2cfe74490034537bebfd8dd097a05aa4cb1e1cccd21125651ae4f41802d1b298080c66d242a42c34f495fa2e1190c3dcfb10009d21e1cf9fb5b7d6c57be33bfd855fe34b32caf6534b021fee0a396ee1c059df8e69c9430c5faae2b7c74e97afa6233f8f860afa186fc4198bee6fecf7e67fb1cdadd2c98c9e20b4d5c4d059fe71601e8b5db08553daef103f21db57aed93f683168b94cfd91c21a4252cb60a00580dbcf855417b926883557e7d8a87f9b2c87d9de48e536e9db286f750af592894df9e1c59d1e749743530dfc8fec9745963fa983994e2c4b3aa220f5f82d7356a137fd0de5dda51c759f7bc42cfd35cfe6c63491de3f9cc75a27fc57b02e6289ccbe240812ff561d6499f0a78f0000b21ec7c16c1f1351ccdb74f005cf28bb8fb4e28f59a975f223e0f8232183d42b5ccaaa57e94da11679026dd243a2b77d4791537d8e50d6d078316ee270826aba3df1865fa6044159b909653904072dd45ebd148de799c63d699f8b8412b7a5a63fba7a84ef5ae055b81a27beeb4716d71af013da81875ebe3cf903cd8ae3c161c2c84b30ddd281e2cf8ba269ffb1e89feabf7ddfc63970250da15e815e1cfbf8e6c0addcfd58fc9919ccd3f15dcd0e9e8487927e22819cacda36f51199093747fea5d374ba275038081b148d3a955d624878f372e50512b65ec56208b32631fbea6f3f5529f25d968752108929801c75fa4bb702f6b48c2634be7fda030cc79e88184449d09c0aa1cfad46f46b3eeef968bb77d77f4c08bfd03aba6824413da47496e48e1c70c067b40e0f4f52bfd9019798e849546bf71184147886fee5fa082e4b641da15e7a1b28fcf9bd343b9f87a8a23a868409802d5736ea0ce96ebbe8e27b89e69f0d0ee1226da79e65c55fadb2968cbd390b8fe4eba248394fbf2401f71b8d35bc5127147613be8fa0c6d156b1a6038e0bc435ccf4df69aca35ea3b8e9ba4dd7a91935dfcfe05915cff5cc921c164033d7e7716c5d3358b2514ac4f50e46453040fc0e3add9f1cb9f1f2f7a8a81d2121254f8b3b17185a366892442691b0aa5c2c2202b4786907c4d413c6377cc62eb4b931ab741ebcaa0851c1ffa7927215854bdbfb65f16d2df4d4f89f40ec720a19d6ff10a1f512bb337447c6348fa8550b70cd7853fa825bb06041b49455bc93f273fa25dced4389c36c5fe598e85dcd8a2793f8be7bbc00c0372d4883d4ec7f7c3090b4978fb2ed913c343c51a67073a695975b5d08dc26efcc021a3badd50ae380050f22c21a90c91249f0ac786cfe760ada1208e749748bdc073c6ba35a990b8693219f55e5063f020b711f4837f5b9824d1dfed66a087db3c12302760e3825717f469f6f5b747bdd759bfc5c86ab2f8ec84d298684e244096811dfe51210d6b7afba4b23d15c97adb354ca60e34dff03b7324ab6c98249f851322ed61f807095ac470055d6fa65e1d00cbcf82aa32c1db5dac540e2ae07d56050842f34e04806e888c5ace68eb6fe1c309de6cff6b431373718cd09afe5d8d1ba1ead831b3a009373c7195c9b0ed6924daef38501bde4c180ad3efdcca34378c5dfe4af50b43ea3ba3d7cfb9613cd0ebbd0ac192650183b427434d6a758d02b3da50d2e57f2e2ae573b87c3444b30f9b68ec292631754506cc320c159e388fb5b883550b642d1f1fba61d6fc07371d60f5ab717783a6a00be5a8c4f924a6a919329c182be89c3127a7525c066e1dc6faa057dffe4d7227050690d16e9ea312d135e92e933d43b1ead28dbdebe31f32d7a18fb6257dd27dec4306ed2610d5e8f0a0660746149b34984271a207625a89c0a1be923e73989cb7c06e0beecca5bbe7218d3485e8b038f1237f899950f429a556eca7465314415135664b9a070a9f5b4e8bb07e11c03bc624e31174018882d085bdf57df476c0347fc3021216f22acc9ca752249caff9045af59e8f62e65332068420a34ac902a19abaa9af07b1c6c5fa842a6230d4f28dd3786e01a2b90a65fbd4d6229c8b05af241cdd373a49ce58e0c3b6684d7118a2d5a16aa94c6336e8433e602daddd6dab067622e200790ca59e4372683a8db1ea84e0d79e0de8ea6e3499a352944112e6f83415ca022f3f69b57ea78d364dc31a322839dd00c2431d98bbb815f3ebe5d179472506a9a392f992d63846dee70596e1a1575116318cf9e524e663df396d1385a81229e29f6cb9e701a214968a8d06adb62652aba3fe7aaceaf7e77dd5350a8a8bceadd9e67647a3a80eb5b2cd10e604737c1414e33feb015cbf906f4d336072917b3613869ba5bee6b6fc874e3b313adc33a87133f3f59c1e5184e5770ca55868207f0db8ec5c75f9d32424b9518ffb6922941fe875d0a3668496a544476419a3136d5f2fd4ab50d3068ac3a5c34221bae58e24a36ea9481914d147998a2276c47e34dd84ef93e68e346b7097181182d52f831fd165c9af5fd6d76abe41d82dd14b4c2b0f9bc5bf067e2381bf27859e7568597d11caa756dea4d9037b548f4c3f3ed7168f77fca1eec61d43130aa0334f442c3dc60487a4034ebbec7ef2ea3fa59b7bf8c04bbe95fd4fceff10611465e1ae8147a99a0d10c700ef87bd9094967e24c4f6be743464da7d352b2fbf07974777b1cc0cbe18d659cd8c882fb953edf1998ce9fdd4e05209a2d42ca3e576d11499de909c463d63502429942305fba045cbff4e2c1a1582d1a439341e683025e1027073365d42481c402639660a87f546032a9fbe43c35b54e59556e10a6c472b1714f6e1ff59684551fa0084da420624cdfb814f700a509a3eb080409de4181454e01b31b6f61806327f347338b3cb2b843635e5965f4ed9c206ac5d4c14519cd2ed053575979a95281baf876f4ba17caca2a34c6aab6b0c46f14b1b1e2930b7e88a3a4c77bb3a011c74fab0be1116553245a54a6ca2cb176c88489e6876cb1644a863e22f7f583950e41011f659497aacb1b086134f8bb854373d4ad7c2bcd05c248739dc0def1def71201100394fbc4d21545f0550ef0fa0ac738dc69af44443b0be76f6b904386c810e99b76b1fe43e7c7dfc552e3f0564bbb3212ab3b2c69777a24da6c7ff7ab8220e6929f2bbf38fdb57ea7d00eb57d2f2f3494d0efb715a180ddea9451f1be554e38a417dfec3612b9a9286be3f1e41d8483bb5141e39cd3e2f74440d29a11e24288de5f64c39936198078d2bf0eb2b56388602341ceec0a31eaab63ac5d26f684af4c266b8640a311ddae1c66ba020ebc172ca9005870bd14611f5b2c480de8d8bd53e94eeaeecc60f2adf5e4a6e6d8c0b13c241e745d951160b131b02a2efd6478a76964816626fb8ffa8ee85d75cd1a3379795ceb1d429c37b2e692d2f9258b391da2402fba772b4ff357efcb63a32842bb1338994e98ae859e6aa543dcb8d2a6678054090bf3b7109358cb754076c926fae1c4dcd658625170a66f53ff4eb7843b6c132d68b8d3517810ba17cafe451ce71c03a33a55ce81602545ab9e35b22ad9c3a0094fd4415e1bffc4fc2f011f7c800139197a1f1c7e1cfea0e6448d6fc4e375559e9381b6a4a89c7decedb534290bd0bd74eaa0798f54ad648301264bd420df77a20185f62626e128faa68c64a55610991d07901131d334a0bbd9a216f9bb4d0b4d3838c20b71c454d03315fce29ba56a9438f07f8c621f7647ceda10044c78e6c6b7c0e37ad6a62f5c4a89c34939fc8331b0468a52e964284adf20c59138339127b5477762d269a767421dd73d1bb0bdbeb86e2bf2cba7080182a35e3433dc889bcd98ed454fbb2c2c0c6142b93dd431c8438231ea0888dc50738187d88c9f797f97e160d3866961f49773135500673918efb12c71225702891eed0f55108c17d8754fabbee67f163fa6557e8e948917e4345bcba0c9bc334bb44feaaae3320f8d0141eee1d0f0fef721ffbf82701ea1cf160db681111884297f0eabd6b8379ff662a01f116f6352e1b2305ae0a510868d539263e0ca78d2e74ff4b518bd360cdf3fc139399db73694d96e35d25afd2098111b20165c445e76b2759edb31f07903ca5270e86f111e390d325280278e47c2c0f9ab9eee73035652df391f6f9582d3e4c214287f402e2a599b37e23a389c01e4d9b896be0eb1a5502acb3b166aabac7b1950d9e8a05dfeda53648a684240e620df099e870fe54b2970d9ea22925597ef4f022c68f0d6422d9dc50141e98a96c2342913ba294c5b1a12ac31074086e3901b011fd91212662c473fca785925566123d53a299bb2f2e888fbd61ef88213d7eb7c5ef9852173c27d66e59cb80ed5e563936f983044fe45e983faee933c0a77e96f3e91cb305f17b41b92f2cbeaca4c21318f46a50ee117646b34a44519d66194e08fd08f7501e85f714529f65f86ee4c3f56383ead8b1239331957a09bc429d7bfd8a2da213c2be6aeaaabff7563a443d1d595d3a42f5f5906835f9f304958c72fc270077db9d2b7749f2008b29a63f5f3f76d100bf7dc6094e32f3585c43aa6e53a5b12def4bb5d0d56d080fed49cfaa5b2e96ef81cd8fa57a0f34f1908a71459d044a65c2fd4ecba13e6a5d405de69a1fb90814bb562f32efd34d3113fde4996fb8d61908e78e15fb7f1b50f3f41cc0dccc6d11395198a8b739700e4e2ff5e6924f545b7bf543b3229aa40b0d5a609c574e7d5e5a5054a55f3750637a6c7463729c8fa24ec61693e845217bc2bcb946a9185a4445f3c27093c1f0aa45019f7e017fe6ce4b53685f30fbdcc295e323d45ba3c13db2951d30a6487297350c8dd3e00473735cf8ad1cbb337f96fa1d1e058c0e136f3a03ad7bd66e23be5e803b3653138e8b5566fba39bb93d62c83ebcca7ea4b52eebdae97d031d53ce7e25bad3f91aea3b4e5661232efe05fdda6df6acd417ea989916a5a284f574984c9271de304d40797f54f3b7a7f3f4b11ea0252b3385357fcaf0f1dfc29a96979b8d7f292114bbebb9550a"}, {0x60, 0x11c, 0x8, "a4f06f0a9341c66229d518a589295f66d14cfede87e04e3b5d7e715c1f8fcf024da90d1303e1554cc0fe8a024b8363e75be181332da4b97ed0fad09daf069f15305553f0f0d9a45d4e8fb5c46ccb433a"}, {0x68, 0x0, 0x6, "4611573ef3209a3b15fcd3e326c02083fe00149ae8c4f4f5d979da6b8b8972c960f58c46c3cc6408c257bb90edcaa4663f3e79b311efa9c21861b54566aa022cd0632194532abe637d9ccbadaeeddf0bdbc9e2"}, {0xe8, 0x111, 0x7, "fecfa2824b3c63e8af377c05c2ed72e993b8a907c24077e9f33601bafe5b57818f4d43eccad290d08e378d88836f74e55beca1e6f846aa12225234fc101df6683bd2c326bf3edbedbe9ff3147b69805e58e049ebb951facfec13b67e933c24db69afce71171fe74fe558f555531a8e8301f0822dee09e3a1bd941a6810a75cdfa41fc0aa015b719c6a3c6bfc1738b0651d7807afe3f8b4361ebf752f393ce205ec59bfad4183d1844898b04b72d13fb11df98828a175063ed14274f6b60a408606c1642b915861b1f23641534f2ace7fcb"}, {0xa0, 0x1ff, 0x3, "6d4e7932eb2029fcf7bf5d2949ee070b2426d9289bad71d2039f95d3118caed1052bdda9caa2a1beecb6e86789c44e9b6ba27846413ab758ca37c9b4aaef61ba9a8ea4c6374001df5e7c76014971f40208d357fd71024a4b0dc724a1c618dde96a1780152a04ae36037491c70863e8eb07736b582591a4e4f9afe7d9892e62d1caa38d57e646c52647"}], 0x1380, 0x40000}, 0x4040084) [ 226.022132] FAULT_INJECTION: forcing a failure. [ 226.022132] name failslab, interval 1, probability 0, space 0, times 0 [ 226.033829] CPU: 1 PID: 14360 Comm: syz-executor1 Not tainted 4.17.0+ #93 [ 226.040765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.050114] Call Trace: [ 226.052707] dump_stack+0x1b9/0x294 [ 226.056339] ? dump_stack_print_info.cold.2+0x52/0x52 [ 226.061533] ? __save_stack_trace+0x7e/0xd0 [ 226.065862] should_fail.cold.4+0xa/0x1a [ 226.069928] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 226.075030] ? save_stack+0x43/0xd0 [ 226.078653] ? kasan_kmalloc+0xc4/0xe0 [ 226.082535] ? __kmalloc+0x14e/0x760 [ 226.086250] ? __keyctl_dh_compute+0xa98/0x1bc0 [ 226.090922] ? keyctl_dh_compute+0xb9/0x100 [ 226.095244] ? __x64_sys_keyctl+0x12a/0x3b0 [ 226.099569] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 226.104935] ? rcu_pm_notify+0xc0/0xc0 [ 226.108832] ? find_held_lock+0x36/0x1c0 [ 226.112919] ? check_same_owner+0x320/0x320 [ 226.117248] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 226.122800] ? rcu_note_context_switch+0x710/0x710 [ 226.127744] __should_failslab+0x124/0x180 [ 226.131991] should_failslab+0x9/0x14 [ 226.135797] __kmalloc+0x2c8/0x760 [ 226.139342] ? memset+0x31/0x40 [ 226.142628] ? sg_init_table+0x28/0x60 [ 226.146516] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 226.151531] ? __keyctl_dh_compute+0xb30/0x1bc0 [ 226.156199] ? sg_init_one+0x93/0x160 [ 226.160002] __keyctl_dh_compute+0xb30/0x1bc0 [ 226.164514] ? copy_overflow+0x30/0x30 [ 226.168409] ? __schedule+0x809/0x1e30 [ 226.172308] ? find_held_lock+0x36/0x1c0 [ 226.176376] ? kasan_check_write+0x14/0x20 [ 226.180619] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 226.185564] ? wait_for_completion+0x870/0x870 [ 226.190175] ? __sb_end_write+0xac/0xe0 [ 226.194165] keyctl_dh_compute+0xb9/0x100 [ 226.198322] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 226.203085] ? __ia32_sys_read+0xb0/0xb0 [ 226.207148] ? key_get_type_from_user.constprop.7+0x110/0x110 [ 226.213035] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 226.218229] __x64_sys_keyctl+0x12a/0x3b0 [ 226.222387] do_syscall_64+0x1b1/0x800 [ 226.226277] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 226.231121] ? syscall_return_slowpath+0x5c0/0x5c0 [ 226.236052] ? syscall_return_slowpath+0x30f/0x5c0 [ 226.240990] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 226.246364] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 226.251221] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 226.256419] RIP: 0033:0x4559f9 [ 226.259604] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 226.278987] RSP: 002b:00007fe1f57a4c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 226.286709] RAX: ffffffffffffffda RBX: 00007fe1f57a56d4 RCX: 00000000004559f9 [ 226.293978] RDX: 0000000020000740 RSI: 0000000020000000 RDI: 0000000000000017 [ 226.301247] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 226.308520] R10: 0000000000000084 R11: 0000000000000246 R12: 0000000000000014 [ 226.315791] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 000000000000000c 10:00:43 executing program 4: r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x3}, 0x1c) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4d, &(0x7f0000000000)=0x200, 0x4) ioctl(r1, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970") r2 = socket$inet6(0xa, 0x8000000000000802, 0x88) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in=@multicast2, @in=@local}}, {{}, 0x0, @in=@multicast1}}, &(0x7f0000000180)=0xe8) sendmsg$inet_sctp(r2, &(0x7f0000a29000)={&(0x7f00005dafe4)=@in6={0xa, 0x3, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c, &(0x7f0000fc8000)}, 0x8000) sendto$inet6(r2, &(0x7f0000b0cf6e), 0xffed, 0x0, &(0x7f000001b000)={0xa}, 0x1c) 10:00:43 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x4800, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000140)=0x1) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000080)={0x7, r1, 0x1}) fallocate(r2, 0x0, 0x0, 0x4) fallocate(r2, 0x20, 0x0, 0xfffffeff000) 10:00:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:43 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xce, [0x40000073, 0x1]}) 10:00:43 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:43 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x400800000000011, 0x2, 0x0) prctl$seccomp(0x16, 0x0, &(0x7f00000001c0)={0x6, &(0x7f0000000100)=[{0x9, 0xda6, 0x80000001, 0x81}, {0x1, 0x14f, 0x3, 0x2}, {0x5, 0x9, 0x100000000, 0xfffffffffffffffa}, {0xfffffffffffffffc, 0x0, 0x8, 0x2}, {0x1, 0x1, 0x100, 0x80000001}, {0x9, 0x8, 0x5, 0xfc00000000000000}]}) r1 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000002c0)={"6966623000faffffffffffffff00", 0x20100f}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00\x00\x00\x00\x00\x00\x00!\x00', 0xa201}) pread64(r1, &(0x7f0000000040)=""/28, 0x1c, 0x0) ioctl$TUNSETVNETBE(r1, 0x400454de, &(0x7f00000000c0)=0x1) 10:00:43 executing program 1 (fault-call:8 fault-nth:13): r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00000001c0)) [ 226.502271] FAULT_INJECTION: forcing a failure. [ 226.502271] name failslab, interval 1, probability 0, space 0, times 0 [ 226.513557] CPU: 1 PID: 14387 Comm: syz-executor1 Not tainted 4.17.0+ #93 [ 226.520487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.529839] Call Trace: [ 226.532425] dump_stack+0x1b9/0x294 [ 226.536051] ? dump_stack_print_info.cold.2+0x52/0x52 [ 226.541240] ? rcu_report_qs_rnp+0x790/0x790 [ 226.545646] should_fail.cold.4+0xa/0x1a [ 226.549698] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 226.554791] ? unwind_get_return_address+0x61/0xa0 [ 226.559711] ? __save_stack_trace+0x7e/0xd0 [ 226.564041] ? find_held_lock+0x36/0x1c0 [ 226.568109] ? check_same_owner+0x320/0x320 [ 226.572423] ? rcu_note_context_switch+0x710/0x710 [ 226.577350] __should_failslab+0x124/0x180 [ 226.581576] should_failslab+0x9/0x14 [ 226.585374] kmem_cache_alloc_trace+0x2cb/0x780 [ 226.590032] ? __raw_spin_lock_init+0x1c/0x100 [ 226.594604] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 226.599613] mpi_alloc+0x4b/0x230 [ 226.603056] dh_compute_value+0x82/0x3f0 [ 226.607106] ? __init_waitqueue_head+0x96/0x140 [ 226.611763] ? dh_exit_tfm+0x20/0x20 [ 226.615466] ? sg_init_table+0x28/0x60 [ 226.619342] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 226.624345] ? __keyctl_dh_compute+0xb30/0x1bc0 [ 226.629008] __keyctl_dh_compute+0xd9d/0x1bc0 [ 226.633514] ? copy_overflow+0x30/0x30 [ 226.637388] ? proc_cwd_link+0x1d0/0x1d0 [ 226.641474] ? find_held_lock+0x36/0x1c0 [ 226.645530] ? kasan_check_write+0x14/0x20 [ 226.649764] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 226.654684] ? wait_for_completion+0x870/0x870 [ 226.659257] ? __lock_is_held+0xb5/0x140 [ 226.663321] ? __sb_end_write+0xac/0xe0 [ 226.667291] keyctl_dh_compute+0xb9/0x100 [ 226.671431] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 226.676177] ? __ia32_sys_read+0xb0/0xb0 [ 226.680228] ? key_get_type_from_user.constprop.7+0x110/0x110 [ 226.686103] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 226.691284] __x64_sys_keyctl+0x12a/0x3b0 [ 226.695424] do_syscall_64+0x1b1/0x800 [ 226.699300] ? finish_task_switch+0x1ca/0x840 [ 226.703784] ? syscall_return_slowpath+0x5c0/0x5c0 [ 226.708704] ? syscall_return_slowpath+0x30f/0x5c0 [ 226.713624] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 226.718978] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 226.723815] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 226.728991] RIP: 0033:0x4559f9 [ 226.732164] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:00:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 226.751504] RSP: 002b:00007fe1f57a4c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 226.759206] RAX: ffffffffffffffda RBX: 00007fe1f57a56d4 RCX: 00000000004559f9 [ 226.766459] RDX: 0000000020000740 RSI: 0000000020000000 RDI: 0000000000000017 [ 226.773714] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 226.780967] R10: 0000000000000084 R11: 0000000000000246 R12: 0000000000000014 [ 226.788222] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 000000000000000d 10:00:43 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f47767") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:43 executing program 4: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb58efcff0a7c1787faf47c9b62efcc13750d47218fca5362e498fffffffffffffff00000000aaaaaaaaaa00ac1414aa000000000000000000000000"], &(0x7f0000000100)) 10:00:43 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x7900000000000000, [0x40000073, 0x1]}) 10:00:43 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) truncate(&(0x7f0000000000)='./file0\x00', 0x7) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000040)=0x1) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) 10:00:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00000001c0)) 10:00:43 executing program 1 (fault-call:8 fault-nth:14): r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00000001c0)) 10:00:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00000001c0)) 10:00:44 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00000001c0)) 10:00:44 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 227.582458] FAULT_INJECTION: forcing a failure. [ 227.582458] name failslab, interval 1, probability 0, space 0, times 0 [ 227.593767] CPU: 1 PID: 14410 Comm: syz-executor1 Not tainted 4.17.0+ #93 [ 227.600718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.610072] Call Trace: [ 227.612673] dump_stack+0x1b9/0x294 [ 227.616328] ? dump_stack_print_info.cold.2+0x52/0x52 [ 227.621541] should_fail.cold.4+0xa/0x1a [ 227.625617] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 227.630731] ? rcu_report_qs_rnp+0x790/0x790 [ 227.635157] ? rcu_report_qs_rnp+0x790/0x790 [ 227.639589] ? is_bpf_text_address+0xd7/0x170 [ 227.644098] ? find_held_lock+0x36/0x1c0 [ 227.648196] ? check_same_owner+0x320/0x320 [ 227.652523] ? save_stack+0x43/0xd0 [ 227.656156] ? kasan_kmalloc+0xc4/0xe0 [ 227.660047] ? kmem_cache_alloc_trace+0x152/0x780 [ 227.664891] ? rcu_note_context_switch+0x710/0x710 [ 227.669825] ? keyctl_dh_compute+0xb9/0x100 [ 227.674150] ? __x64_sys_keyctl+0x12a/0x3b0 [ 227.678471] ? do_syscall_64+0x1b1/0x800 [ 227.682536] __should_failslab+0x124/0x180 [ 227.686772] should_failslab+0x9/0x14 [ 227.690570] __kmalloc+0x2c8/0x760 [ 227.694122] ? mpi_alloc_limb_space+0x31/0x50 [ 227.698623] mpi_alloc_limb_space+0x31/0x50 [ 227.702944] mpi_powm+0x3fd/0x1ed0 [ 227.706486] ? kasan_check_read+0x11/0x20 [ 227.710637] ? rcu_is_watching+0x85/0x140 [ 227.714785] ? rcu_pm_notify+0xc0/0xc0 [ 227.718682] ? mpihelp_mul_karatsuba_case+0xd80/0xd80 [ 227.723871] ? mpi_alloc+0x4b/0x230 [ 227.727499] ? rcu_read_lock_sched_held+0x108/0x120 [ 227.732518] ? kmem_cache_alloc_trace+0x616/0x780 [ 227.737359] ? __raw_spin_lock_init+0x1c/0x100 [ 227.741948] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 227.746969] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 227.752509] dh_compute_value+0x1b4/0x3f0 [ 227.756660] ? dh_exit_tfm+0x20/0x20 [ 227.760374] ? sg_init_table+0x28/0x60 [ 227.764260] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 227.769281] ? __keyctl_dh_compute+0xb30/0x1bc0 [ 227.773963] __keyctl_dh_compute+0xd9d/0x1bc0 [ 227.778480] ? copy_overflow+0x30/0x30 [ 227.782378] ? find_held_lock+0x36/0x1c0 [ 227.786445] ? kasan_check_write+0x14/0x20 [ 227.790679] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 227.795615] ? wait_for_completion+0x870/0x870 [ 227.800224] ? __sb_end_write+0xac/0xe0 [ 227.804213] keyctl_dh_compute+0xb9/0x100 [ 227.808365] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 227.813137] ? __ia32_sys_read+0xb0/0xb0 [ 227.817199] ? key_get_type_from_user.constprop.7+0x110/0x110 [ 227.823086] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 227.828285] __x64_sys_keyctl+0x12a/0x3b0 [ 227.832437] do_syscall_64+0x1b1/0x800 [ 227.836322] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 227.841169] ? syscall_return_slowpath+0x5c0/0x5c0 [ 227.846106] ? syscall_return_slowpath+0x30f/0x5c0 [ 227.851042] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 227.856420] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 227.861266] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.866454] RIP: 0033:0x4559f9 10:00:44 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8970, &(0x7f0000000280)={'vcan0\x00'}) close(r2) close(r1) 10:00:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00000001c0)) [ 227.869633] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 227.889055] RSP: 002b:00007fe1f57a4c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 227.896771] RAX: ffffffffffffffda RBX: 00007fe1f57a56d4 RCX: 00000000004559f9 [ 227.904034] RDX: 0000000020000740 RSI: 0000000020000000 RDI: 0000000000000017 [ 227.911299] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 227.918566] R10: 0000000000000084 R11: 0000000000000246 R12: 0000000000000014 [ 227.925835] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 000000000000000e 10:00:44 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:44 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f4776710") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:44 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) ioctl$KVM_NMI(r2, 0xae9a) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="66eaf0a4d0"], 0x5) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = getpgid(0xffffffffffffffff) tkill(r3, 0x2b) 10:00:45 executing program 3: clone(0x3ffe, &(0x7f00008dcfff), &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000002000)) r0 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x9, 0x218c01) setsockopt$RDS_GET_MR(r0, 0x114, 0x2, &(0x7f0000000180)={{&(0x7f0000000100)=""/14, 0xe}, &(0x7f0000000140), 0x13}, 0x20) clone(0x0, &(0x7f0000000240), &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)) waitid(0x0, 0x0, &(0x7f00000000c0), 0xa0000003, 0x0) 10:00:45 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x3b000000, [0x40000073, 0x1]}) 10:00:45 executing program 4: r0 = accept4$llc(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x800) getsockname(r0, &(0x7f0000000100)=@sco, &(0x7f0000000080)=0x80) syz_mount_image$hfs(&(0x7f0000000180)='hfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000340)={[{@file_umask={'file_umask', 0x3d, [0x32, 0x30]}, 0x2c}, {@gid={'gid', 0x3d, [0x35, 0x34, 0x36, 0x31, 0x7f]}, 0x2c}]}) r1 = memfd_create(&(0x7f0000000000)='gid', 0x3) accept4$netrom(r1, &(0x7f00000001c0)=@full, &(0x7f0000000240)=0x48, 0x80000) 10:00:45 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f4776710") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:45 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:45 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x60, 0xfffffffffffffffd, 0xfffffeff000) 10:00:45 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 228.956960] hfs: unable to parse mount options [ 228.986731] hfs: unable to parse mount options 10:00:45 executing program 7: ioctl(0xffffffffffffffff, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x80, 0x0) setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000040)=0x3f, 0x4) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) 10:00:45 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:45 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0xa, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:45 executing program 5 (fault-call:5 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:45 executing program 4: r0 = open(&(0x7f0000000000)='./file0\x00', 0x488000, 0x11) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040)={0x8, 0x0, 0x0, 0x6, 0xb1, 0x2, 0xed33, 0x4, 0x66e, 0x1000, 0xffffffffffffffff, 0x101}) ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f0000000080)) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f00000000c0)={0x2, 0x1ff, 0x81, 'queue0\x00', 0x3ff}) connect$l2tp(r0, &(0x7f0000000180)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e24, @broadcast=0xffffffff}, 0x2, 0x0, 0x2, 0x2}}, 0x26) r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='pids.current\x00', 0x0, 0x0) statfs(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)) getsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f0000000280)=""/7, &(0x7f00000002c0)=0x7) mkdirat(r1, &(0x7f0000000300)='./file0/file1\x00', 0x2) getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, &(0x7f0000000340)={'filter\x00', 0xc5, "fe84735d2ab5151f8d32a3ca4b41613133a4fc95e303edda051027a40cb0fb73baf98f1788fefdbd2d4c66971489a22c26ede5e14e03f212e7b62f847beaf19cff3a46ab85c79012aee7457357220e3748d27ca119f1839efe0be63d1542ff81a3f89d4f5565a1aea7edf2553254783266bd6ee156656925df185f6e5c74ca1ce877624df6d32cb53ca58bff1cb373af59e46d6d230e67ad89fff3c8c422240bf931d670d9f0b8b0501d62fceeebec0ebede2b827987d6a8882292338e8bdd550a9317ab96"}, &(0x7f0000000440)=0xe9) ioctl$sock_netdev_private(r1, 0x89f2, &(0x7f0000000480)="c87e266c7cd4f5e7b86ecf62e8cea5ba605c3188c71e6f1e5ae1538cc62c072f90a08e13aab1b92b54a9ce30f69a05e71b23d19e67e8e6114aaabe9968f3f3e41d64d9a071123743fc9ce6be7aefee7ecf9d17715e6016a4b2f6826978e9008a466bf183f62ed23ab6cc742a1937c54aa8a897a22b82e53cf189c4c11213b413e83d90c0d9cb20b364c8d52de2710113a75ff6f9f8b9bd1c45968bba312e664d79ece520a6a360f6827866441dd1c85f7d43d7773a0cac6ad7aeab8c537c55f7fafe7f6f23a2fcd948ae97f96fde2d020c26c6dfdcb9762f7767b75ba43902174d796a6e78") ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000000580)) r2 = fcntl$getown(r0, 0x9) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000005c0)={[], 0x4, 0x5, 0x2, 0x1f, 0x5, r2}) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000640)="639ea3dad06f65b34bef7fc6aa49c11e", 0x10) ioctl$BLKIOMIN(r1, 0x1278, &(0x7f0000000680)) mknod(&(0x7f00000006c0)='./file0/file0\x00', 0x1020, 0x6) setsockopt$inet_mreqsrc(r1, 0x0, 0x25, &(0x7f0000000700)={@rand_addr=0x5, @multicast1=0xe0000001, @multicast1=0xe0000001}, 0xc) setsockopt$ALG_SET_AEAD_AUTHSIZE(r1, 0x117, 0x5, 0x0, 0xfffffffeffffffff) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000740)="1e4fa6068a4cafdf6694f6fb8193abeb", 0x10) statfs(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)=""/68) ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000840)=r1) ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f00000008c0)={0x9, {0x2, 0x4e20, @rand_addr=0x5}, {0x2, 0x4e21}, {0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x20, 0x7fff, 0xffffffff, 0x2, 0x2db7, &(0x7f0000000880)='dummy0\x00', 0xffffffff, 0x5, 0x3}) connect$unix(r0, &(0x7f0000000940)=@file={0x1, './file0/file0\x00'}, 0x6e) getsockopt$IPT_SO_GET_REVISION_MATCH(r1, 0x0, 0x42, &(0x7f00000009c0)={'icmp6\x00'}, &(0x7f0000000a00)=0x1e) accept4$packet(r0, 0x0, &(0x7f0000000a40), 0x80000) syz_init_net_socket$llc(0x1a, 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000a80)={{{@in=@rand_addr, @in6=@local}}, {{@in=@local}, 0x0, @in=@rand_addr}}, &(0x7f0000000b80)=0xe8) ioctl$VHOST_GET_VRING_ENDIAN(r0, 0x4008af14, &(0x7f0000000bc0)={0x1, 0x2}) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000c40)={&(0x7f0000000c00)='./file0/file1\x00', 0x0, 0x10}, 0x10) 10:00:45 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x7f040000, [0x40000073, 0x1]}) 10:00:45 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f4776710") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 229.227222] FAULT_INJECTION: forcing a failure. [ 229.227222] name failslab, interval 1, probability 0, space 0, times 0 [ 229.238512] CPU: 0 PID: 14515 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 229.245438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.254792] Call Trace: [ 229.257395] dump_stack+0x1b9/0x294 [ 229.261029] ? dump_stack_print_info.cold.2+0x52/0x52 [ 229.266230] ? debug_check_no_locks_freed+0x310/0x310 [ 229.271432] should_fail.cold.4+0xa/0x1a [ 229.275499] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 229.280592] ? print_usage_bug+0xc0/0xc0 [ 229.284637] ? print_usage_bug+0xc0/0xc0 [ 229.288684] ? print_usage_bug+0xc0/0xc0 [ 229.292730] ? graph_lock+0x170/0x170 [ 229.296518] ? find_held_lock+0x36/0x1c0 [ 229.300564] ? __lock_is_held+0xb5/0x140 [ 229.304614] ? check_same_owner+0x320/0x320 [ 229.308930] ? alloc_set_pte+0x1013/0x1600 [ 229.313156] ? rcu_note_context_switch+0x710/0x710 [ 229.318082] __should_failslab+0x124/0x180 [ 229.322301] should_failslab+0x9/0x14 [ 229.326090] kmem_cache_alloc+0x2af/0x760 [ 229.330226] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 229.335746] ? kvm_pfn_to_page+0x7a/0xa0 [ 229.339793] mmu_topup_memory_caches+0xf7/0x3a0 [ 229.344447] ? kvm_apic_has_interrupt+0xe1/0x210 [ 229.349192] kvm_mmu_load+0x21/0x10e0 [ 229.352977] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 229.358499] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 229.364029] vcpu_enter_guest+0x3a83/0x6060 [ 229.368344] ? print_usage_bug+0xc0/0xc0 [ 229.372389] ? kvm_set_msr_common+0x2680/0x2680 [ 229.377046] ? vmx_vcpu_load+0xada/0xfe0 [ 229.381096] ? __lock_acquire+0x7f5/0x5140 [ 229.385315] ? vmx_vcpu_reset+0x1030/0x1030 [ 229.389618] ? graph_lock+0x170/0x170 [ 229.393403] ? graph_lock+0x170/0x170 [ 229.397186] ? __lock_acquire+0x7f5/0x5140 [ 229.401410] ? debug_check_no_locks_freed+0x310/0x310 [ 229.406583] ? __lock_is_held+0xb5/0x140 [ 229.410626] ? lock_acquire+0x1dc/0x520 [ 229.414583] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 229.419582] ? lock_release+0xa10/0xa10 [ 229.423540] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 229.428796] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 229.433278] ? preempt_notifier_dec+0x20/0x20 [ 229.437765] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 229.442589] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 229.447594] kvm_vcpu_ioctl+0x79d/0x12e0 [ 229.451637] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 229.457341] ? graph_lock+0x170/0x170 [ 229.461134] ? find_held_lock+0x36/0x1c0 [ 229.465180] ? lock_downgrade+0x8e0/0x8e0 [ 229.469333] ? kasan_check_read+0x11/0x20 [ 229.473476] ? rcu_is_watching+0x85/0x140 [ 229.477605] ? rcu_report_qs_rnp+0x790/0x790 [ 229.481999] ? __fget+0x40c/0x650 [ 229.485442] ? match_held_lock+0x871/0x8b0 [ 229.489660] ? expand_files.part.8+0x9a0/0x9a0 [ 229.494226] ? kasan_check_write+0x14/0x20 [ 229.498446] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 229.503366] ? wait_for_completion+0x870/0x870 [ 229.507930] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 229.513102] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 229.518796] do_vfs_ioctl+0x1cf/0x16f0 [ 229.522669] ? ioctl_preallocate+0x2e0/0x2e0 [ 229.527068] ? fget_raw+0x20/0x20 [ 229.530503] ? __sb_end_write+0xac/0xe0 [ 229.534470] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 229.539986] ? fput+0x130/0x1a0 [ 229.543272] ? ksys_write+0x1a6/0x250 [ 229.547066] ? security_file_ioctl+0x94/0xc0 [ 229.551467] ksys_ioctl+0xa9/0xd0 [ 229.554910] __x64_sys_ioctl+0x73/0xb0 [ 229.558779] do_syscall_64+0x1b1/0x800 [ 229.562647] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 229.567471] ? syscall_return_slowpath+0x5c0/0x5c0 [ 229.572380] ? syscall_return_slowpath+0x30f/0x5c0 [ 229.577291] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 229.582639] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 229.587471] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.592646] RIP: 0033:0x4559f9 [ 229.595812] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 229.615004] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 229.622706] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 229.629965] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 229.637220] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 229.644468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 229.651717] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000000 10:00:46 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0xc, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:46 executing program 7: socket$inet6(0xa, 0x1, 0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x8) fallocate(r0, 0x0, 0x0, 0x4) fallocate(r0, 0x20, 0x0, 0xfffffeff000) 10:00:46 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) mmap$xdp(&(0x7f0000013000/0x4000)=nil, 0x4000, 0x4, 0x12, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000340)={'ifb0\x00', &(0x7f0000000000)=@ethtool_stats={0x51}}) close(r2) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40020004}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x40, r3, 0x0, 0x70bd2b, 0x25dfdbfb, {0x11}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x24b}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7f}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7d69}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x20044000}, 0x4000004) close(r1) 10:00:46 executing program 5 (fault-call:5 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:46 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x8601, [0x40000073, 0x1]}) 10:00:46 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0x0) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:46 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x8001, 0x0) ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000000040)=[0x7, 0xffffffffffffff81]) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000080)={r0, r0}) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f00000000c0)=""/74, &(0x7f0000000140)=0x4a) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000180), &(0x7f00000001c0)=0x4) kexec_load(0x2, 0x1, &(0x7f0000000240)=[{&(0x7f0000000200)="69d40d65657597217c993ab19373bf36ca9b3e049c8e67f8147d35f1eef6a2c31f3ad39bc09ab4ad36", 0x29, 0x1000, 0x40}], 0x2a0000) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000002c0)=0xc) r2 = request_key(&(0x7f0000000300)='asymmetric\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000380)='\x00', 0xfffffffffffffffc) r3 = add_key(&(0x7f00000004c0)='blacklist\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000540)="5d90534006b663602493766088e5b9863c2616b3ffb343836e85a6953a47169ec0c32698064a620f7e5dd08a147d6a32176a6d29c4bf9dd42c33f70a5a90d06473c4e0f6458ada57f2254a61b5af9eb881334006a0848a7e99f8027e454573b625eb49da66251e0050f6b6d1d33e8c7495f3c26ea25e9b4bf0f8f543129ac2ee8c19d68c169de4a425bf57f7bc5e7d530a936c9d0ebd", 0x96, 0xfffffffffffffffa) keyctl$instantiate_iov(0x14, r2, &(0x7f0000000480)=[{&(0x7f00000003c0)="179b3005fecaed3d4d66a0b284c3ffa672b15bb3e3d69bd5c290dcc61b1d57c507e2393426c530c909bbec5029be2004674a0bbc2fad8d0ca9d2ba07bf536f993358ed5f3514f6b56bc3ba44695673763af099b40dcb6ef6d021", 0x5a}, {&(0x7f0000000440)="079b13690a7535036eb415bad475c3d003c2c4ba47ac2fc6dd", 0x19}], 0x2, r3) ioctl$ASHMEM_SET_PROT_MASK(r0, 0x40087705, &(0x7f0000000600)={0x6, 0x4}) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000640)) statfs(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)=""/4096) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f00000016c0)=0x58, 0x2) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000001700)={0x0, @in6={{0xa, 0x4e23, 0x4, @remote={0xfe, 0x80, [], 0xbb}, 0x3}}, 0x1, 0x2}, &(0x7f00000017c0)=0x90) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000001800)={0x3, 0x3, 0x5, 0x4, 0x4, 0x1, 0x9, 0x5, r4}, 0x20) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000001840)={0xdf, @empty, 0x4e22, 0x2, 'fo\x00', 0x4, 0x959, 0x30}, 0x2c) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000001880)={'nr0\x00', 0x8002}) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f00000018c0)="c7748eee7ed6cd7b970b32a9b1566d8d", 0x10) r7 = semget$private(0x0, 0x0, 0x0) semctl$SEM_INFO(r7, 0x0, 0x13, &(0x7f0000001900)=""/118) close(r6) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000001980)=""/106) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000001a00)={{0x400, 0x20}, 0x8}, 0x10) r8 = syz_genetlink_get_family_id$team(&(0x7f0000001a80)='team\x00') ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000001ac0)={'team0\x00', 0x0}) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000001b40)={{{@in, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f0000001c40)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000001c80)={'team0\x00', 0x0}) getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000001cc0)={@loopback, 0x0}, &(0x7f0000001d00)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000001d40)={{{@in6=@ipv4={[], [], @loopback}, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@rand_addr}}, &(0x7f0000001e40)=0xe8) getsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000001e80)={@mcast2, 0x0}, &(0x7f0000001ec0)=0x14) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000001f00)={{{@in=@remote, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000002000)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000002040)={{{@in6=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@rand_addr}}, &(0x7f0000002140)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000002240)={'team0\x00', 0x0}) getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000002280)={@ipv4={[], [], @loopback}, 0x0}, &(0x7f00000022c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f00000026c0)={'team0\x00', 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000002700)={{{@in6=@loopback, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@rand_addr}}, &(0x7f0000002800)=0xe8) getpeername$packet(r0, &(0x7f0000002840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000002880)=0x14) getpeername$packet(r0, &(0x7f0000007ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000007b00)=0x14) getsockopt$inet6_mreq(r1, 0x29, 0x1f, &(0x7f0000007b40)={@ipv4={[], [], @dev}, 0x0}, &(0x7f0000007b80)=0x14) accept4$packet(r0, &(0x7f0000007bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000007c00)=0x14, 0x80800) getsockname$packet(r0, &(0x7f0000007d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000007d40)=0x14) getsockopt$inet6_mreq(r1, 0x29, 0x15, &(0x7f0000007d80)={@ipv4={[], [], @remote}, 0x0}, &(0x7f0000007dc0)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000094c0)={'vcan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000009a40)={'rose0\x00', 0x0}) accept4$packet(r0, &(0x7f0000009a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000009ac0)=0x14, 0x80000) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000009b00)={{{@in=@broadcast, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@loopback}}, &(0x7f0000009c00)=0xe8) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000a640)={&(0x7f0000001a40)={0x10}, 0xc, &(0x7f000000a600)={&(0x7f0000009c40)={0x9bc, r8, 0x404, 0x70bd2d, 0x25dfdbfc, {0x2}, [{{0x8, 0x1, r9}, {0x128, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0xffffffff7fffffff}}, {0x8, 0x6, r10}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x54c}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r11}}}]}}, {{0x8, 0x1, r12}, {0xd0, 0x2, [{0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x4c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x1c, 0x4, [{0x0, 0x8, 0xffffffff, 0x2}, {0x2, 0x2, 0x1ff, 0xf9f}, {0x4, 0x9, 0x8ff, 0xffff}]}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x7fff}}, {0x8, 0x6, r13}}}]}}, {{0x8, 0x1, r14}, {0x10c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r15}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x24, 0x4, [{0x4, 0x7, 0x72, 0x56}, {0x1, 0x1, 0x0, 0x5}, {0x4, 0x5, 0x5, 0x7}, {0x8, 0x1f, 0x2}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x1}}, {0x8, 0x7}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4b}}}]}}, {{0x8, 0x1, r16}, {0xb0, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xf14}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r17}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xfffffffffffffc00}}}]}}, {{0x8, 0x1, r18}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x912}}, {0x8, 0x6, r19}}}]}}, {{0x8, 0x1, r20}, {0xb8, 0x2, [{0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x20}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r21}, {0xac, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x37c}}}]}}, {{0x8, 0x1, r22}, {0xc4, 0x2, [{0x84, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x54, 0x4, [{0x1, 0x4, 0x1efc000000000000, 0x80000000}, {0xfffffffffffff32d, 0x2, 0x0, 0x17}, {0x7, 0x9, 0x5, 0xffff}, {0x8, 0x5, 0x40, 0x7}, {0x8000, 0xffffffffffff7d75, 0x5, 0x8001}, {0x75, 0x1, 0xfff, 0x5}, {0xe3, 0x20, 0x80000000, 0x2500000000}, {0x3, 0x80000000, 0x3e, 0x9}, {0x2f70, 0x3, 0x5e9c, 0x5}, {0x7, 0x623, 0x7, 0x10000}]}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r23}}}]}}, {{0x8, 0x1, r24}, {0x238, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r25}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xd63f}}, {0x8, 0x6, r26}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xffffffff}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r27}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xeaa1}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x34, 0x4, [{0x6, 0x2, 0x9, 0xfffffffffffffffc}, {0x8001, 0xffffffffffffc811, 0x4, 0x1ff}, {0x9, 0x7, 0x4, 0x8}, {0x5, 0x101, 0x9, 0x5}, {0x400, 0x2, 0x5, 0xffffffff}, {0x0, 0x9, 0xc290, 0x2}]}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r28}}}, {0x64, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x34, 0x4, [{0x6, 0xfffffffffffffffb, 0x9, 0x8}, {0x5, 0x7, 0xef3a}, {0x7fffffff, 0x6, 0x0, 0x5}, {0x3, 0x7, 0x1, 0x9}, {0x8, 0x6, 0x1, 0x6}, {0x20, 0x1, 0x1746b3b, 0xfff}]}}}]}}, {{0x8, 0x1, r29}, {0x100, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1}}}, {0x84, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x54, 0x4, [{0x10001, 0x805, 0x6, 0x3}, {0x101, 0x4, 0x0, 0x2}, {0x6, 0x94, 0x1, 0xffffffff}, {0x8, 0x4, 0x81, 0x439800000000}, {0x5, 0x4, 0x5, 0x7}, {0x6, 0x4, 0x200, 0x6}, {0x7fff0, 0x9, 0x1f, 0x9}, {0x6, 0x3ff, 0x5, 0x3f}, {0x5, 0x7, 0x5, 0x4}, {0x7ff, 0x2, 0x6}]}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r30}}, {0x8, 0x7}}}]}}]}, 0x9bc}, 0x1, 0x0, 0x0, 0x48000}, 0x8010) [ 229.976581] FAULT_INJECTION: forcing a failure. [ 229.976581] name failslab, interval 1, probability 0, space 0, times 0 [ 229.987896] CPU: 1 PID: 14547 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 229.994833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.004640] Call Trace: [ 230.007249] dump_stack+0x1b9/0x294 [ 230.010893] ? dump_stack_print_info.cold.2+0x52/0x52 [ 230.016099] ? __save_stack_trace+0x7e/0xd0 [ 230.020437] should_fail.cold.4+0xa/0x1a [ 230.024514] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 230.029628] ? kasan_kmalloc+0xc4/0xe0 [ 230.033522] ? kasan_slab_alloc+0x12/0x20 [ 230.037678] ? kmem_cache_alloc+0x12e/0x760 [ 230.042006] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 230.046857] ? kvm_mmu_load+0x21/0x10e0 [ 230.050843] ? vcpu_enter_guest+0x3a83/0x6060 [ 230.055341] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 230.060368] ? graph_lock+0x170/0x170 [ 230.064180] ? do_syscall_64+0x1b1/0x800 [ 230.068249] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.073624] ? find_held_lock+0x36/0x1c0 [ 230.077699] ? __lock_is_held+0xb5/0x140 [ 230.081778] ? check_same_owner+0x320/0x320 [ 230.086122] ? rcu_note_context_switch+0x710/0x710 [ 230.091069] __should_failslab+0x124/0x180 [ 230.095317] should_failslab+0x9/0x14 [ 230.099123] kmem_cache_alloc+0x2af/0x760 [ 230.103275] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 230.108821] ? kvm_pfn_to_page+0x7a/0xa0 [ 230.112910] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 230.117765] mmu_topup_memory_caches+0xf7/0x3a0 [ 230.122437] ? kvm_apic_has_interrupt+0xe1/0x210 [ 230.127187] kvm_mmu_load+0x21/0x10e0 [ 230.130981] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 230.136511] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 230.142046] vcpu_enter_guest+0x3a83/0x6060 [ 230.146356] ? print_usage_bug+0xc0/0xc0 [ 230.150404] ? kvm_set_msr_common+0x2680/0x2680 [ 230.155055] ? vmx_vcpu_load+0xada/0xfe0 [ 230.159103] ? __lock_acquire+0x7f5/0x5140 [ 230.163323] ? vmx_vcpu_reset+0x1030/0x1030 [ 230.167634] ? graph_lock+0x170/0x170 [ 230.171421] ? graph_lock+0x170/0x170 [ 230.175242] ? __lock_acquire+0x7f5/0x5140 [ 230.179469] ? debug_check_no_locks_freed+0x310/0x310 [ 230.184646] ? __lock_is_held+0xb5/0x140 [ 230.188691] ? lock_acquire+0x1dc/0x520 [ 230.192649] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 230.197650] ? lock_release+0xa10/0xa10 [ 230.201608] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 230.206869] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 230.211349] ? preempt_notifier_dec+0x20/0x20 [ 230.215833] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 230.220659] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 230.225665] kvm_vcpu_ioctl+0x79d/0x12e0 [ 230.229711] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 230.235406] ? graph_lock+0x170/0x170 [ 230.239192] ? find_held_lock+0x36/0x1c0 [ 230.243242] ? lock_downgrade+0x8e0/0x8e0 [ 230.247378] ? kasan_check_read+0x11/0x20 [ 230.251513] ? rcu_is_watching+0x85/0x140 [ 230.255648] ? rcu_report_qs_rnp+0x790/0x790 [ 230.260050] ? __fget+0x40c/0x650 [ 230.263489] ? match_held_lock+0x871/0x8b0 [ 230.267707] ? expand_files.part.8+0x9a0/0x9a0 [ 230.272272] ? kasan_check_write+0x14/0x20 [ 230.276494] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 230.281412] ? wait_for_completion+0x870/0x870 [ 230.285979] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 230.291157] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 230.296853] do_vfs_ioctl+0x1cf/0x16f0 [ 230.300730] ? ioctl_preallocate+0x2e0/0x2e0 [ 230.305129] ? fget_raw+0x20/0x20 [ 230.308567] ? __sb_end_write+0xac/0xe0 [ 230.312528] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 230.318079] ? fput+0x130/0x1a0 [ 230.321349] ? ksys_write+0x1a6/0x250 [ 230.325139] ? security_file_ioctl+0x94/0xc0 [ 230.329532] ksys_ioctl+0xa9/0xd0 [ 230.332997] __x64_sys_ioctl+0x73/0xb0 [ 230.336881] do_syscall_64+0x1b1/0x800 [ 230.340752] ? finish_task_switch+0x1ca/0x840 [ 230.345235] ? syscall_return_slowpath+0x5c0/0x5c0 [ 230.350155] ? syscall_return_slowpath+0x30f/0x5c0 [ 230.355073] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 230.360423] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 230.365251] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.370425] RIP: 0033:0x4559f9 [ 230.373593] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 230.392834] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 230.400534] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 230.407785] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 230.415038] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 230.422291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 230.429542] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000001 10:00:47 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:47 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x5, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:47 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1c03, 0x8001, 0x22e, 0x9, 0xfffffffffffff001, 0x1f, 0x9}, 0x1c) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x4) fallocate(r2, 0x20, 0x0, 0xfffffeff000) 10:00:47 executing program 5 (fault-call:5 fault-nth:2): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:47 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440), 0x0, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:47 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xc001001f, [0x40000073, 0x1]}) 10:00:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000000c0)="0047fc2f07d82c99240970") syz_emit_ethernet(0x36, &(0x7f0000000080)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [{[], {0x8100, 0x0, 0x1, 0x1}}], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @local={0xac, 0x14, 0x14, 0xaa}}, @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, "e57044", 0x0, "cd98e8"}}}}}}, &(0x7f0000000040)={0x0, 0x0, [0x0, 0xbf8]}) 10:00:47 executing program 3: r0 = timerfd_create(0x9, 0x0) capset(&(0x7f00000000c0)={0x20071026}, &(0x7f0000000140)) timerfd_settime(r0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x5}}, &(0x7f0000002000)) r1 = memfd_create(&(0x7f0000000000)='user%,\x00', 0x2) setsockopt$inet6_int(r1, 0x29, 0x34, &(0x7f0000000040)=0x80000000, 0x4) [ 230.925178] capability: warning: `syz-executor3' uses deprecated v2 capabilities in a way that may be insecure [ 230.965249] FAULT_INJECTION: forcing a failure. 10:00:47 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 230.965249] name failslab, interval 1, probability 0, space 0, times 0 [ 230.976612] CPU: 0 PID: 14582 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 230.983545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.992892] Call Trace: [ 230.995487] dump_stack+0x1b9/0x294 [ 230.999132] ? dump_stack_print_info.cold.2+0x52/0x52 [ 231.004337] ? __save_stack_trace+0x7e/0xd0 [ 231.008671] should_fail.cold.4+0xa/0x1a [ 231.012742] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 231.017851] ? kasan_kmalloc+0xc4/0xe0 [ 231.021739] ? kasan_slab_alloc+0x12/0x20 [ 231.025891] ? kmem_cache_alloc+0x12e/0x760 [ 231.030219] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 231.035067] ? kvm_mmu_load+0x21/0x10e0 [ 231.039050] ? vcpu_enter_guest+0x3a83/0x6060 [ 231.043540] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 231.048544] ? graph_lock+0x170/0x170 [ 231.052329] ? do_syscall_64+0x1b1/0x800 [ 231.056377] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.061729] ? find_held_lock+0x36/0x1c0 [ 231.065777] ? __lock_is_held+0xb5/0x140 [ 231.069829] ? check_same_owner+0x320/0x320 [ 231.074135] ? rcu_note_context_switch+0x710/0x710 [ 231.079053] __should_failslab+0x124/0x180 [ 231.083275] should_failslab+0x9/0x14 [ 231.087057] kmem_cache_alloc+0x2af/0x760 [ 231.091190] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 231.096715] ? kvm_pfn_to_page+0x7a/0xa0 [ 231.100761] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 231.105591] mmu_topup_memory_caches+0xf7/0x3a0 [ 231.110244] ? kvm_apic_has_interrupt+0xe1/0x210 [ 231.114988] kvm_mmu_load+0x21/0x10e0 [ 231.118776] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 231.124303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 231.129828] vcpu_enter_guest+0x3a83/0x6060 [ 231.134140] ? print_usage_bug+0xc0/0xc0 [ 231.138188] ? kvm_set_msr_common+0x2680/0x2680 [ 231.142839] ? vmx_vcpu_load+0xada/0xfe0 [ 231.146888] ? __lock_acquire+0x7f5/0x5140 [ 231.151109] ? vmx_vcpu_reset+0x1030/0x1030 [ 231.155411] ? graph_lock+0x170/0x170 [ 231.159202] ? graph_lock+0x170/0x170 [ 231.162990] ? __lock_acquire+0x7f5/0x5140 [ 231.167213] ? debug_check_no_locks_freed+0x310/0x310 [ 231.172400] ? __lock_is_held+0xb5/0x140 [ 231.176447] ? lock_acquire+0x1dc/0x520 [ 231.180406] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 231.185409] ? lock_release+0xa10/0xa10 [ 231.189368] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 231.194629] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 231.199111] ? preempt_notifier_dec+0x20/0x20 [ 231.203593] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 231.208417] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 231.213425] kvm_vcpu_ioctl+0x79d/0x12e0 [ 231.217474] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 231.223170] ? graph_lock+0x170/0x170 [ 231.226958] ? find_held_lock+0x36/0x1c0 [ 231.231015] ? lock_downgrade+0x8e0/0x8e0 [ 231.235154] ? kasan_check_read+0x11/0x20 [ 231.239291] ? rcu_is_watching+0x85/0x140 [ 231.243423] ? rcu_report_qs_rnp+0x790/0x790 [ 231.247822] ? __fget+0x40c/0x650 [ 231.251260] ? match_held_lock+0x871/0x8b0 [ 231.255479] ? expand_files.part.8+0x9a0/0x9a0 [ 231.260044] ? kasan_check_write+0x14/0x20 [ 231.264263] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 231.269183] ? wait_for_completion+0x870/0x870 [ 231.273750] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 231.278926] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 231.284620] do_vfs_ioctl+0x1cf/0x16f0 [ 231.288495] ? ioctl_preallocate+0x2e0/0x2e0 [ 231.292887] ? fget_raw+0x20/0x20 [ 231.296326] ? __sb_end_write+0xac/0xe0 [ 231.300292] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 231.305809] ? fput+0x130/0x1a0 [ 231.309076] ? ksys_write+0x1a6/0x250 [ 231.312864] ? security_file_ioctl+0x94/0xc0 [ 231.317259] ksys_ioctl+0xa9/0xd0 [ 231.320704] __x64_sys_ioctl+0x73/0xb0 [ 231.324587] do_syscall_64+0x1b1/0x800 [ 231.328458] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 231.333290] ? syscall_return_slowpath+0x5c0/0x5c0 [ 231.338209] ? syscall_return_slowpath+0x30f/0x5c0 [ 231.343127] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 231.348490] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.353320] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.358490] RIP: 0033:0x4559f9 10:00:48 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0xd, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:48 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x1b00000000000000, [0x40000073, 0x1]}) 10:00:48 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, 0x0) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 231.361657] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 231.380898] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 231.388589] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 231.395841] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 231.403094] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 231.410345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 231.417596] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000002 10:00:48 executing program 3: recvmsg(0xffffffffffffff9c, &(0x7f0000000540)={&(0x7f00000000c0)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @dev}}}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000300)=""/114, 0x72}, {&(0x7f0000000380)=""/122, 0x7a}, {&(0x7f0000000400)=""/102, 0x66}], 0x3, &(0x7f0000000480)=""/159, 0x9f, 0xf0}, 0x0) sendmsg$kcm(r0, &(0x7f0000000980)={&(0x7f0000000580)=@l2={0x1f, 0x8000, {0x400, 0xff, 0x9, 0xffffffff, 0x9, 0x3}, 0x7, 0x3}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000600)="753d30b343545150dd645751084f8846205a54ec484bb9a52f83fef69b177aa0d4a8a7b59084e63f7fa4dda222bf1ade22ff68cec470a6840efbdf6cb54660d2f04f27b136a0f0d4696322d13f153e43121743714277b71892ec4ee99e2e923166251b4e29e346e078f9a23a4378a66d801d13ce09545e525e9eadabb3cdfb390630c87081a280f76007f3ce8ec8ff957a9c1523fbd219ecf2b923fcd81b5dbc02fa6db81e726c35a48ef74a49930a71907087c4e16f0f34", 0xb8}, {&(0x7f00000006c0)="e099c5f0b4657840044a975ef337ec9e3a7a7f78ebca4332e7c29182e901c8e4af9d05671327ce2e8eb6daba149cc5f2c20160429487fa8466b41c4a2ca64c2c99cb14da5b92d372223251e073f5b45f2103cf8bca22434c19c58f4b0246db24a0948d64886c95bd35892aedb5df673b33e253cebdb8e75fcb42710e49bec1590c827def50f66e4cd7443c07e7d3cda8f9b1c9baf760eea1e70dd43514f15da63c42f2dc7e59bc41853bd3fc3fc55603b6f041cacd0cf73b730b44e998d85935ba8f855d21a25aa47ca3", 0xca}], 0x2, &(0x7f0000000b40)=ANY=[@ANYBLOB="380000000000000004010000ff010000070eefa9801340c37038edebfae3f68e870140e4f937b2886284760d3e5db432fd4abc9c4f000000c0000000000000000000000003000000a67487d573226cefae5a2411d0875b7870f24731f4c3cee38ade23031cae490a663f76466461a83414ca2905fa5a19dbc05a7421ac345c778a0492fc6f09bbaf728029340b312b065633eed8b935b7a5ab2fb5b1aee1e3923d95f604bec103533d83b2470805bf972e0e452575bb0563887717b88eca09822ee433092f819d477e236f7f1ccdbbae982d4a786c780e3310f1a483de094e53e3fc2f0a15d8fbba82312fe26c72643904186b342eec726c9e1f542a622686f156b5f845917b2380000000000000000e010000030000004955f95208bb6ba2b49ff104902a28187c37d7dc4ea03c44a1c3734013849077d6b3453e91d664d2f64db9458f99557da4e6427703293df50dd1f943b89c11c99fd74b23a5a070c4da4d4c739fe2302a9754e3fe45693f31c48756dfc780bf4d4c08cfc59e82957fa0bbb7b2964300008dc7a46c0d04957e3b6e2e1d895264331d7482f8bbf59cd59757151a78501a40081d6a1bcfeca516030f6c70456eeeb6176de318c3c536901889861bcf3985380fa9c7c4bfdcd49c51708b97fb6cd9f2432cf21cec9e42e47b6536c0b48f33e8e072a6ab386d2853a1b19eed3075808705e9c5a852e0ec6c8682779527de4c92f6c55c972dd07073af80e79b464a007907476166dccb68b52576eb0437f4f4"], 0x178, 0x4000000}, 0x4000) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="97000000370000000010000000000000950000008b000000999c70cb5211654257032cd479881c9b03f764eb5d8a809e26e746efed9687bc8dcef1ef79368496a73665e133c9917a7533137d9f17b22bc961214bd204549c4bb1faa5545670f2ba6dfc16b7d574112335314afac4996697"], &(0x7f0000000000)='GPL\x00', 0x1, 0xc3, &(0x7f0000000200)=""/195, 0x40f00}, 0x48) sendmsg$xdp(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f00000009c0)="25de16cdc6bdaadf3847a67867d0954e7d376cc4a7481632f49720be15205d1e2fbbf472267c9442cd4aa6fc3cac366989c59e61854996703aa83b77ccd167de82397143a96c750dd9493a306981a05b2fabba000008b777a5c0ce0bb09b7f7cc844e5716acf2da56381c2e0671898261c3abff80eb6b9b7e4e476646c6116f64a85aa1ae7b95ce99958ba3c6c0aaa7c384d20c574520180e16212d9e9ea7288ba55cc9f96aa907807af48fb575e1fd0640ff888375373dd5b8d7ba38bb324e12835548182f937920ccc40f86168cd55c88ded73ac67ff4e59905d38ba8a5f51e4695c660b99d6402b34ec305b92", 0xee}], 0x1, 0x0, 0x0, 0x4041}, 0x40090) 10:00:48 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000040)) lgetxattr(&(0x7f0000000340)='./bus\x00', &(0x7f0000000380)=@random={'user.', 'errors=remount-ro'}, &(0x7f00000003c0)=""/42, 0x2a) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000080)=0x2, 0x4) syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000140)='./bus\x00', 0x4b54, 0x2, &(0x7f00000002c0)=[{&(0x7f0000000180)="c682302243913c827f", 0x9, 0x4}, {&(0x7f00000001c0)="913e600da683e16479059c15dcb48cd9823077ad14c43879ce72d7c7a6702a8db99a7802fed15c5321aca67a6de2b02c91af8e6a7ba9c4560855171306df72370da6f7f2f4bd24cb6c7c1861826c9e9008b0e804e0788ad107eb851bf3bf2e62602813e45fc76f31da3bb5a355e0f480edae02f1acb520c08e4cef6a2e207d1bbcce3268d2087b49dd2bff06ff416babf8313a47cd91b9a3a12acbaa7c27551b36431d403b64415dcf3cfb2f99eff3a9a940083163da665dbc9d3531d36355f5ac8da0a8de6917754cd2049f5e4508f3ac8f", 0xd2, 0x40}], 0x100010, &(0x7f0000000300)={[{@errors_remount='errors=remount-ro', 0x2c}, {@quiet='quiet', 0x2c}, {@tz_utc='tz=UTC', 0x2c}, {@flush='flush', 0x2c}, {@check_strict='check=strict', 0x2c}, {@nocase='nocase', 0x2c}]}) 10:00:48 executing program 5 (fault-call:5 fault-nth:3): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:48 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_NEXT_CMD_LEN(r1, 0x2283, &(0x7f0000000000)=0x58) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0xffffffffffffff9c, 0x6, 0x1, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x20) ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000000880)={0x8, &(0x7f0000000100)=""/96, &(0x7f00000007c0)=[{0x8, 0x2c, 0x20, &(0x7f0000000180)=""/44}, {0x1ff, 0xa6, 0x44, &(0x7f00000001c0)=""/166}, {0x80000001, 0xa3, 0x22eba9f8, &(0x7f0000000380)=""/163}, {0x0, 0x7e, 0x3, &(0x7f0000000440)=""/126}, {0x33f, 0xd, 0x6, &(0x7f00000002c0)=""/13}, {0x8, 0xd8, 0x8, &(0x7f00000004c0)=""/216}, {0x1ff, 0xe9, 0x0, &(0x7f00000005c0)=""/233}, {0xdd, 0xc6, 0x9, &(0x7f00000006c0)=""/198}]}) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff4d, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) [ 231.665851] FAULT_INJECTION: forcing a failure. [ 231.665851] name failslab, interval 1, probability 0, space 0, times 0 [ 231.677213] CPU: 1 PID: 14624 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 231.684157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.693513] Call Trace: [ 231.696118] dump_stack+0x1b9/0x294 [ 231.699761] ? dump_stack_print_info.cold.2+0x52/0x52 [ 231.704958] ? __save_stack_trace+0x7e/0xd0 [ 231.709295] should_fail.cold.4+0xa/0x1a [ 231.713364] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 231.718482] ? kasan_kmalloc+0xc4/0xe0 [ 231.722376] ? kasan_slab_alloc+0x12/0x20 [ 231.726526] ? kmem_cache_alloc+0x12e/0x760 [ 231.730852] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 231.735698] ? kvm_mmu_load+0x21/0x10e0 [ 231.739674] ? vcpu_enter_guest+0x3a83/0x6060 [ 231.744169] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 231.749173] ? graph_lock+0x170/0x170 [ 231.752957] ? do_syscall_64+0x1b1/0x800 [ 231.757002] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.762358] ? find_held_lock+0x36/0x1c0 [ 231.766405] ? __lock_is_held+0xb5/0x140 [ 231.770460] ? check_same_owner+0x320/0x320 [ 231.774769] ? rcu_note_context_switch+0x710/0x710 [ 231.779689] __should_failslab+0x124/0x180 [ 231.783910] should_failslab+0x9/0x14 [ 231.787693] kmem_cache_alloc+0x2af/0x760 [ 231.791828] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 231.797352] ? kvm_pfn_to_page+0x7a/0xa0 [ 231.801398] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 231.806226] mmu_topup_memory_caches+0xf7/0x3a0 [ 231.810886] ? kvm_apic_has_interrupt+0xe1/0x210 [ 231.815629] kvm_mmu_load+0x21/0x10e0 [ 231.819414] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 231.824934] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 231.830456] vcpu_enter_guest+0x3a83/0x6060 [ 231.834767] ? print_usage_bug+0xc0/0xc0 [ 231.838817] ? kvm_set_msr_common+0x2680/0x2680 [ 231.843474] ? vmx_vcpu_load+0xada/0xfe0 [ 231.847523] ? __lock_acquire+0x7f5/0x5140 [ 231.851745] ? vmx_vcpu_reset+0x1030/0x1030 [ 231.856053] ? graph_lock+0x170/0x170 [ 231.859837] ? graph_lock+0x170/0x170 [ 231.863620] ? __lock_acquire+0x7f5/0x5140 [ 231.867845] ? debug_check_no_locks_freed+0x310/0x310 [ 231.873030] ? __lock_is_held+0xb5/0x140 [ 231.877081] ? lock_acquire+0x1dc/0x520 [ 231.881041] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 231.886047] ? lock_release+0xa10/0xa10 [ 231.890005] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 231.895271] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 231.899749] ? preempt_notifier_dec+0x20/0x20 [ 231.904267] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 231.909094] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 231.914127] kvm_vcpu_ioctl+0x79d/0x12e0 [ 231.918177] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 231.923873] ? graph_lock+0x170/0x170 [ 231.927660] ? find_held_lock+0x36/0x1c0 [ 231.931713] ? lock_downgrade+0x8e0/0x8e0 [ 231.935850] ? kasan_check_read+0x11/0x20 [ 231.939983] ? rcu_is_watching+0x85/0x140 [ 231.944116] ? rcu_report_qs_rnp+0x790/0x790 [ 231.948514] ? __fget+0x40c/0x650 [ 231.951957] ? match_held_lock+0x871/0x8b0 [ 231.956204] ? expand_files.part.8+0x9a0/0x9a0 [ 231.960769] ? kasan_check_write+0x14/0x20 [ 231.964989] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 231.969906] ? wait_for_completion+0x870/0x870 [ 231.974475] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 231.979648] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 231.985342] do_vfs_ioctl+0x1cf/0x16f0 [ 231.989218] ? ioctl_preallocate+0x2e0/0x2e0 [ 231.993610] ? fget_raw+0x20/0x20 [ 231.997047] ? __sb_end_write+0xac/0xe0 [ 232.001372] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 232.006899] ? fput+0x130/0x1a0 [ 232.010168] ? ksys_write+0x1a6/0x250 [ 232.013955] ? security_file_ioctl+0x94/0xc0 [ 232.018352] ksys_ioctl+0xa9/0xd0 [ 232.021801] __x64_sys_ioctl+0x73/0xb0 [ 232.025672] do_syscall_64+0x1b1/0x800 [ 232.029543] ? finish_task_switch+0x1ca/0x840 [ 232.034030] ? syscall_return_slowpath+0x5c0/0x5c0 [ 232.038945] ? syscall_return_slowpath+0x30f/0x5c0 [ 232.043863] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 232.049212] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 232.054043] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.059214] RIP: 0033:0x4559f9 [ 232.062383] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 232.081608] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 232.089300] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 232.096553] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 232.103814] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 10:00:48 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:48 executing program 3: r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x100000000, 0x20000) recvfrom$inet6(r0, &(0x7f0000000040)=""/102, 0x66, 0x0, &(0x7f00000000c0)={0xa, 0x4e22, 0x800, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) r1 = socket$inet6(0xa, 0x80002, 0x88) recvfrom$inet6(r1, &(0x7f0000fbef6d)=""/185, 0xfffffffffffffe1f, 0x0, 0x0, 0x171c073b150b2817) bind$inet6(r1, &(0x7f00008a8000)={0xa, 0x3}, 0x1c) r2 = socket$inet6(0xa, 0x8000000000000802, 0x88) sendmsg$inet_sctp(r2, &(0x7f0000a29000)={&(0x7f00006d8fe4)=@in6={0xa, 0x3, 0x0, @loopback={0x0, 0x1}}, 0x1c, &(0x7f0000fc8000)}, 0x8000) sendto$inet6(r2, &(0x7f0000b0cf6e), 0xffed, 0x0, &(0x7f000001b000)={0xa}, 0x1c) [ 232.111067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 232.118318] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000003 10:00:49 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x3400, [0x40000073, 0x1]}) 10:00:49 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:49 executing program 5 (fault-call:5 fault-nth:4): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:49 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x1, 0x1, 0x3, 0x401, 0xffffffff}, 0xc) setsockopt$inet6_int(r0, 0x29, 0xc8, &(0x7f0000000280), 0x4) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000540)={0x9, 0x0, 0x0, 0x1, 0x8001}, 0xc) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xc9, &(0x7f0000000180)={{0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}}, {0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}, 0x5c) socket$inet_udp(0x2, 0x2, 0x0) 10:00:49 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x8, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:49 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008916, &(0x7f0000000040)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) r2 = add_key(&(0x7f0000000000)='id_legacy\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000000c0)="a670fb45ad88ceddf5636bf59215fd1e7a6feec2cbe2c3c007de7883f2bf1eaccbdd19e1294dc4194c6925ad533df862724aca992ad585bc59387f71fccd6916b92fa06ba9a3408fe3c8a35d6b37b0a076994f0e30d153f466822411d60553afeaafbc2a905c5ac458bd77705ba6388047194fb05014b1", 0x77, 0xfffffffffffffffc) r3 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$reject(0x13, r2, 0x7, 0x573, r3) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) 10:00:49 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") fcntl$getown(r0, 0x9) 10:00:49 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:50 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:50 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x12, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 233.323469] FAULT_INJECTION: forcing a failure. [ 233.323469] name failslab, interval 1, probability 0, space 0, times 0 [ 233.334912] CPU: 0 PID: 14661 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 233.341843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.351202] Call Trace: [ 233.353806] dump_stack+0x1b9/0x294 [ 233.357445] ? dump_stack_print_info.cold.2+0x52/0x52 [ 233.362643] ? __save_stack_trace+0x7e/0xd0 [ 233.366983] should_fail.cold.4+0xa/0x1a 10:00:50 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x5, &(0x7f0000000000), 0x10) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x400, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x6}, &(0x7f0000000080)=0x8) setsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000100)=0x6, 0x4) setsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={r2, 0x7f}, 0x8) [ 233.371057] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 233.376170] ? kasan_kmalloc+0xc4/0xe0 [ 233.380062] ? kasan_slab_alloc+0x12/0x20 [ 233.384211] ? kmem_cache_alloc+0x12e/0x760 [ 233.388529] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 233.393371] ? kvm_mmu_load+0x21/0x10e0 [ 233.397344] ? vcpu_enter_guest+0x3a83/0x6060 [ 233.401838] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 233.406859] ? graph_lock+0x170/0x170 [ 233.410661] ? do_syscall_64+0x1b1/0x800 [ 233.414731] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 233.420117] ? find_held_lock+0x36/0x1c0 [ 233.424185] ? __lock_is_held+0xb5/0x140 [ 233.428244] ? check_same_owner+0x320/0x320 [ 233.432558] ? rcu_note_context_switch+0x710/0x710 [ 233.437482] __should_failslab+0x124/0x180 [ 233.441706] should_failslab+0x9/0x14 [ 233.445493] kmem_cache_alloc+0x2af/0x760 [ 233.449649] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 233.455174] ? kvm_pfn_to_page+0x7a/0xa0 [ 233.459222] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 233.464053] mmu_topup_memory_caches+0xf7/0x3a0 [ 233.468708] ? kvm_apic_has_interrupt+0xe1/0x210 [ 233.473455] kvm_mmu_load+0x21/0x10e0 [ 233.477242] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 233.482765] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 233.488290] vcpu_enter_guest+0x3a83/0x6060 [ 233.492608] ? print_usage_bug+0xc0/0xc0 [ 233.496657] ? kvm_set_msr_common+0x2680/0x2680 [ 233.501310] ? vmx_vcpu_load+0xada/0xfe0 [ 233.505358] ? __lock_acquire+0x7f5/0x5140 [ 233.509588] ? vmx_vcpu_reset+0x1030/0x1030 [ 233.513895] ? graph_lock+0x170/0x170 [ 233.517678] ? graph_lock+0x170/0x170 [ 233.521464] ? __lock_acquire+0x7f5/0x5140 [ 233.525689] ? debug_check_no_locks_freed+0x310/0x310 [ 233.530871] ? __lock_is_held+0xb5/0x140 [ 233.534918] ? lock_acquire+0x1dc/0x520 [ 233.538878] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 233.543880] ? lock_release+0xa10/0xa10 [ 233.547839] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 233.553099] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 233.557578] ? preempt_notifier_dec+0x20/0x20 [ 233.562065] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 233.566893] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 233.571900] kvm_vcpu_ioctl+0x79d/0x12e0 [ 233.575946] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 233.581644] ? graph_lock+0x170/0x170 [ 233.585430] ? find_held_lock+0x36/0x1c0 [ 233.589482] ? lock_downgrade+0x8e0/0x8e0 [ 233.593622] ? kasan_check_read+0x11/0x20 [ 233.597757] ? rcu_is_watching+0x85/0x140 [ 233.601893] ? rcu_report_qs_rnp+0x790/0x790 [ 233.606291] ? __fget+0x40c/0x650 [ 233.609729] ? match_held_lock+0x871/0x8b0 [ 233.613951] ? expand_files.part.8+0x9a0/0x9a0 [ 233.618519] ? kasan_check_write+0x14/0x20 [ 233.622742] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 233.627660] ? wait_for_completion+0x870/0x870 [ 233.632227] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 233.637417] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 233.643111] do_vfs_ioctl+0x1cf/0x16f0 [ 233.646989] ? ioctl_preallocate+0x2e0/0x2e0 [ 233.651384] ? fget_raw+0x20/0x20 [ 233.654823] ? __sb_end_write+0xac/0xe0 [ 233.658793] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 233.664314] ? fput+0x130/0x1a0 [ 233.667579] ? ksys_write+0x1a6/0x250 [ 233.671365] ? security_file_ioctl+0x94/0xc0 [ 233.675760] ksys_ioctl+0xa9/0xd0 [ 233.679200] __x64_sys_ioctl+0x73/0xb0 [ 233.683079] do_syscall_64+0x1b1/0x800 [ 233.686949] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 233.691777] ? syscall_return_slowpath+0x5c0/0x5c0 [ 233.696692] ? syscall_return_slowpath+0x30f/0x5c0 [ 233.701610] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 233.706960] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 233.711788] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 233.716960] RIP: 0033:0x4559f9 [ 233.720129] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 233.739354] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 233.747047] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 233.754303] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 233.761556] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 10:00:50 executing program 7: r0 = socket$inet6(0xa, 0x800, 0x80000000000000) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) [ 233.768809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 233.776066] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000004 10:00:50 executing program 5 (fault-call:5 fault-nth:5): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:50 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:50 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x6e0, [0x40000073, 0x1]}) [ 234.099347] FAULT_INJECTION: forcing a failure. [ 234.099347] name failslab, interval 1, probability 0, space 0, times 0 [ 234.110701] CPU: 1 PID: 14690 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 234.117631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.126981] Call Trace: [ 234.129568] dump_stack+0x1b9/0x294 [ 234.133189] ? dump_stack_print_info.cold.2+0x52/0x52 [ 234.138370] ? __save_stack_trace+0x7e/0xd0 [ 234.142683] should_fail.cold.4+0xa/0x1a [ 234.146731] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 234.151821] ? kasan_kmalloc+0xc4/0xe0 [ 234.155691] ? kasan_slab_alloc+0x12/0x20 [ 234.159822] ? kmem_cache_alloc+0x12e/0x760 [ 234.164130] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 234.168966] ? kvm_mmu_load+0x21/0x10e0 [ 234.172925] ? vcpu_enter_guest+0x3a83/0x6060 [ 234.177404] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 234.182405] ? graph_lock+0x170/0x170 [ 234.186193] ? do_syscall_64+0x1b1/0x800 [ 234.190238] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 234.195589] ? find_held_lock+0x36/0x1c0 [ 234.199641] ? __lock_is_held+0xb5/0x140 [ 234.203693] ? check_same_owner+0x320/0x320 [ 234.208000] ? rcu_note_context_switch+0x710/0x710 [ 234.212923] __should_failslab+0x124/0x180 [ 234.217149] should_failslab+0x9/0x14 [ 234.220933] kmem_cache_alloc+0x2af/0x760 [ 234.225065] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 234.230628] ? kvm_pfn_to_page+0x7a/0xa0 [ 234.234675] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 234.239502] mmu_topup_memory_caches+0xf7/0x3a0 [ 234.244157] ? kvm_apic_has_interrupt+0xe1/0x210 [ 234.248900] kvm_mmu_load+0x21/0x10e0 [ 234.252686] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 234.258207] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 234.263735] vcpu_enter_guest+0x3a83/0x6060 [ 234.268049] ? print_usage_bug+0xc0/0xc0 [ 234.272098] ? kvm_set_msr_common+0x2680/0x2680 [ 234.276785] ? vmx_vcpu_load+0xada/0xfe0 [ 234.280867] ? __lock_acquire+0x7f5/0x5140 [ 234.285086] ? vmx_vcpu_reset+0x1030/0x1030 [ 234.289394] ? graph_lock+0x170/0x170 [ 234.293178] ? graph_lock+0x170/0x170 [ 234.296963] ? __lock_acquire+0x7f5/0x5140 [ 234.301185] ? debug_check_no_locks_freed+0x310/0x310 [ 234.306365] ? __lock_is_held+0xb5/0x140 [ 234.310413] ? lock_acquire+0x1dc/0x520 [ 234.314370] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 234.319373] ? lock_release+0xa10/0xa10 [ 234.323330] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 234.328591] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 234.333070] ? preempt_notifier_dec+0x20/0x20 [ 234.337555] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 234.342382] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 234.347390] kvm_vcpu_ioctl+0x79d/0x12e0 [ 234.351438] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 234.357132] ? graph_lock+0x170/0x170 [ 234.360920] ? find_held_lock+0x36/0x1c0 [ 234.364972] ? lock_downgrade+0x8e0/0x8e0 [ 234.369110] ? kasan_check_read+0x11/0x20 [ 234.373243] ? rcu_is_watching+0x85/0x140 [ 234.377376] ? rcu_report_qs_rnp+0x790/0x790 [ 234.381776] ? __fget+0x40c/0x650 [ 234.385228] ? match_held_lock+0x871/0x8b0 [ 234.389459] ? expand_files.part.8+0x9a0/0x9a0 [ 234.394031] ? kasan_check_write+0x14/0x20 [ 234.398252] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 234.403167] ? wait_for_completion+0x870/0x870 [ 234.407733] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 234.412909] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 234.418602] do_vfs_ioctl+0x1cf/0x16f0 [ 234.422477] ? ioctl_preallocate+0x2e0/0x2e0 [ 234.426872] ? fget_raw+0x20/0x20 [ 234.430309] ? __sb_end_write+0xac/0xe0 [ 234.434268] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 234.439786] ? fput+0x130/0x1a0 [ 234.443064] ? ksys_write+0x1a6/0x250 [ 234.446850] ? security_file_ioctl+0x94/0xc0 [ 234.451246] ksys_ioctl+0xa9/0xd0 [ 234.454685] __x64_sys_ioctl+0x73/0xb0 [ 234.458559] do_syscall_64+0x1b1/0x800 [ 234.462429] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 234.467259] ? syscall_return_slowpath+0x5c0/0x5c0 [ 234.472174] ? syscall_return_slowpath+0x30f/0x5c0 [ 234.477089] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 234.482453] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 234.487283] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 234.492456] RIP: 0033:0x4559f9 [ 234.495623] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 234.514854] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 234.522547] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 234.529797] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 234.537057] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 234.544308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 234.551561] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000005 10:00:51 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getpeername(r0, &(0x7f0000000180)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000200)=0x80) syz_init_net_socket$llc(0x1a, 0x3, 0x0) r1 = socket(0xa, 0x1, 0x0) ioctl(r1, 0x10003, &(0x7f0000000240)="c626262c8523bf012cf66f") mknod(&(0x7f0000000040)='./file0\x00', 0x10, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000340)="800000000002000019000000e60100006c000000002800000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6a6f75000000000000000000000000348c38acec84d47b78000000"]) ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000140)={{0x3, 0x4, 0x81, 0x400, 0x81, 0x2}, 0x9}) 10:00:51 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x11, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:51 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:51 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x0, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x2711, @any=0xffffffff}, 0x10) setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, &(0x7f0000000540)={@rc={0x1f, {0x0, 0x6, 0x6, 0x3f, 0xfffffffffffffff9, 0x100000001}, 0x100000001}, {&(0x7f00000004c0)=""/107, 0x6b}, &(0x7f00000001c0), 0x40}, 0xa0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = socket(0xa, 0x2, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000040), &(0x7f0000000340)=0x30) r3 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x80080) ioctl$DRM_IOCTL_INFO_BUFS(r3, 0xc0106418, &(0x7f0000000180)={0xe47, 0x200, 0x101, 0x3800000000000, 0x8, 0x2}) name_to_handle_at(r3, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x2c, 0x7ff, "92bdcf75cc29bdf2610dfa25aedb4bac7ae3f5acfffd2edadbd0e8c325e3bfc727f521b4c66e687f169fd101238cc6f632a7ad9d9cd1510c3c34e9ce5bdf0ade21be16d92e5cac368c23a439adb3539016948477f3b6af80102bde716059bb058606ed640de590b4d600a3ff8854c8b222"}, &(0x7f0000000480), 0x1400) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000600)={r1, r3}) pwrite64(r0, &(0x7f0000000240)="42373b950a39ab6fd2bbaa681547f914d5c57384688ca8adc933b441d76fc93871985e419473715182c3a6ccb3b6d1900c900e72dbc8e9fac876c4c323a009ee8e7aa75f6fa382851a5e6bd1a90ec8caaf68ba2b8f591ef9f610d6d3037d256554d0ef0c22bb48d2e4e347cd53760a10011774f10cf792261882cbb34cd86c7d7e7c08c09d7f36cc6dcb3c816c256c339910a5b563d3211b09314ae8a9be6fc9b3f8c486c8f888577f54c437b0a35705034a2beb1059c824150a599355d938e6b95c7929cd86c308c642e28632e8b64a6a015683df0c1a", 0xd7, 0x0) getsockopt$sock_buf(r2, 0x1, 0x38, &(0x7f0000000000)=""/62, &(0x7f0000000080)=0x3e) 10:00:51 executing program 5 (fault-call:5 fault-nth:6): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:51 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:51 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x2a1001c000000000, [0x40000073, 0x1]}) 10:00:51 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000000)=0x9, &(0x7f0000000040)=0x1) [ 234.827132] EXT4-fs (loop3): Unrecognized mount option "jou" or missing value [ 234.849888] FAULT_INJECTION: forcing a failure. [ 234.849888] name failslab, interval 1, probability 0, space 0, times 0 [ 234.861196] CPU: 1 PID: 14715 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 234.866403] EXT4-fs (loop3): Unrecognized mount option "jou" or missing value [ 234.868122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.868132] Call Trace: [ 234.868155] dump_stack+0x1b9/0x294 [ 234.868176] ? dump_stack_print_info.cold.2+0x52/0x52 [ 234.868194] ? __save_stack_trace+0x7e/0xd0 [ 234.900474] should_fail.cold.4+0xa/0x1a [ 234.904526] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 234.909615] ? kasan_kmalloc+0xc4/0xe0 [ 234.913483] ? kasan_slab_alloc+0x12/0x20 [ 234.917613] ? kmem_cache_alloc+0x12e/0x760 [ 234.921928] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 234.926765] ? kvm_mmu_load+0x21/0x10e0 [ 234.930724] ? vcpu_enter_guest+0x3a83/0x6060 [ 234.935202] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 234.940204] ? graph_lock+0x170/0x170 [ 234.943986] ? do_syscall_64+0x1b1/0x800 [ 234.948045] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 234.953396] ? find_held_lock+0x36/0x1c0 [ 234.957441] ? __lock_is_held+0xb5/0x140 [ 234.961494] ? check_same_owner+0x320/0x320 [ 234.965800] ? rcu_note_context_switch+0x710/0x710 [ 234.970714] __should_failslab+0x124/0x180 [ 234.974930] should_failslab+0x9/0x14 [ 234.978713] kmem_cache_alloc+0x2af/0x760 [ 234.982870] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 234.988397] ? kvm_pfn_to_page+0x7a/0xa0 [ 234.992448] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 234.997271] mmu_topup_memory_caches+0xf7/0x3a0 [ 235.001922] ? kvm_apic_has_interrupt+0xe1/0x210 [ 235.006663] kvm_mmu_load+0x21/0x10e0 [ 235.010447] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 235.015971] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 235.021499] vcpu_enter_guest+0x3a83/0x6060 [ 235.025806] ? print_usage_bug+0xc0/0xc0 [ 235.029850] ? kvm_set_msr_common+0x2680/0x2680 [ 235.034504] ? vmx_vcpu_load+0xada/0xfe0 [ 235.038552] ? __lock_acquire+0x7f5/0x5140 [ 235.042776] ? vmx_vcpu_reset+0x1030/0x1030 [ 235.047080] ? graph_lock+0x170/0x170 [ 235.050869] ? graph_lock+0x170/0x170 [ 235.054651] ? __lock_acquire+0x7f5/0x5140 [ 235.058871] ? debug_check_no_locks_freed+0x310/0x310 [ 235.064055] ? __lock_is_held+0xb5/0x140 [ 235.068099] ? lock_acquire+0x1dc/0x520 [ 235.072059] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 235.077060] ? lock_release+0xa10/0xa10 [ 235.081021] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 235.086292] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 235.090769] ? preempt_notifier_dec+0x20/0x20 [ 235.095247] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 235.100070] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 235.105070] kvm_vcpu_ioctl+0x79d/0x12e0 [ 235.109112] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 235.114804] ? graph_lock+0x170/0x170 [ 235.118588] ? find_held_lock+0x36/0x1c0 [ 235.122634] ? lock_downgrade+0x8e0/0x8e0 [ 235.126769] ? kasan_check_read+0x11/0x20 [ 235.130898] ? rcu_is_watching+0x85/0x140 [ 235.135036] ? rcu_report_qs_rnp+0x790/0x790 [ 235.139439] ? __fget+0x40c/0x650 [ 235.142883] ? match_held_lock+0x871/0x8b0 [ 235.147107] ? expand_files.part.8+0x9a0/0x9a0 [ 235.151680] ? kasan_check_write+0x14/0x20 [ 235.155896] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 235.160810] ? wait_for_completion+0x870/0x870 [ 235.165373] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 235.170552] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 235.176245] do_vfs_ioctl+0x1cf/0x16f0 [ 235.180120] ? ioctl_preallocate+0x2e0/0x2e0 [ 235.184710] ? fget_raw+0x20/0x20 [ 235.188147] ? __sb_end_write+0xac/0xe0 [ 235.192107] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 235.197644] ? fput+0x130/0x1a0 [ 235.200924] ? ksys_write+0x1a6/0x250 [ 235.204722] ? security_file_ioctl+0x94/0xc0 [ 235.209132] ksys_ioctl+0xa9/0xd0 [ 235.212577] __x64_sys_ioctl+0x73/0xb0 [ 235.216446] do_syscall_64+0x1b1/0x800 [ 235.220313] ? finish_task_switch+0x1ca/0x840 [ 235.224791] ? syscall_return_slowpath+0x5c0/0x5c0 [ 235.229706] ? syscall_return_slowpath+0x30f/0x5c0 [ 235.234631] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 235.239987] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 235.244814] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 235.249984] RIP: 0033:0x4559f9 [ 235.253159] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:00:51 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x7, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:51 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000780)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a") ioctl$KVM_IOEVENTFD(r0, 0x40086602, &(0x7f0000000040)={0x28200, &(0x7f0000000000), 0x0, 0xffffffffffffffff, 0x4}) [ 235.272338] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 235.280040] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 235.287304] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 235.294562] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 235.301827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 235.309077] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000006 10:00:52 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) socket(0xa, 0x1, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xc, 0x2, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}}]}, 0x28}, 0x1}, 0x0) 10:00:52 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:52 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ioctl$sock_bt_hci(r1, 0x400448df, &(0x7f0000000000)="82e3aed7380754c04f0150428d9c665aa2111c9105e807e7cf45baa4a58a23f7bb35c71c327cdb257c186906c23b09e5c0eb247e0d6306e5dc651ebb8dc66a9e44180b90df652b1a05a90e7c7595fb92da9ba63f4d211066978386fb134743d762f996901a331447496facb6ead6bd53d3a1391d6bbb14e5caffbc60d575d3052b96e32c452cd3b83df78ddcd73aa987671d0a799ce96ccbf664538165f7b2fa2958916c57220be92fd3663cc664fc50934ef9c1e85ebba9d5caee3520075defb3e1251990c1f26eddfed8d924b35226355ede512f1b337191ed411e6e703d2f") fallocate(r1, 0x2, 0x0, 0xfffffeff000) 10:00:52 executing program 5 (fault-call:5 fault-nth:7): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:52 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x400101c0, [0x40000073, 0x1]}) [ 235.658729] FAULT_INJECTION: forcing a failure. [ 235.658729] name failslab, interval 1, probability 0, space 0, times 0 [ 235.670119] CPU: 0 PID: 14753 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 235.677045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.686391] Call Trace: [ 235.688987] dump_stack+0x1b9/0x294 [ 235.692610] ? dump_stack_print_info.cold.2+0x52/0x52 [ 235.697787] ? __save_stack_trace+0x7e/0xd0 [ 235.702102] should_fail.cold.4+0xa/0x1a [ 235.706164] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 235.711261] ? kasan_kmalloc+0xc4/0xe0 [ 235.715136] ? kasan_slab_alloc+0x12/0x20 [ 235.719265] ? kmem_cache_alloc+0x12e/0x760 [ 235.723573] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 235.728399] ? kvm_mmu_load+0x21/0x10e0 [ 235.732356] ? vcpu_enter_guest+0x3a83/0x6060 [ 235.736834] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 235.741835] ? graph_lock+0x170/0x170 [ 235.745621] ? do_syscall_64+0x1b1/0x800 [ 235.749668] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 235.755026] ? find_held_lock+0x36/0x1c0 [ 235.759099] ? __lock_is_held+0xb5/0x140 [ 235.763162] ? check_same_owner+0x320/0x320 [ 235.767468] ? rcu_note_context_switch+0x710/0x710 [ 235.772397] __should_failslab+0x124/0x180 [ 235.776624] should_failslab+0x9/0x14 [ 235.780419] kmem_cache_alloc+0x2af/0x760 [ 235.784566] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 235.790101] ? kvm_pfn_to_page+0x7a/0xa0 [ 235.794151] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 235.798987] mmu_topup_memory_caches+0xf7/0x3a0 [ 235.803644] ? kvm_apic_has_interrupt+0xe1/0x210 [ 235.808386] kvm_mmu_load+0x21/0x10e0 [ 235.812182] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 235.817725] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 235.823265] vcpu_enter_guest+0x3a83/0x6060 [ 235.827579] ? print_usage_bug+0xc0/0xc0 [ 235.831636] ? kvm_set_msr_common+0x2680/0x2680 [ 235.836333] ? vmx_vcpu_load+0xada/0xfe0 [ 235.840389] ? __lock_acquire+0x7f5/0x5140 [ 235.844604] ? vmx_vcpu_reset+0x1030/0x1030 [ 235.848910] ? graph_lock+0x170/0x170 [ 235.852693] ? graph_lock+0x170/0x170 [ 235.856475] ? __lock_acquire+0x7f5/0x5140 [ 235.860698] ? debug_check_no_locks_freed+0x310/0x310 [ 235.865880] ? __lock_is_held+0xb5/0x140 [ 235.869927] ? lock_acquire+0x1dc/0x520 [ 235.873898] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 235.878907] ? lock_release+0xa10/0xa10 [ 235.882877] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 235.888148] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 235.892622] ? preempt_notifier_dec+0x20/0x20 [ 235.897104] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 235.901930] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 235.906941] kvm_vcpu_ioctl+0x79d/0x12e0 [ 235.910988] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 235.916684] ? graph_lock+0x170/0x170 [ 235.920482] ? find_held_lock+0x36/0x1c0 [ 235.924540] ? lock_downgrade+0x8e0/0x8e0 [ 235.928675] ? kasan_check_read+0x11/0x20 [ 235.932806] ? rcu_is_watching+0x85/0x140 [ 235.936939] ? rcu_report_qs_rnp+0x790/0x790 [ 235.941351] ? __fget+0x40c/0x650 [ 235.944802] ? match_held_lock+0x871/0x8b0 [ 235.949036] ? expand_files.part.8+0x9a0/0x9a0 [ 235.953614] ? kasan_check_write+0x14/0x20 [ 235.957840] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 235.962757] ? wait_for_completion+0x870/0x870 [ 235.967322] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 235.972495] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 235.978188] do_vfs_ioctl+0x1cf/0x16f0 [ 235.982066] ? ioctl_preallocate+0x2e0/0x2e0 [ 235.986456] ? fget_raw+0x20/0x20 [ 235.989891] ? __sb_end_write+0xac/0xe0 [ 235.993874] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 235.999396] ? fput+0x130/0x1a0 [ 236.002667] ? ksys_write+0x1a6/0x250 [ 236.006455] ? security_file_ioctl+0x94/0xc0 [ 236.010852] ksys_ioctl+0xa9/0xd0 [ 236.014288] __x64_sys_ioctl+0x73/0xb0 [ 236.018160] do_syscall_64+0x1b1/0x800 [ 236.022036] ? finish_task_switch+0x1ca/0x840 [ 236.026518] ? syscall_return_slowpath+0x5c0/0x5c0 [ 236.031429] ? syscall_return_slowpath+0x30f/0x5c0 [ 236.036344] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 236.041691] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 236.046528] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 236.051700] RIP: 0033:0x4559f9 [ 236.054868] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 236.074077] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 236.081766] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 236.089025] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 236.096285] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 236.103534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 236.110782] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000007 10:00:52 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x2, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x100, 0x0) ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f0000000040)) r2 = socket$inet(0x2, 0x80000000003, 0x2) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f000024d000)=0x7fe, 0x4) sendto$inet(r2, &(0x7f00002df000), 0x0, 0x0, &(0x7f0000fd9ff0)={0x2, 0x0, @rand_addr}, 0x10) close(r2) 10:00:52 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x8010040, [0x40000073, 0x1]}) 10:00:52 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:52 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000003000/0xffc000)=nil, 0xffc000, 0x0, 0x32, r0, 0x0) getsockopt$inet_buf(r0, 0x0, 0x200000000000043, &(0x7f0000f39000)=""/30, &(0x7f0000001000)=0x1e) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x0, 0x0) recvmsg$netrom(r1, &(0x7f00000004c0)={&(0x7f0000000080)=@full={{0x3, {"c5fc62cd6fde87"}, 0x3fa}, [{"4bd388457cb405"}, {"637d81f437aba0"}, {"7251e1fe53c5ab"}, {"256fce5ab79df3"}, {"cb5b8b0c616772"}, {"ac77596781e3ad"}, {"8b5b3ccfaed759"}, {"21abea55686342"}]}, 0x48, &(0x7f0000000440)=[{&(0x7f0000000100)="98fa7e4072fdae1c2973cfbd17a48aa9834307587e27186afa1648e3dd442a1f20af431ceedefde783e9b493bc40cdcedc03cb1c76124ebb53bac69eafcd9f75b69991081c4fac1a934f80224a71701d243d088469092c22cb36eb630641e967aaacc89fcc1eecacce26bb88e8a24e7ffeca5bff0abca8f5d72caa1936fe0d48885ae392bbcb25061c9ad9f88e42efbde5", 0x91}, {&(0x7f00000001c0)="c6f0725866534cbac12db81ffc80d81b756e6d5351073d7678622a818d042080717369a3683252db0f65c0cf59a5df2d6cac2771cbcb8eabbb93e2fb28fe8a534dc5aa13182c86ce4372643e6ff00e133445269beea4b078475f806fb229b9d934a082d7782670a424ee3c994317fcf1a5b112f9f721f429f69b9f49adfad4b145c21f6d0a6b891d170c4647b074f1dacab6389f2d9e874ff5d06218a697ee8422e907ccbeb4eccfa2c2875927ede71bb1b4d0986f07427ad0884cc9c45c9e", 0xbf}, {&(0x7f0000000280)="3de85edee134fb09dc084f9c216d4fbf5665168c54403117c95f2c08923d148bcd7a1c9d50b91b3796daa9b6f9aab5d6515836717849e95bcd0d72c35e2b407289472b8ba6cc3e9f303f3ed824b774dbc29cbc074ccc8d5458b5765e3e9e2da43a3cefe817cac8819910b8d83a8343a1d31e4156", 0x74}, {&(0x7f0000000000)="267341e2", 0x4}, {&(0x7f0000000300)="17c0aff459bd4f67df94246867aac3e37b634ef9be896a8fa526586e86ad8aa368b94824100b294569b11dcd56257cd27f98976070ec8e6fa4bdb52de9e281e417a0416e5ab635b75a8472aaead34bea45c1492497a31ec0cf1650d4f932b5160b2c8ece2039c86b882994b05c429697834466dd", 0x74}, {&(0x7f0000000380)="ea7a5b0d1d5afdfe5607fe466060b5d67c82c46fa5bdd32ede61bfdadf6972eb058752b0f213ad66b1d3e029c6cee66ed011a29c240e5cf37e4cb8d659036acb62a086044dd77764a986bac4c62ce99f138a2c3fe798286d83295def335cc23662bedb26ee8910a05c6216", 0x6b}, {&(0x7f0000000400)="dee5efbf873e38309495411d210b063df9c226e8be0fd353b024e790b6a295824d5e7c141982b51d5c724e2b67cefa526bbf7ec36c01b88db3ab56", 0x3b}], 0x7, &(0x7f0000001040)=[{0x38, 0x115, 0x99, "a5aa0a7b832fb791645d3082df2a7ff8d7b381f3000a0ac91355c0c17fcd1aedb93c26c4450c"}, {0x10, 0x111, 0xb2}, {0x1010, 0x0, 0x70000000000000, "9e5ac23838a1a6241e61d3f4bb276c1c0171f331cbf5bf505c78066061e310ebff320b9797416d04f0ec1273aecd9d77ee65415d1ddbd9367120a288dff6711170c8fe59f41726c4bbf47c06869b6f98f291f4717499163a3cf8420a3789168d56a70f5ed08b966dd5757bfc820f1acda70f6fe4f231dfc853647045201543f3d630cb915f3d7dcf65eb9244fb7c13c86f4ff9f3c149af5e1f910b73dfc339772a0ae98bcd9e8960586cd3a695ed8d626b11ea6ae5118a920e6ddcb2ea0a69384057bdf3e92f8c600016ecdb281e3c8a69b4403b9d04e8a8a82869f3814c75fb4b61c38fb0b0ed0436a2dd290a6a60c4e8f30ffdcd2d54e7733965abe53361966a6fa7b050c977adc392cd99383a61709f0ce070c2db09606d4271df1e01901e39cec719ae9d7458e8bce8f2eed187cea02d1bee187c580d455e46c8a9662821e9985014a908209a7f95b845a6a0c6876244c1310f0b2252528914b5cff224992da2ed37070c1d5aa11a82adf5b1e523abb1a50eb4d88addce362a517804d48a7264e39dc354f0baa7bcd75c4ba867f4e5eadd3243321da79634d101140c1fafed7eabed720e0286b723fbd6d5804a3ec401824e3453584d27845673b91f1acc49043a57ed0e6e79c66b2f1314a9e59027ca685e4f4b45b89cdffcdc9ab05c74bafd4a8158be0feee6a2ea90db3f5b484efc85ab206753828684005a3d23ed16e245665e2935fc4e39def8e46f513519231e1afd18f955b2d701fee489f616c1582533861acd578d8f24d4d63d4e847049b8c69fcc2f907462f286fc47af92079cba1bd52b3f409e1a33f4124aabac2e61ef253610f37db9aa8e646302f1e664e1247df9d2b53041b3267ed0dd3c0e250a21d4b92cc65d7ad3a77ae491069de555b6483c5022dc7ac9e0aad91f167cc2f0b4c100789c8a62da4945b652bcbad8bce443d24969f6d99b123a579d83a51141e1ef208689493e7efa2e3360eb0da0e5d45f53d9cbc12ec3a281d882d4ecc1dcb9e82c89ccd6c2de37b15028579cbcc0f25cc79ccd1baba32e23f858ad79ccc4b4f10ccb081d2f80f116ca5314b7865338875349a9c8abef5a2a9648ca855827cdaf4b6fb3c80bbb1691e3eed98a7671e111032ca55a56c9c4dc2702c5817f769861d18a037500b5f9175522b24acfd10c487650b934c716401b9066a8747bfbabb8e9037f26b4d77fdfd946ab41179d089f75ff87a1404c78279d9d63618671c29540d4db169e8425069cd26e5a47f3d23a8257a01f4536bb9968b518d43d1271a561b8a92f22d910a953404737665a41c86b08993709f7928fec5718431c1c7e1553de6bbc4962b0c80a49c11cd3b42f19f72da4e4ea5901a823e5450fb8528ae2142b64a88f64eef4fadd565f5f26bf57ac807a877e7fb593fcf9904c82a69e259ffaba74b1df752f3704775d674b70a1631acd8fd5537cc8eb4b9e527c87d586bba7a2f7ef3045cee4b66296cf5c61259c59de2d8e77eb29a58cd369b140da40614e725ef635c5a077d85f3a3b7cc01aba8f9af25ca2a089f3957efa98cc57b868dea33cbb4b169a58b453be56c06109e11effcd6092cf634f2a7cc56436b706b86f553978424a5cb093b425baaca548b00d2c69a6c258fb43eb56dea4ffba7106b2e8148137bdb8e117482071f82e47d0a1f9474a56cd23f3feec7599557f77d95e8653e1985cf692dd3d7d25419a77e7090ead7070e080a54658e726f488e845be8a1eb791d3e5392a822a656f9ac7323608df72700ec8131059185014e8c0cf480adc62c8c46ce6b9b3680966ea706e09f19310c41acdccbbaa889e493b9128ed640c0dcf81af28d7593f3850e728608768d0ba92b11e51b9a3247389458eaf6930a10bc5283c52fd29902aa49da2dc2e6a1d022559bdf824522cfff06dcce5c3acc9724db86bdd084c054dd053aa0111a64f2c1576ade3233aace52470ac7994e60a897623b35228b4f2374647ba335ecaac023d1f725f7614339b520d76d3b3832c1e9fdaad1ef53526b0b04831c2c0e6af2bc1534e1f898bc31b1db1174a4fc8ad1ec936a76a9f3f0412a2f5f57760ffc79f59bff994f63ec4efe7d7db4cc31fac3195767d5214a09fdaf92f0b40e6ddd055732b3c9b52fec03dd715fc80dc662bb8831a62085a48bf7391dd53c9697f14d4f557b0c3fffdd085877b3e4edac53bf5c18c24178ed87d3cce6232beccd24f660f78a5946de71291c333fb54c430f834a887acfba718024a33e0f10e29f0ae20c1592535e349ab36c8c93c9c96a31bfc775591c27082b9777091d1e7b352811cef15a4b67b5bc88d23560f51a409967f71e45a6345ba090947490c0658c2758175a0c93f269166331186a809a5bcc1e2c8dd964abfb150b05b6cc8056da5dfcebf29cd429df0cdf20768b00f65fda1fb425cac027347e2847c279236491d2840ee2d85d1e665a43acaa8ad65cd9a7809eab6708d481bf970943087e8782cc56f8991b968a9f2449f956a36bd28fb5e08122c0c54e37270b86c1ee69e7923b08286a60e60f5d0e114f308b6b14fbc61ac30ebe98e017c221220ff63475d8735abd641326a6f75fe72c5b6a7f049ea8ae139f5b1cf17974c812b8a66315ca3a26943709abc54c0691732f3b03a19065276e52d3fdee94c5211213938458e29b4df1644224c6cf92102b201b9bf4bc060519e9f3d7c0fba9319744bb696ba74c3293190351406692d924fd5f87636facd3baab1f3c668b6bc0ad0b362d773c2bee73b85d6bb9debb1411e28528bb237182d872a07d68fa23d9e46b26ac2b6b429b771ef40cf3c1f2d06f429a1271d54a79f64a180ad86d89cea8185db0b30799db5295c16e7a27cb74b7e0a033a6ca44b654937b0ae9ed0a3f5e7c62df6a4d726205b604b95e0a78d8d698368366627417ab82d11ada0f9e38309e88017b1165bbb6c2a7fdfccc56c0ae9fb4c26660ab9ca215494460b0e50f7a2d0f68dcd193ffe0c769004ced7d52397280a4298885c2683a579f5041434faf485bd19b92edb48ce96f13edcb9d2da8d5f87120bc91f756c3b5bb024ea36ef64e5c085919b266fca4433ab63214b564c709f7bc6b3a96cb0dd8bdd2c09b4607340e42266e51b8e94d0e6d60f13ed85d40d50f87a8fbf353ccc47463e566321d2f00f06dd345408432ce08231572f61f455030ecb4c349b9bcc5286894628744f012ffae992d61c3f2de0a63fec0cad702a8e81c7f15c6593c0a7d598f22c13b8461071e04c730b8e177a4d9e6cc3aa5e98d592f446d3687d0763bedcc22c0ab4fcb9b2538e672fa83dfef7124433ad2bb74e4db129204571ddb7c7fbc635003b70e4c4532c79425cdabd3e3850ade562d88d1f882c21522a19ca74763e9041417dc68365480ae2cd91056ec5e6292703aa360dd51adb0c33b824f2bbfecbf3d9f0a7e59a4074f6b79ea5ca26235dfba60cd509701b7c60647c134a42b0a377e0b2a2fc1e691cecdd4b9ae09d9620e654237bfe29b95b00bcd3afd02362250fbe0c53de212f6fd67a5e18b4405f5915228caf5ac63d86f3a780a8f03dc471a4acabebbe838f76652bd1e059f0b7d9784a487765f4b6cd81cd32f4495dfcf6dc61d302024486d897eb697b45c14a344a3b0bd1c3a9f97afb3595ee09efdc0a095cc95b8b471dfd4558bdd7a0de0ac920335523d706fb2dccd128eb85d0af2fb53207c37ec74edf49a288c45944b311b40b3eab51699f91c37a0c895b0edc4595ab90cf32f6af4c7cb275aeaa1c04ccf9c4aab32caaa7c2c210de3fa667a869321083c1e82331d64836b398f1b82709b4ee25170eef530a964a4ce4b0d9761bffcb9d9aa322b01989d6f480e22218d33aa0ebf53a857b8fa09156419ff4d190156b113c342d04022a97ad128b8af53cb26e461f5ea741a4db11d60f3d9f764fbefae21240f6edac5037da2b0b11891bbd144c26b2712cfb2643b6ae0d62a4174cb92f6ade4a0f456251b409045d4a81cbeab2cb7d9103bc156333b0b99b246b063b4a11aff8fd01bd2716181f611f3dfe5e60d827d87cb89912ab4361e6077f1922624f0c69dd176dfab2cf2b71dc5da0e0c0888b7023b472094a5e5d4c70c6cafa1cb08c9eddaa20dbf45928c7d286a42e8122c378ca18ca8416348b6c480e81f67e5c07bb12d66b000fd551eb9a5695ea5ed1731144774825ed7b93b7ee284425d3ea6a3a68966771078a1d00875c7ed859bc23cf430243a2a069f621b25915b8676e5a838f5d5d3197c406851df993bfa21e124f081035e2bba0ce8a55e816a2152bba9e1c375b79b7a13560fd71f5cad0ec825c724e11cc4b256ebcb501fc70b749451b8e19d972de974ca3828a6c6f342d9498a610023600852c66825940d73d90edac00da36747ce7f019f53a8e92eaa5d8ec7ff1a83ecf0756e4d2c3eaaa4a1f5bb64ee1e46bf2043318c07fc96199c844c3375ee5a0eefb2c2768b9be73e2c3cc1149bb9fdc858f1fa780bb01d5cce0598518d8e0b5c9fd4905d1dbe36d890d6ae1760f70875cb61295356941d619556303e9dea893ec94a5001a4f889daddd99c2f18e19d0ea46bf46c9a23483d024540acb2c1173fa6299f9461c080ea88cb3d21cc0b5b9514b85fbedab1ec06c93190146526d3b713e2cafef500917818a4243255046e87aad58f6930ad73bb9241a0ea9b381a75d677aac7cfd3d9365740e3276fc24064d2d47878ff0a2e766f1cec0ab2fab2fb37d8b1e3497f67dac695a989ad0a7b0488c0f22a334c887f79c382e50dcec0d83ba876668b43571a52b9bc699cf288369db18e0ff90d837d1fc9188b275259a190066d72f0c38f8cc7712530999af9aaaf25976a933a3703f6054d0cd5e1fd28c3f2b441386f64ce67bd85787d5fff7cee85f6942d0394446b0e5e69910211bcbbd9c19144e8ba32626bf401a56d85a621705825dbb304926384dbd766398642e47922f0d939c50345cc231b5ec0705cd232a6b80eb4b8a316b047deae744cbedddb8ce096ea29d1c744f2cd8b1537c11c229c705853a67e9f59c87ba6d7634630e64461ed830aa26245e83a5102488317a680108fad6974f88445235ba9ec56f434ffae0a5a80956c0755e1e096042f4ba02a917c757989cbeb863a9cfb262501716640bbad7deb2b13b5565ac55a3aeb91b85d85d7e065d27880e14ab9c73a9d897cee2fc018f8016181fa28be7033265a4e9629b7c6c266010b9640ccfb01fd659dbd0e90be1012c0c55ab04d29cba7d59207ea119e1f2bf6857482f13cffe24cd312c2d7b8464a16734c87d7b141ffed55d98deb0246b6be9f69e00f7c7568e3e6d3b1c2e120cf34a9778153f1ef34eef13eb0f6868318de2db0995a1d0031728fb466359d4979b4c7b8d5a6ea1810073ed374a45bbf37f77380a80453f10b7c344178d22e84582b78d16d43e607a22552de8525c00cf7a2f2aafb6841febcb73af1e11097e23035a6112ea73f010f53f3ca6ff65159d6fc2bbb18c45d2802169f1f920dfd923df02deb3f0b82d0fa90daa6fe2f59102cdc0e408e753b30b2865978316f1e47a6c5afe0a38b1e9a1f15f27be84e367814fd7c44e4dbb9b80be84d881581929d581f9aa890bbc183d2ef9fd109870027d3a5b5d319811565642e4c1d4b313be0c8d85012770b37dab1705cdc105644c80f52a19a9ed18941586d6056ad0d77d9c7ebff3904e9ba1b9af05e7a1de8d6e7261c417f598e7cc5e1e920299e25c4fe309e56ab0098d6fb962806bcc80a89f857d81e68baf76395e1e19883cc2ed"}, {0xb8, 0x110, 0x9, "57163921ff47d7482192402df1ae386ca80d5262c085a3905d92abe416b6bb51421536f39a699b3aea2881454857b561cdc8c348ab489c8289ec9b9b6c04085694aae86f773488c8cfbf67bd4c2a241c3b74f02b829f8d1cb6605165f52c70852e742a6e9259ae406cbebe8fb8a8fe202df1eb40cd678d3928f6aef5cdaf90b05583679ba0d9f1b6e78ee4a27a3c6e0d2f539304b7e87723b4b98fc109873cbf0f71c7bc1f53ba"}], 0x1110, 0x800}, 0x40) ioctl$BLKRRPART(r1, 0x125f, 0x0) 10:00:52 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000), 0x0, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:52 executing program 5 (fault-call:5 fault-nth:8): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:52 executing program 7: r0 = socket$inet6(0xa, 0x808, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) 10:00:53 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x3, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:53 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) memfd_create(&(0x7f00000000c0)='syz0\x00', 0x1) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x18, &(0x7f0000000180), 0x4) close(r2) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) ioctl$SG_GET_SG_TABLESIZE(r3, 0x227f, &(0x7f0000000140)) openat$cgroup(r3, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0) close(r1) 10:00:53 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)={0x1, 0x10, 0x5, 0x2}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000240)="117d57f33e33d537a30f9fb6f8366140", 0x10) bpf$MAP_CREATE(0x4, &(0x7f0000000880)={0x13, 0x0, 0x0, 0x0, 0x20000000, 0x0}, 0x2c) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e22, 0xc1, @loopback={0x0, 0x1}, 0x7}}, 0x400, 0x7, 0x7fffffff, 0x1, 0x8a}, &(0x7f0000000080)=0x98) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f00000000c0)={r2, 0x8001}, &(0x7f0000000200)=0x8) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000000040)={0x2, 0x2, 0xffffffff, 0x4, 0x6a6a7802}) 10:00:53 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 236.425983] FAULT_INJECTION: forcing a failure. [ 236.425983] name failslab, interval 1, probability 0, space 0, times 0 [ 236.437361] CPU: 0 PID: 14781 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 236.444292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.453646] Call Trace: [ 236.456240] dump_stack+0x1b9/0x294 [ 236.459867] ? dump_stack_print_info.cold.2+0x52/0x52 [ 236.465063] ? __save_stack_trace+0x7e/0xd0 [ 236.469377] should_fail.cold.4+0xa/0x1a [ 236.473426] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 236.478513] ? kasan_kmalloc+0xc4/0xe0 [ 236.482395] ? kasan_slab_alloc+0x12/0x20 [ 236.486536] ? kmem_cache_alloc+0x12e/0x760 [ 236.490850] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 236.495676] ? kvm_mmu_load+0x21/0x10e0 [ 236.499634] ? vcpu_enter_guest+0x3a83/0x6060 [ 236.504113] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 236.509116] ? graph_lock+0x170/0x170 [ 236.512899] ? do_syscall_64+0x1b1/0x800 [ 236.516945] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 236.522296] ? find_held_lock+0x36/0x1c0 [ 236.526345] ? __lock_is_held+0xb5/0x140 [ 236.530396] ? check_same_owner+0x320/0x320 [ 236.534704] ? rcu_note_context_switch+0x710/0x710 [ 236.539621] __should_failslab+0x124/0x180 [ 236.543850] should_failslab+0x9/0x14 [ 236.547644] kmem_cache_alloc+0x2af/0x760 [ 236.551774] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 236.557296] ? kvm_pfn_to_page+0x7a/0xa0 [ 236.561343] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 236.566172] mmu_topup_memory_caches+0xf7/0x3a0 [ 236.570826] ? kvm_apic_has_interrupt+0xe1/0x210 [ 236.575567] kvm_mmu_load+0x21/0x10e0 [ 236.579355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 236.584875] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 236.590396] vcpu_enter_guest+0x3a83/0x6060 [ 236.594701] ? print_usage_bug+0xc0/0xc0 [ 236.598746] ? kvm_set_msr_common+0x2680/0x2680 [ 236.603397] ? vmx_vcpu_load+0xada/0xfe0 [ 236.607442] ? __lock_acquire+0x7f5/0x5140 [ 236.611657] ? vmx_vcpu_reset+0x1030/0x1030 [ 236.615958] ? graph_lock+0x170/0x170 [ 236.619740] ? graph_lock+0x170/0x170 [ 236.623524] ? __lock_acquire+0x7f5/0x5140 [ 236.627741] ? debug_check_no_locks_freed+0x310/0x310 [ 236.632918] ? __lock_is_held+0xb5/0x140 [ 236.636962] ? lock_acquire+0x1dc/0x520 [ 236.640928] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 236.645939] ? lock_release+0xa10/0xa10 [ 236.649905] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 236.655607] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 236.660093] ? preempt_notifier_dec+0x20/0x20 [ 236.664578] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 236.669414] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 236.674420] kvm_vcpu_ioctl+0x79d/0x12e0 [ 236.678469] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 236.684181] ? graph_lock+0x170/0x170 [ 236.687972] ? find_held_lock+0x36/0x1c0 [ 236.692029] ? lock_downgrade+0x8e0/0x8e0 [ 236.696182] ? kasan_check_read+0x11/0x20 [ 236.700322] ? rcu_is_watching+0x85/0x140 [ 236.704468] ? rcu_report_qs_rnp+0x790/0x790 [ 236.708865] ? __fget+0x40c/0x650 [ 236.712303] ? match_held_lock+0x871/0x8b0 [ 236.716519] ? expand_files.part.8+0x9a0/0x9a0 [ 236.721082] ? kasan_check_write+0x14/0x20 [ 236.725297] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 236.730212] ? wait_for_completion+0x870/0x870 [ 236.734777] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 236.739955] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 236.745662] do_vfs_ioctl+0x1cf/0x16f0 [ 236.749545] ? ioctl_preallocate+0x2e0/0x2e0 [ 236.753938] ? fget_raw+0x20/0x20 [ 236.757376] ? __sb_end_write+0xac/0xe0 [ 236.761333] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 236.766849] ? fput+0x130/0x1a0 [ 236.770112] ? ksys_write+0x1a6/0x250 [ 236.773897] ? security_file_ioctl+0x94/0xc0 [ 236.778291] ksys_ioctl+0xa9/0xd0 [ 236.781730] __x64_sys_ioctl+0x73/0xb0 [ 236.785600] do_syscall_64+0x1b1/0x800 [ 236.789467] ? finish_task_switch+0x1ca/0x840 [ 236.793952] ? syscall_return_slowpath+0x5c0/0x5c0 [ 236.798864] ? syscall_return_slowpath+0x30f/0x5c0 [ 236.803781] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 236.809142] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 236.813989] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 236.819171] RIP: 0033:0x4559f9 [ 236.822342] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 236.841554] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 236.849244] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 236.856495] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 236.863747] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 10:00:53 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, 0x0) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:53 executing program 5 (fault-call:5 fault-nth:9): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 236.871000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 236.878255] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000008 10:00:53 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x3, 0xfffffeff000) 10:00:53 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xd004, [0x40000073, 0x1]}) 10:00:53 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0xe, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:53 executing program 3: r0 = socket$netlink(0x10, 0x3, 0xf) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000080)=0x388, 0x4) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) recvmsg(r0, &(0x7f0000000580)={&(0x7f0000000340)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @local}}}, 0x80, &(0x7f0000000540)}, 0x0) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfb, 0x4000000}, 0xc) 10:00:53 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 237.197531] FAULT_INJECTION: forcing a failure. [ 237.197531] name failslab, interval 1, probability 0, space 0, times 0 [ 237.208856] CPU: 1 PID: 14812 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 237.215777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.225117] Call Trace: [ 237.227701] dump_stack+0x1b9/0x294 [ 237.231322] ? dump_stack_print_info.cold.2+0x52/0x52 [ 237.236499] ? __save_stack_trace+0x7e/0xd0 [ 237.240811] should_fail.cold.4+0xa/0x1a [ 237.244862] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 237.249951] ? kasan_kmalloc+0xc4/0xe0 [ 237.253819] ? kasan_slab_alloc+0x12/0x20 [ 237.257953] ? kmem_cache_alloc+0x12e/0x760 [ 237.262262] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 237.267199] ? kvm_mmu_load+0x21/0x10e0 [ 237.271157] ? vcpu_enter_guest+0x3a83/0x6060 [ 237.275635] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 237.280636] ? graph_lock+0x170/0x170 [ 237.284423] ? do_syscall_64+0x1b1/0x800 [ 237.288468] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 237.293818] ? find_held_lock+0x36/0x1c0 [ 237.297958] ? __lock_is_held+0xb5/0x140 [ 237.302014] ? check_same_owner+0x320/0x320 [ 237.306327] ? rcu_note_context_switch+0x710/0x710 [ 237.311250] __should_failslab+0x124/0x180 [ 237.315471] should_failslab+0x9/0x14 [ 237.319255] kmem_cache_alloc+0x2af/0x760 [ 237.323386] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 237.328906] ? kvm_pfn_to_page+0x7a/0xa0 [ 237.332955] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 237.337784] mmu_topup_memory_caches+0xf7/0x3a0 [ 237.342435] ? kvm_apic_has_interrupt+0xe1/0x210 [ 237.347178] kvm_mmu_load+0x21/0x10e0 [ 237.350963] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.356484] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 237.362011] vcpu_enter_guest+0x3a83/0x6060 [ 237.366323] ? print_usage_bug+0xc0/0xc0 [ 237.370370] ? kvm_set_msr_common+0x2680/0x2680 [ 237.375025] ? vmx_vcpu_load+0xada/0xfe0 [ 237.379073] ? __lock_acquire+0x7f5/0x5140 [ 237.383293] ? vmx_vcpu_reset+0x1030/0x1030 [ 237.387597] ? graph_lock+0x170/0x170 [ 237.391384] ? graph_lock+0x170/0x170 [ 237.395168] ? __lock_acquire+0x7f5/0x5140 [ 237.399388] ? debug_check_no_locks_freed+0x310/0x310 [ 237.404569] ? __lock_is_held+0xb5/0x140 [ 237.408615] ? lock_acquire+0x1dc/0x520 [ 237.412571] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 237.417574] ? lock_release+0xa10/0xa10 [ 237.421538] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 237.426800] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 237.431280] ? preempt_notifier_dec+0x20/0x20 [ 237.435766] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 237.440593] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 237.445599] kvm_vcpu_ioctl+0x79d/0x12e0 [ 237.449648] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 237.455342] ? graph_lock+0x170/0x170 [ 237.459126] ? find_held_lock+0x36/0x1c0 [ 237.463177] ? lock_downgrade+0x8e0/0x8e0 [ 237.467312] ? kasan_check_read+0x11/0x20 [ 237.471444] ? rcu_is_watching+0x85/0x140 [ 237.475577] ? rcu_report_qs_rnp+0x790/0x790 [ 237.479973] ? __fget+0x40c/0x650 [ 237.483413] ? match_held_lock+0x871/0x8b0 [ 237.487634] ? expand_files.part.8+0x9a0/0x9a0 [ 237.492201] ? kasan_check_write+0x14/0x20 [ 237.496424] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 237.501364] ? wait_for_completion+0x870/0x870 [ 237.505929] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 237.511127] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 237.516825] do_vfs_ioctl+0x1cf/0x16f0 [ 237.520700] ? ioctl_preallocate+0x2e0/0x2e0 [ 237.525096] ? fget_raw+0x20/0x20 [ 237.528533] ? __sb_end_write+0xac/0xe0 [ 237.532492] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 237.538016] ? fput+0x130/0x1a0 [ 237.541283] ? ksys_write+0x1a6/0x250 [ 237.545070] ? security_file_ioctl+0x94/0xc0 [ 237.549462] ksys_ioctl+0xa9/0xd0 [ 237.552902] __x64_sys_ioctl+0x73/0xb0 [ 237.556775] do_syscall_64+0x1b1/0x800 [ 237.560670] ? finish_task_switch+0x1ca/0x840 [ 237.565152] ? syscall_return_slowpath+0x5c0/0x5c0 [ 237.570066] ? syscall_return_slowpath+0x30f/0x5c0 [ 237.574982] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 237.580333] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 237.585162] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 237.590333] RIP: 0033:0x4559f9 [ 237.593500] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 237.612725] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 237.620418] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 237.627668] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 237.634922] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 237.642173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 10:00:54 executing program 5 (fault-call:5 fault-nth:10): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:54 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, 0x0, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 237.649422] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000009 10:00:54 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x7501000000000000, [0x40000073, 0x1]}) 10:00:54 executing program 7: r0 = open(&(0x7f0000000000)='./bus\x00', 0x80, 0xa) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x1000000, 0x4) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = open(&(0x7f0000000080)='./bus\x00', 0x141047, 0x0) fallocate(r2, 0x0, 0x0, 0x4) fallocate(r2, 0x20, 0x0, 0xfffffeff000) 10:00:54 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x15, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:54 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x20, 0x2d, 0x119, 0x0, 0x0, {0x3}, [@nested={0xc, 0x0, [@typed={0x8, 0x3, @u32=0xd202}]}]}, 0x20}, 0x1}, 0x0) [ 237.961758] FAULT_INJECTION: forcing a failure. [ 237.961758] name failslab, interval 1, probability 0, space 0, times 0 [ 237.973190] CPU: 0 PID: 14838 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 237.980119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.989484] Call Trace: [ 237.992079] dump_stack+0x1b9/0x294 [ 237.995719] ? dump_stack_print_info.cold.2+0x52/0x52 [ 238.000915] ? __save_stack_trace+0x7e/0xd0 [ 238.005239] should_fail.cold.4+0xa/0x1a [ 238.009289] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 238.014378] ? kasan_kmalloc+0xc4/0xe0 [ 238.018248] ? kasan_slab_alloc+0x12/0x20 [ 238.022382] ? kmem_cache_alloc+0x12e/0x760 [ 238.026692] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 238.031517] ? kvm_mmu_load+0x21/0x10e0 [ 238.035476] ? vcpu_enter_guest+0x3a83/0x6060 [ 238.039952] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 238.044954] ? graph_lock+0x170/0x170 [ 238.048748] ? do_syscall_64+0x1b1/0x800 [ 238.052802] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 238.058154] ? find_held_lock+0x36/0x1c0 [ 238.062202] ? __lock_is_held+0xb5/0x140 [ 238.066254] ? check_same_owner+0x320/0x320 [ 238.070560] ? rcu_note_context_switch+0x710/0x710 [ 238.075484] __should_failslab+0x124/0x180 [ 238.079706] should_failslab+0x9/0x14 [ 238.083489] kmem_cache_alloc+0x2af/0x760 [ 238.087629] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 238.093150] ? kvm_pfn_to_page+0x7a/0xa0 [ 238.097205] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 238.102049] mmu_topup_memory_caches+0xf7/0x3a0 [ 238.106704] ? kvm_apic_has_interrupt+0xe1/0x210 [ 238.111448] kvm_mmu_load+0x21/0x10e0 [ 238.115233] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 238.120751] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 238.126273] vcpu_enter_guest+0x3a83/0x6060 [ 238.130580] ? print_usage_bug+0xc0/0xc0 [ 238.134625] ? kvm_set_msr_common+0x2680/0x2680 [ 238.139280] ? vmx_vcpu_load+0xada/0xfe0 [ 238.143331] ? __lock_acquire+0x7f5/0x5140 [ 238.147545] ? vmx_vcpu_reset+0x1030/0x1030 [ 238.151847] ? graph_lock+0x170/0x170 [ 238.155637] ? graph_lock+0x170/0x170 [ 238.159433] ? __lock_acquire+0x7f5/0x5140 [ 238.163655] ? debug_check_no_locks_freed+0x310/0x310 [ 238.168989] ? __lock_is_held+0xb5/0x140 [ 238.173049] ? lock_acquire+0x1dc/0x520 [ 238.177052] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 238.182060] ? lock_release+0xa10/0xa10 [ 238.186028] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 238.191296] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 238.195770] ? preempt_notifier_dec+0x20/0x20 [ 238.200251] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 238.205078] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 238.210086] kvm_vcpu_ioctl+0x79d/0x12e0 [ 238.214132] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 238.219837] ? graph_lock+0x170/0x170 [ 238.223627] ? find_held_lock+0x36/0x1c0 [ 238.227677] ? lock_downgrade+0x8e0/0x8e0 [ 238.231809] ? kasan_check_read+0x11/0x20 [ 238.235938] ? rcu_is_watching+0x85/0x140 [ 238.240073] ? rcu_report_qs_rnp+0x790/0x790 [ 238.244467] ? __fget+0x40c/0x650 [ 238.247903] ? match_held_lock+0x871/0x8b0 [ 238.252135] ? expand_files.part.8+0x9a0/0x9a0 [ 238.256707] ? kasan_check_write+0x14/0x20 [ 238.260932] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 238.265849] ? wait_for_completion+0x870/0x870 [ 238.270413] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 238.275583] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 238.281288] do_vfs_ioctl+0x1cf/0x16f0 [ 238.285172] ? ioctl_preallocate+0x2e0/0x2e0 [ 238.289577] ? fget_raw+0x20/0x20 [ 238.293050] ? __sb_end_write+0xac/0xe0 [ 238.297012] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 238.302543] ? fput+0x130/0x1a0 [ 238.305826] ? ksys_write+0x1a6/0x250 [ 238.309620] ? security_file_ioctl+0x94/0xc0 [ 238.314020] ksys_ioctl+0xa9/0xd0 [ 238.317467] __x64_sys_ioctl+0x73/0xb0 [ 238.321336] do_syscall_64+0x1b1/0x800 [ 238.325218] ? syscall_return_slowpath+0x5c0/0x5c0 [ 238.330139] ? syscall_return_slowpath+0x30f/0x5c0 [ 238.335065] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 238.340420] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 238.345248] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 238.350423] RIP: 0033:0x4559f9 [ 238.353599] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 238.372828] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 238.380518] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 238.387776] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 238.395030] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 238.402286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 238.409540] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000000a 10:00:55 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x9, 0x6, 0x8, 0x3}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000001140)={r0, &(0x7f0000000080), &(0x7f0000000240)}, 0x20) syz_extract_tcp_res(&(0x7f0000000040), 0x9, 0x6) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={r0, &(0x7f0000000200)}, 0x10) 10:00:55 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:55 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480), 0x0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:55 executing program 5 (fault-call:5 fault-nth:11): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:55 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xc0000101, [0x40000073, 0x1]}) 10:00:55 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x10001) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") shutdown(r0, 0x200000000000000) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) 10:00:55 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = creat(&(0x7f0000001380)='./file0\x00', 0x0) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$sock_netrom_TIOCINQ(r1, 0x541b, &(0x7f0000000000)) ioctl$fiemap(r2, 0x6609, &(0x7f0000000280)=ANY=[]) 10:00:55 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x9, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 238.746082] FAULT_INJECTION: forcing a failure. [ 238.746082] name failslab, interval 1, probability 0, space 0, times 0 [ 238.757497] CPU: 0 PID: 14867 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 238.764428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 238.773781] Call Trace: [ 238.776382] dump_stack+0x1b9/0x294 [ 238.780018] ? dump_stack_print_info.cold.2+0x52/0x52 [ 238.785218] ? __save_stack_trace+0x7e/0xd0 [ 238.789555] should_fail.cold.4+0xa/0x1a [ 238.793632] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 238.798733] ? kasan_kmalloc+0xc4/0xe0 [ 238.802616] ? kasan_slab_alloc+0x12/0x20 [ 238.806749] ? kmem_cache_alloc+0x12e/0x760 [ 238.811061] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 238.815892] ? kvm_mmu_load+0x21/0x10e0 [ 238.819851] ? vcpu_enter_guest+0x3a83/0x6060 [ 238.824328] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 238.829332] ? graph_lock+0x170/0x170 [ 238.833120] ? do_syscall_64+0x1b1/0x800 [ 238.837168] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 238.842519] ? find_held_lock+0x36/0x1c0 [ 238.846572] ? __lock_is_held+0xb5/0x140 [ 238.850632] ? check_same_owner+0x320/0x320 [ 238.854940] ? rcu_note_context_switch+0x710/0x710 [ 238.859862] __should_failslab+0x124/0x180 [ 238.864084] should_failslab+0x9/0x14 [ 238.867870] kmem_cache_alloc+0x2af/0x760 [ 238.872006] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 238.877537] ? kvm_pfn_to_page+0x7a/0xa0 [ 238.881590] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 238.886421] mmu_topup_memory_caches+0xf7/0x3a0 [ 238.891117] ? kvm_apic_has_interrupt+0xe1/0x210 [ 238.895860] kvm_mmu_load+0x21/0x10e0 [ 238.899646] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 238.905170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 238.910695] vcpu_enter_guest+0x3a83/0x6060 [ 238.915003] ? print_usage_bug+0xc0/0xc0 [ 238.919061] ? kvm_set_msr_common+0x2680/0x2680 [ 238.923717] ? vmx_vcpu_load+0xada/0xfe0 [ 238.927778] ? __lock_acquire+0x7f5/0x5140 [ 238.931997] ? vmx_vcpu_reset+0x1030/0x1030 [ 238.936310] ? graph_lock+0x170/0x170 [ 238.940095] ? graph_lock+0x170/0x170 [ 238.943880] ? __lock_acquire+0x7f5/0x5140 [ 238.948102] ? debug_check_no_locks_freed+0x310/0x310 [ 238.953279] ? __lock_is_held+0xb5/0x140 [ 238.957325] ? lock_acquire+0x1dc/0x520 [ 238.961283] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 238.966288] ? lock_release+0xa10/0xa10 [ 238.970251] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 238.975511] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 238.979987] ? preempt_notifier_dec+0x20/0x20 [ 238.984475] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 238.989300] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 238.994307] kvm_vcpu_ioctl+0x79d/0x12e0 [ 238.998355] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 239.004061] ? graph_lock+0x170/0x170 [ 239.007846] ? find_held_lock+0x36/0x1c0 [ 239.011912] ? lock_downgrade+0x8e0/0x8e0 [ 239.016046] ? kasan_check_read+0x11/0x20 [ 239.020177] ? rcu_is_watching+0x85/0x140 [ 239.024312] ? rcu_report_qs_rnp+0x790/0x790 [ 239.028709] ? __fget+0x40c/0x650 [ 239.032147] ? match_held_lock+0x871/0x8b0 [ 239.036368] ? expand_files.part.8+0x9a0/0x9a0 [ 239.040933] ? kasan_check_write+0x14/0x20 [ 239.045152] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 239.050067] ? wait_for_completion+0x870/0x870 [ 239.054636] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 239.059809] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 239.065504] do_vfs_ioctl+0x1cf/0x16f0 [ 239.069377] ? ioctl_preallocate+0x2e0/0x2e0 [ 239.073770] ? fget_raw+0x20/0x20 [ 239.077210] ? __sb_end_write+0xac/0xe0 [ 239.081169] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 239.086686] ? fput+0x130/0x1a0 [ 239.089961] ? ksys_write+0x1a6/0x250 [ 239.093751] ? security_file_ioctl+0x94/0xc0 [ 239.098143] ksys_ioctl+0xa9/0xd0 [ 239.101585] __x64_sys_ioctl+0x73/0xb0 [ 239.105459] do_syscall_64+0x1b1/0x800 [ 239.109328] ? finish_task_switch+0x1ca/0x840 [ 239.113806] ? syscall_return_slowpath+0x5c0/0x5c0 [ 239.118731] ? syscall_return_slowpath+0x30f/0x5c0 [ 239.123647] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 239.128999] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 239.133841] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 239.139028] RIP: 0033:0x4559f9 [ 239.142195] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 239.161417] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 239.169112] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 239.176374] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 239.183633] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 239.190884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 239.198136] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000000b 10:00:56 executing program 4: r0 = socket$kcm(0x2, 0x6, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x4, 0x1) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f00000000c0)={0x0, 0x2}, &(0x7f0000000100)=0x8) accept4$alg(r1, 0x0, 0x0, 0x80000) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000140)={r2, 0x3, 0x1}, &(0x7f00000001c0)=0x8) getsockopt$bt_hci(r0, 0x10d, 0x10, &(0x7f0000000000)=""/86, &(0x7f0000000180)=0x56) 10:00:56 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:56 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e", 0x60) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:56 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x2, [0x40000073, 0x1]}) 10:00:56 executing program 5 (fault-call:5 fault-nth:12): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:56 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0xf, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:56 executing program 3: r0 = socket$inet(0x2, 0x200000002, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000080)={@multicast1=0xe0000001, @dev={0xac, 0x14, 0x14, 0x1f}}, 0xc) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21}, 0x10) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000000)={'HL\x00'}, &(0x7f00000000c0)=0x1e) syz_emit_ethernet(0x2a, &(0x7f00003f3fd5)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1=0xe0000001}, @udp={0x0, 0x4e21, 0x8}}}}}, 0x0) 10:00:56 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0xfffffffffffffffc, 0xfffffeff000) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000002040)=ANY=[@ANYRES32=0x0, @ANYBLOB="00100000a05b71ec797627db90b51309c81ca8ec1ff1d55923f756dfd65c5faa73aa6fe8464083a37dd7433abbba1b3b58535481b97abfc66f9b5ee724976d1a15e2553bea03891d171f544dcebdd150d537815c4410d454c9c0856c0f22831099f4b6ff1823c22028dfd851a0ccedfe3ed965e8dd6fbb5d744cc597dc21afa29d3ffccb5ed66b9a593e9bc48c556c0e510275d5ca360b283f8cadccc70e501cd8ecb0c7fc9319d4aa91054e4c4754aaf3dcc0f46e01456ddfc4b7719c16ee62af3748a5eb500129d3a22c596e2fd99aa8f4d4862075d9505bbb3867f1cecad697cddc63addb5267bce27cba3cfe99d6e0443334364b4c1a2d38d2792c310c1ed266028491457f778b30be6f231e73005afa7e9dea66c50f319281b8bbf6e12d0f722a2461b4ed6733bf9e952df76cc642f6306bfb8d835b06776dd355eece6284c8000b6b9037139a10d57b53e0ab52e5159eb6115fd68f49ae028193fa90898eccc45d337eb95cbce6cafe08f88f4f06fe4837640fd5bc49807144a8c3d8d72e123fa2af416c0cf0c345877f3adc5878682e32eb65345b4e3b63b5554d47dbec50da4ff97e89315d9d6bfefce342c1adc62dce366dd049f0d2a175e1862d71986b5e88774b2e78e3c651c46e5bddfc4d26fa3d39344b864997763f3fa4627cc02a13a3f02f4a47db5ac63c5a61193cd822336e0309b4b4f2f7e38cf4eb26a9ef136453369773a543bbd2ef8b0b3b87ec2ce88300a1548efcaa62ece1de11dbbf1bad48d45a409d9ac24b472dd13eacba309269116ecebec65cf6b4271c086b3fd187f1941eff8666637021044e451dfb02970a81fd5a7cac8a258fe96e5e40b3c7723e11824c500571899336a60459a536b9e34f09d7dd5312c6a05b67a302f976e68e78e8b353948cbb2cffc4fe302a8393f91c6e08dba74faa691fec55f13acda4183575834b7aa3893272269e1c126eac1e5fced252f1e20a7a217ff3dcb663c545f2f88ef828c8244242cf846c4bfe533cf833a8a2c4a95d2de51dfd7b3c4af25914a5cea4c5e55c0394abb3b37e3600dddafb578ad389268e4aaa7df22888ea30021cde5f46f74630d449961a86af07d2557c05536afa2c6e05796eebbe34d2d3d401ca27302803d01bbb78b9cf93a2cebdaeaa9b59d3293d16f8a8d5799794404464d68ba0421633b2c1f3e8af7206bd3de1382cbf38dd9d52106c1884fe8729500174e6ad6bfa48ae5c6eb93a31655ca5d7927de28629448917d413ccd05b1b973d710a9cf1a8f398c82de5f82ae2e21cfb43b9cb0160101bce2782f92a8eff895481a2ec7dcbfe49cb3f3a06d884b5780b04cdfa7d241c2d03b02ce9d7cce09d192a8f39bce11273b0cffadbfe9b2955c8b4d7799a0dcc051aa7b37e8aa1027e643f99660a31dd68c27676e36a7cdebf48011de0299ab151db879f035985fa5b632db5283f8723718d6b2bb85557209ed366cf31e76d27b602ba2e85e5387f1d83f4e819bbbf9bcae275bc12b9710c071f8814bfa76742747d3738e4e23792fd08f586f61f0f849e2f3480f8ac06974af919c88284cf0b1ed86be2fb13c63d55b0877ce8922768a98e9859456c8187cba49071900f57db26bf372ed4e8793ab7e5752c3f2dce5716c7c48f445f3a6c8a66fb376793a5cf10a0336db7801b76001b82aa1d3c23655e60ec2385903410fce4d02e2d110db46ca80bf20278179538c55b0a3e83115ac3315d5563a3ba1ce974f77da1005d3d7a16b2c870c18c1311081c486407000000034bd1361283bd71873fe7e8107350c9bdb4b0438783b15343947cc0695b0cd8f0f8990eb077e5c82eb61f9832b9a8a26469228e7d9b49182ccc8f985529aff73b6e052dd92130b3c626b99277e9a4b9c85db206041286b2d6c44df91baafcee2731b56fe4c0128e5592c90f1cad5a2e1c215c09e2dd09b428585fc0c8b5a354b4f3f19203e61bb95a03f17614002ce21779568d1740568995cbc19993df73969f7907c176b637e86181ceff696be44fbe9d3d27d89f7fd160f19b7a7dc757910389e2dfbd3e5858394842e2fbd97676cb7871210dba841171ca7d99275abb10db61462368d5bd6dcb423e9068c89b7298452925bfbf52595a7f946f49f3f605a8fbabf252a3a80f55c2e74ac544e2dbb88644fcc4110d11f22a2b64b30fbd1b09f8ba89c73cfbbd58108ef9e586880f881de270da9015fff2bdefdc7a452c59715e45202aa7f111cd044529a5222ec99eeeed8fcedc9f94f25f8cc3c35451672f3e401c83e2d1ceb3f4a57693ccfbd875c7350ef5de1b75bb0bba08963f1fe79a47d9b260027bdc1af789462df06ba50fe378d6ca83049eae431dad36b0cb0f58d38c0fff24487511a98a6801d654f1ced85eeaf909b33fdde877ee0fed0a14833e95ea2d70e978ea2892204a89e530fce684f6a6fa9309dfb530d4096482050e24bddda3948528a2e25a8cf103817b4809362e9da28ca3e3f7826c5fbfde63362889895f2c49b95492e627151903973815b22c0ec9a4c491ffe0236e2aa343c7db0cd431d50ef1e220573d71687c6527fcfa33a05d75c019624f120a3f4aba6ddd80862bf67a89f6705fef3ab7bf430c3acf06ac3db8fa2d16697af0b2b33214702400138c4d27d4da479d37141e0f1bdf82c89f353614622fb50ed1a0a4ebd10fd5e586daa64a2bdaa3edc23fe28351bcd6574ea91ba7a8a98fdf70dde7a714141152f8fb36cac567d69596da69936c0ad9902285d61f3a5ea2a612fdc47b22834742aa0b9808d2a7f7949c6a1c2635e04777c7362412d049e83cd5eddd9a23ed7887dcc1b4ee0dd12c45d53546997f64b2d51ef91d1bf4637cee6c649a20f550cbade4d48bee24b1f7ecd7440f9d00744f6128defda9aaf00d64ee6daa07201bf5706a6722dd0cd3e2dbfce5a06ebc38fc198fb5e77fbc60b97f982d7858c76e2063095dcb400357f3b7dba6b2e2ff960340457e4fd5088ae0a8e330bc683eb72c22aa554c0ebd14612ebed28e6bb9586ce912209e4051003efbacf4302807d5684a059bf28e25f0299a955aaf2c08b380b0759bda99071bb61e32ef9854e297dc00fe3fbbe9abeed235019fa7869501a3e02f97902929512b99e9e74198d2ad275d73f3538a14dfd536720ed63a4357923c21c68153138daf8dd4bb52b66e0f93a87a42133f0a5a8f162d4193ec7e9cc4430ae06062312b7e62f5a0449e6c0b74b1f9676f2fc47fcb7dc4c05568f8533ac5b6981469d69ca007dae15893db955e7cd21257e7d11f1057edd49ea6eda5119b6bfd7001923da7eb3f7eeaaf937a169fae15de896216edab8319a8c161fd9cbe069500af3886c35277ba09e80a8920636c8e37a467efb2f5c2e7c8f57ef1e33bec4e1ade0e9d38cf5962155547c52d9dbf20118060a93db064295a5724020909a87a5b0bf0740234dadf151c0a24d00a660af1d5f232a48eb29d893eb73ae9ff1468c3e8b4d1bcf6ba01b66c7dbe640371ef62ae08f65d775475c792a908b6bac9eea6d617faa749183c1817c811ad2eb77a72cdb73fa3724566e15296eabbe99a39fff415e8a80090efbc3e40ab25ca07c0143d5e34b1a8469b9637d086a98d6725de7b893c78eb4095e5d04fa1e610cd313c71f6088e73230d26b3f7242730ba5be545cb6fc194662dee5d1fec7ed2bf827c2185186913454f3599cc30d3ecde04590f1d3a9d112daa81929184256030729b978657095c5aeb48426937e1947454a1626ceee91073624ea20e2c27b1f17934b5fad0d18e44dfbd53a6a0cee11a28d6dddd8121c54565126673bb5f63e32cddda8cc214b30ec97f29f6c52d5bea0fed21925b705cbbd448de8ac6f7fe6143279576208b1562a413d60abd1065426d9b57de30fe33e09e7b6284372da6e36484018644035bcac9b2b4f16218c8e5d5ad61660b213b4e4664210d7f96a9bccf3a9e9b9b7eaaa4701e54cf6ad477f5a1aafc7ff7065fd0a30e8a8b5a9a89629e98ec52c37fd07e7db7ac51a2b573c05b05f8c3ac779d06cc8768c6362f82c0d18927d9b8ee5e58a937cfbe821ea95121781c6624857588f7499c08fbf552b85cc91a658533f04cf26119a7fb5ac201374d7def19329fbbd7bd5b99510901a4cc42750113dc8e210fcd4c1310bf6459ddb8b39fa9644ba5e38ed3322f02e4cec5acef869ee21f62036ba86722f3e52735a397e375cd9dd371360d619a2c1d0ee0d1d4ea87d96240f6c196f969d49536319c89abcc235143006334e88b1eb9a3f2d1c4b23655003ce946f5be9027a2a9173e6316a34f8d95766fa2d9c26c7fd3d6aba0930b9ad3d8d7841b5cf77fab117fb8ef70579138ab5bdc9b13346d4666584fb2f3dc6e5ad59735b793411464780974afe7f90d980d96947fbdfed16cee3229bd37671ebc03e81e1d538220c9bbc0c59e0f81b97e4d14e8787ae44c2569655ed75018cdcb101f2f1923b2895d7896d85256de71738631c3b0ba8d0b28f33ea943857d8d56ace18ab480c182c45c8a110de5c2a842bb0f6ded3891e37ee7d5fe3ecc09bda99bda7d5b03051ce1e927d5c92a24b010c9e496fd2c8c832357c2cc2aefedd127891cb39f45432ea171af433ec3d3984dc48e98cfc3201ac50e6be6975a7d5bac3000530ad4b66c38e279d0ae45d4fc9b654f50bab01df30acf87f2cb262b575d56159f6668061e568fc0f83dfc046756a820b60fe153f5e0ee38142e10fb6cf4ddbf31e7582399afb302af2ee3f10f4ff950f9baefc0e8f8c9fc0bfaf4ea55d761c04a86e2d6c7b6429c948fc859a26d02670a2c9de92cdc99f65f60398d2b5def6c68b7e24e5b42c71462ddce57789d6f1fa9ba73be3cecfb10832a15d6aeeff03ede14536f01cc84f9366cf0fc1a9322344951ebaf434295e6b1eac6d32100ecf3df2b70563a349f5ff26562517e45a1e4778557f958d53eb2413b4f5d15fc032bfd3df8874f855ba53fbc43228c8cfe46784df14f44d36db32544529f61b95c92dbace0828573a3c61f8540bec9008fbfd3853ad79b3afe8e69574c28f35e9ed1f8b7dda4021a40731fd640f3c92ace8c23010195242d366195e2c5d566a84c69b7af78b6e82b118bc2c0fb784caff441f41a7277dc3ca284c7626439f24b394046b84a1663920f0860229e4377eb4dd16224494e569a8ded3c279a632c7b44878366231c943d5b51e6d0b8cbc6d7b8cb077bec5094c29a17c655b93db14d34a5d73cfc8823b4f670c06b24236ebc8685be9c1324dcefffadb66ed40fb91e7c41519dd40b79ff035b84c16b7f526f15d56b590fbd7ca49afe36437e2f1d8f65d0fd9b38e056d06b1605981ac1d19c2ec6dbb8cb04af42c304e9c53ad078386d89faf80f7313a15e7fc10a06fae21dc9ca80133dc4006c49a105eb8ffd6864db0c1ad78b56b98562d457937bfc39bd4234ce254460c75add0d9d0ec3111a5247822c69442f3695dc7aa058b55d222b37e5397bcf937cf697f7221c3d57247db0484bc8d1deb0beb573330d3660d4589b89faf6d53e21321902d3864df5a0ce01ed37cb2a68a5e65b852b382b02b9d49cfb9665b919fd83767080f6cc25bfa497eab3609f850048c44a45aa47c88cab9e2e60c6fde480ecb0016ab45579fbd07cd10ca072dadb1e8c933c7fc7767cbc86866def8600e712f663bcbe4e97dd41db7e8d4ea86bff43b8fcdb059af6cc8caf0f8b715974cd52e1ef411a6ec9b0c2da0cdb2f28ccd0333cf971d9c255649b6cb7dae6a852b6a9870f6988de28fbce10a8f5f069784901bef2f817177fbd129119fd54071fbdb67d62da0757b43d84cd85a06d19af4c1eca803629bf72299341d79ad75861a538d8137a17206f5b24ee38604f95dc47f068f10e92ab063e54aa0f1ba2440f0e38307b6f19d5b4e58b0525d87bc1a2cc8baca9e33914c5ebe4e6aadd617690f4102409f7cd6549a1dff556eec975680cc8bad7e2f4f1c14309ec910c1b3e4363dd337489156e960de3fa799f3c2d995b7f5195424c440132864b87f97c28c3c2a15a653edd85364898a8ef5304bccfe1f26845e97b73e1dcbe54aff121"], &(0x7f0000000000)=0x1008) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000040)={r2, @in={{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}}, 0xb191, 0x9c41}, &(0x7f0000001180)=0x90) [ 239.558326] FAULT_INJECTION: forcing a failure. [ 239.558326] name failslab, interval 1, probability 0, space 0, times 0 [ 239.569857] CPU: 0 PID: 14895 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 239.576790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.586138] Call Trace: [ 239.588721] dump_stack+0x1b9/0x294 [ 239.592340] ? dump_stack_print_info.cold.2+0x52/0x52 [ 239.597532] ? __save_stack_trace+0x7e/0xd0 [ 239.601846] should_fail.cold.4+0xa/0x1a [ 239.605896] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 239.610986] ? kasan_kmalloc+0xc4/0xe0 [ 239.614857] ? kasan_slab_alloc+0x12/0x20 [ 239.618989] ? kmem_cache_alloc+0x12e/0x760 [ 239.623298] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 239.628160] ? kvm_mmu_load+0x21/0x10e0 [ 239.632119] ? vcpu_enter_guest+0x3a83/0x6060 [ 239.636595] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 239.641596] ? graph_lock+0x170/0x170 [ 239.645379] ? do_syscall_64+0x1b1/0x800 [ 239.649424] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 239.654777] ? find_held_lock+0x36/0x1c0 [ 239.658825] ? __lock_is_held+0xb5/0x140 [ 239.662881] ? check_same_owner+0x320/0x320 [ 239.667188] ? rcu_note_context_switch+0x710/0x710 [ 239.672104] __should_failslab+0x124/0x180 [ 239.676326] should_failslab+0x9/0x14 [ 239.680108] kmem_cache_alloc+0x2af/0x760 [ 239.684245] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 239.689074] mmu_topup_memory_caches+0xf7/0x3a0 [ 239.693725] ? kvm_apic_has_interrupt+0xe1/0x210 [ 239.698468] kvm_mmu_load+0x21/0x10e0 [ 239.702264] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 239.707787] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 239.713310] vcpu_enter_guest+0x3a83/0x6060 [ 239.717619] ? print_usage_bug+0xc0/0xc0 [ 239.721670] ? kvm_set_msr_common+0x2680/0x2680 [ 239.726320] ? vmx_vcpu_load+0xada/0xfe0 [ 239.730366] ? __lock_is_held+0xb5/0x140 [ 239.734411] ? __account_cfs_rq_runtime+0x600/0x600 [ 239.739412] ? vmx_vcpu_reset+0x1030/0x1030 [ 239.743715] ? graph_lock+0x170/0x170 [ 239.747498] ? graph_lock+0x170/0x170 [ 239.751287] ? __lock_acquire+0x7f5/0x5140 [ 239.755521] ? update_load_avg+0x2570/0x2570 [ 239.759917] ? __lock_is_held+0xb5/0x140 [ 239.763964] ? lock_acquire+0x1dc/0x520 [ 239.767924] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 239.772928] ? lock_release+0xa10/0xa10 [ 239.776886] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 239.782148] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 239.786628] ? preempt_notifier_dec+0x20/0x20 [ 239.791122] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 239.795946] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 239.800952] kvm_vcpu_ioctl+0x79d/0x12e0 [ 239.805001] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 239.810703] ? trace_hardirqs_on+0xd/0x10 [ 239.814835] ? _raw_spin_unlock_irq+0x27/0x70 [ 239.819315] ? find_held_lock+0x36/0x1c0 [ 239.823366] ? lock_downgrade+0x8e0/0x8e0 [ 239.827503] ? kasan_check_read+0x11/0x20 [ 239.831646] ? rcu_is_watching+0x85/0x140 [ 239.835778] ? rcu_report_qs_rnp+0x790/0x790 [ 239.840175] ? __fget+0x40c/0x650 [ 239.843623] ? match_held_lock+0x871/0x8b0 [ 239.847844] ? expand_files.part.8+0x9a0/0x9a0 [ 239.852409] ? kasan_check_write+0x14/0x20 [ 239.856631] ? wait_for_completion+0x870/0x870 [ 239.861199] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 239.866372] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 239.872068] do_vfs_ioctl+0x1cf/0x16f0 [ 239.875941] ? ioctl_preallocate+0x2e0/0x2e0 [ 239.880335] ? fget_raw+0x20/0x20 [ 239.883782] ? __sb_end_write+0xac/0xe0 [ 239.887741] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 239.893265] ? exit_to_usermode_loop+0x87/0x310 [ 239.897920] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 239.903440] ? security_file_ioctl+0x94/0xc0 [ 239.907833] ksys_ioctl+0xa9/0xd0 [ 239.911273] __x64_sys_ioctl+0x73/0xb0 [ 239.915144] do_syscall_64+0x1b1/0x800 [ 239.919016] ? finish_task_switch+0x1ca/0x840 [ 239.923501] ? syscall_return_slowpath+0x5c0/0x5c0 [ 239.928417] ? syscall_return_slowpath+0x30f/0x5c0 [ 239.933330] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 239.938679] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 239.943512] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 239.948684] RIP: 0033:0x4559f9 [ 239.951851] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 239.971083] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 239.978774] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 239.986028] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 239.993280] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 240.000533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 240.007787] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000000c 10:00:56 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:56 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") mkdir(&(0x7f0000000180)='./file0\x00', 0x0) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ashmem\x00', 0x2000, 0x0) chroot(&(0x7f00000000c0)='./file0\x00') openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x8000, 0x0) mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='aio\x00', 0x1000, &(0x7f0000000240)) chdir(&(0x7f0000000780)='./file0\x00') getsockopt$sock_buf(r0, 0x1, 0x3b, &(0x7f0000000240)=""/133, &(0x7f00000001c0)=0x85) open(&(0x7f0000000040)='..', 0x0, 0x0) 10:00:56 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x6, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:56 executing program 5 (fault-call:5 fault-nth:13): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:56 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000)={0x8, 0xa7, 0x200, 0x0, 0x5, 0x93, 0x1, 0x2, 0x0}, &(0x7f0000000040)=0x20) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000140)={r2, 0xc1, "c2a20c60426c33c1585c59dc59f27b84a4b2457d6fe602a7f8b886386232356f43479b25956a67f1878d336897e47256e7491e4e30bee2eb77cf7aa29899dc0730556ed3939785fc3054d704883976150099e30ab791af4fe5dbbbe9fe949092c79772fe989b6637d8aa20be94afd0ee3701e6da9cc98dbcda6fa6aa099eb4b3e4d4ff9949b90681c04399fe9f84f1e4a029995ecef7e22f924d496b7969d8c52d55b0df39ad020854391bc92f2348621e722fbc6638fa6749addbafd833491cc1"}, &(0x7f0000000080)=0xc9) ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) 10:00:56 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x7702000000000000, [0x40000073, 0x1]}) 10:00:56 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94de", 0x90) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:56 executing program 3: setrlimit(0x8, &(0x7f0000000040)) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x10, 0x0, 0x4, 0x8, 0x8}, 0x2c) 10:00:57 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0xb, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:57 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00') ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000014c0)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000004fc0)={&(0x7f0000000000)={0x10}, 0x2c3, &(0x7f0000004f80)={&(0x7f0000000280)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000121", @ANYRES32=r2, @ANYBLOB="40000200"], 0x5c}, 0x1}, 0x0) syz_open_dev$sndctrl(&(0x7f00000e5000)='/dev/snd/controlC#\x00', 0x1, 0x0) [ 240.333378] FAULT_INJECTION: forcing a failure. [ 240.333378] name failslab, interval 1, probability 0, space 0, times 0 [ 240.344961] CPU: 0 PID: 14928 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 240.351903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.361258] Call Trace: [ 240.363856] dump_stack+0x1b9/0x294 [ 240.367495] ? dump_stack_print_info.cold.2+0x52/0x52 [ 240.372693] ? __save_stack_trace+0x7e/0xd0 [ 240.377035] should_fail.cold.4+0xa/0x1a [ 240.381110] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 240.386221] ? kasan_kmalloc+0xc4/0xe0 [ 240.390112] ? kasan_slab_alloc+0x12/0x20 [ 240.394253] ? kmem_cache_alloc+0x12e/0x760 [ 240.398563] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 240.403398] ? kvm_mmu_load+0x21/0x10e0 [ 240.407362] ? vcpu_enter_guest+0x3a83/0x6060 [ 240.411844] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 240.416849] ? graph_lock+0x170/0x170 [ 240.420637] ? do_syscall_64+0x1b1/0x800 [ 240.424683] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 240.430040] ? find_held_lock+0x36/0x1c0 [ 240.434088] ? __lock_is_held+0xb5/0x140 [ 240.438143] ? check_same_owner+0x320/0x320 [ 240.442453] ? rcu_note_context_switch+0x710/0x710 [ 240.447373] __should_failslab+0x124/0x180 [ 240.451593] should_failslab+0x9/0x14 [ 240.455376] kmem_cache_alloc+0x2af/0x760 [ 240.459508] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 240.465036] ? kvm_pfn_to_page+0x7a/0xa0 [ 240.469083] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 240.473912] mmu_topup_memory_caches+0xf7/0x3a0 [ 240.478574] ? kvm_apic_has_interrupt+0xe1/0x210 [ 240.483317] kvm_mmu_load+0x21/0x10e0 [ 240.487102] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 240.492626] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 240.498151] vcpu_enter_guest+0x3a83/0x6060 [ 240.502462] ? print_usage_bug+0xc0/0xc0 [ 240.506510] ? kvm_set_msr_common+0x2680/0x2680 [ 240.511165] ? vmx_vcpu_load+0xada/0xfe0 [ 240.515214] ? __lock_acquire+0x7f5/0x5140 [ 240.519437] ? vmx_vcpu_reset+0x1030/0x1030 [ 240.523744] ? graph_lock+0x170/0x170 [ 240.527528] ? graph_lock+0x170/0x170 [ 240.531312] ? __lock_acquire+0x7f5/0x5140 [ 240.535535] ? debug_check_no_locks_freed+0x310/0x310 [ 240.540712] ? __lock_is_held+0xb5/0x140 [ 240.544760] ? lock_acquire+0x1dc/0x520 [ 240.548720] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 240.553723] ? lock_release+0xa10/0xa10 [ 240.557685] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 240.562945] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 240.567475] ? preempt_notifier_dec+0x20/0x20 [ 240.571961] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 240.576785] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 240.581789] kvm_vcpu_ioctl+0x79d/0x12e0 [ 240.585847] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 240.591574] ? graph_lock+0x170/0x170 [ 240.595390] ? find_held_lock+0x36/0x1c0 [ 240.599445] ? lock_downgrade+0x8e0/0x8e0 [ 240.603579] ? kasan_check_read+0x11/0x20 [ 240.607710] ? rcu_is_watching+0x85/0x140 [ 240.611842] ? rcu_report_qs_rnp+0x790/0x790 [ 240.616241] ? __fget+0x40c/0x650 [ 240.619678] ? match_held_lock+0x871/0x8b0 [ 240.623898] ? expand_files.part.8+0x9a0/0x9a0 [ 240.628463] ? kasan_check_write+0x14/0x20 [ 240.632683] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 240.637600] ? wait_for_completion+0x870/0x870 [ 240.642166] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 240.647342] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 240.653038] do_vfs_ioctl+0x1cf/0x16f0 [ 240.656913] ? ioctl_preallocate+0x2e0/0x2e0 [ 240.661304] ? fget_raw+0x20/0x20 [ 240.664739] ? __sb_end_write+0xac/0xe0 [ 240.668710] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 240.674229] ? fput+0x130/0x1a0 [ 240.677496] ? ksys_write+0x1a6/0x250 [ 240.681286] ? security_file_ioctl+0x94/0xc0 [ 240.685681] ksys_ioctl+0xa9/0xd0 [ 240.689122] __x64_sys_ioctl+0x73/0xb0 [ 240.692994] do_syscall_64+0x1b1/0x800 [ 240.696869] ? finish_task_switch+0x1ca/0x840 [ 240.701348] ? syscall_return_slowpath+0x5c0/0x5c0 [ 240.706262] ? syscall_return_slowpath+0x30f/0x5c0 [ 240.711177] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 240.716525] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 240.721353] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 240.726523] RIP: 0033:0x4559f9 [ 240.729691] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 240.748916] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 240.756608] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 240.763868] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 240.771118] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 240.778368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 240.785619] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000000d 10:00:57 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:57 executing program 5 (fault-call:5 fault-nth:14): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:57 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149e", 0xa8) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:57 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000040)={&(0x7f0000000000)='./bus\x00', r1}, 0x10) 10:00:57 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x200000000000000, [0x40000073, 0x1]}) 10:00:57 executing program 3: timer_create(0x0, &(0x7f0000cd0000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000f7a000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r0, 0x7fff) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000f40000)='/dev/ptmx\x00', 0x200000000101002, 0x0) sendfile(r1, r0, &(0x7f0000f28ff8), 0x100000002) ioctl$BLKPG(r0, 0x1269, &(0x7f0000000040)={0x2, 0xc9, 0x2c, &(0x7f0000000000)="72097e92f191ba0f127fd757c12ebc773ce971109b6e41af3dc8f6dde9072d1f8be42d7914c4b772cfdb934d"}) getpid() ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x800000003) r2 = getpgid(0x0) syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x3f, 0x200400) tkill(r2, 0x13) 10:00:57 executing program 4: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000c67000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x1000008000) r1 = gettid() r2 = accept4(r0, &(0x7f0000000300)=@l2, &(0x7f0000000380)=0x80, 0x80000) sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0x1) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000700)={0x1}, 0x8) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") r4 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000003c0)={0x0, 0xdc83, 0x8, [0x6, 0x81, 0x20, 0x0, 0x100000001, 0x6, 0x3ff, 0x4]}, &(0x7f0000000400)=0x18) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000440)={r5, 0x8, 0x800}, 0x8) connect$inet(r4, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) r6 = accept4(r0, &(0x7f0000000000)=@in={0x0, 0x0, @local}, &(0x7f0000000080)=0x80, 0x0) getpriority(0x1, r1) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f00000000c0)='vcan0\x00', 0x10) setsockopt$RDS_GET_MR_FOR_DEST(r6, 0x114, 0x7, &(0x7f0000000200)={@pptp={0x18, 0x2, {0x2, @local={0xac, 0x14, 0x14, 0xaa}}}, {&(0x7f0000000140)=""/112, 0x70}, &(0x7f00000001c0), 0xa}, 0xa0) close(r6) 10:00:57 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x10, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 241.211798] FAULT_INJECTION: forcing a failure. [ 241.211798] name failslab, interval 1, probability 0, space 0, times 0 [ 241.223145] CPU: 1 PID: 14967 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 241.230074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.239424] Call Trace: [ 241.242015] dump_stack+0x1b9/0x294 [ 241.245646] ? dump_stack_print_info.cold.2+0x52/0x52 [ 241.250844] ? __save_stack_trace+0x7e/0xd0 [ 241.255183] should_fail.cold.4+0xa/0x1a [ 241.259257] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 241.264366] ? kasan_kmalloc+0xc4/0xe0 [ 241.268260] ? kasan_slab_alloc+0x12/0x20 [ 241.272466] ? kmem_cache_alloc+0x12e/0x760 [ 241.276789] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 241.281641] ? kvm_mmu_load+0x21/0x10e0 [ 241.285619] ? vcpu_enter_guest+0x3a83/0x6060 [ 241.290119] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 241.295141] ? graph_lock+0x170/0x170 [ 241.298939] ? do_syscall_64+0x1b1/0x800 [ 241.302990] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 241.308347] ? find_held_lock+0x36/0x1c0 [ 241.312399] ? __lock_is_held+0xb5/0x140 [ 241.316451] ? check_same_owner+0x320/0x320 [ 241.320756] ? rcu_note_context_switch+0x710/0x710 [ 241.325674] __should_failslab+0x124/0x180 [ 241.329898] should_failslab+0x9/0x14 [ 241.333680] kmem_cache_alloc+0x2af/0x760 [ 241.337811] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 241.343335] ? kvm_pfn_to_page+0x7a/0xa0 [ 241.347381] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 241.352211] mmu_topup_memory_caches+0xf7/0x3a0 [ 241.356866] ? kvm_apic_has_interrupt+0xe1/0x210 [ 241.361610] kvm_mmu_load+0x21/0x10e0 [ 241.365396] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 241.370917] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 241.376443] vcpu_enter_guest+0x3a83/0x6060 [ 241.380752] ? print_usage_bug+0xc0/0xc0 [ 241.384821] ? kvm_set_msr_common+0x2680/0x2680 [ 241.389476] ? vmx_vcpu_load+0xada/0xfe0 [ 241.393525] ? __lock_acquire+0x7f5/0x5140 [ 241.397743] ? vmx_vcpu_reset+0x1030/0x1030 [ 241.402050] ? graph_lock+0x170/0x170 [ 241.405834] ? graph_lock+0x170/0x170 [ 241.409620] ? __lock_acquire+0x7f5/0x5140 [ 241.413841] ? debug_check_no_locks_freed+0x310/0x310 [ 241.419032] ? __lock_is_held+0xb5/0x140 [ 241.423084] ? lock_acquire+0x1dc/0x520 [ 241.427041] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 241.432045] ? lock_release+0xa10/0xa10 [ 241.436004] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 241.441278] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 241.445767] ? preempt_notifier_dec+0x20/0x20 [ 241.450251] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 241.455086] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 241.460092] kvm_vcpu_ioctl+0x79d/0x12e0 [ 241.464140] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 241.469835] ? graph_lock+0x170/0x170 [ 241.473625] ? find_held_lock+0x36/0x1c0 [ 241.477679] ? lock_downgrade+0x8e0/0x8e0 [ 241.481814] ? kasan_check_read+0x11/0x20 [ 241.485955] ? rcu_is_watching+0x85/0x140 [ 241.490088] ? rcu_report_qs_rnp+0x790/0x790 [ 241.494486] ? __fget+0x40c/0x650 [ 241.497925] ? match_held_lock+0x871/0x8b0 [ 241.502146] ? expand_files.part.8+0x9a0/0x9a0 [ 241.506711] ? kasan_check_write+0x14/0x20 [ 241.510933] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 241.515853] ? wait_for_completion+0x870/0x870 [ 241.520419] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 241.525593] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 241.531294] do_vfs_ioctl+0x1cf/0x16f0 [ 241.535170] ? ioctl_preallocate+0x2e0/0x2e0 [ 241.539561] ? fget_raw+0x20/0x20 [ 241.543003] ? __sb_end_write+0xac/0xe0 [ 241.546976] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 241.552495] ? fput+0x130/0x1a0 [ 241.555758] ? ksys_write+0x1a6/0x250 [ 241.559547] ? security_file_ioctl+0x94/0xc0 [ 241.563941] ksys_ioctl+0xa9/0xd0 [ 241.567382] __x64_sys_ioctl+0x73/0xb0 [ 241.571257] do_syscall_64+0x1b1/0x800 [ 241.575130] ? finish_task_switch+0x1ca/0x840 [ 241.579622] ? syscall_return_slowpath+0x5c0/0x5c0 [ 241.584537] ? syscall_return_slowpath+0x30f/0x5c0 [ 241.589454] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 241.594806] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 241.599634] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 241.604805] RIP: 0033:0x4559f9 [ 241.607977] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 241.627215] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 241.634906] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 241.642160] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 241.649413] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 241.656665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 10:00:58 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:58 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x170101c0, [0x40000073, 0x1]}) [ 241.663918] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000000e 10:00:58 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x16, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:58 executing program 7: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000), &(0x7f0000000040)=0x4) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000080)) 10:00:58 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979", 0xb4) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:58 executing program 5 (fault-call:5 fault-nth:15): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:58 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:58 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x1d, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 241.952085] FAULT_INJECTION: forcing a failure. [ 241.952085] name failslab, interval 1, probability 0, space 0, times 0 [ 241.963452] CPU: 0 PID: 14997 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 241.970382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.979729] Call Trace: [ 241.982313] dump_stack+0x1b9/0x294 [ 241.985931] ? dump_stack_print_info.cold.2+0x52/0x52 [ 241.991113] ? __save_stack_trace+0x7e/0xd0 [ 241.995432] should_fail.cold.4+0xa/0x1a [ 241.999490] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 242.004581] ? kasan_kmalloc+0xc4/0xe0 [ 242.008451] ? kasan_slab_alloc+0x12/0x20 [ 242.012586] ? kmem_cache_alloc+0x12e/0x760 [ 242.016893] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 242.021722] ? kvm_mmu_load+0x21/0x10e0 [ 242.025679] ? vcpu_enter_guest+0x3a83/0x6060 [ 242.030158] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 242.035164] ? graph_lock+0x170/0x170 [ 242.038951] ? do_syscall_64+0x1b1/0x800 [ 242.042996] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 242.048355] ? find_held_lock+0x36/0x1c0 [ 242.052420] ? __lock_is_held+0xb5/0x140 [ 242.056476] ? check_same_owner+0x320/0x320 [ 242.060783] ? rcu_note_context_switch+0x710/0x710 [ 242.065700] __should_failslab+0x124/0x180 [ 242.069921] should_failslab+0x9/0x14 [ 242.073704] kmem_cache_alloc+0x2af/0x760 [ 242.077852] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 242.083374] ? kvm_pfn_to_page+0x7a/0xa0 [ 242.087427] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 242.092255] mmu_topup_memory_caches+0xf7/0x3a0 [ 242.096910] ? kvm_apic_has_interrupt+0xe1/0x210 [ 242.101652] kvm_mmu_load+0x21/0x10e0 [ 242.105438] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 242.110959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 242.116483] vcpu_enter_guest+0x3a83/0x6060 [ 242.120791] ? crash_vmclear_local_loaded_vmcss+0x170/0x170 [ 242.126486] ? print_usage_bug+0xc0/0xc0 [ 242.130536] ? kvm_set_msr_common+0x2680/0x2680 [ 242.135186] ? vmx_vcpu_load+0xada/0xfe0 [ 242.139236] ? vmx_vcpu_reset+0x1030/0x1030 [ 242.143541] ? graph_lock+0x170/0x170 [ 242.147325] ? graph_lock+0x170/0x170 [ 242.151109] ? __lock_acquire+0x7f5/0x5140 [ 242.155334] ? debug_check_no_locks_freed+0x310/0x310 [ 242.160514] ? __lock_is_held+0xb5/0x140 [ 242.164560] ? lock_acquire+0x1dc/0x520 [ 242.168782] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 242.173788] ? lock_release+0xa10/0xa10 [ 242.177746] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 242.183010] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 242.187494] ? preempt_notifier_dec+0x20/0x20 [ 242.191978] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 242.196805] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 242.201812] kvm_vcpu_ioctl+0x79d/0x12e0 [ 242.205862] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 242.211559] ? graph_lock+0x170/0x170 [ 242.215349] ? find_held_lock+0x36/0x1c0 [ 242.219407] ? lock_downgrade+0x8e0/0x8e0 [ 242.223543] ? kasan_check_read+0x11/0x20 [ 242.227674] ? rcu_is_watching+0x85/0x140 [ 242.231808] ? rcu_report_qs_rnp+0x790/0x790 [ 242.236205] ? __fget+0x40c/0x650 [ 242.239648] ? match_held_lock+0x871/0x8b0 [ 242.243867] ? expand_files.part.8+0x9a0/0x9a0 [ 242.248435] ? kasan_check_write+0x14/0x20 [ 242.252659] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 242.257577] ? wait_for_completion+0x870/0x870 [ 242.262145] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 242.267321] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 242.273023] do_vfs_ioctl+0x1cf/0x16f0 [ 242.276902] ? ioctl_preallocate+0x2e0/0x2e0 [ 242.281295] ? fget_raw+0x20/0x20 [ 242.284733] ? __sb_end_write+0xac/0xe0 [ 242.288694] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 242.294215] ? fput+0x130/0x1a0 [ 242.297478] ? ksys_write+0x1a6/0x250 [ 242.301264] ? security_file_ioctl+0x94/0xc0 [ 242.305664] ksys_ioctl+0xa9/0xd0 [ 242.309105] __x64_sys_ioctl+0x73/0xb0 [ 242.312989] do_syscall_64+0x1b1/0x800 [ 242.316864] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 242.321690] ? syscall_return_slowpath+0x5c0/0x5c0 [ 242.326605] ? syscall_return_slowpath+0x30f/0x5c0 [ 242.331519] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 242.336870] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 242.341710] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 242.346882] RIP: 0033:0x4559f9 [ 242.350050] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 242.369280] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 242.376971] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 242.384221] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 242.391474] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 10:00:59 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e9", 0xba) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:59 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x100, 0x0) connect$netrom(r1, &(0x7f0000000040)=@ax25={0x3, {"2553cb9ccd4400"}, 0x81}, 0x10) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(morus640)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x5, &(0x7f0000000080), 0x0) [ 242.398725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 242.405975] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000000f 10:00:59 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x12000000, [0x40000073, 0x1]}) 10:00:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:59 executing program 5 (fault-call:5 fault-nth:16): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:59 executing program 7: socket$inet6(0xa, 0x1, 0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) fallocate(r0, 0x20, 0x0, 0xfffffeff000) [ 242.655157] FAULT_INJECTION: forcing a failure. [ 242.655157] name failslab, interval 1, probability 0, space 0, times 0 [ 242.666516] CPU: 0 PID: 15028 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 242.673440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.682778] Call Trace: [ 242.685362] dump_stack+0x1b9/0x294 [ 242.688980] ? dump_stack_print_info.cold.2+0x52/0x52 [ 242.694161] ? __save_stack_trace+0x7e/0xd0 [ 242.698474] should_fail.cold.4+0xa/0x1a [ 242.702523] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 242.707612] ? kasan_kmalloc+0xc4/0xe0 [ 242.711482] ? kasan_slab_alloc+0x12/0x20 [ 242.715614] ? kmem_cache_alloc+0x12e/0x760 [ 242.719920] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 242.724748] ? kvm_mmu_load+0x21/0x10e0 [ 242.728705] ? vcpu_enter_guest+0x3a83/0x6060 [ 242.733182] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 242.738185] ? graph_lock+0x170/0x170 [ 242.741972] ? do_syscall_64+0x1b1/0x800 [ 242.746023] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 242.751380] ? find_held_lock+0x36/0x1c0 [ 242.755428] ? __lock_is_held+0xb5/0x140 [ 242.759479] ? check_same_owner+0x320/0x320 [ 242.763788] ? rcu_note_context_switch+0x710/0x710 [ 242.768704] __should_failslab+0x124/0x180 [ 242.772927] should_failslab+0x9/0x14 [ 242.776711] kmem_cache_alloc+0x2af/0x760 [ 242.780844] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 242.786370] ? kvm_pfn_to_page+0x7a/0xa0 [ 242.790417] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 242.795250] mmu_topup_memory_caches+0xf7/0x3a0 [ 242.799903] ? kvm_apic_has_interrupt+0xe1/0x210 [ 242.804661] kvm_mmu_load+0x21/0x10e0 [ 242.808447] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 242.813970] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 242.819498] vcpu_enter_guest+0x3a83/0x6060 [ 242.823809] ? print_usage_bug+0xc0/0xc0 [ 242.827866] ? kvm_set_msr_common+0x2680/0x2680 [ 242.832517] ? vmx_vcpu_load+0xada/0xfe0 [ 242.836561] ? __lock_acquire+0x7f5/0x5140 [ 242.840780] ? vmx_vcpu_reset+0x1030/0x1030 [ 242.845084] ? graph_lock+0x170/0x170 [ 242.848901] ? graph_lock+0x170/0x170 [ 242.852685] ? __lock_acquire+0x7f5/0x5140 [ 242.856908] ? debug_check_no_locks_freed+0x310/0x310 [ 242.862086] ? __lock_is_held+0xb5/0x140 [ 242.866134] ? lock_acquire+0x1dc/0x520 [ 242.870092] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 242.875097] ? lock_release+0xa10/0xa10 [ 242.879054] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 242.884314] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 242.888793] ? preempt_notifier_dec+0x20/0x20 [ 242.893275] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 242.898104] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 242.903111] kvm_vcpu_ioctl+0x79d/0x12e0 [ 242.907161] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 242.912856] ? graph_lock+0x170/0x170 [ 242.916641] ? find_held_lock+0x36/0x1c0 [ 242.920691] ? lock_downgrade+0x8e0/0x8e0 [ 242.924829] ? kasan_check_read+0x11/0x20 [ 242.928960] ? rcu_is_watching+0x85/0x140 [ 242.933093] ? rcu_report_qs_rnp+0x790/0x790 [ 242.937490] ? __fget+0x40c/0x650 [ 242.940930] ? match_held_lock+0x871/0x8b0 [ 242.945148] ? expand_files.part.8+0x9a0/0x9a0 [ 242.949714] ? kasan_check_write+0x14/0x20 [ 242.953939] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 242.958854] ? wait_for_completion+0x870/0x870 [ 242.963419] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 242.968591] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 242.974285] do_vfs_ioctl+0x1cf/0x16f0 [ 242.978159] ? ioctl_preallocate+0x2e0/0x2e0 [ 242.982553] ? fget_raw+0x20/0x20 [ 242.985992] ? __sb_end_write+0xac/0xe0 [ 242.989956] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 242.995473] ? fput+0x130/0x1a0 [ 242.998742] ? ksys_write+0x1a6/0x250 [ 243.002531] ? security_file_ioctl+0x94/0xc0 [ 243.006924] ksys_ioctl+0xa9/0xd0 [ 243.010363] __x64_sys_ioctl+0x73/0xb0 [ 243.014237] do_syscall_64+0x1b1/0x800 [ 243.018118] ? finish_task_switch+0x1ca/0x840 [ 243.022597] ? syscall_return_slowpath+0x5c0/0x5c0 [ 243.027512] ? syscall_return_slowpath+0x30f/0x5c0 [ 243.032427] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 243.037777] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 243.042603] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 243.047775] RIP: 0033:0x4559f9 [ 243.050947] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 243.070195] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 243.077892] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 243.085143] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 243.092395] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 243.099645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 243.106895] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000010 10:00:59 executing program 4: mprotect(&(0x7f000048f000/0x3000)=nil, 0x3000, 0x8004) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f000001aff4)) 10:00:59 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x13, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:00:59 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a", 0xbd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:00:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:00:59 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f00000000c0)={"6c6f3a0500", {0x2, 0x0, @dev={0xac, 0x14, 0x14}}}) io_setup(0x9, &(0x7f0000000000)=0x0) io_getevents(r2, 0x1fd60000000, 0x1, &(0x7f0000000040)=[{}], &(0x7f0000000080)={0x77359400}) 10:00:59 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x4b564d03, [0x40000073, 0x1]}) 10:00:59 executing program 5 (fault-call:5 fault-nth:17): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:00:59 executing program 7: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x6, 0x4) fallocate(r2, 0x20, 0x0, 0xfffffeff000) 10:01:00 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x4, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:00 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 243.414615] FAULT_INJECTION: forcing a failure. [ 243.414615] name failslab, interval 1, probability 0, space 0, times 0 [ 243.425907] CPU: 0 PID: 15055 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 243.432835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 243.442190] Call Trace: [ 243.444788] dump_stack+0x1b9/0x294 [ 243.448423] ? dump_stack_print_info.cold.2+0x52/0x52 [ 243.453622] ? __save_stack_trace+0x7e/0xd0 [ 243.457952] should_fail.cold.4+0xa/0x1a [ 243.462006] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 243.467103] ? kasan_kmalloc+0xc4/0xe0 [ 243.470977] ? kasan_slab_alloc+0x12/0x20 [ 243.475107] ? kmem_cache_alloc+0x12e/0x760 [ 243.479414] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 243.484237] ? kvm_mmu_load+0x21/0x10e0 [ 243.488198] ? vcpu_enter_guest+0x3a83/0x6060 [ 243.492675] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 243.497677] ? graph_lock+0x170/0x170 [ 243.501463] ? do_syscall_64+0x1b1/0x800 [ 243.505509] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 243.510859] ? find_held_lock+0x36/0x1c0 [ 243.514906] ? __lock_is_held+0xb5/0x140 [ 243.518961] ? check_same_owner+0x320/0x320 [ 243.523266] ? rcu_note_context_switch+0x710/0x710 [ 243.528188] __should_failslab+0x124/0x180 [ 243.532407] should_failslab+0x9/0x14 [ 243.536190] kmem_cache_alloc+0x2af/0x760 [ 243.540325] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 243.545846] ? kvm_pfn_to_page+0x7a/0xa0 [ 243.549893] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 243.554724] mmu_topup_memory_caches+0xf7/0x3a0 [ 243.559377] ? kvm_apic_has_interrupt+0xe1/0x210 [ 243.564119] kvm_mmu_load+0x21/0x10e0 [ 243.567904] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 243.573426] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 243.578948] vcpu_enter_guest+0x3a83/0x6060 [ 243.583259] ? kvm_set_msr_common+0x2680/0x2680 [ 243.587910] ? vmx_vcpu_load+0xada/0xfe0 [ 243.591958] ? vmx_vcpu_reset+0x1030/0x1030 [ 243.596265] ? graph_lock+0x170/0x170 [ 243.600050] ? graph_lock+0x170/0x170 [ 243.603833] ? __lock_acquire+0x7f5/0x5140 [ 243.608054] ? debug_check_no_locks_freed+0x310/0x310 [ 243.613231] ? __lock_is_held+0xb5/0x140 [ 243.617277] ? lock_acquire+0x1dc/0x520 [ 243.621235] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 243.626236] ? lock_release+0xa10/0xa10 [ 243.630191] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 243.635450] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 243.639929] ? preempt_notifier_dec+0x20/0x20 [ 243.644412] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 243.649237] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 243.654242] kvm_vcpu_ioctl+0x79d/0x12e0 [ 243.658288] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 243.663981] ? graph_lock+0x170/0x170 [ 243.667766] ? find_held_lock+0x36/0x1c0 [ 243.671815] ? lock_downgrade+0x8e0/0x8e0 [ 243.675952] ? kasan_check_read+0x11/0x20 [ 243.680086] ? rcu_is_watching+0x85/0x140 [ 243.684218] ? rcu_report_qs_rnp+0x790/0x790 [ 243.688618] ? __fget+0x40c/0x650 [ 243.692056] ? match_held_lock+0x871/0x8b0 [ 243.696308] ? expand_files.part.8+0x9a0/0x9a0 [ 243.700872] ? kasan_check_write+0x14/0x20 [ 243.705092] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 243.710008] ? wait_for_completion+0x870/0x870 [ 243.714577] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 243.719751] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 243.725448] do_vfs_ioctl+0x1cf/0x16f0 [ 243.729322] ? ioctl_preallocate+0x2e0/0x2e0 [ 243.733715] ? fget_raw+0x20/0x20 [ 243.737158] ? __sb_end_write+0xac/0xe0 [ 243.741117] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 243.746638] ? fput+0x130/0x1a0 [ 243.749906] ? ksys_write+0x1a6/0x250 [ 243.753693] ? security_file_ioctl+0x94/0xc0 [ 243.758086] ksys_ioctl+0xa9/0xd0 [ 243.761524] __x64_sys_ioctl+0x73/0xb0 [ 243.765397] do_syscall_64+0x1b1/0x800 [ 243.769268] ? finish_task_switch+0x1ca/0x840 [ 243.773759] ? syscall_return_slowpath+0x5c0/0x5c0 [ 243.778672] ? syscall_return_slowpath+0x30f/0x5c0 [ 243.783585] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 243.788934] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 243.793763] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 243.798937] RIP: 0033:0x4559f9 [ 243.802106] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 243.821332] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 243.829029] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 243.836281] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 243.843532] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 243.850782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 243.858036] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000011 10:01:00 executing program 3: r0 = mq_open(&(0x7f000004b000)='em0lo\x00', 0xc2, 0x0, &(0x7f000004b000)={0xffffffffffffffff, 0x1, 0x4}) ftruncate(r0, 0x80040000) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$IP_VS_SO_SET_EDITDEST(r1, 0x0, 0x489, &(0x7f0000000040)={{0x0, @empty, 0x4e24, 0x3, 'sh\x00', 0x30db78b492d70a6f, 0x1, 0x2b}, {@dev={0xac, 0x14, 0x14, 0xb}, 0x4e22, 0x10002, 0x3f, 0xfffffffffffffff9, 0x8}}, 0x44) sendmmsg(r1, &(0x7f0000000240)=[{{&(0x7f0000000100)=@un=@abs={0x1, 0x0, 0x4e20}, 0x80, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=[{0x58, 0x103, 0x4, "ed2ffdacea98687e285964772dfa4c83aa97c787801e1747e2f61e1638abec29c796938c48d9ccbf3c48300fbabe98ace9a0786b124ed2135a374cfb6fa0e886cd46e2"}], 0x58, 0x40000}, 0xb0ca}], 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f00000000c0)={'lo\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1f}}}) 10:01:00 executing program 5 (fault-call:5 fault-nth:18): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:00 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a6867", 0xbf) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:00 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x400000b7, [0x40000073, 0x1]}) 10:01:00 executing program 7: r0 = socket$inet6(0xa, 0x80000, 0x800000a) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x40000000141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000ffa000/0x3000)=nil) fallocate(r0, 0x20, 0x0, 0x800) r2 = gettid() ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={[], 0xfffffffffffffff8, 0xffff, 0x7fffffff, 0x0, 0x7, r2}) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000080)={0x6, 0x1000, 0x2}) [ 244.170812] FAULT_INJECTION: forcing a failure. [ 244.170812] name failslab, interval 1, probability 0, space 0, times 0 [ 244.182157] CPU: 0 PID: 15082 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 244.189086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 244.198448] Call Trace: [ 244.201049] dump_stack+0x1b9/0x294 [ 244.204689] ? dump_stack_print_info.cold.2+0x52/0x52 [ 244.209889] ? __save_stack_trace+0x7e/0xd0 [ 244.214223] should_fail.cold.4+0xa/0x1a [ 244.218294] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 244.223403] ? kasan_kmalloc+0xc4/0xe0 [ 244.227284] ? kasan_slab_alloc+0x12/0x20 [ 244.231412] ? kmem_cache_alloc+0x12e/0x760 [ 244.235717] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 244.240543] ? kvm_mmu_load+0x21/0x10e0 [ 244.244500] ? vcpu_enter_guest+0x3a83/0x6060 [ 244.248975] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 244.253974] ? graph_lock+0x170/0x170 [ 244.257758] ? do_syscall_64+0x1b1/0x800 [ 244.261813] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 244.267175] ? find_held_lock+0x36/0x1c0 [ 244.271222] ? __lock_is_held+0xb5/0x140 [ 244.275274] ? check_same_owner+0x320/0x320 [ 244.279582] ? rcu_note_context_switch+0x710/0x710 [ 244.284508] __should_failslab+0x124/0x180 [ 244.288736] should_failslab+0x9/0x14 [ 244.292522] kmem_cache_alloc+0x2af/0x760 [ 244.296656] ? kvm_apic_has_interrupt+0x1cd/0x210 [ 244.301483] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 244.306322] mmu_topup_memory_caches+0xf7/0x3a0 [ 244.310983] ? kvm_apic_has_interrupt+0xe1/0x210 [ 244.315726] kvm_mmu_load+0x21/0x10e0 [ 244.319510] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 244.325041] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 244.330569] vcpu_enter_guest+0x3a83/0x6060 [ 244.334876] ? print_usage_bug+0xc0/0xc0 [ 244.338919] ? kvm_set_msr_common+0x2680/0x2680 [ 244.343570] ? vmx_vcpu_load+0xada/0xfe0 [ 244.347614] ? __lock_acquire+0x7f5/0x5140 [ 244.351830] ? vmx_vcpu_reset+0x1030/0x1030 [ 244.356133] ? graph_lock+0x170/0x170 [ 244.359915] ? graph_lock+0x170/0x170 [ 244.363697] ? __lock_acquire+0x7f5/0x5140 [ 244.367915] ? debug_check_no_locks_freed+0x310/0x310 [ 244.373093] ? __lock_is_held+0xb5/0x140 [ 244.377137] ? lock_acquire+0x1dc/0x520 [ 244.381098] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 244.386110] ? lock_release+0xa10/0xa10 [ 244.390080] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 244.395342] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 244.399818] ? preempt_notifier_dec+0x20/0x20 [ 244.404298] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 244.409120] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 244.414123] kvm_vcpu_ioctl+0x79d/0x12e0 [ 244.418167] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 244.423863] ? graph_lock+0x170/0x170 [ 244.427645] ? find_held_lock+0x36/0x1c0 [ 244.431693] ? lock_downgrade+0x8e0/0x8e0 [ 244.435825] ? kasan_check_read+0x11/0x20 [ 244.439957] ? rcu_is_watching+0x85/0x140 [ 244.444093] ? rcu_report_qs_rnp+0x790/0x790 [ 244.448506] ? __fget+0x40c/0x650 [ 244.451962] ? match_held_lock+0x871/0x8b0 [ 244.456182] ? expand_files.part.8+0x9a0/0x9a0 [ 244.460747] ? kasan_check_write+0x14/0x20 [ 244.464963] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 244.469874] ? wait_for_completion+0x870/0x870 [ 244.474438] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 244.479610] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 244.485303] do_vfs_ioctl+0x1cf/0x16f0 [ 244.489174] ? ioctl_preallocate+0x2e0/0x2e0 [ 244.493581] ? fget_raw+0x20/0x20 [ 244.497033] ? __sb_end_write+0xac/0xe0 [ 244.500999] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 244.506522] ? fput+0x130/0x1a0 [ 244.509783] ? ksys_write+0x1a6/0x250 [ 244.513568] ? security_file_ioctl+0x94/0xc0 [ 244.517959] ksys_ioctl+0xa9/0xd0 [ 244.521397] __x64_sys_ioctl+0x73/0xb0 [ 244.525274] do_syscall_64+0x1b1/0x800 [ 244.529145] ? finish_task_switch+0x1ca/0x840 [ 244.533626] ? syscall_return_slowpath+0x5c0/0x5c0 [ 244.538548] ? syscall_return_slowpath+0x30f/0x5c0 [ 244.543471] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 244.548820] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 244.553646] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 244.558815] RIP: 0033:0x4559f9 [ 244.561983] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 244.581210] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 244.588931] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 244.596192] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 244.603442] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 244.610691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 244.617945] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000012 10:01:01 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000740)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des3_ede)\x00'}, 0x58) r1 = socket$inet6(0xa, 0x3, 0x400000000000009) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = accept$alg(r0, 0x0, 0x0) r3 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x6, 0x22a100) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f0000000040)={0x5, [0x8, 0x1, 0x8, 0xfff, 0x0]}, 0xe) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480)="d3ab27191a010023560fd9d5e03eba602dff05b82756df62", 0x18) write$binfmt_elf32(r2, &(0x7f00000007c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0xfdef) 10:01:01 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x14, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:01 executing program 3: r0 = memfd_create(&(0x7f000000e000)='\x00 ', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x101801) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f000002b000)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f643a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d"}) fcntl$notify(r1, 0x402, 0x1) write$sndseq(r0, &(0x7f0000000080), 0xffffff17) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000000)={0x80, 0x8}) 10:01:01 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:01 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={0x0, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:01 executing program 5 (fault-call:5 fault-nth:19): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:01 executing program 7: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x401, 0x0) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x6, 0x1, 0x1, 0x0, 0x53f}, 0xc) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x7}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000140)={r1, 0x1, 0x2, 0x7}, 0x10) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r3, 0x0, 0x0, 0x4) fallocate(r3, 0x20, 0x0, 0xfffffeff000) 10:01:01 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x580001c000000000, [0x40000073, 0x1]}) [ 244.960812] FAULT_INJECTION: forcing a failure. [ 244.960812] name failslab, interval 1, probability 0, space 0, times 0 [ 244.972123] CPU: 1 PID: 15117 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 244.979043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 244.988477] Call Trace: [ 244.991069] dump_stack+0x1b9/0x294 [ 244.994700] ? dump_stack_print_info.cold.2+0x52/0x52 [ 244.999896] ? __save_stack_trace+0x7e/0xd0 [ 245.004234] should_fail.cold.4+0xa/0x1a [ 245.008302] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 245.013408] ? kasan_kmalloc+0xc4/0xe0 [ 245.017293] ? kasan_slab_alloc+0x12/0x20 [ 245.021436] ? kmem_cache_alloc+0x12e/0x760 [ 245.025759] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 245.030600] ? kvm_mmu_load+0x21/0x10e0 [ 245.034573] ? vcpu_enter_guest+0x3a83/0x6060 [ 245.039065] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 245.044080] ? graph_lock+0x170/0x170 [ 245.047881] ? do_syscall_64+0x1b1/0x800 [ 245.051937] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 245.057307] ? find_held_lock+0x36/0x1c0 [ 245.061370] ? __lock_is_held+0xb5/0x140 [ 245.065438] ? check_same_owner+0x320/0x320 [ 245.069759] ? rcu_note_context_switch+0x710/0x710 [ 245.074699] __should_failslab+0x124/0x180 [ 245.078942] should_failslab+0x9/0x14 [ 245.082750] kmem_cache_alloc+0x2af/0x760 [ 245.086906] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 245.092448] ? kvm_pfn_to_page+0x7a/0xa0 [ 245.096520] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 245.101370] mmu_topup_memory_caches+0xf7/0x3a0 [ 245.106041] ? kvm_apic_has_interrupt+0xe1/0x210 [ 245.110786] kvm_mmu_load+0x21/0x10e0 [ 245.114583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 245.120125] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 245.125709] vcpu_enter_guest+0x3a83/0x6060 [ 245.130038] ? print_usage_bug+0xc0/0xc0 [ 245.134092] ? kvm_set_msr_common+0x2680/0x2680 [ 245.138746] ? vmx_vcpu_load+0xada/0xfe0 [ 245.142791] ? __lock_acquire+0x7f5/0x5140 [ 245.147018] ? vmx_vcpu_reset+0x1030/0x1030 [ 245.151336] ? graph_lock+0x170/0x170 [ 245.155120] ? graph_lock+0x170/0x170 [ 245.158905] ? __lock_acquire+0x7f5/0x5140 [ 245.163130] ? debug_check_no_locks_freed+0x310/0x310 [ 245.168309] ? __lock_is_held+0xb5/0x140 [ 245.172381] ? lock_acquire+0x1dc/0x520 [ 245.176355] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 245.181375] ? lock_release+0xa10/0xa10 [ 245.185351] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 245.190622] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 245.195109] ? preempt_notifier_dec+0x20/0x20 [ 245.199620] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 245.204455] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 245.209461] kvm_vcpu_ioctl+0x79d/0x12e0 [ 245.213514] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 245.219233] ? graph_lock+0x170/0x170 [ 245.223044] ? find_held_lock+0x36/0x1c0 [ 245.227119] ? lock_downgrade+0x8e0/0x8e0 [ 245.231259] ? kasan_check_read+0x11/0x20 [ 245.235400] ? rcu_is_watching+0x85/0x140 [ 245.239553] ? rcu_report_qs_rnp+0x790/0x790 [ 245.243962] ? __fget+0x40c/0x650 [ 245.247401] ? match_held_lock+0x871/0x8b0 [ 245.251635] ? expand_files.part.8+0x9a0/0x9a0 [ 245.256480] ? kasan_check_write+0x14/0x20 [ 245.260721] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 245.265660] ? wait_for_completion+0x870/0x870 [ 245.270237] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 245.275424] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 245.281139] do_vfs_ioctl+0x1cf/0x16f0 [ 245.285034] ? ioctl_preallocate+0x2e0/0x2e0 [ 245.289447] ? fget_raw+0x20/0x20 [ 245.292907] ? __sb_end_write+0xac/0xe0 [ 245.296885] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 245.302424] ? fput+0x130/0x1a0 [ 245.305712] ? ksys_write+0x1a6/0x250 [ 245.309532] ? security_file_ioctl+0x94/0xc0 [ 245.313951] ksys_ioctl+0xa9/0xd0 [ 245.317413] __x64_sys_ioctl+0x73/0xb0 [ 245.321306] do_syscall_64+0x1b1/0x800 [ 245.325196] ? syscall_return_slowpath+0x5c0/0x5c0 [ 245.330136] ? syscall_return_slowpath+0x30f/0x5c0 [ 245.335077] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 245.340441] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 245.345276] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 245.350448] RIP: 0033:0x4559f9 [ 245.353616] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 245.372840] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 245.380533] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 245.387785] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 245.395035] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 245.402285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 245.409539] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000013 10:01:02 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x10, 0x0) 10:01:02 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:02 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = memfd_create(&(0x7f0000000000)='-\x00', 0x3) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000, 0xffffffffffffff9c}) r4 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x8001, 0x2) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000100)={r2, 0x80000, r4}) getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@mcast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @local}}, 0x0, @in=@broadcast}}, &(0x7f0000000240)=0xe8) ioctl$sock_inet_SIOCGIFDSTADDR(r1, 0x8917, &(0x7f0000000480)={'ip6gre0\x00', {0x2, 0x4e23, @broadcast=0xffffffff}}) sendmsg$can_raw(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x1d, r5}, 0x10, &(0x7f0000000300)={&(0x7f00000002c0)=@can={{0x4, 0xf, 0x6, 0x684a}, 0x3, 0x1, 0x0, 0x0, "15257dda93dcd1bc"}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x40000) pwritev(r0, &(0x7f0000000440)=[{&(0x7f0000000400)="2eaa96246c2341006487ef34041ed58fe97bb64b8181b71ed06003ee43b400", 0x1f}], 0x1, 0x0) inotify_init1(0x80000) ioctl$VT_RESIZE(r3, 0x5609, &(0x7f00000001c0)={0x6, 0xd30b}) ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000380)={0xb5b2, 0x2}) memfd_create(&(0x7f00000003c0)='/dev/amidi#\x00', 0x3) getsockopt$IP_VS_SO_GET_INFO(r4, 0x0, 0x481, &(0x7f0000000140), &(0x7f0000000180)=0xc) ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000040)={'ip6tnl0\x00', @ifru_flags=0x8000}) 10:01:02 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x2000000000105, 0x2e2000000000000, 0x1, 0x6, 0xffffffffffffffff, 0x10000}, 0x2c) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000140)={r0, &(0x7f0000000040)}, 0x10) lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.syz\x00', &(0x7f0000000180)=""/249, 0xf9) 10:01:02 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") ustat(0x2d26, &(0x7f00000001c0)) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ioctl$IOC_PR_PREEMPT(r1, 0x401870cb, &(0x7f0000000180)={0x200, 0x9, 0x7fffffff, 0x2}) fallocate(r1, 0x0, 0x0, 0x4) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x200, 0x0) fallocate(r1, 0x20, 0x0, 0xfffffeff000) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x2f8679ec}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000000c0)={r2, 0x8, "2c6623924e3698bb"}, &(0x7f0000000140)=0x10) 10:01:02 executing program 5 (fault-call:5 fault-nth:20): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:02 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xc100000000000000, [0x40000073, 0x1]}) 10:01:02 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, 0x0, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:02 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x10004000008912, &(0x7f00000003c0)="295e9a3f7f1efb44a6a06c426bd0e131b836eb3f221f1c20569dde1d2f900a8b7fc40e0d1ae046a3a7336c66a29e419fdaa937c5ec5a202745eeda169291afb90cb7ba53af6c1a2cfd7ad4be0b43cf2b3d") r1 = socket(0xa, 0x1, 0x0) unshare(0x20000) r2 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000300)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'lo\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000005700)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000056c0)={&(0x7f0000000080)=@setlink={0x34, 0x13, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x1fffff}, [@IFLA_IFNAME={0x14, 0x3, 'veth1\x00'}]}, 0x34}, 0x1}, 0x0) getpeername(r0, &(0x7f00000000c0)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @multicast2}}}, &(0x7f0000000000)=0x80) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x4e21, @multicast1=0xe0000001}}, 0x9, 0x9, 0xfff, "61ab02c668ef55819c826eaa9358c1862fbe7b3f021274dffdac24def1bbf98ece921df2b205cb5ea3f5d3518b3c15bf2d5d4ede3d4a6cb43f8406fb176463a49803156e38028a989f6235a15e749a9a"}, 0xd8) 10:01:02 executing program 4: socket$inet6(0xa, 0x100000000001, 0x0) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000100)) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000140)=@nat={'nat\x00', 0x19, 0x1, 0x208, [0x200002c0, 0x0, 0x0, 0x20000468, 0x20000498], 0x0, &(0x7f0000000040), &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000009000000000000000000626f6e645f736c6176655f31000000006e72300000000000000000000000000076657468315f746f5f7465616d00000073797a6b616c6c657230000000000000aaaaaaaaaa000000000000000180c20000000000000000000000d800000048010000780100003830324bfd5f3300000000000000000000000000000000000000000000000000000008000000000000000000000000000000636c757374657200000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000736e617400000000000000000000000000000000000000000000000000000000000000000000000000736e61740000000000000000000000000000000000000000000000000000000010000000000000000180c20000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000100000000000000000000000000001000000ffffffff000000009a547fd743c92c2dc5953cdc218515f45b000000000000000004000000000000"]}, 0x293) 10:01:02 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) setsockopt$ax25_buf(r1, 0x101, 0x19, &(0x7f0000000800)="a03514d3ca70537e1a0bef57646a9c98a28072a82fa10596821684caeec7f3a874a9c57d59a454af0c6493f984bbfcb480210c8841cbb79699140d99f7c97c6bcb221a509378327887b34a8fe2afadc2ca9a66ec94af06617c9f7a7cb55ca59e2031d19008169e632367974519f3f841afb9cba72882367f36855bc2c974b6e0e00471e046ef3f74ad417515f50404241f1cc383707425caa0ea904bbb3e323eb67e8816ddcdb9b1ce16a3fc599c4aa063103de6f3cd8c249f8ece081fcf728cbf63762dfc08a48a9c24e2d70a350f75a0ba1c4781b7f00373d5c37cb84b95f2eb7bdabe758b1e428b712ba89c50f4b13505fe064bf5cfcc113514b2f7a4befc4017396b41b7ddd36786c6f5918db630595a0274048f703988f659ddbb45f67cf3f680fe94a932a7bc791f1982b756f40d05c65e6749b23a501e00ed0c05af871a486899d5a7168c7096693a87d1ca2668671f98f3946b6d68c9782257ee523e199a7dfa2d6a35798bb5570257e9b732bdb675a2712bbef80c2f46a95a27ebcca9d526bab8ecba5b2d11201f3098f2962d464a348da8a9b721780b86c560a42067943fbd589b9dfdd3ec2e1d6c92fbace5010f6d6541fa9b834fd23feac2fb93534286b5d123cab0009e07fb74b7109e79147e3996b970362e530c3f851863522fb5a5924ac953f350b00579f11d03f429ca5731647b7c28ac10d4a6e359347bf68460e4d0219b5f354bfe074e74d1435a82aa8a41f190e2b9de7f688fac16a0fce56e83735a754d4b59795b34081e438991e6a8de0e7b87a6dae9bca7d836a72dfecbe9342c787389a5973c6f3d9274aec9fd43dcfaa356e5e96c11ae0b036a5c7c3bea08471385785820dd8df386f5bf8c43ad9c3300b78f108046ca4a912cdc8334cf46c6dacb5d9f29cb6457db6beeb65d67866f83546f3baa18e8ad03beb94896ddacbf20316a6c07ed3673226fbbcd81d46d5ffc1a9c4e68e47911301cdeb692188304a51d031a95ec32e303ab4c1eeaae3807a300365b61d1702a98f0a3ebf5c529d52d1d77a4680144893c836ef23815076f94f4dde0fbc1b8235cb972b1e034ff1e2d4b3f500c2d432ef9988b336b53b15d463bee03531dd6c10091a7d1afa792e67b2d079bb5899e9f21b65b182cef3a635de9220fd531a7c9fb0abe644f5b33fd5006f9d183850d9b8a6cad2c0517df04f989a99e578fe12e3ad28ce7353ffbbace0addacdefd9f653c5dc45ff13f7978809b7cd235dc22837079eb3f8ad756cedabc30af2a02fe213f9e32a2e19b18f9002be95d8d35d014dff5b45750330e9dfcf3ead97632e9b3d46c25d8e08a72182c89fae38f5fdc89b23c0939c8ae3ea2d888cff451bfcd3144eed25359034342fcb14d49c4ef131dafad8073d9a29af363d012577b916963c1c537ed1f826ed28c4f95822b2e62e8aaa418aeb091b1a56c68e10bfd6753b3d042bb821e4676f9b9b19b128ff7f03ec24cda11e83c777c0d46daf5ffc8d5e7607aa5260a4560031caa8113da3aa202f1506b00ab76b88e56ae9a2888c64faabd24d41695b4d7b026fc16cd7767df421680f10d10d5397b642ed4a7a5a603b2719555367276308c9c87e95d146ea9b505384232e36499efc6cbf4f52e69e440c6fa0ad1e869e5d25681971a6cd1db35c86c9dfd8c16c8916c8ad08199fd7263888dbfb19b2c2db2f4e1dc56eb253ded1d31e860c3e9d1859da5e11bc01c52637f71c84de664e23e596899503b1b0a5e5e20710622a0ca1e0d595176152946ef899e64deda60121e47d20cbc6f643f6c217a0dcdcbcc418f03f7bb9d7062a28457667199821df1aebf08b64af0777984d0aef94d9aa24a1b17bccb30fec1daf3ea0f6bc5c021441a7c44a23bc66ff26dd803659aeb331b8e21944fea151ec4df856043a416b2e64d83348e95ea40eaac6430d5b54a94d205fc664c23fbba96d8daa1b35c61c2337fb6523228c57c680443186604de055dacbaa3229ee6b20eca6c61506f211ec8f7d8e8dbca27d532df4b855e5a2d1c6636d84f531aa0796c65a27698a2156b1ac21a162928107a2bad361575f4f096e6fcbcd28dbb548a8a794ae191daa03c6251211a7817f7e29fc3dc6ab152243d33bdfa8a18c452393c49fd90c252a23b99ca49f7b7deace53d26e53df5b411e9fe0e1232ac82ee591714d94753ee573de56e18feda4afc4dec54c1619f3a48c0bfc9378ffc070abda8bd72a2025251dde547cc6406901f11df8aa16b8244675b14a7ea8e9b1dcd30d2b4320ff1851d5a06a7ddb7177a1978076e839e0ef335c75752b564408cfd3df4baee1fb2f4fbc18e8cb69778db1aebf95825b5b39c99d83f40c6914831f09a64c87fe93e704a3e0879573bb7fdd989b5ff1bd861fbe6daad1fa5721164907780f004209bf30f05cd8d33ef1dca817fbb83e59483a9784ee77ef0efbecece142d9d428b4ce76b21238383a62fa22afd4090b18d13743e3a2c281d160fa680dc2366bde73c9abc0a0f893e91a484952e6f05b69b8e4f686bcc06551a7950db1e48c6b3a4ef90e03f9bf2f0ee8897a72c473445c1a816d728c38314fa199b674fb06bc689ae859e2bff1932d0df3823141c07dee3a924f31bfcf2a01edb1bba6601682805495da579795c7af74b0b820c9df42e40dcbd525fe90a9f995488ddbbfc5ed5f53891112675175b6baf300377c2c469e76d4c9746dca54882c7769df4dfe467907a74bddef2bb8568cc0fa0e3083ccce4842aa466cc290ea626cd1c9d683b5f5e7c77aecc2730533408fba47a23e520dad5e688e20ac9f37f1218851857962599f1e56cabce9ed12217834b361971b6a8902aedc8cedd26a644165538c8acf102fc359307310410f9e0377cb3bc6eec1b426ab72240e7d991ac44fd0294117b4e3da4ba822de61d7e4289cb07cc7edc2998e026c73b58c57eaadc2132a59115d69c48533a7ae49d8c11117d06128cd678dcd3c3d2e8f9a34a9432715f5e1a97a1354c5f8de645ea57fc8701f88ce6a61db95b46a3888b8e26793a659920763c812e34fa37ce010879e450d5c910bdbf742f8152d0f0aca65873b9edac3534676b3abe297c8da9094f12e7887c7e804fead5e2cfd285dd4a2086993f73973a4cbe6aa184aa0eaae025213f45230cebd96e52b23f051fdd9593c0063899351104d2cfd1a7166ec0606c5b2c047f707d4cd8358abdabec942f1954071eb0ff985af519db69f6422519dea31e9f0a38e48453fde2104026d777225d70aefca3c08f870f526f85af73d6f75c2ec4b98579a6fff8b6f2a1011ed6db4d119ef8a40e0a281103014a4abffef420d5da61c2561e294bdb827f6298faad3291eda16dd074131398ddd25b278b48ce2a61e16415b526f09eb82c933b6063a8d8a64abe408a95ad9a9ae296787a17bd2166accd6638e497065dbebae2fc22144ba08535d7476dfaceac51e9237d869096cd0ab31317118f2dd9266f2ec7e46acc4d89e5a78698477a5c492e00d4962c08a6dc68c57b297bbc006db4ad4335adfffb4281e1e0110063d9b41d7a4844c3c37dfb5e9ef9711e661783bbb74228e2f921e363d80ec74df268b06771fdfb28f5ea26eccc7ddf1fbd41362050cc3fabbfbc0746984301caabaf3771790b801d02ebd2e2c49a646e9734794ea3f3e910e1461c50aa1397e46462c13fd241ed5e9947b76a5bb79a52feccd0277165430a760ea30eb3581b5fdfe2b4847391dbe4af45a91059ecb77dcaba1eb935b8378dcc2cf5f3e063f3caab20e613b0baa2ed74df72c89b692375d461d63b5bf625f4df530b3de33dd42dea40d7a3576f0d349251b3120c4f2341bda0944b8d6d12b802f62c244ab54d5eefbabf6b5986c46c6cc5da708bc43ff38e1de4d4bd264ed091a1c752a446aa5d76f4ce6fbd27278682c90bff415610935234c961c3d2bcfdb16fb32fc60a333048e3a52dc506550f6b75a064b2c2e3a91cc5ee8db192839567698261398ae781a4684fe00176ee7ff0e2c9f31f0795b309b1ce14060ccc86569b21e4e7976a3615aea33aaf0f4f161461b6999c834821a20f4e556feb95f57d494750c550d076bbf40ef5414f0961a9804687920656fe6f1f088cfc95ee4b93ace96a9fe1fb09ed506a92902c14655186b26f99df5ba9bd4d2204e98b08b38b6d8480d3c37a27771fac953a4f17facf4116625c0d88afb06aa3709d05a19f2134bf83862063bb1e8ffcbcd7d53c3d19e35a41d970a5eb161b4efbccbc2f9c12b6841bfa2072d98e71b45d4fd4e470363d6f2d8a89deb0ba34aeb16ce03c722608ffe246af50de3fa41decdf4a6252cbbb22c747d89a60096e52d3f5aa71225df55a47ea4b095e0665f3ee6247be8b3b44d147dc6206a481121dfd243624ed7a3264aad33107f98cbece485d4bd08f0451fac0dd58b6d04e99695b7cd8f24937f8c48ea763d03b8a5276c0536b148be0a43613cea4708eb7f2145fc281fac91eb0c6decb93d102aea69081977cb2f037668ead05044f933d679f0e85793cf6ab6dd65d8230c4c00b7e8df446d7eaa1fb43d7df376e1679f347461dfa7d598d08724fcabb786c689164ee160179ea51e4cb45186f3e9d2e763d4932740e62086a0fd63ba5cc3a510cfc2effb66fa9a37c847f1f841e96473b64ac0f5474c8c4c4427a536a5eb6c8f192d706207914cfc4d91a0b326af00e7fd4f0aa5af2036549f8df6d7c9436891bc9daab5ab916dde73765e60c2a3e987ceb3ab015b1184f2d0397768e86c07c985082da244cbca7b78532a501e4c45a2d5620921b1a4982ffb780c0ca1189feb4f3c72f62d2e75dbed85c76508b0ded0078e02853d6007cf462066f9db62514f607d215d5b100ebace7a3e6e56147dbb37cbb978e6403088c584a75446f3a6541e0a14e1dd5905157620673e1ca5166d05ad4fcdfdccc68ea42949c2f08e4d26d023d886c04df020e4ffae2d01276db8799f0eaabf0c47dfdcd36e4f96a478b7ee1cfd95e8974b38f1c7e701a0176f79e2e01188abe233510000552e2ff450d66e7f9e65e6b6f9805daa5d760f30e67329503750bc2183603835da12b95250e9e7b90c780962f1c48a33ab8de22804ca569c5a768895528946b525f077f03cc0930488a85fa214e8c9c3021ff6c377bb14701eeba60bee3afb668795452c204fe4b43ffdc7e6d153d217ec7996472926d06c7bcd9d3f44452192047c15aea1353f467427011623cc0c5aae2d2a45aa7271304f74cf99f7a1e10927718ed5ad39982c519e35ff3085a861828cefa4088feab3b1e26101ec74a1cf1aed7b206dbb9461a2767f367ad0c215562419f969cc48261ff0967cdfdb3d42ec676a2142482181b88675ee1fce38b7b3be949fe84f21def55539b802020667a00a0dfc281762b2247ef755f1e78e7df3dc0f8783954ad04f464b8f8780a54a4604fcc5b9fcb21ab05eef513fd01489cccdfc9c39b4ce7ad05d6e29f9a2b1fdfe08518738d49d4687b16122cd2ad138ad77e9dc73f30b6409cfe4dbee59107ef9b80b635290e894e2167ce2f83bdcac29ae3446041d8eff69df2e0e3b60d1d8ffb5ccfee8d5c48b22275efb1db7cb7002d7100f366fe8da47cf388618f3f573b38699221f3f7a9ee294309a0560051b5935bdc47872ab915e1342ce1f2bfda47e33957f9f47cc6da9df00e6ddda0a793413ae59f0654996f6dfd676f5b0f1290f31866b48da3969837b1095279e457bb1427bd7dc8a13db0aaec6a676e552e00bfab23ae3f65936c0d2ae3edd88227da5bcaf145", 0x1000) r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r2) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) ioctl$FICLONE(r3, 0x40049409, r3) getsockopt$inet_int(r1, 0x0, 0xf, &(0x7f0000000180), &(0x7f00000001c0)=0x4) request_key(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000002c0)='GPLuser\x00', r4) 10:01:02 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:02 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x1d, "69bc930f86671304d0f1ec3be45673fa85c394a2cf7bfa4fd09eeee2fe"}, &(0x7f0000000080)=0x41) fallocate(r1, 0x20, 0x0, 0xfffffeff000) socket$can_bcm(0x1d, 0x2, 0x2) [ 245.635786] FAULT_INJECTION: forcing a failure. [ 245.635786] name failslab, interval 1, probability 0, space 0, times 0 [ 245.647076] CPU: 1 PID: 15150 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 245.653999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 245.663354] Call Trace: [ 245.665950] dump_stack+0x1b9/0x294 [ 245.669579] ? dump_stack_print_info.cold.2+0x52/0x52 [ 245.674768] ? __save_stack_trace+0x7e/0xd0 [ 245.679095] should_fail.cold.4+0xa/0x1a [ 245.683147] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 245.688248] ? kasan_kmalloc+0xc4/0xe0 [ 245.692132] ? kasan_slab_alloc+0x12/0x20 [ 245.696267] ? kmem_cache_alloc+0x12e/0x760 [ 245.700587] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 245.705429] ? kvm_mmu_load+0x21/0x10e0 [ 245.709399] ? vcpu_enter_guest+0x3a83/0x6060 [ 245.713897] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 245.718908] ? graph_lock+0x170/0x170 [ 245.722717] ? do_syscall_64+0x1b1/0x800 [ 245.726789] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 245.732157] ? find_held_lock+0x36/0x1c0 [ 245.736212] ? __lock_is_held+0xb5/0x140 [ 245.740266] ? check_same_owner+0x320/0x320 [ 245.744578] ? rcu_note_context_switch+0x710/0x710 [ 245.749503] __should_failslab+0x124/0x180 [ 245.753725] should_failslab+0x9/0x14 [ 245.757511] kmem_cache_alloc+0x2af/0x760 [ 245.761643] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 245.767164] ? kvm_pfn_to_page+0x7a/0xa0 [ 245.771223] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 245.776054] mmu_topup_memory_caches+0xf7/0x3a0 [ 245.780706] ? kvm_apic_has_interrupt+0xe1/0x210 [ 245.785451] kvm_mmu_load+0x21/0x10e0 [ 245.789236] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 245.794761] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 245.800283] vcpu_enter_guest+0x3a83/0x6060 [ 245.804593] ? print_usage_bug+0xc0/0xc0 [ 245.808643] ? kvm_set_msr_common+0x2680/0x2680 [ 245.813292] ? vmx_vcpu_load+0xada/0xfe0 [ 245.817341] ? __lock_acquire+0x7f5/0x5140 [ 245.821559] ? vmx_vcpu_reset+0x1030/0x1030 [ 245.825864] ? graph_lock+0x170/0x170 [ 245.829651] ? graph_lock+0x170/0x170 [ 245.833434] ? __lock_acquire+0x7f5/0x5140 [ 245.837658] ? debug_check_no_locks_freed+0x310/0x310 [ 245.842835] ? __lock_is_held+0xb5/0x140 [ 245.846883] ? lock_acquire+0x1dc/0x520 [ 245.850842] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 245.855843] ? lock_release+0xa10/0xa10 [ 245.859800] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 245.865061] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 245.869537] ? preempt_notifier_dec+0x20/0x20 [ 245.874027] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 245.878851] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 245.883871] kvm_vcpu_ioctl+0x79d/0x12e0 [ 245.887920] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 245.893617] ? graph_lock+0x170/0x170 [ 245.897402] ? find_held_lock+0x36/0x1c0 [ 245.901457] ? lock_downgrade+0x8e0/0x8e0 [ 245.905593] ? kasan_check_read+0x11/0x20 [ 245.909727] ? rcu_is_watching+0x85/0x140 [ 245.913859] ? rcu_report_qs_rnp+0x790/0x790 [ 245.918258] ? __fget+0x40c/0x650 [ 245.921697] ? match_held_lock+0x871/0x8b0 [ 245.925915] ? expand_files.part.8+0x9a0/0x9a0 [ 245.930481] ? kasan_check_write+0x14/0x20 [ 245.934701] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 245.939619] ? wait_for_completion+0x870/0x870 [ 245.944185] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 245.949358] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 245.955052] do_vfs_ioctl+0x1cf/0x16f0 [ 245.958929] ? ioctl_preallocate+0x2e0/0x2e0 [ 245.963322] ? fget_raw+0x20/0x20 [ 245.966758] ? __sb_end_write+0xac/0xe0 [ 245.970718] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 245.976236] ? fput+0x130/0x1a0 [ 245.979503] ? ksys_write+0x1a6/0x250 [ 245.983289] ? security_file_ioctl+0x94/0xc0 [ 245.987682] ksys_ioctl+0xa9/0xd0 [ 245.991124] __x64_sys_ioctl+0x73/0xb0 [ 245.994996] do_syscall_64+0x1b1/0x800 [ 245.999152] ? finish_task_switch+0x1ca/0x840 [ 246.003633] ? syscall_return_slowpath+0x5c0/0x5c0 [ 246.008546] ? syscall_return_slowpath+0x30f/0x5c0 [ 246.013461] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 246.018810] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 246.023638] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 246.029070] RIP: 0033:0x4559f9 [ 246.032240] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 246.051469] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 246.059161] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 246.066413] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 246.073666] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 246.080916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 246.088191] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000014 10:01:02 executing program 5 (fault-call:5 fault-nth:21): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:02 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:02 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xa00d0000, [0x40000073, 0x1]}) 10:01:02 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f0000000240)) 10:01:02 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0x7, &(0x7f0000000180), &(0x7f00000001c0)) sendmmsg$unix(r0, &(0x7f0000003bc0)=[{&(0x7f0000000040)=@abs, 0x6e, &(0x7f0000000680), 0x0, &(0x7f00000000c0)=[@rights={0x18, 0x1, 0x1, [r0]}], 0x18}], 0x1, 0x0) time(&(0x7f0000000100)) recvmmsg(r1, &(0x7f0000002f40)=[{{&(0x7f0000000940)=@ax25, 0x80, &(0x7f00000009c0), 0x0, &(0x7f0000000a00)=""/36, 0x24}}], 0x1, 0x0, &(0x7f0000003000)) [ 246.280945] kernel msg: ebtables bug: please report to author: Wrong len argument [ 246.446953] FAULT_INJECTION: forcing a failure. [ 246.446953] name failslab, interval 1, probability 0, space 0, times 0 [ 246.458234] CPU: 1 PID: 15185 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 246.465168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.474521] Call Trace: [ 246.477121] dump_stack+0x1b9/0x294 [ 246.480765] ? dump_stack_print_info.cold.2+0x52/0x52 [ 246.485969] ? __save_stack_trace+0x7e/0xd0 [ 246.490314] should_fail.cold.4+0xa/0x1a [ 246.494393] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 246.499500] ? kasan_kmalloc+0xc4/0xe0 [ 246.503399] ? kasan_slab_alloc+0x12/0x20 [ 246.507553] ? kmem_cache_alloc+0x12e/0x760 [ 246.511880] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 246.516727] ? kvm_mmu_load+0x21/0x10e0 [ 246.520698] ? vcpu_enter_guest+0x3a83/0x6060 [ 246.525192] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 246.530223] ? graph_lock+0x170/0x170 [ 246.534028] ? do_syscall_64+0x1b1/0x800 [ 246.538084] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 246.543440] ? find_held_lock+0x36/0x1c0 [ 246.547495] ? __lock_is_held+0xb5/0x140 [ 246.551552] ? check_same_owner+0x320/0x320 [ 246.555861] ? rcu_note_context_switch+0x710/0x710 [ 246.560812] __should_failslab+0x124/0x180 [ 246.565038] should_failslab+0x9/0x14 [ 246.568824] kmem_cache_alloc+0x2af/0x760 [ 246.572956] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 246.578479] ? kvm_pfn_to_page+0x7a/0xa0 [ 246.582531] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 246.587358] mmu_topup_memory_caches+0xf7/0x3a0 [ 246.592017] ? kvm_apic_has_interrupt+0xe1/0x210 [ 246.596761] kvm_mmu_load+0x21/0x10e0 [ 246.600580] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 246.606104] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 246.611626] vcpu_enter_guest+0x3a83/0x6060 [ 246.615940] ? print_usage_bug+0xc0/0xc0 [ 246.619987] ? kvm_set_msr_common+0x2680/0x2680 [ 246.624640] ? vmx_vcpu_load+0xada/0xfe0 [ 246.628687] ? __lock_acquire+0x7f5/0x5140 [ 246.632905] ? vmx_vcpu_reset+0x1030/0x1030 [ 246.637245] ? graph_lock+0x170/0x170 [ 246.641035] ? graph_lock+0x170/0x170 [ 246.644821] ? __lock_acquire+0x7f5/0x5140 [ 246.649045] ? debug_check_no_locks_freed+0x310/0x310 [ 246.654223] ? __lock_is_held+0xb5/0x140 [ 246.658270] ? lock_acquire+0x1dc/0x520 [ 246.662230] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 246.667230] ? lock_release+0xa10/0xa10 [ 246.671191] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 246.676452] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 246.680928] ? preempt_notifier_dec+0x20/0x20 [ 246.685414] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 246.690238] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 246.695243] kvm_vcpu_ioctl+0x79d/0x12e0 [ 246.699290] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 246.704985] ? graph_lock+0x170/0x170 [ 246.708777] ? find_held_lock+0x36/0x1c0 [ 246.712829] ? lock_downgrade+0x8e0/0x8e0 [ 246.716965] ? kasan_check_read+0x11/0x20 [ 246.721099] ? rcu_is_watching+0x85/0x140 [ 246.725232] ? rcu_report_qs_rnp+0x790/0x790 [ 246.729628] ? __fget+0x40c/0x650 [ 246.733066] ? match_held_lock+0x871/0x8b0 [ 246.737285] ? expand_files.part.8+0x9a0/0x9a0 [ 246.741849] ? kasan_check_write+0x14/0x20 [ 246.746069] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 246.751074] ? wait_for_completion+0x870/0x870 [ 246.755638] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 246.760814] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 246.766510] do_vfs_ioctl+0x1cf/0x16f0 [ 246.770383] ? ioctl_preallocate+0x2e0/0x2e0 [ 246.774774] ? fget_raw+0x20/0x20 [ 246.778214] ? __sb_end_write+0xac/0xe0 [ 246.782173] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 246.787689] ? fput+0x130/0x1a0 [ 246.790955] ? ksys_write+0x1a6/0x250 [ 246.794745] ? security_file_ioctl+0x94/0xc0 [ 246.799137] ksys_ioctl+0xa9/0xd0 [ 246.802577] __x64_sys_ioctl+0x73/0xb0 [ 246.806450] do_syscall_64+0x1b1/0x800 [ 246.810321] ? finish_task_switch+0x1ca/0x840 [ 246.814801] ? syscall_return_slowpath+0x5c0/0x5c0 [ 246.819733] ? syscall_return_slowpath+0x30f/0x5c0 [ 246.824650] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 246.829998] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 246.834834] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 246.840006] RIP: 0033:0x4559f9 [ 246.843204] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 246.862432] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 246.870123] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 246.877377] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 246.884628] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 246.891878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 246.899140] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000015 10:01:03 executing program 4: syz_emit_ethernet(0x3e, &(0x7f00000001c0)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty, [], {@ipv4={0x800, {{0x7, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @rand_addr=0x80000000, {[@timestamp={0x44, 0x8, 0x5, 0x1, 0x0, [{}]}]}}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f00000002c0)) socketpair(0x10, 0x80000, 0xa4e, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000080)={0x100, {0x2, 0x4e23, @broadcast=0xffffffff}, {0x2, 0x4e20, @multicast1=0xe0000001}, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x16}}, 0xdb, 0x8, 0x401, 0x7, 0x4, &(0x7f0000000040)='team0\x00', 0xa770, 0x6, 0x7}) 10:01:03 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000280), 0xffffffffffffff2d, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:03 executing program 6 (fault-call:7 fault-nth:0): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:03 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:03 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x400, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x9) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="be5d532ae4bf69168c45cc8823"], &(0x7f00000002c0)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x7f, 0xce, &(0x7f0000000300)=""/206, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x3, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000200)='syzkaller\x00', 0x5, 0x3342, &(0x7f0000000300)=""/187, 0x0, 0x1}, 0x48) r2 = memfd_create(&(0x7f0000000080)='syzkaller\x00', 0x2) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000180)=0x72ec, 0x4) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f00000000c0)=0x4) 10:01:03 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) memfd_create(&(0x7f0000000000)='#posix_acl_access+\x00', 0x1) ioctl$KVM_SET_LAPIC(r0, 0x4400ae8f, &(0x7f0000000140)={"1d3c8761cf828ef8887e8c35b4899f38f7b79a28cc262004048cb6bd5d3ccf8627aebf07b4cdeb0ad28d875c602752046947dcd898ed646794ce1042d37d88953eedce6bc7b0c5afd038e9ab9344691f88424315ac97bf98e55cf694609a9f60b85076ebfb73ebc20eec736132135ff7ca09a187f0c555f7aebb245f14e6dd823adbb84caadef1b35d0b0f7db136db385ea47072c95d1e84fec585dba208dbd4cc38d1e6801eef1e6575861964688a793a070192e553ed1036e038968cbe2c8acfdd90237d5694f31d4c40fe4374db4190b3db3d683f9c8d748527b638694cbd0dbb708a4ce0ae426caae84cf83a368c2993a0d90fd853835d55cc01dcd60f791feb85cc5d4839d4cbb4451aeac95f4ef46d72db96abff0e4e1229f71c52d0248cd8c7e5908e8c38d708786982c4210cbc0963558f2e1db9aaae5bcf832693c409742687f866e58519adfb7cc5577e025280506a864ca913715c7cc521f6ada6b19692054e64e4e6955a7b13e9513affc814102a52fe119a564943fe2323da0d10fe4777a76395a68e8f5c5b71f9b33dbdbab580681425eb6d79587d4842305552943564e5acbc26b065e91729d9a196ff145ecf2474eac1d2618d7bf22ae05af64a0d0239d9d9e7904f39b238e084f468da520864b4be2272ce2ecc212540fb1ed3060e141833975d5ae3125a86a0a40f242fc54fb002920b0f7c0f7637acd3b2aaefd5bf29840daae97236bd6fe595e132ef55be4a841e2a3fafcbde7f6b2ecaefbd4279858dfd4fe835d20187e2fb4a0a5235fff03221e4f856d095b003ca76499bf725c4aa75db83a6f246cc35615481afc299502e45f07aa1d7bf7c259c3ed9e220ed15443191fe91314fc12fa45e4bbf5f2b6e69e9724c17d850b9d761ad871bc4f83e09e328dea6a42576284455edd7e0650cca2a749fd12fd9f98ff22b8b257c302ec4f6235624ebc2b162b99895a9e2fca444a183a7f949b1c93959e775ff5a420f37f8ad45c3bf8f5121ab6498d2fdc78ed088a2b4ae4e981563bfcf2126fde656671c2e814bdf03fd5e9e9f8e45d06c329c325de235861b355b6cdde10ab0e33ecf68089128e07700b0e7dab33cd528ad3abaede380fff5eafab57372566dab523ea16a6b3df33fbac1fbe2a62c258116120183769e6d3c4e45efb7ba949e16ae329ecccc444e0acc3d2c5e1622abd0794808cba88483c85546544dd94e0c0ad324f9fa35958ca01fcb1a09b0b578ccec239244bbf5ad831fe6bb7d25314fedb8a741f2ebb5999c71c5936a10dcabf316f7b39283ad29cab93a31b97c75cf464a92e4d76f1b968758fce2737bf6acc8da413552a01c45e26f57134f2a9bf846e08bdafbfebae39aebc8026ef7a0515953aa8d42f044e6e36a5f32aaac1079615d345f17ff1020474c53217984a28e110c41d59586ff94223452b0"}) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x200000, 0x0) 10:01:03 executing program 5 (fault-call:5 fault-nth:22): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:03 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x900d0000, [0x40000073, 0x1]}) 10:01:03 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = gettid() capset(&(0x7f0000000080)={0x20071026, r1}, &(0x7f00000000c0)={0xfffffffffffffff7, 0x3, 0x0, 0x4, 0x0, 0xf3e1}) r2 = syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl(r0, 0x8001, &(0x7f0000000100)="2957e1311f16f477671070") ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000011c0)={0x2, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="070b185b6c1190c8ea33239f44aeb68b9e34cd765ef97ff6eedde4194dc3c391cc1136c8ac193750cc7246fd22faeab9ab4f5862d644b795afbeb73bf0b37f548f7c1915dbba495eed73f90944c16495866ef22740f2eab7f672ab95669ff74539d08a37672e76133c6b9f8185759b23d197926695c13a0a94d8c974da5273f1a0c6c8347100a6ef05c5040de633df15d63d40adf3ce704787ac6828556cde0cef764813937c29e55c36e45a81fb6a9ce30fed724eae35300b4da4c53c7cd24b3d93b81e5a0b98972bed87f188be244a0250cc66f1e21ac73cdb0d34b52e1181879622be168ac8be1c680e899e45e7f0aa0e6f841cf75b23c3eea4b20bbc0a8405d0ad72c652b78ad11b7372d7afb37d9378c047d276932c5bfb24bc0daf0e98b56318a431d0a2eda9c955c602bf49ec2df1b1c6aa80dd475a09c5b4710279197f1c0b1d351eb1fac8872f839b22412a8ac5737a930484abd9452c877706732c8752208229b06ce8e9365d608e0956525b59c59ec7224ef74c6dadeedb64a896d710"], 0x0, 0x0, &(0x7f00000001c0)}) poll(&(0x7f0000000000)=[{r2}], 0x1, 0x3) 10:01:03 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:03 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) socket$inet6(0xa, 0x80006, 0x0) fallocate(r1, 0x20, 0x0, 0xfffffeff000) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0xd001, 0x3000, 0x2, 0x0, 0x100000000}) [ 247.260385] FAULT_INJECTION: forcing a failure. [ 247.260385] name failslab, interval 1, probability 0, space 0, times 0 [ 247.261387] FAULT_INJECTION: forcing a failure. [ 247.261387] name failslab, interval 1, probability 0, space 0, times 0 [ 247.271641] CPU: 0 PID: 15221 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 247.271652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.271667] Call Trace: [ 247.301668] dump_stack+0x1b9/0x294 [ 247.305293] ? dump_stack_print_info.cold.2+0x52/0x52 [ 247.310474] ? __save_stack_trace+0x7e/0xd0 [ 247.314797] should_fail.cold.4+0xa/0x1a [ 247.318856] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 247.323950] ? kasan_kmalloc+0xc4/0xe0 [ 247.327831] ? kasan_slab_alloc+0x12/0x20 [ 247.331972] ? kmem_cache_alloc+0x12e/0x760 [ 247.336287] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 247.341121] ? kvm_mmu_load+0x21/0x10e0 [ 247.345087] ? vcpu_enter_guest+0x3a83/0x6060 [ 247.349574] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 247.354584] ? graph_lock+0x170/0x170 [ 247.358375] ? do_syscall_64+0x1b1/0x800 [ 247.362432] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 247.367791] ? find_held_lock+0x36/0x1c0 [ 247.371855] ? __lock_is_held+0xb5/0x140 [ 247.375915] ? check_same_owner+0x320/0x320 [ 247.380233] ? rcu_note_context_switch+0x710/0x710 [ 247.385162] __should_failslab+0x124/0x180 [ 247.389391] should_failslab+0x9/0x14 [ 247.393181] kmem_cache_alloc+0x2af/0x760 [ 247.397320] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 247.402851] ? kvm_pfn_to_page+0x7a/0xa0 [ 247.406907] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 247.411744] mmu_topup_memory_caches+0xf7/0x3a0 [ 247.416407] ? kvm_apic_has_interrupt+0xe1/0x210 [ 247.421160] kvm_mmu_load+0x21/0x10e0 [ 247.424954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 247.430487] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 247.436020] vcpu_enter_guest+0x3a83/0x6060 [ 247.440342] ? kvm_set_msr_common+0x2680/0x2680 [ 247.445002] ? vmx_vcpu_load+0xada/0xfe0 [ 247.449062] ? vmx_vcpu_reset+0x1030/0x1030 [ 247.453373] ? graph_lock+0x170/0x170 [ 247.457169] ? graph_lock+0x170/0x170 [ 247.460983] ? __lock_acquire+0x7f5/0x5140 [ 247.465214] ? debug_check_no_locks_freed+0x310/0x310 [ 247.470405] ? __lock_is_held+0xb5/0x140 [ 247.474463] ? lock_acquire+0x1dc/0x520 [ 247.478431] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 247.483443] ? lock_release+0xa10/0xa10 [ 247.487408] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 247.492678] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 247.497163] ? preempt_notifier_dec+0x20/0x20 [ 247.501660] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 247.506494] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 247.511511] kvm_vcpu_ioctl+0x79d/0x12e0 [ 247.515566] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 247.521270] ? graph_lock+0x170/0x170 [ 247.525063] ? find_held_lock+0x36/0x1c0 [ 247.529127] ? lock_downgrade+0x8e0/0x8e0 [ 247.533271] ? kasan_check_read+0x11/0x20 [ 247.537415] ? rcu_is_watching+0x85/0x140 [ 247.541556] ? rcu_report_qs_rnp+0x790/0x790 [ 247.545965] ? __fget+0x40c/0x650 [ 247.549415] ? match_held_lock+0x871/0x8b0 [ 247.553641] ? expand_files.part.8+0x9a0/0x9a0 [ 247.558214] ? kasan_check_write+0x14/0x20 [ 247.562440] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 247.567362] ? wait_for_completion+0x870/0x870 [ 247.571936] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 247.577118] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 247.582820] do_vfs_ioctl+0x1cf/0x16f0 [ 247.586704] ? ioctl_preallocate+0x2e0/0x2e0 [ 247.591106] ? fget_raw+0x20/0x20 [ 247.594549] ? __sb_end_write+0xac/0xe0 [ 247.598517] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 247.604044] ? fput+0x130/0x1a0 [ 247.607319] ? ksys_write+0x1a6/0x250 [ 247.611113] ? security_file_ioctl+0x94/0xc0 [ 247.615516] ksys_ioctl+0xa9/0xd0 [ 247.618964] __x64_sys_ioctl+0x73/0xb0 [ 247.622844] do_syscall_64+0x1b1/0x800 [ 247.626721] ? finish_task_switch+0x1ca/0x840 [ 247.631208] ? syscall_return_slowpath+0x5c0/0x5c0 [ 247.636134] ? syscall_return_slowpath+0x30f/0x5c0 [ 247.641056] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 247.646414] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 247.651253] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 247.656430] RIP: 0033:0x4559f9 [ 247.659614] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 247.678921] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 247.686621] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 247.693877] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 247.701134] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 247.708393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 247.715651] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000016 [ 247.722929] CPU: 1 PID: 15219 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 247.729864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.739212] Call Trace: [ 247.741793] dump_stack+0x1b9/0x294 [ 247.745409] ? dump_stack_print_info.cold.2+0x52/0x52 [ 247.750588] ? debug_check_no_locks_freed+0x310/0x310 [ 247.755771] should_fail.cold.4+0xa/0x1a [ 247.759820] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 247.764907] ? print_usage_bug+0xc0/0xc0 [ 247.768954] ? find_held_lock+0x36/0x1c0 [ 247.773008] ? find_held_lock+0x36/0x1c0 [ 247.777069] ? check_same_owner+0x320/0x320 [ 247.781376] ? rcu_note_context_switch+0x710/0x710 [ 247.786291] ? lock_downgrade+0x8e0/0x8e0 [ 247.790428] __should_failslab+0x124/0x180 [ 247.794651] should_failslab+0x9/0x14 [ 247.798433] __kmalloc_track_caller+0x2c4/0x760 [ 247.803087] ? strncpy_from_user+0x500/0x500 [ 247.807477] ? __might_sleep+0x95/0x190 [ 247.811433] ? strndup_user+0x77/0xd0 [ 247.815217] memdup_user+0x2c/0xa0 [ 247.818741] strndup_user+0x77/0xd0 [ 247.822357] __keyctl_dh_compute+0x210/0x1bc0 [ 247.826839] ? graph_lock+0x170/0x170 [ 247.830630] ? copy_overflow+0x30/0x30 [ 247.834507] ? proc_cwd_link+0x1d0/0x1d0 [ 247.838553] ? find_held_lock+0x36/0x1c0 [ 247.842604] ? lock_downgrade+0x8e0/0x8e0 [ 247.846739] ? lock_release+0xa10/0xa10 [ 247.850695] ? check_same_owner+0x320/0x320 [ 247.854999] ? __lock_is_held+0xb5/0x140 [ 247.859080] ? __might_sleep+0x95/0x190 [ 247.863045] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 247.868565] ? _copy_from_user+0xdf/0x150 [ 247.872698] keyctl_dh_compute+0xb9/0x100 [ 247.876833] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 247.881578] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 247.886403] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 247.891579] __x64_sys_keyctl+0x12a/0x3b0 [ 247.895715] do_syscall_64+0x1b1/0x800 [ 247.899585] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 247.904412] ? syscall_return_slowpath+0x5c0/0x5c0 [ 247.909327] ? syscall_return_slowpath+0x30f/0x5c0 [ 247.914243] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 247.919595] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 247.924425] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 247.929598] RIP: 0033:0x4559f9 [ 247.932767] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 247.952032] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 247.959724] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 247.966974] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 247.974226] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 247.981479] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 247.988730] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000000 10:01:04 executing program 6 (fault-call:7 fault-nth:1): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:04 executing program 1: r0 = add_key(&(0x7f0000000640)='ceph\x00', &(0x7f0000000680)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000800)="554573b6d7b0579b467416df35ab465f6c7014a80f6ab69531aa30d9a47d873cde91dc689958bf25b2ef266550fdfedc2b1e025701e6f01963962f1ceb2ee9896a16ee4ff77e067ba4e64bb7f4a49fe66a6e8c58d4bc284c39285b86906a65695e9d062dd89dc559d1a695a474b4feb4d7e4167735fa68f51c0cf9f2d9cb1c5c891bff77b985a91acf03ae4f4660ba35c90bacd243574f3ba339feb0353947b0ad66f7a323c0ce78f7ee6055908bf8809f37d068e0efe3875cf25ff5b96706858fd2d1edd1a784c23f092bb04909bbd160488bbfebd3329c3c519026b4e12873c63fa1a18b274cde87b51097add7229848646ff666e579fdfcab88", 0xfb, 0x0) r1 = add_key$keyring(&(0x7f0000000580)='keyring\x00', &(0x7f0000000600)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x4e22, 0x20, @empty, 0x4}}, 0x5, 0x8, 0x7fff, "1ddc1c94f622f01aabcb184547ce1707ad75cdfd974717297615d7ee2c70793ba4a10ed23bf998a88902ec500d68cb0ae51ee146d36db9f25fa1411e143ea2e047abea67fb4482b471e452c0f7c1ee55"}, 0xd8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r2) r5 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x100000001, r1) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_GET_PIT(r7, 0xc048ae65, &(0x7f0000000440)) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x1, 0x6, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}, 0x20) ioctl$KDADDIO(r8, 0x4b34, 0x3) 10:01:04 executing program 5 (fault-call:5 fault-nth:23): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:04 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x3, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f0000000140)={0x4, 0x5}) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$inet_int(r1, 0x0, 0x6, &(0x7f0000000180), &(0x7f00000001c0)=0x4) write$rdma_cm(r2, &(0x7f0000001bc0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001b80)={0xffffffff}, 0x2}}, 0x20) write$rdma_cm(r2, &(0x7f0000000040)=@bind={0x14, 0x88, 0xfa00, {r3, 0x10, 0x0, @in={0x2, 0x0, @loopback=0x7f000001}}}, 0x90) [ 248.073905] binder: 15224:15233 unknown command 1528302343 [ 248.088715] binder: 15224:15233 ioctl c0306201 200011c0 returned -22 [ 248.113709] binder: 15224:15233 unknown command 1528302343 [ 248.119415] binder: 15224:15233 ioctl c0306201 200011c0 returned -22 [ 248.320618] FAULT_INJECTION: forcing a failure. [ 248.320618] name failslab, interval 1, probability 0, space 0, times 0 [ 248.331929] CPU: 1 PID: 15249 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 248.338857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.348208] Call Trace: [ 248.350812] dump_stack+0x1b9/0x294 [ 248.354450] ? dump_stack_print_info.cold.2+0x52/0x52 [ 248.359650] ? __save_stack_trace+0x7e/0xd0 [ 248.363991] should_fail.cold.4+0xa/0x1a [ 248.368069] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 248.373184] ? kasan_kmalloc+0xc4/0xe0 [ 248.377079] ? kasan_slab_alloc+0x12/0x20 [ 248.381225] ? kmem_cache_alloc+0x12e/0x760 [ 248.385538] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 248.390378] ? kvm_mmu_load+0x21/0x10e0 [ 248.394354] ? vcpu_enter_guest+0x3a83/0x6060 [ 248.398860] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 248.403875] ? graph_lock+0x170/0x170 [ 248.407664] ? do_syscall_64+0x1b1/0x800 [ 248.411714] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 248.417084] ? find_held_lock+0x36/0x1c0 [ 248.421139] ? __lock_is_held+0xb5/0x140 [ 248.425194] ? check_same_owner+0x320/0x320 [ 248.429523] ? rcu_note_context_switch+0x710/0x710 [ 248.434456] __should_failslab+0x124/0x180 [ 248.438694] should_failslab+0x9/0x14 [ 248.442488] kmem_cache_alloc+0x2af/0x760 [ 248.446625] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 248.452152] ? kvm_pfn_to_page+0x7a/0xa0 [ 248.456222] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 248.461079] mmu_topup_memory_caches+0xf7/0x3a0 [ 248.465750] ? kvm_apic_has_interrupt+0xe1/0x210 [ 248.470514] kvm_mmu_load+0x21/0x10e0 [ 248.474316] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 248.479843] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 248.485402] vcpu_enter_guest+0x3a83/0x6060 [ 248.489737] ? kvm_set_msr_common+0x2680/0x2680 [ 248.494402] ? vmx_vcpu_load+0xada/0xfe0 [ 248.498477] ? mark_held_locks+0xc9/0x160 [ 248.502622] ? graph_lock+0x170/0x170 [ 248.506416] ? retint_kernel+0x10/0x10 [ 248.510299] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 248.515319] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 248.520090] ? __lock_is_held+0xb5/0x140 [ 248.524162] ? lock_acquire+0x1dc/0x520 [ 248.528145] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 248.533172] ? lock_release+0xa10/0xa10 [ 248.537162] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 248.542453] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 248.546948] ? preempt_notifier_dec+0x20/0x20 [ 248.551458] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 248.553364] FAULT_INJECTION: forcing a failure. [ 248.553364] name failslab, interval 1, probability 0, space 0, times 0 [ 248.556301] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 248.556328] kvm_vcpu_ioctl+0x79d/0x12e0 [ 248.556348] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 248.556362] ? graph_lock+0x170/0x170 [ 248.556385] ? find_held_lock+0x36/0x1c0 [ 248.590098] ? lock_downgrade+0x8e0/0x8e0 [ 248.594246] ? kasan_check_read+0x11/0x20 [ 248.598387] ? rcu_is_watching+0x85/0x140 [ 248.602531] ? rcu_report_qs_rnp+0x790/0x790 [ 248.606941] ? __fget+0x40c/0x650 [ 248.610392] ? match_held_lock+0x871/0x8b0 [ 248.614619] ? expand_files.part.8+0x9a0/0x9a0 [ 248.619198] ? kasan_check_write+0x14/0x20 [ 248.623424] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 248.628348] ? wait_for_completion+0x870/0x870 [ 248.632923] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 248.638108] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 248.643811] do_vfs_ioctl+0x1cf/0x16f0 [ 248.647694] ? ioctl_preallocate+0x2e0/0x2e0 [ 248.652094] ? fget_raw+0x20/0x20 [ 248.655541] ? __sb_end_write+0xac/0xe0 [ 248.659509] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 248.665039] ? fput+0x130/0x1a0 [ 248.668315] ? ksys_write+0x1a6/0x250 [ 248.672111] ? security_file_ioctl+0x94/0xc0 [ 248.676514] ksys_ioctl+0xa9/0xd0 [ 248.679963] __x64_sys_ioctl+0x73/0xb0 [ 248.683844] do_syscall_64+0x1b1/0x800 [ 248.687727] ? syscall_return_slowpath+0x5c0/0x5c0 [ 248.692662] ? syscall_return_slowpath+0x30f/0x5c0 [ 248.697586] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 248.702944] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 248.707782] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 248.712958] RIP: 0033:0x4559f9 [ 248.716135] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 248.735445] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 248.743143] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 248.750402] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 248.757662] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 248.764918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 248.772181] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000017 [ 248.779457] CPU: 0 PID: 15254 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 248.786387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.795736] Call Trace: [ 248.798326] dump_stack+0x1b9/0x294 [ 248.801954] ? dump_stack_print_info.cold.2+0x52/0x52 [ 248.807133] ? is_bpf_text_address+0xd7/0x170 [ 248.811618] should_fail.cold.4+0xa/0x1a [ 248.815663] ? graph_lock+0x170/0x170 [ 248.819456] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 248.824542] ? lock_acquire+0x1dc/0x520 [ 248.828502] ? crypto_alg_lookup+0x43/0x1d0 [ 248.832809] ? find_held_lock+0x36/0x1c0 [ 248.836856] ? find_held_lock+0x36/0x1c0 [ 248.840911] ? check_same_owner+0x320/0x320 [ 248.845217] ? __crypto_alg_lookup+0x31b/0x390 [ 248.849782] ? rcu_note_context_switch+0x710/0x710 [ 248.854698] __should_failslab+0x124/0x180 [ 248.858918] should_failslab+0x9/0x14 [ 248.862702] __kmalloc+0x2c8/0x760 [ 248.866233] ? crypto_larval_alloc+0x1d0/0x1d0 [ 248.870802] ? crypto_create_tfm+0x87/0x310 [ 248.875111] crypto_create_tfm+0x87/0x310 [ 248.879244] crypto_alloc_tfm+0x1b5/0x2d0 [ 248.883381] crypto_alloc_shash+0x2c/0x40 [ 248.887517] __keyctl_dh_compute+0x3b0/0x1bc0 [ 248.892000] ? graph_lock+0x170/0x170 [ 248.895793] ? copy_overflow+0x30/0x30 [ 248.899668] ? proc_cwd_link+0x1d0/0x1d0 [ 248.903716] ? find_held_lock+0x36/0x1c0 [ 248.907764] ? lock_downgrade+0x8e0/0x8e0 [ 248.911899] ? lock_release+0xa10/0xa10 [ 248.915856] ? check_same_owner+0x320/0x320 [ 248.920161] ? __lock_is_held+0xb5/0x140 [ 248.924210] ? __might_sleep+0x95/0x190 [ 248.928173] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 248.933691] ? _copy_from_user+0xdf/0x150 [ 248.937828] keyctl_dh_compute+0xb9/0x100 [ 248.941961] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 248.946702] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 248.951878] __x64_sys_keyctl+0x12a/0x3b0 [ 248.956018] do_syscall_64+0x1b1/0x800 [ 248.959891] ? finish_task_switch+0x1ca/0x840 [ 248.964371] ? syscall_return_slowpath+0x5c0/0x5c0 [ 248.969284] ? syscall_return_slowpath+0x30f/0x5c0 [ 248.974198] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 248.979555] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 248.984383] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 248.989554] RIP: 0033:0x4559f9 [ 248.992721] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 249.011948] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 249.019642] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 249.026930] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 249.034181] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 249.041436] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 249.048687] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000001 [ 249.056433] could not allocate digest TFM handle sha384-avx2 10:01:05 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340)=@sack_info={0x0}, &(0x7f0000000380)=0xc) r4 = open(&(0x7f0000000040)='./file0\x00', 0x100, 0x100) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000240)={r3, @in6={{0xa, 0x4e23, 0x5, @mcast1={0xff, 0x1, [], 0x1}, 0x4}}, 0x4, 0x8}, &(0x7f0000000180)=0x90) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) socket$inet6_dccp(0xa, 0x6, 0x0) r6 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r5) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r6}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:05 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) r1 = socket(0xa, 0x2, 0x7ff) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000040)={r1}) r2 = socket$inet(0x2, 0x2, 0x2) ioctl(r2, 0x2, &(0x7f0000000080)="4ec30c4f9137ca4f839f4f8cd56f9f9a9f6c11f9d6ab541d41f91b7e9c56650aabd9cd8de56356ae8a1f693ffa87a6d7146f58bbcedc79a27f2e451bbf584692fbcb2edbe6bdda0020bbea4beb024f86987f2fa6ccea300364d6f7c222bc7e7ea5ea42eae23cf6c108a31197fc9faa80249877782fc5e79c2deb26733251adc15e573bd27313fa7388be5f794a3b97403dbe1bcc9c") 10:01:05 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:05 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xff0b0000, [0x40000073, 0x1]}) 10:01:05 executing program 5 (fault-call:5 fault-nth:24): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:05 executing program 6 (fault-call:7 fault-nth:2): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:05 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = gettid() r2 = getpid() r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x100, 0x0) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f0000000040)={r3, r0, 0x28f863a0}) r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x20, 0x0, 0xfffffeff000) 10:01:05 executing program 3: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xbfffff7ffffff001, 0x0) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000080)=0x1ff, 0x4) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = openat$md(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0\x00', 0x0, 0x0) dup2(r1, r2) 10:01:05 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:05 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MAP_BUFS(r3, 0xc0186419, &(0x7f0000000480)={0x9, &(0x7f0000000240)=""/120, &(0x7f0000002a40)=[{0x6, 0x1000, 0x8, &(0x7f0000000800)=""/4096}, {0x6, 0x89, 0xc1, &(0x7f0000000600)=""/137}, {0x2, 0x1000, 0x8, &(0x7f0000001800)=""/4096}, {0x5, 0x3f, 0x4, &(0x7f00000002c0)=""/63}, {0x401, 0xa0, 0x5e, &(0x7f0000002800)=""/160}, {0x2, 0x22, 0xc748, &(0x7f0000000300)=""/34}, {0x0, 0x3, 0xfdad, &(0x7f0000000400)=""/3}, {0x401, 0x8d, 0x6, &(0x7f00000028c0)=""/141}, {0x6, 0xa7, 0x7, &(0x7f0000002980)=""/167}]}) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340)=@sack_info={0x0}, &(0x7f0000000380)=0xc) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r6 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r5) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r6}, &(0x7f0000000740)=""/132, 0x84, 0x0) r8 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x408000, 0x0) ioctl$VHOST_GET_VRING_ENDIAN(r8, 0x4008af14, &(0x7f0000000180)={0x3, 0x2e262db5}) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000540)={r4, 0x5}, 0x8) 10:01:05 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x500, [0x40000073, 0x1]}) 10:01:06 executing program 4: capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x1000, 0x5633}) syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', &(0x7f00000000c0)='./file0\x00', 0xffff, 0x2, &(0x7f0000000280)=[{&(0x7f0000000100)="9fcbbb1c278568fad087406b3d65cea1a8d1dae3d1d949a4b762ab43d7585a0efd9833081beb06f1b47d8e40c4311f07efe7bb636b2b3e538f1d0f25ad83dde5f518c2ca0fb54fcd6cd381250e9d2347edc334f8baa2a9bde86d312c029a9c4565add0e1a8ccc56c83ac0623b051d20b3ecae750b8b7a15dfe23e5cf41391f9f0e480740566ead7a6c2859d34da355624d9d3e4eaa02b0f6353fa365f0f35479661cc0c512077bb91ba01b7439541d0e5b2b4b3623308f2f9e3481dfcf96cb33d1d9578ee46a815c28521987c6f8bcbfb8f71aa5595055", 0xd7, 0x8000}, {&(0x7f0000000200)="fc1d9c02bf1373de70a43fcbe1b7d38db49fd4b24dc665a077a3901ca3359790155fb6ebcb2c93d5d97d6bcedaa2a6eb151dfcaa484d817da3c18e8e47362d49c12e6443339b26d81a7c810b516d26c88f5921ff41fd60e7a5cd0d284c367ea20e7fab", 0x63, 0xffffffffffffff75}], 0x80020, &(0x7f00000002c0)={[{@discard_size={'discard', 0x3d, [0x78, 0x39, 0x39, 0x32]}, 0x2c}, {@errors_remount='errors=remount-ro', 0x2c}, {@quota='quota', 0x2c}, {@uid={'uid', 0x3d, [0x0, 0x30, 0x3f, 0x4a53b4dddedd6c4d, 0x30, 0x35, 0x3f, 0x30, 0x30]}, 0x2c}, {@gid={'gid', 0x3d, [0x3d, 0x78]}, 0x2c}, {@discard_size={'discard', 0x3d, [0x37, 0x7f, 0x35, 0x39, 0x3b, 0x3f, 0x31, 0x37, 0x39]}, 0x2c}, {@gid={'gid', 0x3d, [0x7e]}, 0x2c}, {@umask={'umask', 0x3d, [0x3f, 0x35]}, 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x13, &(0x7f0000000480)='F', 0x1) [ 249.355111] FAULT_INJECTION: forcing a failure. [ 249.355111] name failslab, interval 1, probability 0, space 0, times 0 [ 249.366536] CPU: 0 PID: 15286 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 249.373460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.382796] Call Trace: [ 249.385373] dump_stack+0x1b9/0x294 [ 249.388989] ? dump_stack_print_info.cold.2+0x52/0x52 [ 249.394174] ? __save_stack_trace+0x7e/0xd0 [ 249.398501] should_fail.cold.4+0xa/0x1a [ 249.402564] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 249.407653] ? kasan_kmalloc+0xc4/0xe0 [ 249.411535] ? kasan_slab_alloc+0x12/0x20 [ 249.415682] ? kmem_cache_alloc+0x12e/0x760 [ 249.420001] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 249.424835] ? kvm_mmu_load+0x21/0x10e0 [ 249.428797] ? vcpu_enter_guest+0x3a83/0x6060 [ 249.433273] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 249.438274] ? graph_lock+0x170/0x170 [ 249.442066] ? do_syscall_64+0x1b1/0x800 [ 249.446127] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 249.451498] ? find_held_lock+0x36/0x1c0 [ 249.455553] ? __lock_is_held+0xb5/0x140 [ 249.459604] ? check_same_owner+0x320/0x320 [ 249.463913] ? rcu_note_context_switch+0x710/0x710 [ 249.468828] __should_failslab+0x124/0x180 [ 249.473056] should_failslab+0x9/0x14 [ 249.476844] kmem_cache_alloc+0x2af/0x760 [ 249.481008] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 249.486549] ? kvm_pfn_to_page+0x7a/0xa0 [ 249.490611] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 249.495441] mmu_topup_memory_caches+0xf7/0x3a0 [ 249.500096] ? kvm_apic_has_interrupt+0xe1/0x210 [ 249.504844] kvm_mmu_load+0x21/0x10e0 [ 249.508634] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 249.514154] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 249.519686] vcpu_enter_guest+0x3a83/0x6060 [ 249.523998] ? kvm_set_msr_common+0x2680/0x2680 [ 249.528661] ? vmx_vcpu_load+0xada/0xfe0 [ 249.532706] ? __lock_acquire+0x7f5/0x5140 [ 249.536933] ? vmx_vcpu_reset+0x1030/0x1030 [ 249.541253] ? graph_lock+0x170/0x170 [ 249.545056] ? graph_lock+0x170/0x170 [ 249.548837] ? __lock_acquire+0x7f5/0x5140 [ 249.553061] ? debug_check_no_locks_freed+0x310/0x310 [ 249.558236] ? __lock_is_held+0xb5/0x140 [ 249.562295] ? lock_acquire+0x1dc/0x520 [ 249.566249] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 249.571262] ? lock_release+0xa10/0xa10 [ 249.575235] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 249.580501] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 249.584980] ? preempt_notifier_dec+0x20/0x20 [ 249.589470] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 249.594295] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 249.599300] kvm_vcpu_ioctl+0x79d/0x12e0 [ 249.603344] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 249.609050] ? graph_lock+0x170/0x170 [ 249.612848] ? find_held_lock+0x36/0x1c0 [ 249.616901] ? lock_downgrade+0x8e0/0x8e0 [ 249.621037] ? kasan_check_read+0x11/0x20 [ 249.625170] ? rcu_is_watching+0x85/0x140 [ 249.629312] ? rcu_report_qs_rnp+0x790/0x790 [ 249.633729] ? __fget+0x40c/0x650 [ 249.637183] ? match_held_lock+0x871/0x8b0 [ 249.641405] ? expand_files.part.8+0x9a0/0x9a0 [ 249.645976] ? kasan_check_write+0x14/0x20 [ 249.650197] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 249.655110] ? wait_for_completion+0x870/0x870 [ 249.659673] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 249.664855] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 249.670554] do_vfs_ioctl+0x1cf/0x16f0 [ 249.674426] ? ioctl_preallocate+0x2e0/0x2e0 [ 249.678825] ? fget_raw+0x20/0x20 [ 249.682270] ? __sb_end_write+0xac/0xe0 [ 249.686246] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 249.691775] ? fput+0x130/0x1a0 [ 249.695052] ? ksys_write+0x1a6/0x250 [ 249.698843] ? security_file_ioctl+0x94/0xc0 [ 249.703233] ksys_ioctl+0xa9/0xd0 [ 249.706679] __x64_sys_ioctl+0x73/0xb0 [ 249.710557] do_syscall_64+0x1b1/0x800 [ 249.714438] ? finish_task_switch+0x1ca/0x840 [ 249.718916] ? syscall_return_slowpath+0x5c0/0x5c0 [ 249.723828] ? syscall_return_slowpath+0x30f/0x5c0 [ 249.728742] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 249.734093] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 249.738919] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 249.744088] RIP: 0033:0x4559f9 [ 249.747261] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 249.766488] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 249.774188] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 249.781447] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 249.788696] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 249.795946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 10:01:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f000051cff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000943ffc)=0xa35) read(r0, &(0x7f00003fefff)=""/1, 0x1) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x4000, 0x0) syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0xc0f, 0x8000) ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000380)={0x2, r1}) readv(r0, &(0x7f0000001540)=[{&(0x7f00000000c0)=""/246}, {&(0x7f00000001c0)=""/99}, {&(0x7f0000000240)=""/203}, {&(0x7f00000015c0)=""/4096}, {&(0x7f0000001340)=""/96}, {&(0x7f00000013c0)=""/217}, {&(0x7f00000014c0)=""/110}], 0x100000000000025d) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)) [ 249.803204] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000018 10:01:06 executing program 5 (fault-call:5 fault-nth:25): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 249.859116] FAULT_INJECTION: forcing a failure. [ 249.859116] name failslab, interval 1, probability 0, space 0, times 0 [ 249.870407] CPU: 0 PID: 15289 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 249.877328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.886668] Call Trace: [ 249.889243] dump_stack+0x1b9/0x294 [ 249.892857] ? dump_stack_print_info.cold.2+0x52/0x52 [ 249.898043] ? kasan_kmalloc+0xc4/0xe0 [ 249.901932] ? __kmalloc+0x14e/0x760 [ 249.905649] ? crypto_create_tfm+0x87/0x310 [ 249.909962] ? crypto_alloc_tfm+0x1b5/0x2d0 [ 249.914317] ? crypto_alloc_shash+0x2c/0x40 [ 249.918634] ? __keyctl_dh_compute+0x3b0/0x1bc0 [ 249.923301] should_fail.cold.4+0xa/0x1a [ 249.927362] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 249.932468] ? find_held_lock+0x36/0x1c0 [ 249.936519] ? check_same_owner+0x320/0x320 [ 249.940825] ? rcu_note_context_switch+0x710/0x710 [ 249.945740] __should_failslab+0x124/0x180 [ 249.949959] should_failslab+0x9/0x14 [ 249.953744] __kmalloc+0x2c8/0x760 [ 249.957284] ? __keyctl_dh_compute+0x46c/0x1bc0 [ 249.961948] __keyctl_dh_compute+0x46c/0x1bc0 [ 249.966459] ? graph_lock+0x170/0x170 [ 249.970249] ? copy_overflow+0x30/0x30 [ 249.974121] ? proc_cwd_link+0x1d0/0x1d0 [ 249.978173] ? find_held_lock+0x36/0x1c0 [ 249.982223] ? lock_downgrade+0x8e0/0x8e0 [ 249.986370] ? lock_release+0xa10/0xa10 [ 249.990333] ? check_same_owner+0x320/0x320 [ 249.994639] ? __lock_is_held+0xb5/0x140 [ 249.998691] ? __might_sleep+0x95/0x190 [ 250.002655] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 250.008175] ? _copy_from_user+0xdf/0x150 [ 250.012308] keyctl_dh_compute+0xb9/0x100 [ 250.016452] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 250.021215] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 250.026045] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 250.031218] __x64_sys_keyctl+0x12a/0x3b0 [ 250.035351] do_syscall_64+0x1b1/0x800 [ 250.039221] ? syscall_return_slowpath+0x5c0/0x5c0 [ 250.044133] ? syscall_return_slowpath+0x30f/0x5c0 [ 250.049055] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 250.054403] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 250.059241] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 250.064413] RIP: 0033:0x4559f9 [ 250.067586] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 250.086798] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 250.094491] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 250.101740] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 250.108989] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 250.116241] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 250.123495] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000002 10:01:06 executing program 6 (fault-call:7 fault-nth:3): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:06 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) accept$netrom(r1, &(0x7f0000000000)=@full, &(0x7f0000000080)=0x48) fallocate(r0, 0x20, 0x0, 0xff) [ 250.431650] FAULT_INJECTION: forcing a failure. [ 250.431650] name failslab, interval 1, probability 0, space 0, times 0 [ 250.443023] CPU: 0 PID: 15318 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 250.449958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.459315] Call Trace: [ 250.461486] FAULT_INJECTION: forcing a failure. [ 250.461486] name failslab, interval 1, probability 0, space 0, times 0 [ 250.461913] dump_stack+0x1b9/0x294 [ 250.461939] ? dump_stack_print_info.cold.2+0x52/0x52 [ 250.481906] ? __save_stack_trace+0x7e/0xd0 [ 250.486234] should_fail.cold.4+0xa/0x1a [ 250.490297] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 250.495397] ? kasan_kmalloc+0xc4/0xe0 [ 250.499278] ? kasan_slab_alloc+0x12/0x20 [ 250.503418] ? kmem_cache_alloc+0x12e/0x760 [ 250.507735] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 250.512569] ? kvm_mmu_load+0x21/0x10e0 [ 250.516542] ? vcpu_enter_guest+0x3a83/0x6060 [ 250.521032] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 250.526044] ? graph_lock+0x170/0x170 [ 250.529839] ? do_syscall_64+0x1b1/0x800 [ 250.533895] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 250.539258] ? find_held_lock+0x36/0x1c0 [ 250.543318] ? __lock_is_held+0xb5/0x140 [ 250.547383] ? check_same_owner+0x320/0x320 [ 250.551699] ? rcu_note_context_switch+0x710/0x710 [ 250.556625] __should_failslab+0x124/0x180 [ 250.560857] should_failslab+0x9/0x14 [ 250.564649] kmem_cache_alloc+0x2af/0x760 [ 250.568789] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 250.574323] ? kvm_pfn_to_page+0x7a/0xa0 [ 250.578380] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 250.583218] mmu_topup_memory_caches+0xf7/0x3a0 [ 250.587880] ? kvm_apic_has_interrupt+0xe1/0x210 [ 250.592633] kvm_mmu_load+0x21/0x10e0 [ 250.596428] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 250.601961] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 250.607495] vcpu_enter_guest+0x3a83/0x6060 [ 250.611817] ? print_usage_bug+0xc0/0xc0 [ 250.615878] ? kvm_set_msr_common+0x2680/0x2680 [ 250.620539] ? vmx_vcpu_load+0xada/0xfe0 [ 250.624604] ? __lock_acquire+0x7f5/0x5140 [ 250.628835] ? vmx_vcpu_reset+0x1030/0x1030 [ 250.633151] ? graph_lock+0x170/0x170 [ 250.636947] ? graph_lock+0x170/0x170 [ 250.640745] ? __lock_acquire+0x7f5/0x5140 [ 250.644979] ? debug_check_no_locks_freed+0x310/0x310 [ 250.650170] ? __lock_is_held+0xb5/0x140 [ 250.654229] ? lock_acquire+0x1dc/0x520 [ 250.658195] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 250.663211] ? lock_release+0xa10/0xa10 [ 250.667178] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 250.672450] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 250.676939] ? preempt_notifier_dec+0x20/0x20 [ 250.681436] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 250.686269] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 250.691290] kvm_vcpu_ioctl+0x79d/0x12e0 [ 250.695345] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 250.701052] ? graph_lock+0x170/0x170 [ 250.704849] ? find_held_lock+0x36/0x1c0 [ 250.708915] ? lock_downgrade+0x8e0/0x8e0 [ 250.713062] ? kasan_check_read+0x11/0x20 [ 250.717203] ? rcu_is_watching+0x85/0x140 [ 250.721345] ? rcu_report_qs_rnp+0x790/0x790 [ 250.725754] ? __fget+0x40c/0x650 [ 250.729206] ? match_held_lock+0x871/0x8b0 [ 250.733436] ? expand_files.part.8+0x9a0/0x9a0 [ 250.738013] ? kasan_check_write+0x14/0x20 [ 250.742245] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 250.747172] ? wait_for_completion+0x870/0x870 [ 250.751746] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 250.756933] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 250.762639] do_vfs_ioctl+0x1cf/0x16f0 [ 250.766525] ? ioctl_preallocate+0x2e0/0x2e0 [ 250.770931] ? fget_raw+0x20/0x20 [ 250.774377] ? __sb_end_write+0xac/0xe0 [ 250.778347] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 250.783873] ? fput+0x130/0x1a0 [ 250.787151] ? ksys_write+0x1a6/0x250 [ 250.790947] ? security_file_ioctl+0x94/0xc0 [ 250.795353] ksys_ioctl+0xa9/0xd0 [ 250.798807] __x64_sys_ioctl+0x73/0xb0 [ 250.802691] do_syscall_64+0x1b1/0x800 [ 250.806570] ? finish_task_switch+0x1ca/0x840 [ 250.811062] ? syscall_return_slowpath+0x5c0/0x5c0 [ 250.815986] ? syscall_return_slowpath+0x30f/0x5c0 [ 250.820914] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 250.826277] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 250.831119] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 250.836298] RIP: 0033:0x4559f9 [ 250.839473] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 250.858794] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.866501] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 250.873763] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 250.881027] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 250.888288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 250.895550] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000019 [ 250.902826] CPU: 1 PID: 15320 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 250.909755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.919107] Call Trace: [ 250.921701] dump_stack+0x1b9/0x294 [ 250.925330] ? dump_stack_print_info.cold.2+0x52/0x52 [ 250.930508] ? refcount_add_not_zero+0x320/0x320 [ 250.935250] should_fail.cold.4+0xa/0x1a [ 250.939296] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 250.944386] ? key_task_permission+0x390/0x390 [ 250.948952] ? check_same_owner+0x320/0x320 [ 250.953262] ? graph_lock+0x170/0x170 [ 250.957047] ? __might_sleep+0x95/0x190 [ 250.961010] ? find_held_lock+0x36/0x1c0 [ 250.965062] ? __lock_is_held+0xb5/0x140 [ 250.969154] ? check_same_owner+0x320/0x320 [ 250.973458] ? rcu_note_context_switch+0x710/0x710 [ 250.978370] ? join_session_keyring+0x340/0x340 [ 250.983030] ? rcu_note_context_switch+0x710/0x710 [ 250.987948] __should_failslab+0x124/0x180 [ 250.992175] should_failslab+0x9/0x14 [ 250.995958] __kmalloc_track_caller+0x2c4/0x760 [ 251.000613] ? key_default_cmp+0x90/0x90 [ 251.004660] ? dh_data_from_key+0x1f8/0x3b0 [ 251.008965] kmemdup+0x24/0x50 [ 251.012148] dh_data_from_key+0x1f8/0x3b0 [ 251.016280] ? dh_crypto_done+0x90/0x90 [ 251.020248] ? __keyctl_dh_compute+0x501/0x1bc0 [ 251.024900] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 251.029905] __keyctl_dh_compute+0x561/0x1bc0 [ 251.034390] ? graph_lock+0x170/0x170 [ 251.038180] ? copy_overflow+0x30/0x30 [ 251.042051] ? proc_cwd_link+0x1d0/0x1d0 [ 251.046100] ? find_held_lock+0x36/0x1c0 [ 251.050153] ? lock_downgrade+0x8e0/0x8e0 [ 251.054287] ? check_same_owner+0x320/0x320 [ 251.058591] ? __lock_is_held+0xb5/0x140 [ 251.062641] ? __might_sleep+0x95/0x190 [ 251.066608] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 251.072145] ? _copy_from_user+0xdf/0x150 [ 251.076284] keyctl_dh_compute+0xb9/0x100 [ 251.080419] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 251.085161] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 251.090335] __x64_sys_keyctl+0x12a/0x3b0 [ 251.094469] do_syscall_64+0x1b1/0x800 [ 251.098342] ? finish_task_switch+0x1ca/0x840 [ 251.102823] ? syscall_return_slowpath+0x5c0/0x5c0 [ 251.107737] ? syscall_return_slowpath+0x30f/0x5c0 [ 251.112654] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 251.118006] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 251.122843] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 251.128020] RIP: 0033:0x4559f9 [ 251.131204] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 251.150436] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 251.158131] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 251.165382] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 251.172646] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 251.179898] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 251.187149] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000003 10:01:07 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:07 executing program 1: add_key(&(0x7f0000000180)='id_resolver\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000240)="fb3b3f098db3e60592cd9bc99c966b0b74fcac9af3be3f091251df3a73dc6bc10ce63b61b28b5e97e4a3cddb61b4219946ef1e0f4f43f3d73f01314f703b6f70100cbf", 0x43, 0xfffffffffffffffa) request_key(&(0x7f0000000300)='id_legacy\x00', &(0x7f0000000400)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000480)='user\x00', 0xfffffffffffffffa) add_key(&(0x7f0000000540)='.request_key_auth\x00', &(0x7f0000000580)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000600)="c019531e52958e2bbc1f0c42a399a37d0b0dafd41dde044132ba7198333a2168e5a4cd564d7f074754cded6b4e121e35048886b7f9cbf4444a32f6fe836831aad274285c422b88917998148af8bbebc06d96e74532328e06a7f5e96081c2d94326a3108a2142fa23af40e4e0a8c43760fa8b71cb1fe82b1a1daf1558833c83f03c9935aa4bc5a6343725ea8451458bab3dcece7558cb8ad2ed1dd547c2c415fb2d32e3c1882071154691c4be7e1e63255154fc", 0xb3, 0xffffffffffffffff) add_key$keyring(&(0x7f00000006c0)='keyring\x00', &(0x7f0000000700)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffd) r0 = add_key(&(0x7f0000000800)='blacklist\x00', &(0x7f0000000840)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000880)="f4e5837b77c46c9275ed0faf27f22d00230befab6317c5b9461e12b758b4b3e93d257a2e4b1cc39cd479f0e5a2aa639a9f1ead487baeb46886e16e5476be1de7962957a03f96d3faa7c92f2c6008c7b4b5f330810930f22e2ce62eef43e5f6cb01555200e4e39db1d5058fdd91a45f9adff5194462f73ffa4b54209f61b751ecf5fd48c2116bc844805e7efdd3008e518617fdcb971fcbc42d896be289e0dee76affd0f98218c17ff2b3664a94700f349edd9a479aa3fb839bb3554d430e199e2b01e648c24024f43c7bc86fb2e57305f45a36e9579b02199b98a5c16c53e4b0d93e4e60541497025571e3c7b93ac42cd193dad31efcbd5258870541e3d0bb", 0xff, 0x0) r1 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r2) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r1) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:07 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x83) setsockopt$inet_tcp_TLS_RX(r1, 0x6, 0x2, &(0x7f0000000180)={0x303, 0x33}, 0x4) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) getsockopt$inet_buf(r1, 0x0, 0x0, &(0x7f0000000080)=""/106, &(0x7f0000000140)=0x6a) sysfs$1(0x1, &(0x7f0000000040)='security]eth0vmnet1\x00') 10:01:07 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) r1 = eventfd2(0x10001, 0x80000) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x3, r1}) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$FICLONE(r0, 0x40049409, r0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socketpair(0x1f, 0x80000, 0x120c, &(0x7f0000000000)) ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x40046104, &(0x7f0000001280)=""/4096) 10:01:07 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xc0010058, [0x40000073, 0x1]}) 10:01:07 executing program 5 (fault-call:5 fault-nth:26): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:07 executing program 6 (fault-call:7 fault-nth:4): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:07 executing program 3: r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00006da000)=0x2, 0x4) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f00000000c0)={0x80000001, 0x40, 0x3, 0x81e8, 0x5, 0x7fffffff, 0x4}, 0xc) setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000080)={0x66}, 0x4) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000180)={'filter\x00', 0x4}, 0x68) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f0000000100)="0a4f511b815b0000000000000800aad6f79d4c210587e2a8fa052009abd2bac6edf193e3c19406405caa6cf958cfaea13581b7c66c329c77eb90053cd6ebee05b422e4367fb28c8bcef443080fda22fc3ad65112543fa089cc1c49cc5411b897aafcc683a057b2557e893c2feeb57ae2", 0x70, 0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0xa00100]}, 0x10) [ 251.487651] FAULT_INJECTION: forcing a failure. [ 251.487651] name failslab, interval 1, probability 0, space 0, times 0 [ 251.498964] CPU: 1 PID: 15348 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 251.505899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.515260] Call Trace: [ 251.517862] dump_stack+0x1b9/0x294 [ 251.521510] ? dump_stack_print_info.cold.2+0x52/0x52 [ 251.526712] ? __save_stack_trace+0x7e/0xd0 [ 251.531053] should_fail.cold.4+0xa/0x1a [ 251.535128] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 251.540238] ? kasan_kmalloc+0xc4/0xe0 [ 251.544137] ? kasan_slab_alloc+0x12/0x20 [ 251.546790] FAULT_INJECTION: forcing a failure. [ 251.546790] name failslab, interval 1, probability 0, space 0, times 0 [ 251.548285] ? kmem_cache_alloc+0x12e/0x760 [ 251.548303] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 251.548320] ? kvm_mmu_load+0x21/0x10e0 [ 251.548335] ? vcpu_enter_guest+0x3a83/0x6060 [ 251.548349] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 251.548363] ? graph_lock+0x170/0x170 [ 251.548386] ? do_syscall_64+0x1b1/0x800 [ 251.589930] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 251.595296] ? find_held_lock+0x36/0x1c0 [ 251.599358] ? __lock_is_held+0xb5/0x140 [ 251.603423] ? check_same_owner+0x320/0x320 [ 251.607739] ? rcu_note_context_switch+0x710/0x710 [ 251.612669] __should_failslab+0x124/0x180 [ 251.616901] should_failslab+0x9/0x14 [ 251.620697] kmem_cache_alloc+0x2af/0x760 [ 251.624839] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 251.630375] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 251.635215] mmu_topup_memory_caches+0xf7/0x3a0 [ 251.639877] ? kvm_apic_has_interrupt+0xe1/0x210 [ 251.644630] kvm_mmu_load+0x21/0x10e0 [ 251.648425] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 251.653954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 251.659488] vcpu_enter_guest+0x3a83/0x6060 [ 251.663805] ? print_usage_bug+0xc0/0xc0 [ 251.667864] ? kvm_set_msr_common+0x2680/0x2680 [ 251.672525] ? vmx_vcpu_load+0xada/0xfe0 [ 251.676582] ? __lock_acquire+0x7f5/0x5140 [ 251.680808] ? vmx_vcpu_reset+0x1030/0x1030 [ 251.685210] ? graph_lock+0x170/0x170 [ 251.689004] ? graph_lock+0x170/0x170 [ 251.692796] ? __lock_acquire+0x7f5/0x5140 [ 251.697031] ? debug_check_no_locks_freed+0x310/0x310 [ 251.702221] ? __lock_is_held+0xb5/0x140 [ 251.706280] ? lock_acquire+0x1dc/0x520 [ 251.710244] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 251.715256] ? lock_release+0xa10/0xa10 [ 251.719225] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 251.724496] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 251.728984] ? preempt_notifier_dec+0x20/0x20 [ 251.733480] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 251.738315] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 251.743331] kvm_vcpu_ioctl+0x79d/0x12e0 [ 251.747390] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 251.753098] ? graph_lock+0x170/0x170 [ 251.756895] ? find_held_lock+0x36/0x1c0 [ 251.760959] ? lock_downgrade+0x8e0/0x8e0 [ 251.765106] ? kasan_check_read+0x11/0x20 [ 251.769251] ? rcu_is_watching+0x85/0x140 [ 251.773393] ? rcu_report_qs_rnp+0x790/0x790 [ 251.777803] ? __fget+0x40c/0x650 [ 251.781254] ? match_held_lock+0x871/0x8b0 [ 251.785485] ? expand_files.part.8+0x9a0/0x9a0 [ 251.790062] ? kasan_check_write+0x14/0x20 [ 251.794291] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 251.799220] ? wait_for_completion+0x870/0x870 [ 251.803802] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 251.808987] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 251.814692] do_vfs_ioctl+0x1cf/0x16f0 [ 251.818578] ? ioctl_preallocate+0x2e0/0x2e0 [ 251.822983] ? fget_raw+0x20/0x20 [ 251.826432] ? __sb_end_write+0xac/0xe0 [ 251.830403] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 251.835933] ? fput+0x130/0x1a0 [ 251.839207] ? ksys_write+0x1a6/0x250 [ 251.843004] ? security_file_ioctl+0x94/0xc0 [ 251.847407] ksys_ioctl+0xa9/0xd0 [ 251.850857] __x64_sys_ioctl+0x73/0xb0 [ 251.854739] do_syscall_64+0x1b1/0x800 [ 251.858620] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 251.863458] ? syscall_return_slowpath+0x5c0/0x5c0 [ 251.868383] ? syscall_return_slowpath+0x30f/0x5c0 [ 251.873310] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 251.878669] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 251.883510] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 251.888693] RIP: 0033:0x4559f9 [ 251.891869] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 251.911196] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 251.918904] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 251.926167] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 251.933424] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 251.940685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 251.947945] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000001a [ 251.955223] CPU: 0 PID: 15350 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 251.962152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.971508] Call Trace: [ 251.974105] dump_stack+0x1b9/0x294 [ 251.977736] ? dump_stack_print_info.cold.2+0x52/0x52 [ 251.982914] ? refcount_add_not_zero+0x320/0x320 [ 251.987660] should_fail.cold.4+0xa/0x1a [ 251.991710] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 251.996801] ? key_task_permission+0x390/0x390 [ 252.001378] ? check_same_owner+0x320/0x320 [ 252.005690] ? graph_lock+0x170/0x170 [ 252.009474] ? __might_sleep+0x95/0x190 [ 252.013433] ? find_held_lock+0x36/0x1c0 [ 252.017480] ? __lock_is_held+0xb5/0x140 [ 252.021533] ? check_same_owner+0x320/0x320 [ 252.025840] ? rcu_note_context_switch+0x710/0x710 [ 252.030783] ? join_session_keyring+0x340/0x340 [ 252.035439] ? rcu_note_context_switch+0x710/0x710 [ 252.040355] __should_failslab+0x124/0x180 [ 252.044581] should_failslab+0x9/0x14 [ 252.048366] __kmalloc_track_caller+0x2c4/0x760 [ 252.053059] ? key_default_cmp+0x90/0x90 [ 252.057105] ? dh_data_from_key+0x1f8/0x3b0 [ 252.061412] kmemdup+0x24/0x50 [ 252.064590] dh_data_from_key+0x1f8/0x3b0 [ 252.068725] ? dh_crypto_done+0x90/0x90 [ 252.072681] ? __keyctl_dh_compute+0x501/0x1bc0 [ 252.077376] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 252.082386] __keyctl_dh_compute+0x5ee/0x1bc0 [ 252.086871] ? graph_lock+0x170/0x170 [ 252.090658] ? copy_overflow+0x30/0x30 [ 252.094529] ? proc_cwd_link+0x1d0/0x1d0 [ 252.098578] ? find_held_lock+0x36/0x1c0 [ 252.102631] ? lock_downgrade+0x8e0/0x8e0 [ 252.106764] ? check_same_owner+0x320/0x320 [ 252.111096] ? __lock_is_held+0xb5/0x140 [ 252.115145] ? __might_sleep+0x95/0x190 [ 252.119109] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 252.124628] ? _copy_from_user+0xdf/0x150 [ 252.128761] keyctl_dh_compute+0xb9/0x100 [ 252.132904] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 252.137648] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 252.142474] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 252.147649] __x64_sys_keyctl+0x12a/0x3b0 [ 252.151782] do_syscall_64+0x1b1/0x800 [ 252.155655] ? finish_task_switch+0x1ca/0x840 [ 252.160136] ? syscall_return_slowpath+0x5c0/0x5c0 [ 252.165052] ? syscall_return_slowpath+0x30f/0x5c0 [ 252.170256] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 252.175610] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 252.180440] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.185614] RIP: 0033:0x4559f9 [ 252.188787] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.208028] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 252.215734] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 252.222985] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 252.230238] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 10:01:08 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:08 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x5, 0x0, 0x7, 0x2}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x8, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x201a7f1b, 0x1ab, 0x201a7fd7, 0xa, 0x0, 0xffffffc0}], {0x95}}, &(0x7f0000000000)="47504cc000", 0x8, 0x1ac, &(0x7f00001a7f05)=""/251}, 0x48) r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x0, 0x40000) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r0, 0x4008af23, &(0x7f00000000c0)={0x2, 0xea}) 10:01:08 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) chroot(&(0x7f0000003ec0)='./file0/file0\x00') r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) sendto(r2, &(0x7f0000000600)="a0020ea51cb1769d5db4bc15bcf1db8fe93dcdcdf09252d5e5bfc4b8482e32a9fae410572f014e32e620fb5c4760f1dffff02727ae7a480f627db85ccfa9546bbac96eb2498c959ca752c75e96afe06f49cc2de692ff5416f044d48ec3abbad13bd15860c73bab561b869ca6d19e1ed5ff199294651dc511f2821df2b93153b0bc9877d75b34e001e37a360de5707b83bbd935aacf7c7a518f7c049f8cb8ad4175896074cab05413a6fab3cde255834065faa95bf3c2474efb9d1986a7c1f2b42f9d23e173c5b340759fabd2977af7b1541c29477f685be588466728323b9cf4a210fec3c4bcc9a7334399b74a178954", 0xf0, 0x800, &(0x7f0000000540)=@pppoe={0x18, 0x0, {0x1, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xb}, 'bond0\x00'}}, 0x80) r5 = dup3(r2, r2, 0x80000) kexec_load(0xfbb0, 0x9, &(0x7f0000003d00)=[{&(0x7f0000000800)="92e05d976c37f37999b333e245a77213f52ef7471f2ed0ca69a5cf88f5819c3ebec73cab2c14d2bf58e4f34419883a25e32ea12dab9f4a64d78b3dc1602c8bc729ad101175b713b69c9c575d55e0e59b74efa256456ee2135153cf4c94da7229add6283acb1ca82a30a47ecb7738b3988d74aff63abe4a3118b946aebde64d08d83c079edca60a712a102d512d00516df022acdc3ad40faff67a5107d4b7ebfdf5d1e98f60542f8bf83d0676603e90e0b1d8b760bd574181863c593cae6d8c66a06da7eed069876410d5543e54e561268c6fcc8ef784dcf00154f5b972bb040b37363f717d85281871ab5f47", 0xec, 0x0, 0xffffffffffffffff}, {&(0x7f0000000900)="6c69273eb38e27ae325264a99cff12fc384fcf07ff3a52a3d317b1dbbaebbbc9b3f2956a68223d4de460b100feaa24a1e326aba9c218c9f49c99e1e016c709322f45889c8d350a293c34894b53a449fdfe20ec482e9cf015c894f69da3634a9cd37b55e5858ffedbcaaccb1fa4a57755020ead9b303d73d96251d584a283da7f25e38c742720e3f37c063fbe3c8bd6669df8764ff68e2d2f1a35becf07f2f3974e46b8d4d90bff3c23c651eae78890f0964b9d4cef26aab704908937065472", 0xbf, 0x3}, {&(0x7f00000009c0)="578833eb40be3bbcb79322cab83128659b4b3d246822f90468b0620dec955aea86013a7de20b2ad7a4", 0x29, 0x1, 0xe0b2}, {&(0x7f0000000a00)="c532f8532139e23ac737a1559506992b5e173bbeb8aa3f7bca5b99e311f8e59a42a07801429c2ef4b3d2db75988393ee0c4ca9df81f176cdf7ad1e509abe47ed40c915c780d3a55ab8f47c093ad4b4a2a83bc3a594137a90d6ec2788480e69cad1b3dccffada0ddca8a9f28d0ada57c33686af372a2c0111d0f8a3133fd27541bfa7de3690b2dab1982a8d80b0b7559ad809d7d08eaf5b08d6aba86d69dcd53a3e293538b02319f459c746d045be05a934eb9d1529b9f19ab01269a72f566aa441ea1be9e0c998d364dbb8c40223fc9d765726b66e717da8899e077e6eaa8bef5375fe41e0b1053a01a2a3e91acb729323149601900d3e034a0d33de7552f2ba2152f5d70b0228b015d09e228a56e8577803396eb360cac2eba0ef0112ed481ab29b71776c2536a61b380387b47b8049ab18f5b65528fd5581239e696d1c6084f0614263513df582052ded90ce1fe7605fec285df48bfeba199ac4d063f093200bcf7a7734bbc1ade33a95c4885a0aa21aa0bbdb0a4c7de0f45985ad79c5a30bb6cbf11759687ae67282f8a2be637459676a51a04f59a6764b7a0aa348bae984df60a5640598d8973d5ff6fc12b3d9d45b2b7164d5a038e2894f65e9348f5bd82489d022a52895bb467c320d4da6ab6db2ef854b2654a3fb24395f5b47dda3228102cb4dd65164faafc95c440a441129e7c9c4f5d00de12070c072aadb0d62c1d9dce86f0d8f4961ca9bf71a6605428906bf9ee5feb5b92d419f07a577fd9c9bff63fa7138c45cf31a74d4db42d02805d245bd3c2f9e4e9c41677528f0d67484b25b7a02a3eb82e8dc835d1b4c78473828c0988ca0045df4379856ef4999a0ad9257404a96d6c5c5f1bbf05ad7fd1cf238478d322274368c087c1da7bc6ef54d4292a2fe78394130b2cfcf1d310cb4b0585fab7308d036719490d392610551b5227d31d173f4b45e6bc8834577fc5d92c0a3063a788029ae8464e83f0a7c7daa8837fa6b3ee27ce08b7cdd70c38b53925fd4c0fb4ea73a66b3ea9071e0c3e86a15912516fd01063c25b2ba10129c777b2b58d25afd315a3aa55837c620df7f4f521d017418e9023ae8b690b769e1b797ad76f21228fe29fa7433432770d1aa847322a87eae96881d08f96309c9749a13f2261a68e2b66ce59221f34285cdc07b7ad0879eed35d94f3fe5508ff3636a9898485d0b10e1efcdf50f61d26d3e33698a1e98a38fc8b573c5d6bbe14531f119b0ccc6f3ab6099b066e1bc02481f17ce8ea9bffa58581a52c40c04d2233db8a0653749f826758ec35451383c3a9290a5129ac3fcb0fe533b9f8121a1b24966b1a14bda265c71aecef92f98e7360b1c68623a1a3af53a2e0ce91a28709a151e984b431304b7bbc2703a112956366797095e51eb1a64c98eace8ab8d4ed5551c50d566317570a47851b6305602cbfc2156dcd1bdd8f2d5c9979a9c544979fab4da7ac381d61550cc8c894e9fc446c5b9db207e99983abeba7077a64191ce1c3f5d73f96dcfd35291ad576855aae76c961b16be74f1ba47b01cafee66fd8696f7a7453fc657abce56490fb18f2c9c5625447581b76a9a5942b969ed29c8d8b0c73a282903965949f5f613cc7b33dee2cdf07daa3effb70754b3243abcffd37025ea144ce6ee99a7f55cb93934f5a998c16afce039ece4a95d6b46b16d85b582cbb966ab2763010ef38bd4f6706a3b52f6f909e19671fd2137a089e9896fe452fd55afef6d3caf2bc6368907c2e5df8f62602aee428b3ef9ec7540092f5b62ea18ef6909c4f4eb9a3b223dbb3eef53270a3fcd0737a5692402e31a3a75cdfe288ee1f9e30b35591b844efc82db5fc5f7a53c12742fbfb89131580866be63509a5719afe179e83f74246d5b07182154b68754ee990f6bd0d98eb75f117967475ee8c174e918712314815675e6b486dc05e649c546b4de41ae083e00a068f90d53edd2bb6793e069c454b6ecac159a9982343b5cd0a8b22de167fef076d645a779f5bf17971221b524ede6d5177c42cd93ec9fbb9cead32473f734410ac8275813305ab259eb49cdd376537aa784dbc3e9eb56d7fe4eb62bb782b96190d7b59c2c6ba6c5d0d541d296d29e8146ecd28ffb218bff6eeac695c97e8a438dd9e5229730c89873e76801ccbc40c6794569edf38f2b892c0675f33ed6daa45e5df038bad8ac8ba82d941718f2fc13b221acd91b91f01c141e006f87286d6824f37575e48ff1802579e77b7b026c6932bdf4cae7a3b56a9bfbddb1ce200c19e955ed7671075cba200e7f0f492a44e7b514446468b5c59331c10a47ecac1bf2ca2f2e8190e0600d461dc92e0e3a928c9f65afbec62f0d5054ffce9e2434cb5d2e3ee3b7d9e0a834caa07b04bf8fbe664521beb23e940c7d8b88cd6866419cd53b1503d9c43b31df81f395a27bbc07e5d136657d7d58a6db6ac485a3108de041a46f5c8b8b23147fda94a8ff21ae9585ddc3b598691de85003d08d49264af7d83d45c042b4e636d7e55d846e8a2537c37782827de4022ca8d25fcb125e3802f234fefbecb8acf6d6b08f0784e6c9aad014c898432eb3e28e22192ab54fb87ce69d2205ffd67041e08a51cd2c35beb1752b0ad204d844badfc2b1b7e067f14375988d1fdfe3d60cbf2f8fe778ecf05ec857d8a91481b1d564f2c578a3122d447e5d83126df24aafa89e671b26cc3ba89ecd2af52526cdf2d43c05d65b606643f94b03b54915e0dfeeca3c3f42c29190d2754f929a3e2dce41433670549376eed0e0ad681c9b0009f595fdabe1eabcb6838ac2f109bf0d0078935f3543abb9bca74eca43b96a4f130d6f4a2e4af8c77a8d563f09dfbfc680e5278cc28966209e0c5c236b2e8d283480632485b1370d1f0f548012532f54a1d2c1b982f765be67418c9fdb96ae3eb486931b2d9f89b2b2aa760fc1e4d70e84f42567bbbf069f2b3aa7ca65c4aed478b26364ebc187ed3ac2d26fb20120626fb0cb51e696aac0013f4e102d6a35a0dd2dc72bb2849ca8b7bcbb027b136f0e6039c5a482254ec794bc25481063ed2d3d7d9186dd90960f40f7a0095c2dfee367c3c69fd7a34f3aa4cc91429fd9b5174d184e2381515ecccf75b63fce9dedcb4a7aeaa7ee0d63cfab792863c603a19be8ee50c346ba7fd75ea4e42411d0d260933ab6a045988d05ae81b3b84482e91f1a46955c8e437e3e465c0dfd880ae878a0680d3de9527fc324a8cb39f6e2bf67fb4a85a29181192587e42d1ad5a9c399a6c008308cecf3d3e35b245759d78f613323c6575bfeb46da43877f11d58ef54191e4b19bf3d2c69f4571ad39a4c07ec8e5e89cd67dd6d9c2509fe5d62cee297257b82f0ad120b7ec5780893b267e75639550e50bf71bce28379c1d18e116c6148af8d923d10bc9f9becbab6ee34c065e510c9cd2969eff897a985bd8b3e16cfbb5f97bc3c2c4913f5de1aa508339e40c4f11594cc0d6100afcfd76347771e6ff70fc90603e942a1426803d61fb174fa8a790ad120dbfec1970252d17747b576ffdbb4c96759e7c456bb28f792031b810932a1d2c712d335a37baba8de6a50dcf4574c6cb7eea9c1379160c2479eeac8676aa44c80abe40f969af85dd435108ea93e81f6f724f708f56791953770a9cc8f3cbeb41276a8a9576d1e166118e490dac782fb9b07b77115f202bbab88a8026288697a63b704a6f64a9623b25a1388d1b5eb4b57cdfe0ca8822c698bf0f7161789a008a2e4202b8d1af81be6e1bb8929fb0e9047252f232310199d683c4f21e8dccaba32c6c36f4a11fb7c9ac64344590a78858c2f091b333f73ea823a138f811ec3837dc41983d6c84dcca729950df08f42fb2a77cd6340fedf04ce7c17fb9dbe3a7b8ba091fa5dfe6a7fe98ec0d4334f1e8df76ea2937ebc4a62356474f2f491619159fd6827bbf7c5852491e78245d0d27875164c770235be4a8294829df4427acdbd15bb7937edd12e60356a35435112935ae47b8f89bffdbf6175d0f97dfa02c7b076fc55acda8ca26609d13d0746dd034ca07c572a0a2662994b38ffd77023103f1945fece22f08bc59300486a70c652cde27b284ec2848c0672c20ed357587ccc70f385f0d59d02124f8a9ed720ba2df495b80486b27251f27643efacef536a8efc92d45b9b0236f55791684033f68af85e30b7c664e596c8a2b2d1a3e3d7df62facb2f24319cd6b964d1390b040f71958843dffcde5b00338f80cf62fedf026de75951dd02cf6e163ade60ab2a51788c47402ce617b559b3aaf3a5e5fd1d47f6e6673a3c047ad6a14b3430518c4e9ebea3115d05d59ccdb8c2d1ab745a649f85d717fc47d99805c2a1037aadbe497eb700b7fee13ac3f0e0d42ff4af4d23326e58a61392db90740616ecd0d431c36920973a5211d4d11ea6828bda6fa818a51520d520d3d6b205cde9272c5623dcdbffe8db7c8f2ee4372ab05c67b20fbd46feb1f212c3471f59c217006b4d544d4fa1c478e9ec816bd472bc1b19da95d5cca49d3f0f71a5c8d36ad7061db62eeaee71466da8c65e57adbe9e59f4f1a9ae5942fc0526025c8798f0dc2a84868f2e2fad600674b1519b28c6b17ae9c3ab0cb156b6b4d1f9f4f942e2ef18a9ca718f27289d0b7d61f69f38aa655cc63c76e5833e4fb78a3ee293501ff6ef4daf5d82a97700019b79b0effc10b5dab54e140fcb62d827e72553a244f74ed0c13ab7568f16523b58fa26de6782d99da039e739d41e48fb14fc4cb9ad7ea0a86344cdda1aa111eb24cfdc3ec5d97b09e16236c31c6789bff64ad65af6af8d04d0ab42218ebc6298d855912035994f861c6fd1f19af1bb62126a615c456d94e69fb9c5a3172a79417cd1c00681ce92107d664f1cfdc69d1a25c37823d2de43f9235fb899226d20f46a1a9807611ea3d6dd8dda3f2908b7443ccab6e91d40bfe7c464b7fc7b3cbe2554e887e98e0ab3ebfddbdf0cfb9fa0e6f6494e53ae77504f520a7dd801470eba3b836c46ecb825dfc5981ddb1e24ba716719632c958f3cce9cfa3200dde26e077dee23785cf2d2c79330873de4a3432f26cd1586a860e2eee5ba5e86a454a5b723c68153d5d3771d33bf1ab9c3776fa4185aca94f4a2603a48cb8b5fc51c5f75e22cb2a66d5772468e606115d101094b27294ab3df110dab5a6db0d482c078e6c5cce7a312b98138792b0fe1a765d35fdfb1ee97e3d69dca34dab94fa89aa8b9444c2e513c199c8995ecdcf7126fd18dd35762350d98bb63e5af29b83d9401f02bf99597ca54691e69cb775daf424241c740cd9dd44a46cf2d0169b53f12e334d46aafee14cd9c2699d421fefa2c2fd0e89b08e0aba50b1e3952282fadc01789d278b523c66a936a2ae7df4a7c9e861e2ce04b3fb1c3bf4395f4830c4d64926337c57010eb33e930bf46a88c43d9e8950ada76bc69391d574e225fb6ea45aab7e078683d4d59dbcbb191c710dc5a0976b118c0c336c5ec20e7a54f42e26182ed050ff9023f5afe2676beb00f9e15d3e9b4c5c002c66447bff5ebe20b8dd103a4c4d81846c394ecc3fa6f7c7c365ae7600c186e2b9a608a427330829ff7f9a02b5a06905519bc743d031b148d6ef196bdb69106dbd0dcc200cd62c7f698235bf65cb095280e88a19dc51b734620c653f73a02548b4757593ac9abed061911da1a975961023624d1623ffef304a7fa75f59f35c6f45ba8b43cdf5f773829746daba2a8a18aaf3eb68984896e26f54ada3c4c4b9b87010a63b6c9e28001b79d92f039c4e8ac5e54999dd16f33ad1405a9ce2deeaf8d51aa1aad9477", 0x1000, 0x8, 0x5}, {&(0x7f0000001a00)="c61c241b332d2f5b568a2ba0012fcc16b59da92dd62f6ac857eb1544f91d5eac7b5ba4b1b905806d669cd2e906693c8e927c289b20a9bf8df10d1d51d8d83e1cf5992bdaef7d28c7afd0002971da5ec1a7a583d27e58f521d1dc120a268e6c44fe127dbd028dea4616679eb986259b85f77af7bc098e7bdaaacd6779e968377433422250602f7898f7a16f831fa763753a1c34fc0a76f0f60698ad19c421a66644c890d265d98c946bed71bacc85f044d9d3ee053df84d9c9f4fb4b942cd87030df8314928bc568aa8fa01410305deae226ba29b39ae42acbbf63a0636e1e265dc6a29cc82413f2f44fadf5a300662bdf7a424c79e3a2573c0f7397e38dcddc35beed1b482b5753d50f8d2e8d887726faad13b5e6d5c5cdc1b6e14fe18b65293814808d315b679e766de0a4124455d106f3b9f3aa53d12ced2f8ff0aae767a27c27bace8e1c8360267daa3272b4f94a75612f07afd4f34130d5988e1a2da18ab1a837134644569d27cda52c422e651a20aea33656251cfcca79854a3c97f27dadff6a06e7bb99d1af07db71c3ea96bfdd87a02183b433b056afa46345b37ee260a26e02f6b87f32750edf8ba31324c40c7ce0b0302e878838e0c19cbc05ddb0a014d11f2215186bb8e350c6b4b48a957e0cff9ffacf0b2efad03f05ef1992dec37c40868b7acf462720fee74088a6d2abd35a4f2776f4759411f1576b3920899e1c80763c5923fcc6d35edd8b3fed0396b0f2ab113faee9fb2bea475917a1121ae615bc0e7dc825227f6aa6049b43e539de4fed1b695b83185f9ce43060cf1bb6409d870aad9ea26d37bc62df85e04ccd2dc29415f24ec0003661622b9ef545bc47b2e24a72caa8b9d39fa89106ef1cd49c4b14763ce0dc0bd911e4ce28192cdfeae9ced6be3bf366979815b0c050dba570791c1183a478f270dcf90f47cc660970355f296640bead66a24b80eb9f895cb8df95e8861a8c40363f81e489e774b53458c0e91ec2e8eea2cc69ff05be2d384f80a1b819d2c3089f6aef6d482bcdc9a0220592f2489aa911c860f06540e68096cc012dea8a2fbfa2028b296aef1b1f24d080acc0403b346b2d9e2fca4d6e26cd0ce445c132fde1c22ef2fa63b01de319d58536d6a849699b4ffa77a6f28348c50fd946e29883e4961fce1422c1a1abec7b18113f5c5fc2b6454ff4968c9e85f89d076abcf4caa1e0df9fe09d52260baa391abf7d5623cf8d54feea92b5fff2d00d99c800409c5f9b2371340630272155197c6feddb5749ec7d243913f9202089de8422a7db1912e698330d1872dcf3504ef738a4e3cae69cb35fadf89241d73877e5241cb7818445f4cc692266513193dc25da3f133249e56271b059941813686abef6061b9d5273fcf8f1e1836c1c9256685d41fb71cae4012eda03f8095579c1b5b9d6a2af3a4d851e147f47b188fe99b2c9ad1cff3e9f3da5ae5e2efb980fe510af2448791bf5f7e993fd8aed7307ec2ef96e2cfbd13298d3a784f93e1ae2a9c04441f59319a8a13f040a85c60f894b8b541638bfb4d37d6056cb056d85063b929f05b4e071b41db07915101abb166ec9609ea9cbae00be6adfdda0e8d70e555a4a6e57415fa9d4ae069bb4c0e6188c0c079035630bca41381c87fb7a05714234e5cb60f3a6e6d0ad95083faf60be00d921b14a4850df4967c8fd65300ac5f454f98764e3f1580edeeea34e4e898a2ac257eeb5616513fe95c3583f4afd7cb85262bb1b1f1b6bda30a9d98674030d27316d21f97224fa99adc952cd28dc95be67ebf1bafdf297dd0066967a01899ad8eb2c0a855005dc9905f9b3f8947a68848248e4296d357e11222f95d2e43fe0d0ce2f721d372bd86fe6ef422ab33cf3a99448cc21358b3c21f61bd352c2de4ce84cb29cdcaeb4e209919454e1065cdb9a7975de35e861b75ea6db45e624925586e852df30e95baf423d7ab68346e7b7fab49aa38c8b8dcd03b8ce9ffb9402bc939c20f2a7c0ec9f944c54f92efd95f5e1c2fea01419f92b98655ade29975670995374322b23a9fc26d53411a6b5a7fdc57b86268bfc39207f3a051b1370ea43d0a3d24fab24715646f97194a3411e8723e2c2a87b14fc8895229c037f60a016f928303e12550b8890034492f9a6fde19149e9484b0c68bd3d96c63c2fc0891b8ce70cdfbca19aa5f77b0908d8413a017ffcf7e38c19a5fa99022860153a38468e6eb15c16734297ffd17bc3ade64c9a9fc6c44b1f7fbb28d151d862ae3755836c06e6344dfc199c6afbfa13eca84ca002a223653c06fc3a002e00dc0679f4f69e541692cd74779f5cfcf4fa317e348776360cab584cef4388d62af5a3f64ed3e6f422c79f6dce16a0bb3db7ce1676bc7ce7de2695c1698dcea846dabf2e86e18135d9276fd8ed768bef20604bae9d920338692922ace7b7acaffa542c51dc16c7361a2fe23a0cf78b4f07a603fa7f4f9e2b022980fade45f44d8526658959aa933b73080b86df4db0b1aa877d74d1e25bdef39121b94bec36251b84426a650ecab30b2390abdba214f6943b7c2a967d70766e71c3bdf99984d62e575761cb64c3d7ebbd44e13d94906c6a67bb02b6e098e129cc7b31df2cc899bb0237b0e373dc0cf8bdcd346a44c69aa4959b8add03fb4808a1223093e6acc19264156633159b3ebcb8b541e3853ff9e2097080d28978d7384ffff2f298c18c82c7ee615f0545a5b829e284254f3a782845b8d0e9f8683fc043fd2aa9e00cbc8e808aac636ef93f74aac54ab3731f62fd37e11bfa116af7041f1fc1904c1d67251684ee04247a66079a128e4c29f517567dab1419c6cb61d996bb600700a049ef034a06a702dbbf2db9fa7d9a72925946a4240b7f4b7d91db971204a267a31b9fd42ed3f56b45c0111ec4dbb562c17a36b249fa683a7a40e9972fc9cc4aec2a11a7ac566e772142c609a645043092f67ac19875f8ef47967066d24179c2c72c6fe9c85b19b008d92f3c2186ba6f301d2ca4b9259274cdb54543ca25e1a7eb8cd6c466149659eb0827c542bce68b61a5da6ab55f67a312931248c26b4c7c876869f733a8c760e82a235eb3429ae27a3d4030be3b0bfedc19e0c7999dacf69102eac68d0e64460f5e640e4006b704ec06c07b28c74c76012c94b0a1b184b3a1203f03a1e60288758199d1938760fd3912616684b9657a5a87116fe6f1c1d500101d0a63e9e800baee2969047986a7bbde01ad19b0c313eab9e5b37b63fb691ad923f5d2aaed008156c93b700f7b3e56c37bdb82cc660893aef943cbac935202bbde630416013f608470dbc12cb15799e3d025921b960ca2337c5704749b088e181cd05af2108c1aca9e7beda18f2a8461b3dd6eaa3d659efc6a50f57d62f0844b917f1f1e245d37d8e8d5ef95d806ae7fc842fefc9216d04979eb734c566b51800d21dc70b43b7afe406739ffffdce8e1d014f9fa99604201f6ae80826f637c253f87e1a1aee7fbd4d7adfc03d2638145a876415a025f9e07ff964ed3fd53d67e7ae5e15becd7a4bdd55a028536c4bd8339af84846f7b6fbdc189d486202279cbea4fd7e3bebb1002a0f3f40c410c4d2865c5eb5de250308b321693ae5993644a5e9c497d2fcc536f54ab0e2ee71acc18011501dccc58079575d90d004b88957bd9f0c996e0d07eab490bc207d68869693979772decdc913a2b2c4bd83d51a178e71a3c392e61bbcfed66c4aee72d51c4cc30ebda4d8e1df651a080801922361445e2b154158335b01b3f2caad0346acafddb697748aeae2160189fbbe0b420c01764a96d63b35996531020777ce961cc51a597c56ffbc1eb6512b8a3c2b70958cba86013aaa239714e28254af19f80a8c9e8bd84267cad312891d3edabbdf0681a1e9ae7b3fd57b5cd4253255f5f09a0e92035590eff6ac70697b55f01ce2d277a7d585bf557a5831c74cc7f789a6fca0ca87ad3d29ad500ca3a8190f2e21f27fef2c44fa3e1aea489722d4ab345aa34c5875385e320e8e810065c82d2883afb2bb2fb146541d9916709607dfd84aaf6e26eaa3f113b57801b200d93dce6a87673ad635f3ea7cabaa33fa5c27ff93fa31600daff5d092b917358cab00801f685caaeebd8dacee4d731c1bffbce6ff5a1efd8af175cb9322ef3d6ebcffce2e0392e01f16aa6b9332efd314551038aa7f0e5a9803f6a05e6c5fd6794bb800b017eacac97a8418ab6506742c437ce4728cd263a42ad7939aea3c23395883b75db2227e906d1d16e5586170837abf44a3dc8bb090b2cfe9446d191308eb990a0ef06c2c5a0e98489edbb2e3097b52bfab00d3c7467f1cc3769ac21ad072be2f4bfaf51ee4a29cbce6fbcbeb63e54048427b7ae405cd6af41e9ae4ac8561aae89c4151aa6e3406d97eebe42229b9347901b74aaa0476a8fc50f9b1b4b9f809077408536ba4268fa314e08740f2c4e902a0f1e3c5f0b45af6f230cd136de0f55e4339e3f6f7dfabba068804c8187a1cad41a079acc7ba820d2645ab04ec1fb8453ebdf92b96f9fe7cb647b3ac5eeb258665c29b2952fde4737e36e4b390972b2a4f39f1b11e2aea125c5c43cb2168bd8d1cfddbf8886e5366f811800e7d2ed69f45b7eafd78e6830aee9c9e2eede75cca630c90d81505f808f8fc59eb6c42860150a452d54767ed0583aa9f1c1b80ba2f27d30ac6a8b10e5467552cde6d46a7c35438ba5ac880293f5b8a7d446f7f8cb639d89980f7270a668ff885e92a3da1204ec31d6393810c40707b6e09dfda579a83abd455fffe23fc85ee5560771ad6174b785e2030c3cb235581c1fd7bb082af0315d2db19e14f3cf32083305a01f20bf520e1100aeaf374e13ac8f0e718144f029091592f5611b94988886a9046a3a05df35ca95e0d0f9fa63cb6410bccf702f4ace4e4ce880db4f4b8f9b3869cb98f0dccfc725e45e7601f2869df10b896be258199fe6113fa7ccc7492cf7721e8ddf678a7cab6151b42b46b2e9b0e3a14d6fa64b474efedb2162ddeda0cebedb68bcef6ecafefbf708b3ae8cf6d407c7a31815fffead83e074c71e2801967d3806a47129ed4412dcabab96ec95921e92b1a4f279b5f85a013c42a97adb79df237e9685b5629ee143defbef1690964e98244fcda74ad15636a51ad8a8e76f478e5658befd72f639847c2d738d15edbcad981171e40a49f4c8741bd189c927039dfcda9f833b77db59d3637bf0ce7169a4935866f05e6dd74df120fc5e64d529201b091533aff8e352f90a52daab224c5bfa458a79e601f060a5f9958f1703a14d36c0b4817880b5d2b21947cf8eb78709f5a81f191ed26b93cd990ed3bd7bf0517daf7097891dd0cce0104d13cab4a94cf2a7e6f256e84382341875f6f1bbac67f5394f3904b6eee69685de08a38f810731b4d691f3facd333efc11f9b60056ba7ca6a73111e14c35164a9b4ada18125619d68220b26429593c2cb397d4787f88970d13a25134508ab0260c9c69b9efabd9bf6f8346b2fe61c36eb18dcd54beaebd3e94eafbc150368edfb4da6aaf6aea70c3895b67fe172ecae1704163fa5828d2dbad2790925c88ce2cc3a5c0b11fcf019a642782bde881b2d2fbda83625b8ba98f9a4d29867eab54f8d7dcfc527a92d845c66a93afeb131b47efb8d22cdfadd0a1db6c7cf24eb295fe15b556c20bcc4d781de24306a5b9a1f4118ad52ed6b7b947b62029cd81a2e1e1358dd23efd355196a8863a7e7efc6188a8d3bcdf1ee342c1eda18837c94d8ca7e3da07be7b2c974ff78d85ed37ba25e20579410d5b1a081e74adb7e859333", 0x1000, 0x0, 0x1}, {&(0x7f0000002a00)="047172310f3f1dd93c8424c36a03571610ecc13c5ed7472efad48b819ccf83d586af1401f71fd8e03ad5b18854858b91e3a8232ba072571eba861d52c61b6c33e93988fa1d50dad07c660e7e", 0x4c, 0x2, 0x800000000}, {&(0x7f0000002d00)="e15e3829d09cdd545531ffa9398cb77979f2fafe49e55875fc6c66401c77da1e98c60c1fa7fdb7726d52e8fbd23b62d91cf3c43e0c0eb87433950dd2457409ec505969eca77cf5295d5b661bab2ce7777dedc6a600896ecfb595a2e60791d2de4effc3ed37a102038049df10b72c3de3faa52fb6f184e76da588f1dc167f6c4535405f93b1928dd3bc3b378a86f372226faeda8fba1ed5bd1700e4bcff9c37db19430c81740c217379370238c16dc4405302bdb1307721d6c4954e7f001043ee16e7cfb8929482c73b7e71f9609f5ea69e158f5201ef637765d21d026b607db96a73cdc2fc6fd2f5b02254f75f8f3476ba1b8c88fa9086e044074d4b4b82f98f7d1ee734e013821229fdad8c406ef8e09a29e531b2406e1779697708553bed80401590f4bbe4dc51aa689c4d5d5262f2fb6e11f70a7be606222967ec63bf37b07fc6e973e619474e2ab2767fbff48b0e0390feeb7ad436c7a367812fa88ef922d489ffc2961a30b148e0742a0135c08f8684247ba8d09aa6d518b0cac506b9bab3c0cdd9e375e04d16e086a30ecbfe67d3570d5a70bbb0439b8b6022b4e5d5cd78dccf965491a0b3e1486a3f561ede4f886c3078fc08878475150f1c66e0811c1e77f291074ae1aa396b7d3d46189bd12ae3d9bdedbeb25cdfbffb06d22a1e9c4719fc411c75efdb50c4a698a5c981d44d7b487f627d571dd02fa7e82bb3a65f74663428b2c7dc8b51b7395d8a695b3614a2e15237372992ffea390b63879df2b525aa82003616f4c68e6a6f272d1b2755f19de57a4675bfface943cbfb4711d7918c1d71377aed03faa24843c3e8fb3168e45608dd5381eb9225f22ac66116d6c3bb9cf8857298cf8a210babc5f087214cf8749a8ef902c1daf2090a1db54595593a3cc785f4207f8bd13820628e0d5ad77ffd9e79ce914e323b2cc1717b84fc13d43b4d765e50d9f01a70c4f9c5d52bb3e83cf20c2615549832e72d129fd2c4f4b596819fe0b07cd5526c749a3c47cc24e2de315efb787322a4794bdb35ed0118a768a507b926f98174a82fa444d8d4a21a9b760f13306db3480a534dca49a175afdbd8c83f0d054d3676956eff3fa613118659fd49da121a036396ece58711de35b74e6b9ff651171e499abc22e3b084478ac7163ae7cc7e390d5cfa4e6869a23b399554c3c26e24fc5f4cbf42a2c3905a1bb689957f2d78df5700636cd0dd1fec225740fe7621b66ae9f90a546ab96526c6c10f66fa3f56faa65f5a9e04888a5c4432d84413a95bafd7ee304ce50c7678aae485f6564315faa77423dd8609c97eae5f32eeb14c75aa372c0a225bbdfc029bd890d2c897520314f9a49be31dcbb0019ea5073aa36bdad30a892b884b073c70238b3a4e1207e1febcd025e773c8f271158f63ccd67b9ce555fbb1a32271fe4e74600be2dfbf93aff68cf12c66a19b8fd4900a5144e4673d7c4122b2d0648d2f9c5130865e564f0ce4ad70c127153c220af817ed60c9ede7d52099f8255f7a149339916df250c77b6c4c95e755504869421603efe406d7c359f50793402e3a31617ac690c568937f0a772539e936d2e54824525a8a911ea7fd9626ce1b0b350f95d9da2e74d557112272d98fcd041d46ca226eb363160ded29311d0353a258a3e8aa3433b082af6bc3254214768893e9d25f62fa50f56e4e6b5d2f1efeee2f777ba2c4da436267c50d8d11092f7988fb115b39a252b85dbedafa3bcd3006304a9097a7d9159574e4f0bfceb0e1754403f617bbb9c9f33002614aed80cee3b690fad420b20f11a85e56d170adc6f6bd4bb4c2c0e5e2fa2058a9bc522ce04ede9d9c0aa56ee987db94400c13f7b7860b0ecf7d11bd5ba0b2b39710e53ce609f36d80f6608b00154329b30b0d9b10ccc81f1c4c509aff6708f71fa1156a997ffbce78555671a32c112b11143ea908effa02f9a077dbee0bdf38ee09a6cb4d0acd2cd2820e64649e04b584e31d38ac50c2737b35d03b35831ee1dd45669a04148ed46d050a2b219c235ae777a986b59eebfe08ac6ca258ace1ec1b05c815a4d0a44a7377ce9073204c6ea1c83e0c2edb0086b87a28e680ae5c60df51f7da6e463049fa884579095d6ebd1968feb4478c5a6312d4bb5134b57d53153da4cb375a202889fc7e0edfc49ab4364ed0e75a4d9215d3e9957d27a958c468893d3e99d98285dc979b5837f60f2a0d35af7fe890507d42a33558dac45ad61d6b945efef3f62e89f9cb23b53daf7f93cd085905e88b08fcf4c346f6acfaa91574be301d0f1b3c8f283f304a8316ff7410dd8c1c350fc05e72a69b661a698d6c43d71f1d960f86643a26c6222d08b3d65ecadde0892cc824fa7f7f2e4275d9d61edb4298167555bd0ca3c29c0cfe8b3e633ccbea5c7dc0fa60e4fe32096f8d4fef0ae9a4efc04d68df4d320afc2bec53304fb15c87b5fc7ec5c2593181d839f4c896590753daa66092989dbbd7cf7ee3a8d1b4de7b8d0a7c694ba88f073a97fe366c5266a030330d57086bd3d411308867522b53cb43f287fce6def43e02f611555dcfc579c51dc898b3d8ef9f7e565189825ca822c4a3e11649ee0095b4da2438f2ef8628eae104fa7c5afe4fa94b95ec2c85c442f7fc4645b39516f54000ca714dc74ccc7975ed2da6c268aefb518a96227526ca5ad00f400e222a7aebc0bbc63dbdcaead29bcb03e1902331aeb999803b9e951894df0375e77276e4e0afd4cb9bb0d7d3f6bdce85757f84716c38e4e3b9fc0f502591a20da7933994f41e3c53ddd64bd61ae62640d2981a433470a18e9813c9aef2c9fde0ab2b3dea3509f60a0b9cbc19b4987e7d2a26e746375d1d120132a9c9d755dc30ddde10dac99cc44a42e5c96d5fea0f86947d44b252220f97bd21f1429e48ef69f96118b5b03c46407d06fc0805b77a568d59ff309cb4ce5f517c9ad5f08d97e17f34873bf04da84953e0a2d87ccf3c368f433b7f42ce3312fd3a7bd08c0dc5b04bb1106ba2ce893aa753dfe47b81e8b4448359a1b9764f9b689804eed24d5f72aade7bb16363dab7c4cc4eb95027779a9846183994e8f66b36264e2b58153f005cbc548e17bc252ddf3a829b472ec8cea9acb01654746ced14919952ecf3b281dc7c1c8f1a81ad9313c70b2a9ca4b9d14de2264094682f09dfea0b4ba67968ccec48a283d0a0b4889da5a9d93556f414b6cd58369e1b68c0d7ec15e8e1d982edec58796d101d7bf854a9491f2f84628ff369eb1f65f80001163d32473e4a5af474c676b43fa2011a716211c19007182c9bf45d44a2136c95f1d98eb1f4847d3cafcedbc77a918d54a868d0758c5110308f3b1c56bae3f689fe326c3fe2e92877df1e4a760730f4af7553daac039954ce2c2f85319c2b25db660b2f23e6f37edf9348b15ca7cadbad6b3e01d9fc9ad6035b8a6dea07b4ed5d146cef136d314db188a8dbdd03c911f94abc4f291c5d0fbb6b4b0c0dc9ad9841b3a37d7a978d648c53b091f0271ef5baa4616e12c8ca116954351b17e09517c0084a9155fa9be4b803685d0201503e6cb79ac4ede7717d4a5d0f7a413d6a20e01732ce4ea838dceb972da238e672d70471afc00c96b06f086d70c9d595f4f125f463f96ea0c1920a132d0edf2d924bede752135d2d548b3d9c9f09bb24d130a93e4b01048b8df7b357d9de925ea81d6822bde3434a62f1a7639705132497a38e874222b7cb6891fe0ea005d5e38f2e496fc79fbc29f27fbcf523c0aca816c8a1d166a678e4e3034e2f44e5456de27ba2d2620334eb514a0c2992895e11661a3d2a06040257948c5547d2b66e37b00e414db7455bd29967ccf4c4181e9b46ec0f33c68cdb26d21d5b7c7ba6becc52e84fa59397e8fc8041b90fbd624b7666ba5e42b9403060284cbc37cff68e8bbb5cec8c5703e18d72368d0e2ba1f1eb07bb748305c62cf32681ca06b18d820d5297f02a99de056d71077698474406ad435ffb961b02acf059324b748a0fe467339814fcff8e86136aa2dfec397d93475cac1bc7e2adb9c6962177763f12da5be969de5ee824366b8fa2ae80a0107cadc768f5544896d52ccd50ddffdcf4252090900837c061423c2de88557e9bf6bcdf3804476a20ede0674f6f4837bd8004ea9314a13e32836800d1faf428c999768da887d7c5113f7b9689df9cb0559f3ff9ecab295fa7b806377c50b80542971423e3a0c73b9e738450b0146db3f4a2f5f8ff651631e6290648ba0497b01bd42e9f22e4e5ac4b77eec7b5fd4f1c11a1a164214158c54934cdb463b983695ba0e33691861597b6a6122cb23cf25d9f8a5bb0cf10620c23ee28a02d1ed0512bf573f95944b93a8146592d1fd6b372a476b25a30e045d042ddb7711b296709fa1e0898f03a06f8e4589220822a648494b8ef375b963b69cd0853b43e08e86f08040447cd971011d36dc7f387b39dc32e8f6ff74cbdaa514552d858bc5ce4eb9b29a1a21c6846c213f1213ce37fbb266c8ed0e19d167968a0f3c3281b283838d270ce18f527f9514e7b3c487b06779211ee83f7642ab2b6fa45e6aab000180c0288e9ba32d4204c8b246e8f565c3bb963a1cf07077a9c41366012ab4b8067aabdbe2362831c7c80997577377c9df8e60471b3555a4f0a05df992d0267779677b2f2b80308f3e2b9066ead1579b836afcf3f1be41aa56289ed74cfa8a8818934de883fc971c24ccbd9d65b4975e4e68bbc18baa17d549df3b8100e5d49b0d18a975bdd1eff150cd9d348df3b3ddea66771e2d9bd66b9ff7737fd2fb588520c1ea3b2686befa3c698cb9c3abbd0de74004828da2dc7cf40aef22a44d86bf03811049964a5f6061f5a7b14576c7d74a584eae29ddb246b383fab7427cb6ae14352ffa0049aa25a95a3443d5c2540938c2a66772e64b5da157b95b533377264117899dbcaf987b96f3b234c12bcb78ffee84e5491f3bab5512761aee74c17acdbd7b02080070b4ee5bc2e16c8611a93b7252bc2a9b777245baf040176493171c6c17f7bfe5bdd32151b455a2fb7e10328ec17f1eba4af325289710ca5296632bd7946e362ff84e2e001fc71c480bd16357dd6d4813f2f87f333f5e01e164d0d94015feab7dc866300e96ba7d8c35a98cce22b39c0fe6057da550da0fd43f5c048020755196a447b51b51d4929e2f27bafaba9ff63387c52b0ea86f33d68daa12f9ff6bb2233728009c1f44c5764ae1e62dc88b6f394863bd6613832867395e47e9fa2f27a8d152b641d983d95a9f5ce66d70beed85f30dec362ac97f19a2e2802942f6abefbfbc6ece9e85da8baea0f273f0809d317b7310ab48efba5cf199b7b9912f0f7ae5b0177641882ebcaccd3d2476680011e1e84b785b0f13fe48a53cc8995f9db9ede7076a92a4149f14fa903d7b00273628690e80f612c05e0b8fa0f2a7400ac1d79d07fddaee09bfb86a1eb211a15ea6a7a202317610f1d0f0025c1f23cfa36055cab078ca96d179bb346f399731240112c9068e08298a93f3bf1107fd4e43dc8f14210e1c3bbb676fb2b70184123393410a7053e29edf2d2637baf8e34e8c8d4fac81d89c0e23db34dc02decb8b15ca0870f74c2d203a9a01580a9fa3766d5f2a99215a9aa176ec3513b4cef827cb0e14714a29b1ac8f31dfb02ec098a735ac703f7768fffe653c279a2294bbd099885ca3c74df132d3514aa23212bd86caeca1dd68b86c8e6672244bf20657cafcb1b19944123d93f4d55ac1026d2e86a1ba478b428fbc20c178077167d3300c45d9078f4eb0c5f5e78bc5561229cb37bfbfa1cf5cc0c5b", 0x1000, 0x5, 0x8000}, {&(0x7f0000002a80)="caf7e08c952db3a761789b419b1df6b85fdd512e2a7037a3b84aecb5e5b1ad2ab75a0c8e1fb6480c79087315716e1d4341acae3ab2508a4264dd2770c088ecfb44cc82ed69e41ca8b9a5b6fca422be16f0a802afee6eafe998f98562b528f75beefc1269dff88bc0e2c18cd66f8ee30388f8df69aac70439e162d434f864354a84e8234aa75b63849a3e53459be6f55d98cac0e444abe599aaad9508eeabd619b4e2fd833c4e2d63a9422006df3d0a06d4fe692b6a92e3330d00a9e2cc003406f337c3b84f59fd07c25ec257f63de0467eb1", 0xd2, 0x1f, 0x81}, {&(0x7f0000002b80)="3c17d593b3a746a87aabac9ebfc0595765ddd469081963cc7da02aa68792b32b26a95a0701440358ea50f54e76b44f684a2f0f637860f98779a9de1c42b93c7b70e48e436e0efa8b7041e0e59084901ea061854dd81105f10f51b87588d4f4ad2c500edb40920985528f52281cdd02bc7a227a6389646bbe94dabfcbe70e9cde3a08", 0x82, 0x7, 0x213}], 0x3e0000) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000700)) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r5, &(0x7f0000000240)="79406afa49e6f0ef2c81978284d42cae20ab5fbfd714837e9989aff6673be84adee6b92865337b6112b5c72f387663ca7cab58dfe1e32ae2b8bfa0ac5882cf91352bca391d4af57e3336bd36cc32a5c23b5353aebd95a565ffe2183d2260d9bd0660e8d1db381fde8a6a30343e0fa0d875d1851c63d2f30d298f1f9a9329b1a148a32c7a994b687024bb9b507f9d3af26267bd8fd63f336d92e83dfda0ecf0b87d9e2b823b947e49928e41109dae6a17f294b44c517ea751002b7e888fec1622a9c532ea5ecdca33c71349ce115b0128a47bb7a78d77b3ddeb687ba80c7a58113319872e1d786f315b017fd0b03234712f28edcbb6f9a900144073ce", &(0x7f0000000180)=""/82}, 0x18) r6 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) shmctl$SHM_LOCK(r6, 0xb) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000400), &(0x7f0000000480)=0x4) openat$cgroup_type(r5, &(0x7f0000002c40)='cgroup.type\x00', 0x2, 0x0) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:08 executing program 4: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x1, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000003c0)="f54c170f57279a75957eafb50e3a8cda2c7c17fba8f25c13489632bdb0dfc5cde793867d8f15c0c0642f87e35b3fe2e04a1dc0bda6219bec2d84bb4f93239cbfbbdefbed6bde0b602572cc9e066d552647be237b5dc6e1e5ae252b39c41d3624003737fd1be761259967a356b180b9152e473afdac79551ca0626708f2d0381d2e73325812b555c69913538c3ca306e53838a484c521a73f40d0a67ba25d6d749860716d329eef2ade7fc615964ec6805ddbcc994991a15f77b53fbd438e94f209a918a13bf772743708fcd1b46e5657942cb141d98145bcb733dae4c17af424646f04719c1f652aa37b968c135a6b63f12b7cddcb5449bc312d1911049dd5f69557f0d05dc14387c29fcf80521787f8ab428296b166a7454d924d0cfc42bfff56d1ef888ad56989f659e5e1c18c83a03f0257012dac335ad8b7693ba1849921b286f59c25d04c65f0acef8384988aa81299161a98fab826a4af42b39cc38aac91bf8930e2584cad09b5863d92be83a49de0a405d0181798f3db1a2550249aaad350511533ebd5f92f22311e210585f368cb0d0525a7f376da807763e33f05f6c87b77cb5662c88d140be849459d04d15ef226f681bbf90823327f50996bd9a8ca6733cc8848703db4772c56dabfa294eb0c9ec09bd5454ea493b56f3a6626af2d81279f173f6a877dc853dc29e2facdcfd9e6e3a7cfe3409768bbb4e80eb090e3581011618ec93fe77b913701b8da9d57630433a3fd47fdbd2eb4c6331a8e1074558bed7cb7320ff49e7eee82b6d854622182f9d0b9ce9cd200f09c8b97ef67e6f083ea1c859b2dd7c2e3ec94160ea0a35c1b27868a93ab371017613d6f1b7ff42aa96d42326f4da5546450ee299db728a9bb31223f6c94433b72361c578b6a38245e331a90d97bc87bbf75653205e4c8930df836cfd7037deb71c541bec541d163b978e3310818e8a71f7ed039654db4ebf6d592374876b23f45ac667bc2040896ef42dee3e19370c78830d1528108ef0465e045de6411a01b801e2713ddd1081d65b075f09cde61f71ff213404c5fe7d205edc1bf7fab582343f6399657932d4146188297fac1bf5e7e5203af8e0d6baff25aa202ed41f52738d5c695aae44770053f2a15727f06b90069358972223d2696646fc173ea42cf83406977da3dc467931f1836e47117698c04f7f6fbe09263cd4e3e6641cc5af0d3e8896a0da4f7932d78e8c911554a06906978c568c6c276c15bd3e978bddff2606192ad28f489183146078cc962ed291d34c2a0f8cb6d90258ce04debb13231b761faff53b76bbd2f32c98234c8af6c6ff65ecb66d8dbe77e51739b58adc82a5bbb415be6f70d3e1bd92edee4512b387cd86bea1f5fe5ac9bbf5af67cd46f8aecd8556bfd5459411999cc1bd79334d139a123ac07459c15228a586966775ed95a0231183614da5f9e5c50894c93b7406d89943d67b6865438c8d37ba01ef33faf17bddd5758749f7b7ba2133fa1b8217d1394682a95f0e530a0156f641612bb293acf5b389fa465c6aea3da48f0b296abac236344aa16aa4a3aeefb777bd9d31e7512a787de39a3742edc08a62947ec27d5a064076408fcc7d17530c7ce84ffccc38307d6dd1b4d643d1205f86c5b5ee0e3176b028b150c1102ffd5299c62dec5a8ccb207debbf07a42117b7ac274151d4b77089ff71486e4b6bd5c2e6bd8c7ceac66794b5a038455c083e2e8fd012c7b49e4de120fa0c8703e199a72288d9e6f9930f654578344e0b5503371444f2f00520b5a50c5e7673a5068a41e547fa6967a5fe8eed8a9558e06bb60824f1e7e572a3c9766eb00d134309499ffffd3fcedd4045642704c759617acb40f10e57b70806a3fe6475dda80c1590725e0bd393fa427723932b35696a690b24ec50d31ae3c7a1cbb2071a953876e2385a114f68ce4437af671eb5dc2ccd2e9bd36d957252124a0b5f38e2cfd1731ca499c5080c1ed6b4a484fd50d3cf2e6e8afcd888468014df6291303b2b2d4ff85ef3b3bde9f4a5af2a9c6f2a82b2a39e3474105efe2bc9fc7939a41893fb9a85248d5b248fea7b684ad968b41ffcd7fcfb2787269314671ce3f0dd1c4e028a9fba0c8f0628e0ef70dd29c27d20e77cae3fc6052abd3323928c2c1e8a9d1c0033be5a4760790fa515e11bb82179a03d39d6ccec1ee9df446c5c0c9c028a701a1130d4a7a7a399886238e73291bab620e78eb2b3850d558be24b6271de835f10d28897e9bd254c5ec67933f8877734cdd319b59b1f7da63512eb7d548d6e0ee10f729ac9e6734df55b130957f1005a410bbb63ce1827f2021aa307cc6242696487207b076886fe3ff7cf929920aa7a02a716c02bece93565595df393505ae51614afec189b1be375d8595cd79c96155ae4776a2d1e68bc2ad9e9cc0703de31a25b05f21142365f56326a6cc3db6b81cc14f7c90c1d91d9e0cbee9b593521275fd469e36773e2cb54d48ab5b5b3602f22ea268fb27d145a679f998e8a839d40e4df47f5f3e17549fe441077db262ebe23c7efe5aba94520803f056264267cd5760010944968f9a036d9120c44e15e82be48a110f77f5c31e7699322e3c995ac5fd81a178c9a7e9054f137c396cfe9e86257f6cd9ae9c245f1f3c2d7ba7c3c7dcf0fb851a004771394c3f06602bd7dc9c4f9246482af6927177bb9c3067b440993d10bb8a39cf568477631b7df25c3bd24b5882ec2ce609da22e5c3570413cb00a74f51293bfe72bac88ec8928fcbab3f04b0100bf337ee395318a50777cd51d07833e98b985ecbce3da410881d330ab503e2e739793a458a96181934f83bcde9e60aebcc1082c788e8540dbfc3cf44f95dad1326bbe0407aab775baf0e0d0b01781edda3dac61ba09822c08a91d4630ef19435844e21d3f36677db4907f11c94358453b0a3b83b088db087e16742344c27137a7baec7d60cd2ad9ff2882e3e9226845201710603bb2b49355a004b1125a8f9e1f3239cd9232e11d564e33dbfa2c20a23e3e03e9775be31f8af9241c79b795dca47089d3bb8ff0d09c689d3d87db05cddc1c2648e1994052fc64c12174f12283bf3da0f2815a82d8b3966284e48fbd5d71ebf80abf541b6244cce775fa83143a902201561c4e97f64116870babb362e5daf73281644ea84ad25177d71618c2f70cb0d187fec796e21d6ac44ca53280a935dc1e81e44068f42ac3e9fdbf85a530da99aa4d81c1ec88e43c47120a6445b6f9cd879179dff4145d5796f63b949efc0ae8a6589c83e35e330c875ee89be50b54aa8b316371a0d4418ffbf0edde3b114148ac15647c677661a347ab73293c54af2b9db7d24547e09fb298b216d358e8079d2b7ac7db5c331de93d5595e192758200b773cbd64358f88c6ce1ffb21c065de7733469a6614573b176099279c83a261d7a3a1a94a20d157dc71febd07c16c55b6868205b2c6346b60a7d714d0b4a1049ac31478282467f73705af73c868ae85bbe4dfcb326f31cc10965350a4b75da94a924fad04efe090e8450d094e7d7688a506998dff87b515da5717ae7147b9aa9a649cf65094ec1433e81716abaaf7c044cbc24129cae746bf0aa08347ac7c48a80d5fa0abe75b1d0e70b12556556762d4c7b26bb5a548bca2ca3fdced327b590d5534c66d4fbd0064d22bf26ca6892e85ed3eac5034413c54cda9f5e8cf7d2497514a3f9cd43629ea797415dfa6ec05d2fa55299bb02d1708348c998b12325a40ed5745a0754ec2b3f7e34af34eaca741de6ba2343f7e967ae262557f74710896b23cd34beef6bf7d4cadc03b16fe5028adb07357e91359851a0424415ac3dd5bba42ae4ee82135b672cc800eb2a8c4a173e74289fe884a35f6a7717eeb4b8fc3525a9efc2b1fc40dd731cdae6eff6546864a4fba0db66963c0c2bd652c3f39ec331f2d932e4d0227f1a72ad7ad3a93bac3794423dcce523c823012eb82c9b740efc104f74e17b6be1fb2d2c6f0ae9d5e09d1482010f8c48ec82ce853b304da8aeb0b9cf063cb5f3a142ccc0b5efd89728c42ad348e266a452e2553fcff044b17a331453c92e180dc30c50348f57917c9706e68072b17fb9b0b20b8704e43c57eea97556ae186a6876beed5894cc1bcc0c9b6967a83a61637a180a29ba899545b581685b079587d5688c045069489fcc9ecfa034ab1082a39357e40868509b82ba6d205f260e43ce4a68739b3c1d396940837f77280c7b40a0fd0e6a767d2b33cde314c7819864f1855f1c832e3c9c2c20aedc0b253663624a7ffce5050cfd609e82f946f8b6592db617eca7fd181f5c06f38d2f4c89aaeaaff0677df78b2d457ce3ba1698bd30558ecf5f97a9908849b20baf373281a274c1270568a249af930adb7d63801a1e0099bd27b66ca3ca9e124790b23a678a5b751c29e13c50998ed0f82924220a25a525c44d0fef4c04817d9e55b0f23d9a08a7db30cb0c43d212528111a4f6249266b4c30770ed8b1188d31554dfab29e2971c747db0805a5ce11f48f24e538840ae96293ec4925d71e41990466baf1b5ac4aff7da81483b9214d132b97d781daf3a3ae4a5de7738adbb280cf6db61f77ed717140134ce51c1484ec4dd76dc0437aabee5ac434530e1492a781668cf6af00327baa713da4ec6075fedd38aea813e482d2673ae54fa1f884b95b867e82e5ebade086bf2443afddaf021d87ba15fd5020767f142a873d54483f11c5a0f2d509fb005e73e4c528cbd6f5beb71f93ec28fe7ee01ec58a8ae07f7afc71e4ee6b05a1cb5937a7a50328dd00510c3971a9a0975e7c9a4b4d59c35b6654a66e1073dfdc836e3053c7ab0037d8dedca927d998c03d507afd5f629c2af771312b4827d7ef9834832b12b33c0398ce46b1c611d83d9d93533a068e185a54a2c4b30ca3c9390eb690ec4d71eec273de41f99b7292dc0f03c59e8e9b8291bc7c33c2ef7c75fec367bbac2b3809c54ad5394f3cc6fe595f47ca5f0da2dcdd3b82c85a13d77b1b2c91f66dcea76a6ca82d31dfe4740688f2c0b006c7a0b64d700128eab7d34d1a0013eebfee07cc9f56be4de763bfca91351a3a81f7d944e6e7f98f0781c90860f15c277bfc3b79327a8b8ade2641ee5eedc99057ae88ebd6c4b6710b85c911cffe4c306f956093c9ae0f6cfd498147661f95d809299ac49816d245d4d41f53a09dd65b12fd22b1929708bd314215cccbd27ce9c95b4c4721f2cc5204c44f26ab3194db9e97589249e1cda933cc283072c1149a4d67bc94607ca3f2ec2a6bc92a003ba619439e7b27dce6e4e55566f5267edfb485ac9588c8a7ceee65d33cfc10901cb38adcafc1aba2d7cc960b15e8c22e3a75945d43c53a1b97d0ebed6537c5a13b4fcf05dbb4d16d5f6700df1ec0deaf19da1b44ece903710fe7229591be05069bd534bfe9eec97807d9a9c5aa76fb655efa614ac9b94d6ec4746d5e51303bd24866209e0c5d3034be67504bfb75f6bbb5917b8a11ce21b3e017808e277369095f0734430ffde9b4fc64191e6a4ce337383180108ee54c24358eeee3342e28eddfb91bb9074ac6b59e8d5ad2253fc920b200e350516bf0a45ca8af064b11cc294661aff227233cdfa9ebe5f1ec4ea48b505a652878d70d4653b1979fd1c9fccbf9bb3f518f9995b189dd6395ca0328a69a87f47206fae27b8355f55935437995ae327b31adcd61a78378163e6cfc3a600b1a12ec78dab81cd40214bde30581f6b265874799465e08614896fdc5a2d458f475555d1d350873321274a3a858cf944005288c33ae5ce2b3098395286e", 0x1000) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(seed)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000380)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f00000016c0)=[{0x0, 0x0, &(0x7f0000004840)=[{&(0x7f0000004b00)="877488460455363a89fb7f81ba1fd3d7aa15ccad42aa08d6f6c964978c685df9", 0x20}], 0x1, &(0x7f0000000280)}], 0x1, 0x0) recvmsg(r2, &(0x7f0000000100)={&(0x7f0000000040)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f0000002840)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/87, 0xfffffffffffffd7e}, 0x0) 10:01:08 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x4001, [0x40000073, 0x1]}) 10:01:08 executing program 5 (fault-call:5 fault-nth:27): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 252.237491] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 252.244743] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000004 10:01:08 executing program 6 (fault-call:7 fault-nth:5): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:09 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x20, 0x0, 0xfffffeff000) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xd, 0x9, "dcf59290ac299917b3d08096f23f5cc7ade78d549c6c2c03bf3f04e57d047f8a377fb9752fce4439ae84b5c261118986a432bc783a5d781e556e14ba2173dbe8", "eda52e5049d0361e9763221e8149cfd62953bb379e79a2132314900f0f74d671", [0xbc, 0x5]}) 10:01:09 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0xffffffffffffff9c, 0x6, 0x1, 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x2}, 0x20) connect$netrom(r1, &(0x7f0000000080)=@ax25={0x3, {"a5c1fe90a58575"}, 0x31}, 0x10) socket$l2tp(0x18, 0x1, 0x1) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f00000002c0)=ANY=[@ANYBLOB="4ae30000000000000200000000000000020000004000210000b1ee00000000520000000000000000000000ff0000000000000000000000000000000000000000000000000008ac00000000000000000000000000000000000000000000800000000100000000000000000000000101000000000000010001000000000009000000000000000000000000000000000a0000000000000401000000000000000000000000000000000000000000b500000000000000000000000000000000000088df5e0f2bcbf65165039bcfa308105cd685df2e757faa1bfc70f062686c371f122a13f592c4eb8ef60849887daaf7499cd6b7cfa378a18f01ef1b59bc03bbe31644919450497debf87916c37a59ce16c0e8712bceed9766110b492cdf14af08524729fc15588d84aa4227ad258a866bd982aa0e512a7e845e44e048a20af82b35b7408ab047a2"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 252.591772] FAULT_INJECTION: forcing a failure. [ 252.591772] name failslab, interval 1, probability 0, space 0, times 0 [ 252.603122] CPU: 0 PID: 15376 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 252.610061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.619421] Call Trace: [ 252.622021] dump_stack+0x1b9/0x294 [ 252.625667] ? dump_stack_print_info.cold.2+0x52/0x52 [ 252.628266] FAULT_INJECTION: forcing a failure. [ 252.628266] name failslab, interval 1, probability 0, space 0, times 0 [ 252.630861] ? __save_stack_trace+0x7e/0xd0 [ 252.630889] should_fail.cold.4+0xa/0x1a [ 252.630906] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 252.630929] ? kasan_kmalloc+0xc4/0xe0 [ 252.659396] ? kasan_slab_alloc+0x12/0x20 [ 252.663535] ? kmem_cache_alloc+0x12e/0x760 [ 252.667853] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 252.672688] ? kvm_mmu_load+0x21/0x10e0 [ 252.676660] ? vcpu_enter_guest+0x3a83/0x6060 [ 252.681150] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 252.686162] ? graph_lock+0x170/0x170 [ 252.689958] ? do_syscall_64+0x1b1/0x800 [ 252.694012] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.699378] ? find_held_lock+0x36/0x1c0 [ 252.703436] ? __lock_is_held+0xb5/0x140 [ 252.707500] ? check_same_owner+0x320/0x320 [ 252.711815] ? rcu_note_context_switch+0x710/0x710 [ 252.716742] __should_failslab+0x124/0x180 [ 252.720971] should_failslab+0x9/0x14 [ 252.724765] kmem_cache_alloc+0x2af/0x760 [ 252.728908] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 252.734437] ? kvm_pfn_to_page+0x7a/0xa0 [ 252.738496] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 252.743338] mmu_topup_memory_caches+0xf7/0x3a0 [ 252.748000] ? kvm_apic_has_interrupt+0xe1/0x210 [ 252.752755] kvm_mmu_load+0x21/0x10e0 [ 252.756551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 252.762084] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 252.767620] vcpu_enter_guest+0x3a83/0x6060 [ 252.771936] ? print_usage_bug+0xc0/0xc0 [ 252.775993] ? kvm_set_msr_common+0x2680/0x2680 [ 252.780655] ? vmx_vcpu_load+0xada/0xfe0 [ 252.784710] ? __lock_acquire+0x7f5/0x5140 [ 252.788934] ? vmx_vcpu_reset+0x1030/0x1030 [ 252.793248] ? graph_lock+0x170/0x170 [ 252.797042] ? graph_lock+0x170/0x170 [ 252.800835] ? __lock_acquire+0x7f5/0x5140 [ 252.805067] ? debug_check_no_locks_freed+0x310/0x310 [ 252.810256] ? __lock_is_held+0xb5/0x140 [ 252.814317] ? lock_acquire+0x1dc/0x520 [ 252.818284] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 252.823302] ? lock_release+0xa10/0xa10 [ 252.827273] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 252.832547] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 252.837037] ? preempt_notifier_dec+0x20/0x20 [ 252.841535] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 252.846368] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 252.851388] kvm_vcpu_ioctl+0x79d/0x12e0 [ 252.855448] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 252.861153] ? graph_lock+0x170/0x170 [ 252.864949] ? find_held_lock+0x36/0x1c0 [ 252.869016] ? lock_downgrade+0x8e0/0x8e0 [ 252.873161] ? kasan_check_read+0x11/0x20 [ 252.877308] ? rcu_is_watching+0x85/0x140 [ 252.881451] ? rcu_report_qs_rnp+0x790/0x790 [ 252.885861] ? __fget+0x40c/0x650 [ 252.889312] ? match_held_lock+0x871/0x8b0 [ 252.893544] ? expand_files.part.8+0x9a0/0x9a0 [ 252.898121] ? kasan_check_write+0x14/0x20 [ 252.902349] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 252.907273] ? wait_for_completion+0x870/0x870 [ 252.911850] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 252.917034] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 252.922739] do_vfs_ioctl+0x1cf/0x16f0 [ 252.926654] ? ioctl_preallocate+0x2e0/0x2e0 [ 252.931059] ? fget_raw+0x20/0x20 [ 252.934508] ? __sb_end_write+0xac/0xe0 [ 252.938480] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 252.944008] ? fput+0x130/0x1a0 [ 252.947291] ? ksys_write+0x1a6/0x250 [ 252.951089] ? security_file_ioctl+0x94/0xc0 [ 252.955494] ksys_ioctl+0xa9/0xd0 [ 252.958944] __x64_sys_ioctl+0x73/0xb0 [ 252.962826] do_syscall_64+0x1b1/0x800 [ 252.966705] ? finish_task_switch+0x1ca/0x840 [ 252.971195] ? syscall_return_slowpath+0x5c0/0x5c0 [ 252.976118] ? syscall_return_slowpath+0x30f/0x5c0 [ 252.981047] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 252.986411] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 252.991253] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.996430] RIP: 0033:0x4559f9 [ 252.999605] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 253.018922] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 253.026624] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 253.033880] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 253.041140] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 253.048398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 253.055657] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000001b [ 253.062937] CPU: 1 PID: 15378 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 253.069867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.079217] Call Trace: [ 253.081819] dump_stack+0x1b9/0x294 [ 253.085448] ? dump_stack_print_info.cold.2+0x52/0x52 [ 253.090628] ? refcount_add_not_zero+0x320/0x320 [ 253.095374] should_fail.cold.4+0xa/0x1a [ 253.099427] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 253.104518] ? key_task_permission+0x390/0x390 [ 253.109085] ? check_same_owner+0x320/0x320 [ 253.113396] ? graph_lock+0x170/0x170 [ 253.117180] ? __might_sleep+0x95/0x190 [ 253.121140] ? find_held_lock+0x36/0x1c0 [ 253.125189] ? __lock_is_held+0xb5/0x140 [ 253.129240] ? check_same_owner+0x320/0x320 [ 253.133547] ? rcu_note_context_switch+0x710/0x710 [ 253.138464] ? join_session_keyring+0x340/0x340 [ 253.143116] ? rcu_note_context_switch+0x710/0x710 [ 253.148038] __should_failslab+0x124/0x180 [ 253.152259] should_failslab+0x9/0x14 [ 253.156048] __kmalloc_track_caller+0x2c4/0x760 [ 253.160702] ? key_default_cmp+0x90/0x90 [ 253.164748] ? dh_data_from_key+0x1f8/0x3b0 [ 253.169057] kmemdup+0x24/0x50 [ 253.172262] dh_data_from_key+0x1f8/0x3b0 [ 253.176436] ? dh_crypto_done+0x90/0x90 [ 253.180423] ? __keyctl_dh_compute+0x501/0x1bc0 [ 253.185106] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 253.190113] __keyctl_dh_compute+0x66a/0x1bc0 [ 253.194602] ? graph_lock+0x170/0x170 [ 253.198391] ? copy_overflow+0x30/0x30 [ 253.202297] ? proc_cwd_link+0x1d0/0x1d0 [ 253.206343] ? find_held_lock+0x36/0x1c0 [ 253.210397] ? lock_downgrade+0x8e0/0x8e0 [ 253.214570] ? check_same_owner+0x320/0x320 [ 253.218875] ? __lock_is_held+0xb5/0x140 [ 253.222922] ? __might_sleep+0x95/0x190 [ 253.226895] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 253.232416] ? _copy_from_user+0xdf/0x150 [ 253.236552] keyctl_dh_compute+0xb9/0x100 [ 253.240686] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 253.245431] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 253.250605] __x64_sys_keyctl+0x12a/0x3b0 [ 253.254744] do_syscall_64+0x1b1/0x800 [ 253.258614] ? finish_task_switch+0x1ca/0x840 [ 253.263098] ? syscall_return_slowpath+0x5c0/0x5c0 [ 253.268017] ? syscall_return_slowpath+0x30f/0x5c0 [ 253.272942] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 253.278295] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 253.283124] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 253.288296] RIP: 0033:0x4559f9 [ 253.291465] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 253.310689] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 253.318383] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 253.325636] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 253.332888] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 253.340138] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 253.347391] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000005 10:01:10 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:10 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) socketpair$inet(0x2, 0xb, 0x100000001, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000b00)={{{@in=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @broadcast}}, 0x0, @in6=@loopback}}, &(0x7f0000000400)=0xffffffffffffff64) lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000900)={{{@in6=@ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, @in=@broadcast=0xffffffff, 0x4e20, 0x6c4, 0x4e24, 0x0, 0x2, 0x20, 0x20, 0xbf, r4, r5}, {0x80000000, 0x7, 0xff, 0x322b, 0x9, 0x4, 0x7fff, 0xc5}, {0x8, 0x8, 0x8, 0x9a6}, 0xffff, 0x6e6bb7, 0x2, 0x0, 0x3, 0x2}, {{@in6=@mcast1={0xff, 0x1, [], 0x1}, 0x4d3, 0x33}, 0x2, @in=@local={0xac, 0x14, 0x14, 0xaa}, 0x3503, 0x4, 0x3, 0x27, 0x7, 0x0, 0xfffffffffffffffd}}, 0xe8) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r6 = syz_open_procfs(0x0, &(0x7f0000000480)='timers\x00') ioctl$sock_inet_udp_SIOCINQ(r6, 0x541b, &(0x7f00000008c0)) r7 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r8 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) sysfs$1(0x1, &(0x7f0000000180)='\x00') r9 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r7) keyctl$dh_compute(0x17, &(0x7f0000000000)={r9, r9, r8}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:10 executing program 5 (fault-call:5 fault-nth:28): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:10 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x3}) socketpair$inet6(0xa, 0x5, 0xfffffffffffffffe, &(0x7f0000000040)) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) r3 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x10000, 0x80000) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffff9c, 0x84, 0x1d, &(0x7f00000000c0)={0x2, [0x0, 0x0]}, &(0x7f0000000140)=0xc) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000180)={r4, 0x5}, 0x8) setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f0000000000)={0x3f, 0x7, 0x7}, 0xc) close(r2) close(r1) 10:01:10 executing program 3: mkdir(&(0x7f0000000240)='./file0\x00', 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x6, 0x3, &(0x7f0000346fc8)=ANY=[@ANYBLOB="1800000000a300dce9000000000000009500e04d58985fa2"], &(0x7f0000f6bffb)='GPL\x00', 0x1, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) unshare(0x28020400) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x102, 0x0) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000140)={'security\x00'}, &(0x7f0000000200)=0x54) r2 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x880, 0x8) umount2(&(0x7f0000000280)='./file0/file0\x00', 0x4) r3 = fcntl$getown(r0, 0x9) mq_notify(r2, &(0x7f0000000080)={0x0, 0x17, 0x4, @tid=r3}) mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000080)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000005c0)={&(0x7f0000000600)='./file0/file0\x00', r0}, 0x10) 10:01:10 executing program 6 (fault-call:7 fault-nth:6): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:10 executing program 7: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x40000, 0x0) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000080)={0x3}) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") mkdir(&(0x7f0000000000)='./bus\x00', 0x40) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x4) fallocate(r2, 0x20, 0xfffffffffffffffc, 0xfffffeff000) 10:01:10 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x7401, [0x40000073, 0x1]}) [ 253.756208] FAULT_INJECTION: forcing a failure. [ 253.756208] name failslab, interval 1, probability 0, space 0, times 0 [ 253.767499] CPU: 1 PID: 15409 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 253.774428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.781635] FAULT_INJECTION: forcing a failure. [ 253.781635] name failslab, interval 1, probability 0, space 0, times 0 [ 253.783774] Call Trace: [ 253.783799] dump_stack+0x1b9/0x294 [ 253.783822] ? dump_stack_print_info.cold.2+0x52/0x52 [ 253.783840] ? __save_stack_trace+0x7e/0xd0 [ 253.783867] should_fail.cold.4+0xa/0x1a [ 253.814737] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 253.819834] ? kasan_kmalloc+0xc4/0xe0 [ 253.823719] ? kasan_slab_alloc+0x12/0x20 [ 253.827860] ? kmem_cache_alloc+0x12e/0x760 [ 253.832173] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 253.837007] ? kvm_mmu_load+0x21/0x10e0 [ 253.840979] ? vcpu_enter_guest+0x3a83/0x6060 [ 253.845464] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 253.850475] ? graph_lock+0x170/0x170 [ 253.854267] ? do_syscall_64+0x1b1/0x800 [ 253.858321] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 253.863680] ? find_held_lock+0x36/0x1c0 [ 253.867744] ? __lock_is_held+0xb5/0x140 [ 253.871806] ? check_same_owner+0x320/0x320 [ 253.876123] ? rcu_note_context_switch+0x710/0x710 [ 253.881050] __should_failslab+0x124/0x180 [ 253.885281] should_failslab+0x9/0x14 [ 253.889075] kmem_cache_alloc+0x2af/0x760 [ 253.893220] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 253.898060] mmu_topup_memory_caches+0xf7/0x3a0 [ 253.902724] ? kvm_apic_has_interrupt+0xe1/0x210 [ 253.907474] kvm_mmu_load+0x21/0x10e0 [ 253.911269] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 253.916801] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 253.922333] vcpu_enter_guest+0x3a83/0x6060 [ 253.926659] ? print_usage_bug+0xc0/0xc0 [ 253.930721] ? kvm_set_msr_common+0x2680/0x2680 [ 253.935384] ? vmx_vcpu_load+0xada/0xfe0 [ 253.939438] ? __lock_acquire+0x7f5/0x5140 [ 253.943668] ? vmx_vcpu_reset+0x1030/0x1030 [ 253.947984] ? graph_lock+0x170/0x170 [ 253.951778] ? graph_lock+0x170/0x170 [ 253.955570] ? __lock_acquire+0x7f5/0x5140 [ 253.959802] ? debug_check_no_locks_freed+0x310/0x310 [ 253.964991] ? __lock_is_held+0xb5/0x140 [ 253.969052] ? lock_acquire+0x1dc/0x520 [ 253.973018] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 253.978034] ? lock_release+0xa10/0xa10 [ 253.982005] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 253.987276] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 253.991762] ? preempt_notifier_dec+0x20/0x20 [ 253.996258] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 254.001537] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 254.006556] kvm_vcpu_ioctl+0x79d/0x12e0 [ 254.010615] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 254.016320] ? graph_lock+0x170/0x170 [ 254.020117] ? find_held_lock+0x36/0x1c0 [ 254.024179] ? lock_downgrade+0x8e0/0x8e0 [ 254.028321] ? kasan_check_read+0x11/0x20 [ 254.032461] ? rcu_is_watching+0x85/0x140 [ 254.036604] ? rcu_report_qs_rnp+0x790/0x790 [ 254.041011] ? __fget+0x40c/0x650 [ 254.044463] ? match_held_lock+0x871/0x8b0 [ 254.048696] ? expand_files.part.8+0x9a0/0x9a0 [ 254.053269] ? kasan_check_write+0x14/0x20 [ 254.057496] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 254.062419] ? wait_for_completion+0x870/0x870 [ 254.066996] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 254.072180] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 254.077885] do_vfs_ioctl+0x1cf/0x16f0 [ 254.081772] ? ioctl_preallocate+0x2e0/0x2e0 [ 254.086175] ? fget_raw+0x20/0x20 [ 254.089621] ? __sb_end_write+0xac/0xe0 [ 254.093592] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 254.099118] ? fput+0x130/0x1a0 [ 254.102392] ? ksys_write+0x1a6/0x250 [ 254.106223] ? security_file_ioctl+0x94/0xc0 [ 254.110626] ksys_ioctl+0xa9/0xd0 [ 254.114075] __x64_sys_ioctl+0x73/0xb0 [ 254.117961] do_syscall_64+0x1b1/0x800 [ 254.121839] ? finish_task_switch+0x1ca/0x840 [ 254.126331] ? syscall_return_slowpath+0x5c0/0x5c0 [ 254.131253] ? syscall_return_slowpath+0x30f/0x5c0 [ 254.136175] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 254.141533] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 254.146370] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.151721] RIP: 0033:0x4559f9 [ 254.154897] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 254.174214] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 254.181916] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 254.189175] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 254.196433] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 254.203698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 254.210958] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000001c [ 254.218237] CPU: 0 PID: 15410 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 254.225173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.234525] Call Trace: [ 254.237118] dump_stack+0x1b9/0x294 [ 254.240753] ? dump_stack_print_info.cold.2+0x52/0x52 [ 254.245948] ? __kmalloc_track_caller+0x14a/0x760 [ 254.250794] ? kmemdup+0x24/0x50 [ 254.254173] ? dh_data_from_key+0x1f8/0x3b0 10:01:10 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpu.stat\x00', 0x0, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r2, 0x4040aea4, &(0x7f00000001c0)={0xfffffffffffffff7, 0x9, 0x1525, 0x4, 0x2}) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:10 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) fcntl$setflags(r0, 0x2, 0x1) r1 = syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0xb69, 0x2081) close(r1) syncfs(r0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@ipv4={[], [], @rand_addr}, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@remote}}, &(0x7f0000000040)=0xe8) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000002d000b0c29bd7000ffdbdf2500000008", @ANYRES32=r2, @ANYBLOB="0c000f001f0002001000060008000b00080000000800050001ff0000"], 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x40000) syz_init_net_socket$nfc_raw(0x27, 0x1, 0x0) eventfd(0x10b) 10:01:10 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 254.258497] ? __keyctl_dh_compute+0x66a/0x1bc0 [ 254.263164] ? keyctl_dh_compute+0xb9/0x100 [ 254.267483] ? __x64_sys_keyctl+0x12a/0x3b0 [ 254.271805] should_fail.cold.4+0xa/0x1a [ 254.275877] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 254.280977] ? print_usage_bug+0xc0/0xc0 [ 254.285032] ? graph_lock+0x170/0x170 [ 254.288826] ? find_held_lock+0x36/0x1c0 [ 254.292888] ? check_same_owner+0x320/0x320 [ 254.297197] ? rcu_note_context_switch+0x710/0x710 [ 254.302115] __should_failslab+0x124/0x180 [ 254.306339] should_failslab+0x9/0x14 [ 254.310122] __kmalloc+0x2c8/0x760 [ 254.313649] ? dh_crypto_done+0x90/0x90 [ 254.317607] ? __keyctl_dh_compute+0x501/0x1bc0 [ 254.322281] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 254.327283] ? __keyctl_dh_compute+0x6cc/0x1bc0 [ 254.331940] __keyctl_dh_compute+0x6cc/0x1bc0 [ 254.336424] ? graph_lock+0x170/0x170 [ 254.340214] ? copy_overflow+0x30/0x30 [ 254.344085] ? proc_cwd_link+0x1d0/0x1d0 [ 254.348133] ? find_held_lock+0x36/0x1c0 [ 254.352190] ? lock_downgrade+0x8e0/0x8e0 [ 254.356325] ? check_same_owner+0x320/0x320 [ 254.360628] ? __lock_is_held+0xb5/0x140 [ 254.364681] ? __might_sleep+0x95/0x190 [ 254.368646] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 254.374172] ? _copy_from_user+0xdf/0x150 [ 254.378309] keyctl_dh_compute+0xb9/0x100 [ 254.382441] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 254.387190] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 254.392022] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 254.397200] __x64_sys_keyctl+0x12a/0x3b0 [ 254.401332] do_syscall_64+0x1b1/0x800 [ 254.405200] ? finish_task_switch+0x1ca/0x840 [ 254.409683] ? syscall_return_slowpath+0x5c0/0x5c0 [ 254.414599] ? syscall_return_slowpath+0x30f/0x5c0 [ 254.419516] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 254.424875] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 254.429706] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.434877] RIP: 0033:0x4559f9 [ 254.438044] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:01:11 executing program 5 (fault-call:5 fault-nth:29): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:11 executing program 7: socket$inet6(0xa, 0x1, 0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) fallocate(r0, 0x20, 0x0, 0xfffffeff000) [ 254.457271] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 254.464963] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 254.472216] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 254.479466] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 254.486720] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 254.493972] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000006 10:01:11 executing program 6 (fault-call:7 fault-nth:7): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 254.837251] FAULT_INJECTION: forcing a failure. [ 254.837251] name failslab, interval 1, probability 0, space 0, times 0 [ 254.848518] CPU: 1 PID: 15432 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 254.855451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.864808] Call Trace: [ 254.867409] dump_stack+0x1b9/0x294 [ 254.871051] ? dump_stack_print_info.cold.2+0x52/0x52 [ 254.876251] ? __save_stack_trace+0x7e/0xd0 [ 254.880588] should_fail.cold.4+0xa/0x1a [ 254.884668] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 254.889780] ? kasan_kmalloc+0xc4/0xe0 [ 254.893677] ? kasan_slab_alloc+0x12/0x20 [ 254.897834] ? kmem_cache_alloc+0x12e/0x760 [ 254.902170] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 254.907023] ? kvm_mmu_load+0x21/0x10e0 [ 254.911010] ? vcpu_enter_guest+0x3a83/0x6060 [ 254.915512] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 254.920537] ? graph_lock+0x170/0x170 [ 254.920900] FAULT_INJECTION: forcing a failure. [ 254.920900] name failslab, interval 1, probability 0, space 0, times 0 [ 254.924340] ? do_syscall_64+0x1b1/0x800 [ 254.924359] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.924383] ? find_held_lock+0x36/0x1c0 [ 254.924405] ? __lock_is_held+0xb5/0x140 [ 254.924433] ? check_same_owner+0x320/0x320 [ 254.924453] ? rcu_note_context_switch+0x710/0x710 [ 254.924475] __should_failslab+0x124/0x180 [ 254.924498] should_failslab+0x9/0x14 [ 254.970326] kmem_cache_alloc+0x2af/0x760 [ 254.974469] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 254.980000] ? kvm_pfn_to_page+0x7a/0xa0 [ 254.984061] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 254.988896] mmu_topup_memory_caches+0xf7/0x3a0 [ 254.993555] ? kvm_apic_has_interrupt+0xe1/0x210 [ 254.998308] kvm_mmu_load+0x21/0x10e0 [ 255.002101] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 255.007639] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 255.013173] vcpu_enter_guest+0x3a83/0x6060 [ 255.017488] ? print_usage_bug+0xc0/0xc0 [ 255.021544] ? kvm_set_msr_common+0x2680/0x2680 [ 255.026205] ? vmx_vcpu_load+0xada/0xfe0 [ 255.030260] ? __lock_acquire+0x7f5/0x5140 [ 255.034486] ? vmx_vcpu_reset+0x1030/0x1030 [ 255.038798] ? graph_lock+0x170/0x170 [ 255.042591] ? graph_lock+0x170/0x170 [ 255.046394] ? __lock_acquire+0x7f5/0x5140 [ 255.050625] ? debug_check_no_locks_freed+0x310/0x310 [ 255.055817] ? __lock_is_held+0xb5/0x140 [ 255.059873] ? lock_acquire+0x1dc/0x520 [ 255.063839] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 255.068852] ? lock_release+0xa10/0xa10 [ 255.072819] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 255.078089] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 255.082576] ? preempt_notifier_dec+0x20/0x20 [ 255.087077] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 255.091910] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 255.096928] kvm_vcpu_ioctl+0x79d/0x12e0 [ 255.100983] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 255.106686] ? graph_lock+0x170/0x170 [ 255.110480] ? find_held_lock+0x36/0x1c0 [ 255.114541] ? lock_downgrade+0x8e0/0x8e0 [ 255.118688] ? kasan_check_read+0x11/0x20 [ 255.122829] ? rcu_is_watching+0x85/0x140 [ 255.126974] ? rcu_report_qs_rnp+0x790/0x790 [ 255.131384] ? __fget+0x40c/0x650 [ 255.134831] ? match_held_lock+0x871/0x8b0 [ 255.139057] ? expand_files.part.8+0x9a0/0x9a0 [ 255.143633] ? kasan_check_write+0x14/0x20 [ 255.147860] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 255.152789] ? wait_for_completion+0x870/0x870 [ 255.157396] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 255.162578] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 255.168287] do_vfs_ioctl+0x1cf/0x16f0 [ 255.172172] ? ioctl_preallocate+0x2e0/0x2e0 [ 255.176573] ? fget_raw+0x20/0x20 [ 255.180027] ? __sb_end_write+0xac/0xe0 [ 255.183997] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 255.189527] ? fput+0x130/0x1a0 [ 255.192800] ? ksys_write+0x1a6/0x250 [ 255.196602] ? security_file_ioctl+0x94/0xc0 [ 255.201009] ksys_ioctl+0xa9/0xd0 [ 255.204457] __x64_sys_ioctl+0x73/0xb0 [ 255.208340] do_syscall_64+0x1b1/0x800 [ 255.212218] ? finish_task_switch+0x1ca/0x840 [ 255.216717] ? syscall_return_slowpath+0x5c0/0x5c0 [ 255.221639] ? syscall_return_slowpath+0x30f/0x5c0 [ 255.226563] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 255.231926] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 255.236768] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 255.241946] RIP: 0033:0x4559f9 [ 255.245123] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 255.264433] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 255.272134] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 255.279396] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 255.286688] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 255.293944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 255.301206] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000001d [ 255.308484] CPU: 0 PID: 15438 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 255.315417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.324770] Call Trace: [ 255.327367] dump_stack+0x1b9/0x294 [ 255.331002] ? dump_stack_print_info.cold.2+0x52/0x52 [ 255.336189] ? rcu_report_qs_rnp+0x790/0x790 [ 255.340587] should_fail.cold.4+0xa/0x1a [ 255.344633] ? graph_lock+0x170/0x170 [ 255.348420] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 255.353512] ? lock_acquire+0x1dc/0x520 [ 255.357468] ? crypto_alg_lookup+0x43/0x1d0 [ 255.361775] ? find_held_lock+0x36/0x1c0 [ 255.365824] ? find_held_lock+0x36/0x1c0 [ 255.369880] ? check_same_owner+0x320/0x320 [ 255.374184] ? __crypto_alg_lookup+0x31b/0x390 [ 255.378754] ? rcu_note_context_switch+0x710/0x710 [ 255.383672] __should_failslab+0x124/0x180 [ 255.387891] should_failslab+0x9/0x14 [ 255.391676] __kmalloc+0x2c8/0x760 [ 255.395198] ? crypto_larval_alloc+0x1d0/0x1d0 [ 255.399765] ? rcu_is_watching+0x85/0x140 [ 255.403897] ? rcu_pm_notify+0xc0/0xc0 [ 255.407767] ? crypto_create_tfm+0x87/0x310 [ 255.412078] crypto_create_tfm+0x87/0x310 [ 255.416213] crypto_alloc_tfm+0x1b5/0x2d0 [ 255.420347] ? __keyctl_dh_compute+0x501/0x1bc0 [ 255.425004] crypto_alloc_kpp+0x2c/0x40 [ 255.428968] __keyctl_dh_compute+0x932/0x1bc0 [ 255.433453] ? __schedule+0x809/0x1e30 [ 255.437331] ? copy_overflow+0x30/0x30 [ 255.441205] ? proc_cwd_link+0x1d0/0x1d0 [ 255.445254] ? find_held_lock+0x36/0x1c0 [ 255.449306] ? lock_downgrade+0x8e0/0x8e0 [ 255.453439] ? check_same_owner+0x320/0x320 [ 255.457749] ? schedule+0xef/0x430 [ 255.461275] ? __might_sleep+0x95/0x190 [ 255.465237] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 255.470762] ? _copy_from_user+0xdf/0x150 [ 255.474929] keyctl_dh_compute+0xb9/0x100 [ 255.479065] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 255.483811] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 255.488636] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 255.493813] __x64_sys_keyctl+0x12a/0x3b0 [ 255.497948] do_syscall_64+0x1b1/0x800 [ 255.501819] ? finish_task_switch+0x1ca/0x840 [ 255.506331] ? syscall_return_slowpath+0x5c0/0x5c0 [ 255.511273] ? syscall_return_slowpath+0x30f/0x5c0 [ 255.516191] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 255.521541] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 255.526369] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 255.531542] RIP: 0033:0x4559f9 [ 255.534710] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 255.553945] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 255.561637] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 255.568892] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 255.576146] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 255.583400] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 255.590653] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000007 10:01:12 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x40000, [0x40000073, 0x1]}) 10:01:12 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) rt_sigreturn() r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0xc0140, 0x0) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f00000000c0), &(0x7f0000000100)=0x4) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) pkey_mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x5, 0xffffffffffffffff) mlock2(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x1) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r4, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f0000000000)=@ethtool_cmd={0x12}}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:01:12 executing program 4: r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000040)=""/28, 0x84) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a}) getpgrp(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000340)={0x21, @time}) keyctl$reject(0x13, 0x0, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r0, 0x80045300, &(0x7f0000000080)) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f00000003c0)) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r0, 0x80045300, &(0x7f00000000c0)) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) 10:01:12 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x6000008912, &(0x7f0000000600)="d73bbb9677929c197b03e3f24c2ef6676bf21b0800f283ab0d8ce3c1d2237ff6259aeed5431a36bebe41dc7a2edc5beaf4769533351c20f04f7652e08a5baa338f4f33532b6d821042ca29fc841e64f9e4bd83ec1abaeeb68fd2136636cf8eeafd69aef0cb5c1de9a88d1a8bf7f71e764c1ca097f3b357d5275c9b6ec7d524f623f790dac0c8d61042a6016a5f27c32fc8b75cc7f666a14466507441a3568cd447a67ffd027aaf9b65f0c266622723041c3a023b648428dbe1c8633a1e34e6d1638a69c6266b7847f03344a652dfb4e4c0af4e8d81d5a7de76ad64c40516b0d2508bce3ddc011a17db51966905136ff57d9471d2085e85444716fca388e52a93ca8e98b5aba5bff39d476e335c6682773ea2cf427dc50e9b6ced5c2af9b1bce0c3918b31047eb7728510ce916eced21986fc000000000000000000") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:12 executing program 6 (fault-call:7 fault-nth:8): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:12 executing program 5 (fault-call:5 fault-nth:30): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:12 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:12 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000040)=0x7) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000000)=0x0) fcntl$setown(r0, 0x8, r2) fallocate(r1, 0x10000, 0x2, 0x4) fallocate(r0, 0x24, 0x80000, 0xfffffffffffffff8) [ 255.811231] FAULT_INJECTION: forcing a failure. [ 255.811231] name failslab, interval 1, probability 0, space 0, times 0 [ 255.822643] CPU: 0 PID: 15456 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 255.829486] FAULT_INJECTION: forcing a failure. [ 255.829486] name failslab, interval 1, probability 0, space 0, times 0 [ 255.829588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.850099] Call Trace: [ 255.852695] dump_stack+0x1b9/0x294 [ 255.856319] ? dump_stack_print_info.cold.2+0x52/0x52 [ 255.861503] ? __save_stack_trace+0x7e/0xd0 [ 255.865828] should_fail.cold.4+0xa/0x1a [ 255.869887] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 255.874982] ? kasan_kmalloc+0xc4/0xe0 [ 255.878859] ? kasan_slab_alloc+0x12/0x20 [ 255.883000] ? kmem_cache_alloc+0x12e/0x760 [ 255.887324] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 255.892158] ? kvm_mmu_load+0x21/0x10e0 [ 255.896125] ? vcpu_enter_guest+0x3a83/0x6060 [ 255.900608] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 255.905618] ? graph_lock+0x170/0x170 [ 255.909411] ? do_syscall_64+0x1b1/0x800 [ 255.913463] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 255.918822] ? find_held_lock+0x36/0x1c0 [ 255.922877] ? __lock_is_held+0xb5/0x140 [ 255.926944] ? check_same_owner+0x320/0x320 [ 255.931258] ? rcu_note_context_switch+0x710/0x710 [ 255.936184] __should_failslab+0x124/0x180 [ 255.940413] should_failslab+0x9/0x14 [ 255.944206] kmem_cache_alloc+0x2af/0x760 [ 255.948345] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 255.953874] ? kvm_pfn_to_page+0x7a/0xa0 [ 255.957931] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 255.962767] mmu_topup_memory_caches+0xf7/0x3a0 [ 255.967427] ? kvm_apic_has_interrupt+0xe1/0x210 [ 255.972176] kvm_mmu_load+0x21/0x10e0 [ 255.975969] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 255.981500] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 255.987037] vcpu_enter_guest+0x3a83/0x6060 [ 255.991357] ? print_usage_bug+0xc0/0xc0 [ 255.995416] ? kvm_set_msr_common+0x2680/0x2680 [ 256.000084] ? vmx_vcpu_load+0xada/0xfe0 [ 256.004140] ? __lock_acquire+0x7f5/0x5140 [ 256.008365] ? vmx_vcpu_reset+0x1030/0x1030 [ 256.012680] ? graph_lock+0x170/0x170 [ 256.016473] ? graph_lock+0x170/0x170 [ 256.020265] ? __lock_acquire+0x7f5/0x5140 [ 256.024495] ? debug_check_no_locks_freed+0x310/0x310 [ 256.029685] ? __lock_is_held+0xb5/0x140 [ 256.033745] ? lock_acquire+0x1dc/0x520 [ 256.037712] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 256.042764] ? lock_release+0xa10/0xa10 [ 256.046736] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 256.052010] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 256.056498] ? preempt_notifier_dec+0x20/0x20 [ 256.060992] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 256.065833] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 256.070849] kvm_vcpu_ioctl+0x79d/0x12e0 [ 256.074905] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 256.080609] ? graph_lock+0x170/0x170 [ 256.084404] ? find_held_lock+0x36/0x1c0 [ 256.088466] ? lock_downgrade+0x8e0/0x8e0 [ 256.092612] ? kasan_check_read+0x11/0x20 [ 256.096753] ? rcu_is_watching+0x85/0x140 [ 256.100892] ? rcu_report_qs_rnp+0x790/0x790 [ 256.105299] ? __fget+0x40c/0x650 [ 256.108747] ? match_held_lock+0x871/0x8b0 [ 256.112975] ? expand_files.part.8+0x9a0/0x9a0 [ 256.117899] ? kasan_check_write+0x14/0x20 [ 256.122127] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 256.127051] ? wait_for_completion+0x870/0x870 [ 256.131625] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 256.136808] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 256.142513] do_vfs_ioctl+0x1cf/0x16f0 [ 256.146397] ? ioctl_preallocate+0x2e0/0x2e0 [ 256.150799] ? fget_raw+0x20/0x20 [ 256.154248] ? __sb_end_write+0xac/0xe0 [ 256.158217] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 256.163744] ? fput+0x130/0x1a0 [ 256.167396] ? ksys_write+0x1a6/0x250 [ 256.171191] ? security_file_ioctl+0x94/0xc0 [ 256.175597] ksys_ioctl+0xa9/0xd0 [ 256.179049] __x64_sys_ioctl+0x73/0xb0 [ 256.182931] do_syscall_64+0x1b1/0x800 [ 256.186811] ? finish_task_switch+0x1ca/0x840 [ 256.191300] ? syscall_return_slowpath+0x5c0/0x5c0 [ 256.196223] ? syscall_return_slowpath+0x30f/0x5c0 [ 256.201150] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 256.206513] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 256.211351] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 256.216532] RIP: 0033:0x4559f9 [ 256.219708] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 256.239020] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 256.246719] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 256.253977] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 256.261239] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 256.268495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 256.275753] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000001e [ 256.283035] CPU: 1 PID: 15460 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 256.289967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.299319] Call Trace: [ 256.301902] dump_stack+0x1b9/0x294 [ 256.305517] ? dump_stack_print_info.cold.2+0x52/0x52 [ 256.310697] ? is_bpf_text_address+0xd7/0x170 [ 256.315181] should_fail.cold.4+0xa/0x1a [ 256.319228] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 256.324320] ? save_stack+0xa9/0xd0 [ 256.327936] ? find_held_lock+0x36/0x1c0 [ 256.331995] ? check_same_owner+0x320/0x320 [ 256.336308] ? rcu_note_context_switch+0x710/0x710 [ 256.341222] __should_failslab+0x124/0x180 [ 256.345441] should_failslab+0x9/0x14 [ 256.349223] kmem_cache_alloc_trace+0x2cb/0x780 [ 256.353884] mpi_alloc+0x4b/0x230 [ 256.357321] mpi_read_raw_data+0x22a/0x490 [ 256.361538] ? memset+0x31/0x40 [ 256.364803] dh_set_secret+0x154/0x380 [ 256.368674] ? dh_exit+0x20/0x20 [ 256.372040] __keyctl_dh_compute+0x9ce/0x1bc0 [ 256.376529] ? copy_overflow+0x30/0x30 [ 256.380399] ? proc_cwd_link+0x1d0/0x1d0 [ 256.384450] ? find_held_lock+0x36/0x1c0 [ 256.388505] ? lock_downgrade+0x8e0/0x8e0 [ 256.392644] ? check_same_owner+0x320/0x320 [ 256.396951] ? __lock_is_held+0xb5/0x140 [ 256.401001] ? __might_sleep+0x95/0x190 [ 256.404970] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 256.410495] ? _copy_from_user+0xdf/0x150 [ 256.414628] keyctl_dh_compute+0xb9/0x100 [ 256.418765] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 256.423511] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 256.428686] __x64_sys_keyctl+0x12a/0x3b0 [ 256.432824] do_syscall_64+0x1b1/0x800 [ 256.436694] ? finish_task_switch+0x1ca/0x840 [ 256.441175] ? syscall_return_slowpath+0x5c0/0x5c0 [ 256.446091] ? syscall_return_slowpath+0x30f/0x5c0 [ 256.451013] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 256.456370] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 256.461198] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 256.466370] RIP: 0033:0x4559f9 [ 256.469538] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 256.488808] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 256.496502] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 256.503788] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 10:01:13 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0xffffffffffffffff, 0x1, 0x1, 0x8, &(0x7f0000000040)=[0x0], 0x1}, 0x20) ioctl$KDGKBSENT(r3, 0x4b48, &(0x7f0000000300)={0x1, 0x5, 0x3}) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, r0) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000240)="35a61bb7b33204defc7996735c2704f63c616ecbc0428c2c25684aae5cf324b188cb9123764a057021f6e2d51dabc4addc16ee1c2f0e70ffb32a2e8d176a8d1e26f47fa0acd082b06c6572755e2a", 0x4e, r1) 10:01:13 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x20901) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000040)={0x7f, 0x0, 0x7, 0x8, 0xf7}, 0x14) ioctl(r1, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") ioctl$SG_IO(r0, 0x2284, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, @buffer={0xee, 0xee, &(0x7f00000002c0)=""/238}, &(0x7f0000000200), &(0x7f0000000440)=""/95, 0x0, 0x0, 0x0, &(0x7f00000004c0)}) [ 256.511047] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 256.518298] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 256.525557] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000008 10:01:13 executing program 5 (fault-call:5 fault-nth:31): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:13 executing program 6 (fault-call:7 fault-nth:9): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:13 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x75010000, [0x40000073, 0x1]}) 10:01:13 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7ff, 0x509040) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x8040ae9f, &(0x7f0000000040)) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x4) fallocate(r2, 0x21, 0x0, 0xfffffeff000) 10:01:13 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:13 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0xffffffffffffffff, 0x6, 0x1, 0x4, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}, 0x20) getsockopt$IP_VS_SO_GET_SERVICE(r1, 0x0, 0x483, &(0x7f0000000240), &(0x7f00000001c0)=0x68) r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000002c0)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000400)={r3}, &(0x7f0000000480)=0x8) r4 = socket$inet6(0xa, 0x1, 0x0) ioctl(r4, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r2) waitid(0x3, 0x0, &(0x7f0000000600), 0x20000004, 0x0) r6 = fcntl$getown(r1, 0x9) sched_setparam(r6, &(0x7f0000000540)=0x10001) r7 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r8 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r5) keyctl$dh_compute(0x17, &(0x7f0000000000)={r8, r8, r7}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 256.857978] FAULT_INJECTION: forcing a failure. [ 256.857978] name failslab, interval 1, probability 0, space 0, times 0 [ 256.869343] CPU: 0 PID: 15482 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 256.876277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.885633] Call Trace: [ 256.888214] dump_stack+0x1b9/0x294 [ 256.891832] ? dump_stack_print_info.cold.2+0x52/0x52 [ 256.897018] ? __save_stack_trace+0x7e/0xd0 [ 256.901335] should_fail.cold.4+0xa/0x1a [ 256.905385] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 256.910476] ? kasan_kmalloc+0xc4/0xe0 [ 256.914345] ? kasan_slab_alloc+0x12/0x20 [ 256.918475] ? kmem_cache_alloc+0x12e/0x760 [ 256.922783] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 256.927611] ? kvm_mmu_load+0x21/0x10e0 [ 256.931570] ? vcpu_enter_guest+0x3a83/0x6060 [ 256.936047] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 256.941052] ? graph_lock+0x170/0x170 [ 256.944838] ? do_syscall_64+0x1b1/0x800 [ 256.948886] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 256.954237] ? find_held_lock+0x36/0x1c0 [ 256.958287] ? __lock_is_held+0xb5/0x140 [ 256.962337] ? check_same_owner+0x320/0x320 [ 256.966649] ? rcu_note_context_switch+0x710/0x710 [ 256.971568] __should_failslab+0x124/0x180 [ 256.975789] should_failslab+0x9/0x14 [ 256.979574] kmem_cache_alloc+0x2af/0x760 [ 256.983714] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 256.988545] mmu_topup_memory_caches+0xf7/0x3a0 [ 256.993200] ? kvm_apic_has_interrupt+0xe1/0x210 [ 256.997947] kvm_mmu_load+0x21/0x10e0 [ 257.001733] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 257.007255] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 257.012781] vcpu_enter_guest+0x3a83/0x6060 [ 257.017088] ? crash_vmclear_local_loaded_vmcss+0x170/0x170 [ 257.022785] ? print_usage_bug+0xc0/0xc0 [ 257.026833] ? kvm_set_msr_common+0x2680/0x2680 [ 257.031497] ? vmx_vcpu_load+0xada/0xfe0 [ 257.035546] ? vmx_vcpu_reset+0x1030/0x1030 [ 257.039851] ? graph_lock+0x170/0x170 [ 257.043637] ? graph_lock+0x170/0x170 [ 257.047420] ? __lock_acquire+0x7f5/0x5140 [ 257.051646] ? debug_check_no_locks_freed+0x310/0x310 [ 257.056822] ? __lock_is_held+0xb5/0x140 [ 257.060870] ? lock_acquire+0x1dc/0x520 [ 257.064827] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 257.069831] ? lock_release+0xa10/0xa10 [ 257.073789] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 257.079052] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 257.083531] ? preempt_notifier_dec+0x20/0x20 [ 257.088024] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 257.092852] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 257.097858] kvm_vcpu_ioctl+0x79d/0x12e0 [ 257.101910] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 257.107605] ? graph_lock+0x170/0x170 [ 257.111393] ? find_held_lock+0x36/0x1c0 [ 257.115443] ? lock_downgrade+0x8e0/0x8e0 [ 257.119581] ? kasan_check_read+0x11/0x20 [ 257.123714] ? rcu_is_watching+0x85/0x140 [ 257.127848] ? rcu_report_qs_rnp+0x790/0x790 [ 257.132245] ? __fget+0x40c/0x650 [ 257.135685] ? match_held_lock+0x871/0x8b0 [ 257.139906] ? expand_files.part.8+0x9a0/0x9a0 [ 257.144490] ? kasan_check_write+0x14/0x20 [ 257.148710] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 257.153625] ? wait_for_completion+0x870/0x870 [ 257.158200] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 257.163375] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 257.169072] do_vfs_ioctl+0x1cf/0x16f0 [ 257.172950] ? ioctl_preallocate+0x2e0/0x2e0 [ 257.177343] ? fget_raw+0x20/0x20 [ 257.180783] ? __sb_end_write+0xac/0xe0 [ 257.184744] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 257.190261] ? fput+0x130/0x1a0 [ 257.193525] ? ksys_write+0x1a6/0x250 [ 257.197312] ? security_file_ioctl+0x94/0xc0 [ 257.201708] ksys_ioctl+0xa9/0xd0 [ 257.205147] __x64_sys_ioctl+0x73/0xb0 [ 257.209027] do_syscall_64+0x1b1/0x800 [ 257.212901] ? finish_task_switch+0x1ca/0x840 [ 257.217382] ? syscall_return_slowpath+0x5c0/0x5c0 [ 257.222298] ? syscall_return_slowpath+0x30f/0x5c0 [ 257.227212] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 257.232562] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 257.237395] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.242569] RIP: 0033:0x4559f9 10:01:13 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x400000890e, &(0x7f0000000100)="295ee1311f16f477671070") mkdir(&(0x7f00000000c0)='./file0\x00', 0x2000000) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) rename(&(0x7f00000001c0)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", &(0x7f0000000040)='./file0\x00') r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x400000, 0x0) bind$unix(r1, &(0x7f0000000340)=@abs={0x1, 0x0, 0x4e23}, 0x351) statfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=""/239) [ 257.245737] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 257.264985] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 257.272681] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 257.279935] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 257.287187] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 257.294442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 257.301696] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000001f [ 257.370104] FAULT_INJECTION: forcing a failure. [ 257.370104] name failslab, interval 1, probability 0, space 0, times 0 [ 257.381462] CPU: 1 PID: 15495 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 257.388401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.397758] Call Trace: [ 257.400361] dump_stack+0x1b9/0x294 [ 257.404012] ? dump_stack_print_info.cold.2+0x52/0x52 [ 257.409215] ? unwind_get_return_address+0x61/0xa0 [ 257.414162] should_fail.cold.4+0xa/0x1a [ 257.418237] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 257.423348] ? save_stack+0xa9/0xd0 [ 257.426989] ? save_stack+0x43/0xd0 [ 257.430621] ? kasan_kmalloc+0xc4/0xe0 [ 257.434520] ? mpi_alloc+0x4b/0x230 [ 257.438160] ? mpi_read_raw_data+0x22a/0x490 [ 257.442575] ? dh_set_secret+0x154/0x380 [ 257.446645] ? __keyctl_dh_compute+0x9ce/0x1bc0 [ 257.451327] ? keyctl_dh_compute+0xb9/0x100 [ 257.455658] ? __x64_sys_keyctl+0x12a/0x3b0 [ 257.459984] ? do_syscall_64+0x1b1/0x800 [ 257.464051] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.469429] ? find_held_lock+0x36/0x1c0 [ 257.473517] ? check_same_owner+0x320/0x320 [ 257.477855] ? kasan_check_read+0x11/0x20 [ 257.482015] ? rcu_note_context_switch+0x710/0x710 [ 257.486954] ? rcu_pm_notify+0xc0/0xc0 [ 257.490862] __should_failslab+0x124/0x180 [ 257.495109] should_failslab+0x9/0x14 [ 257.498916] __kmalloc+0x2c8/0x760 [ 257.502468] ? rcu_read_lock_sched_held+0x108/0x120 [ 257.507495] ? kmem_cache_alloc_trace+0x616/0x780 [ 257.512352] ? mpi_alloc_limb_space+0x31/0x50 [ 257.516868] mpi_alloc_limb_space+0x31/0x50 [ 257.521197] mpi_alloc+0x1a0/0x230 [ 257.524747] mpi_read_raw_data+0x22a/0x490 [ 257.528993] ? memset+0x31/0x40 [ 257.532284] dh_set_secret+0x154/0x380 [ 257.536178] ? dh_exit+0x20/0x20 [ 257.539565] __keyctl_dh_compute+0x9ce/0x1bc0 [ 257.544073] ? copy_overflow+0x30/0x30 [ 257.547947] ? proc_cwd_link+0x1d0/0x1d0 [ 257.551993] ? __schedule+0x809/0x1e30 [ 257.555872] ? find_held_lock+0x36/0x1c0 [ 257.559925] ? lock_downgrade+0x8e0/0x8e0 [ 257.564060] ? check_same_owner+0x320/0x320 [ 257.568370] ? __lock_is_held+0xb5/0x140 [ 257.572420] ? __might_sleep+0x95/0x190 [ 257.576384] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 257.581907] ? _copy_from_user+0xdf/0x150 [ 257.586042] keyctl_dh_compute+0xb9/0x100 [ 257.590179] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 257.594921] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 257.600097] __x64_sys_keyctl+0x12a/0x3b0 [ 257.604232] do_syscall_64+0x1b1/0x800 [ 257.608106] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 257.612934] ? syscall_return_slowpath+0x5c0/0x5c0 [ 257.617846] ? syscall_return_slowpath+0x30f/0x5c0 [ 257.622761] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 257.628110] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 257.632938] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.638108] RIP: 0033:0x4559f9 [ 257.641278] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 257.660536] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 257.668230] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 257.675481] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 257.682731] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 257.689983] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 257.697238] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000009 10:01:14 executing program 5 (fault-call:5 fault-nth:32): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:14 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0xfffffffffffffffd, 0x40000000010000, 0x2) fallocate(r1, 0x20, 0x0, 0xfffffeff000) sendto(r1, &(0x7f0000000000)="f134ab17ded0615889d21724da1a9b6d291e4e0a50f3241499cc46d446a1f4f1d6b7c0e4add71af0772b29f480b7d47311dca738cf69b96b3ebd8a1faf6cee33391d7eb776a4e83fe2852c02aa989559fdb0ed3564dca5970dccd8d492a734b96812f34973d0c5dfa1cbc1ba5719ca1c20c7bba61d936137c19d9659992a05a526f512b89ee2bc8f68a54d3b5a4c03cb0e095f3d25f0d16ea370474f9a6fd95ff491633651750795870cd6b8d13f38d6b406664553f74b9fa93caf9a58c1d7b1bb129de5682510660a62517ebc56f33395d043b6807d2ff8c4047263", 0xdc, 0x40, 0x0, 0x0) 10:01:14 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0xcf, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:14 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000040), 0x4) listen(r0, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x103) ioctl$PPPOEIOCSFWD(r1, 0x4008b100, &(0x7f0000000080)={0x18, 0x0, {0x4, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 'ip6gre0\x00'}}) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xa}}}}}}}, &(0x7f00000002c0)) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) 10:01:14 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") keyctl$instantiate_iov(0x14, r1, &(0x7f0000000180)=[{&(0x7f0000000040)="868c95c1f62dc49d6ef09147337b571e96464f7e3d3039bbfff309490ced3aaeaa46c4dfe79373045cd014d71a31f58415446bccbd456876", 0x38}, {&(0x7f0000000240)="3a99d1f9987203cd57e9cca95823b62f99b4e5fc158ddd1fc23615175b462f1b5914ae1d5f6bf48d5accaf80ab5c1235b69bf9c47d98af84953b4806b28e49415c81679de9d8ebd5073653d111f03ca989b48b55949171b970f5fb91b1a5fc2cfe09235a27b02be33ce702e0ac4886481c79c81004ee7fea4ba06776f4eb12a5be8bbdf24fde7c885da8ac9cc7d69b09a55f91037f49c6217d3be88c4ef3605431751ddf7d5da050373f73bcf8ce5bb9bc1d42fe5f449947531c4f00f474943658de72", 0xc3}], 0x2, r0) r3 = fcntl$getown(r2, 0x9) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000400)=0x0) setpgid(r3, r4) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r6 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) socketpair$inet6(0xa, 0x0, 0xfffffffffffff959, &(0x7f00000001c0)) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r5) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r6}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:14 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='vcan0\x00', 0x10) r2 = memfd_create(&(0x7f0000000100)="237d00d3fc1efab01c24044677a4020000001fbaa0a455c946301fb3b37eac0d503abe4d", 0x0) ftruncate(r2, 0x40000) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f00000000c0)={0x0}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000180)={r3, 0x1}, &(0x7f00000001c0)=0x8) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000040)={0x7000, 0x2000}) sendfile(r1, r2, &(0x7f0000000580), 0x7ff6) 10:01:14 executing program 6 (fault-call:7 fault-nth:10): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:14 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x2a1001c0, [0x40000073, 0x1]}) [ 257.843584] FAULT_INJECTION: forcing a failure. [ 257.843584] name failslab, interval 1, probability 0, space 0, times 0 [ 257.854924] CPU: 0 PID: 15511 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 257.861852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.871187] Call Trace: [ 257.873763] dump_stack+0x1b9/0x294 [ 257.877385] ? dump_stack_print_info.cold.2+0x52/0x52 [ 257.882569] ? __save_stack_trace+0x7e/0xd0 [ 257.886881] should_fail.cold.4+0xa/0x1a [ 257.890928] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 257.896022] ? kasan_kmalloc+0xc4/0xe0 [ 257.899916] ? kasan_slab_alloc+0x12/0x20 [ 257.904058] ? kmem_cache_alloc+0x12e/0x760 [ 257.908364] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 257.913185] ? kvm_mmu_load+0x21/0x10e0 [ 257.917145] ? vcpu_enter_guest+0x3a83/0x6060 [ 257.921621] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 257.926621] ? graph_lock+0x170/0x170 [ 257.930405] ? do_syscall_64+0x1b1/0x800 [ 257.934461] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.939825] ? find_held_lock+0x36/0x1c0 [ 257.943876] ? __lock_is_held+0xb5/0x140 [ 257.947927] ? check_same_owner+0x320/0x320 [ 257.952261] ? rcu_note_context_switch+0x710/0x710 [ 257.957729] __should_failslab+0x124/0x180 [ 257.962054] should_failslab+0x9/0x14 [ 257.965844] kmem_cache_alloc+0x2af/0x760 [ 257.969979] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 257.975505] ? kvm_pfn_to_page+0x7a/0xa0 [ 257.979551] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 257.984378] mmu_topup_memory_caches+0xf7/0x3a0 [ 257.989043] ? kvm_apic_has_interrupt+0xe1/0x210 [ 257.993789] kvm_mmu_load+0x21/0x10e0 [ 257.997589] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 258.003122] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 258.008645] vcpu_enter_guest+0x3a83/0x6060 [ 258.012953] ? print_usage_bug+0xc0/0xc0 [ 258.016999] ? kvm_set_msr_common+0x2680/0x2680 [ 258.021655] ? vmx_vcpu_load+0xada/0xfe0 [ 258.025698] ? __lock_acquire+0x7f5/0x5140 [ 258.029925] ? vmx_vcpu_reset+0x1030/0x1030 [ 258.034236] ? graph_lock+0x170/0x170 [ 258.038028] ? graph_lock+0x170/0x170 [ 258.041815] ? __lock_acquire+0x7f5/0x5140 [ 258.046048] ? debug_check_no_locks_freed+0x310/0x310 [ 258.051226] ? __lock_is_held+0xb5/0x140 [ 258.055269] ? lock_acquire+0x1dc/0x520 [ 258.059226] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 258.064225] ? lock_release+0xa10/0xa10 [ 258.068180] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 258.073437] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 258.077910] ? preempt_notifier_dec+0x20/0x20 [ 258.082390] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 258.087211] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 258.092227] kvm_vcpu_ioctl+0x79d/0x12e0 [ 258.096277] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 258.101973] ? graph_lock+0x170/0x170 [ 258.105764] ? find_held_lock+0x36/0x1c0 [ 258.109816] ? lock_downgrade+0x8e0/0x8e0 [ 258.113956] ? kasan_check_read+0x11/0x20 [ 258.118348] ? rcu_is_watching+0x85/0x140 [ 258.122488] ? rcu_report_qs_rnp+0x790/0x790 [ 258.126884] ? __fget+0x40c/0x650 [ 258.130328] ? match_held_lock+0x871/0x8b0 [ 258.134548] ? expand_files.part.8+0x9a0/0x9a0 [ 258.139111] ? kasan_check_write+0x14/0x20 [ 258.143333] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 258.148244] ? wait_for_completion+0x870/0x870 [ 258.152822] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 258.158000] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 258.163710] do_vfs_ioctl+0x1cf/0x16f0 [ 258.167831] ? ioctl_preallocate+0x2e0/0x2e0 [ 258.172231] ? fget_raw+0x20/0x20 [ 258.175673] ? __sb_end_write+0xac/0xe0 [ 258.179629] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 258.185148] ? fput+0x130/0x1a0 [ 258.188409] ? ksys_write+0x1a6/0x250 [ 258.192194] ? security_file_ioctl+0x94/0xc0 [ 258.196588] ksys_ioctl+0xa9/0xd0 [ 258.200036] __x64_sys_ioctl+0x73/0xb0 [ 258.203918] do_syscall_64+0x1b1/0x800 [ 258.207796] ? finish_task_switch+0x1ca/0x840 [ 258.212287] ? syscall_return_slowpath+0x5c0/0x5c0 [ 258.217201] ? syscall_return_slowpath+0x30f/0x5c0 [ 258.222126] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 258.227495] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 258.232335] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 258.237511] RIP: 0033:0x4559f9 [ 258.240699] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 258.259965] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 258.267657] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 258.274914] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 258.282178] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 10:01:15 executing program 5 (fault-call:5 fault-nth:33): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:15 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) fallocate(r1, 0x24, 0x1, 0x1) [ 258.289430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 258.296680] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000020 [ 258.324320] TCP: request_sock_TCPv6: Possible SYN flooding on port 20000. Sending cookies. Check SNMP counters. 10:01:15 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000080)=@in={0x2, 0xc67a}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000280)}}, {{&(0x7f0000001c00)=@in={0x2, 0x4e23, @broadcast=0xffffffff}, 0x80, &(0x7f0000000280), 0x0, &(0x7f00000002c0)=[{0x14}], 0x10}}], 0x2, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xfffffffffffffff7, 0x288000) ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x19) 10:01:15 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x3b, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:15 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:15 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") pipe(&(0x7f0000000080)={0xffffffffffffffff}) sendto$llc(r1, &(0x7f00000000c0)="e07929b309a27e29a0d22b428c080f375ea7a007e921c050", 0x18, 0x80, 0x0, 0x0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x8044000000201, 0x0) writev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)="0bf5430f0803b9", 0x7}], 0x1) [ 258.589360] FAULT_INJECTION: forcing a failure. [ 258.589360] name failslab, interval 1, probability 0, space 0, times 0 [ 258.593664] FAULT_INJECTION: forcing a failure. [ 258.593664] name failslab, interval 1, probability 0, space 0, times 0 [ 258.600703] CPU: 1 PID: 15532 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 258.618745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.628090] Call Trace: [ 258.630679] dump_stack+0x1b9/0x294 [ 258.634308] ? dump_stack_print_info.cold.2+0x52/0x52 [ 258.639502] should_fail.cold.4+0xa/0x1a [ 258.643562] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 258.648658] ? mpi_alloc_limb_space+0x31/0x50 [ 258.653151] ? mpi_alloc+0x1a0/0x230 [ 258.656861] ? mpi_read_raw_data+0x22a/0x490 [ 258.661267] ? dh_set_secret+0x154/0x380 [ 258.665321] ? __keyctl_dh_compute+0x9ce/0x1bc0 [ 258.669986] ? keyctl_dh_compute+0xb9/0x100 [ 258.674303] ? __x64_sys_keyctl+0x12a/0x3b0 [ 258.678620] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 258.683981] ? do_syscall_64+0x1b1/0x800 [ 258.688035] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 258.693398] ? find_held_lock+0x36/0x1c0 [ 258.697471] ? check_same_owner+0x320/0x320 [ 258.701789] ? rcu_note_context_switch+0x710/0x710 [ 258.706718] __should_failslab+0x124/0x180 [ 258.710949] should_failslab+0x9/0x14 [ 258.714743] kmem_cache_alloc_trace+0x2cb/0x780 [ 258.719407] ? mpi_alloc_limb_space+0x31/0x50 [ 258.723903] mpi_alloc+0x4b/0x230 [ 258.727351] mpi_read_raw_data+0xe2/0x490 [ 258.731503] dh_set_secret+0x1d4/0x380 [ 258.735383] ? dh_exit+0x20/0x20 [ 258.738752] __keyctl_dh_compute+0x9ce/0x1bc0 [ 258.743260] ? copy_overflow+0x30/0x30 [ 258.747142] ? proc_cwd_link+0x1d0/0x1d0 [ 258.751205] ? find_held_lock+0x36/0x1c0 [ 258.755272] ? lock_downgrade+0x8e0/0x8e0 [ 258.759421] ? check_same_owner+0x320/0x320 [ 258.763735] ? __lock_is_held+0xb5/0x140 [ 258.767798] ? __might_sleep+0x95/0x190 [ 258.771771] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 258.777299] ? _copy_from_user+0xdf/0x150 [ 258.781445] keyctl_dh_compute+0xb9/0x100 [ 258.785588] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 258.790342] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 258.795182] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 258.800366] __x64_sys_keyctl+0x12a/0x3b0 [ 258.804515] do_syscall_64+0x1b1/0x800 [ 258.808429] ? syscall_return_slowpath+0x5c0/0x5c0 [ 258.813353] ? syscall_return_slowpath+0x30f/0x5c0 [ 258.818282] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 258.823642] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 258.828481] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 258.833658] RIP: 0033:0x4559f9 [ 258.836835] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 258.856154] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 258.863856] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 258.871115] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 258.878376] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 258.885637] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 258.892895] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 000000000000000a [ 258.900172] CPU: 0 PID: 15535 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 258.907100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.916454] Call Trace: [ 258.919050] dump_stack+0x1b9/0x294 [ 258.922684] ? dump_stack_print_info.cold.2+0x52/0x52 [ 258.927880] ? __save_stack_trace+0x7e/0xd0 [ 258.932215] should_fail.cold.4+0xa/0x1a [ 258.936288] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 258.941394] ? kasan_kmalloc+0xc4/0xe0 [ 258.945283] ? kasan_slab_alloc+0x12/0x20 [ 258.949424] ? kmem_cache_alloc+0x12e/0x760 [ 258.953738] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 258.958564] ? kvm_mmu_load+0x21/0x10e0 [ 258.962521] ? vcpu_enter_guest+0x3a83/0x6060 [ 258.966997] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 258.972002] ? graph_lock+0x170/0x170 [ 258.975789] ? do_syscall_64+0x1b1/0x800 [ 258.979833] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 258.985185] ? find_held_lock+0x36/0x1c0 [ 258.989247] ? __lock_is_held+0xb5/0x140 [ 258.993297] ? check_same_owner+0x320/0x320 [ 258.997605] ? rcu_note_context_switch+0x710/0x710 [ 259.002521] __should_failslab+0x124/0x180 [ 259.006746] should_failslab+0x9/0x14 [ 259.010529] kmem_cache_alloc+0x2af/0x760 [ 259.014663] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 259.019491] mmu_topup_memory_caches+0xf7/0x3a0 [ 259.024156] ? kvm_apic_has_interrupt+0xe1/0x210 [ 259.028899] kvm_mmu_load+0x21/0x10e0 [ 259.032687] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 259.038208] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 259.043737] vcpu_enter_guest+0x3a83/0x6060 [ 259.048045] ? print_usage_bug+0xc0/0xc0 [ 259.052094] ? kvm_set_msr_common+0x2680/0x2680 [ 259.056748] ? vmx_vcpu_load+0xada/0xfe0 [ 259.060804] ? __lock_acquire+0x7f5/0x5140 [ 259.065027] ? vmx_vcpu_reset+0x1030/0x1030 [ 259.069331] ? graph_lock+0x170/0x170 [ 259.073119] ? graph_lock+0x170/0x170 [ 259.076903] ? __lock_acquire+0x7f5/0x5140 [ 259.081136] ? debug_check_no_locks_freed+0x310/0x310 [ 259.086313] ? __lock_is_held+0xb5/0x140 [ 259.090363] ? lock_acquire+0x1dc/0x520 [ 259.094330] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 259.099332] ? lock_release+0xa10/0xa10 [ 259.103290] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 259.108551] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 259.113034] ? preempt_notifier_dec+0x20/0x20 [ 259.117519] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 259.122344] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 259.127350] kvm_vcpu_ioctl+0x79d/0x12e0 [ 259.131401] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 259.137094] ? graph_lock+0x170/0x170 [ 259.140878] ? find_held_lock+0x36/0x1c0 [ 259.144929] ? lock_downgrade+0x8e0/0x8e0 [ 259.149064] ? kasan_check_read+0x11/0x20 [ 259.153196] ? rcu_is_watching+0x85/0x140 [ 259.157332] ? rcu_report_qs_rnp+0x790/0x790 [ 259.161732] ? __fget+0x40c/0x650 [ 259.165174] ? match_held_lock+0x871/0x8b0 [ 259.169396] ? expand_files.part.8+0x9a0/0x9a0 [ 259.173962] ? kasan_check_write+0x14/0x20 [ 259.178181] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 259.183099] ? wait_for_completion+0x870/0x870 [ 259.187665] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 259.192842] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 259.198541] do_vfs_ioctl+0x1cf/0x16f0 [ 259.202430] ? ioctl_preallocate+0x2e0/0x2e0 [ 259.206821] ? fget_raw+0x20/0x20 [ 259.210258] ? __sb_end_write+0xac/0xe0 [ 259.214218] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 259.219746] ? fput+0x130/0x1a0 [ 259.223025] ? ksys_write+0x1a6/0x250 [ 259.226814] ? security_file_ioctl+0x94/0xc0 [ 259.231211] ksys_ioctl+0xa9/0xd0 [ 259.234650] __x64_sys_ioctl+0x73/0xb0 [ 259.238523] do_syscall_64+0x1b1/0x800 [ 259.242397] ? finish_task_switch+0x1ca/0x840 [ 259.246878] ? syscall_return_slowpath+0x5c0/0x5c0 [ 259.251792] ? syscall_return_slowpath+0x30f/0x5c0 [ 259.256710] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 259.262071] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 259.266903] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 259.272078] RIP: 0033:0x4559f9 10:01:16 executing program 6 (fault-call:7 fault-nth:11): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:16 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x5000000, [0x40000073, 0x1]}) [ 259.275248] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 259.294474] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 259.302165] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 259.309416] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 259.316668] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 259.323920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 259.331172] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000021 [ 259.645665] FAULT_INJECTION: forcing a failure. [ 259.645665] name failslab, interval 1, probability 0, space 0, times 0 [ 259.656982] CPU: 1 PID: 15561 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 259.663919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.673277] Call Trace: [ 259.675880] dump_stack+0x1b9/0x294 [ 259.679525] ? dump_stack_print_info.cold.2+0x52/0x52 [ 259.684733] should_fail.cold.4+0xa/0x1a [ 259.688810] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 259.693919] ? save_stack+0x43/0xd0 [ 259.697554] ? kasan_kmalloc+0xc4/0xe0 [ 259.701448] ? kmem_cache_alloc_trace+0x152/0x780 [ 259.706292] ? mpi_alloc+0x4b/0x230 [ 259.709917] ? mpi_read_raw_data+0xe2/0x490 [ 259.714223] ? dh_set_secret+0x1d4/0x380 [ 259.718271] ? keyctl_dh_compute+0xb9/0x100 [ 259.722577] ? __x64_sys_keyctl+0x12a/0x3b0 [ 259.726884] ? do_syscall_64+0x1b1/0x800 [ 259.730930] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 259.736305] ? find_held_lock+0x36/0x1c0 [ 259.740394] ? check_same_owner+0x320/0x320 [ 259.744704] ? rcu_note_context_switch+0x710/0x710 [ 259.749624] __should_failslab+0x124/0x180 [ 259.753847] should_failslab+0x9/0x14 [ 259.757630] kmem_cache_alloc_trace+0x2cb/0x780 [ 259.762286] ? mpi_alloc_limb_space+0x31/0x50 [ 259.766768] mpi_alloc+0x4b/0x230 [ 259.770209] mpi_read_raw_data+0xe2/0x490 [ 259.774349] dh_set_secret+0x254/0x380 [ 259.778223] ? dh_exit+0x20/0x20 [ 259.781584] __keyctl_dh_compute+0x9ce/0x1bc0 [ 259.786071] ? copy_overflow+0x30/0x30 [ 259.789943] ? proc_cwd_link+0x1d0/0x1d0 [ 259.793992] ? find_held_lock+0x36/0x1c0 [ 259.798052] ? lock_downgrade+0x8e0/0x8e0 [ 259.802188] ? check_same_owner+0x320/0x320 [ 259.806495] ? __lock_is_held+0xb5/0x140 [ 259.810547] ? __might_sleep+0x95/0x190 [ 259.814510] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 259.820034] ? _copy_from_user+0xdf/0x150 [ 259.824173] keyctl_dh_compute+0xb9/0x100 [ 259.828305] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 259.833055] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 259.838259] __x64_sys_keyctl+0x12a/0x3b0 [ 259.842394] do_syscall_64+0x1b1/0x800 [ 259.846268] ? finish_task_switch+0x1ca/0x840 [ 259.850751] ? syscall_return_slowpath+0x5c0/0x5c0 [ 259.855669] ? syscall_return_slowpath+0x30f/0x5c0 [ 259.860586] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 259.865939] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 259.870774] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 259.875947] RIP: 0033:0x4559f9 10:01:16 executing program 5 (fault-call:5 fault-nth:34): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:16 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x100000001, 0x40000) getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, &(0x7f0000000140)={'filter\x00', 0x64, "0bde204544f6cfd4734f4cefc4d3e2727a7f089b0dd4cf49d4b6c7b0d1bb5ae50b386c65c4abbb5e192f731477b92011382a45e7a18146edcf0b9a94351de70444d97bca800c0460fd39b124631ad199ff79e88465708c537f358b473e4c6bfffa313735"}, &(0x7f00000000c0)=0x88) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = socket(0xa, 0x2, 0x0) getsockopt$inet_int(r2, 0x0, 0x12, &(0x7f0000000040), &(0x7f0000000080)=0x4) 10:01:16 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) munlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:16 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1b8, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:16 executing program 7: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x0, 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000140)={0x5, &(0x7f00000000c0)=[{0x6274, 0x4, 0x1000, 0x7}, {0xffffffff, 0xffffffffffff8001, 0x3, 0x4}, {0x200, 0x7fff, 0x6, 0xb507}, {0x6, 0xfb, 0x7, 0x7ff}, {0x1, 0xffffffffffffffff, 0x9, 0x800}]}, 0x10) r1 = socket$inet6(0xa, 0x5, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = open(&(0x7f0000002000)='./bus\x00', 0x100, 0x0) accept$inet(r2, &(0x7f0000000000)={0x0, 0x0, @multicast2}, &(0x7f0000000040)=0x10) fallocate(r2, 0x0, 0x0, 0x4) fallocate(r2, 0x20, 0x0, 0xfffffeff000) 10:01:16 executing program 4: r0 = socket$inet6(0xa, 0x1000000000001, 0x0) ioctl(r0, 0x8912, &(0x7f0000000200)="0047fc2f07d82c99240970") r1 = syz_open_dev$binder(&(0x7f0000872936)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f00000002c0)=[@enter_looper={0x630c}, @reply_sg={0x40486312, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), &(0x7f0000000280)}}}], 0x1, 0x0, &(0x7f0000000340)="c6"}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x10, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}, @acquire={0x400c630e}], 0x0, 0x0, &(0x7f00000001c0)}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000008fd0)={0x8, 0x0, &(0x7f00000000c0)=[@release={0x400c630f}], 0x0, 0x0, &(0x7f0000000f4d)}) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0xfc53, 0x80) mkdirat$cgroup(r2, &(0x7f0000000080)='syz0\x00', 0x1ff) 10:01:16 executing program 6 (fault-call:7 fault-nth:12): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:16 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xc1000000, [0x40000073, 0x1]}) [ 259.879116] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 259.898348] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 259.906042] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 259.913293] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 259.920546] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 259.927800] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 259.935053] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 000000000000000b 10:01:16 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x3, 0x100) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f00000001c0)={0x0, 0x80000000, 0x7, 0x2}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000280)={r4, @in={{0x2, 0x4e23}}, 0x400000000000000, 0x9}, &(0x7f0000000400)=0x90) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000040)) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, r1) r6 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000040), 0x0, r5) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r6}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 260.027593] binder: 15571:15577 got reply transaction with no transaction stack [ 260.035228] binder: 15571:15577 transaction failed 29201/-71, size 0-0 line 2759 [ 260.051755] FAULT_INJECTION: forcing a failure. [ 260.051755] name failslab, interval 1, probability 0, space 0, times 0 [ 260.063247] CPU: 0 PID: 15574 Comm: syz-executor5 Not tainted 4.17.0+ #93 10:01:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0xfffffffffffffffd, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000000240)={0x0, 0x800, 0x6, 0x400}) io_setup(0x3, &(0x7f0000000080)=0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x0, 0x0) io_cancel(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2, 0x7, r0, &(0x7f0000000100)="7d8c22ba062af9e209c65b6a5bd392a981f70400022ef34790", 0x19, 0x7, 0x0, 0x0, r4}, &(0x7f0000000200)) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x0, 0x0) ioctl$KDSETLED(r4, 0x4b32, 0xc2a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000013000/0x18000)=nil, &(0x7f0000000340)=[@textreal={0x8, &(0x7f00000002c0)="f30f1181000065260fc75bfe66b9400a000066b80a00000066ba000000000f30b8b4088ed03e660f38217faf0f20c06635000001000f22c00f31b8750c8ee80f01cb0f01d1", 0x45}], 0x1, 0x0, &(0x7f0000000100), 0x10000000000001ae) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10:01:16 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x16, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:16 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") signalfd(0xffffffffffffffff, &(0x7f0000421000), 0x8) [ 260.070185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.079544] Call Trace: [ 260.082141] dump_stack+0x1b9/0x294 [ 260.085780] ? dump_stack_print_info.cold.2+0x52/0x52 [ 260.090617] binder: undelivered death notification, 0000000000000000 [ 260.090976] ? __save_stack_trace+0x7e/0xd0 [ 260.101773] should_fail.cold.4+0xa/0x1a [ 260.105837] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 260.106819] binder: BINDER_SET_CONTEXT_MGR already set [ 260.110935] ? kasan_kmalloc+0xc4/0xe0 [ 260.110951] ? kasan_slab_alloc+0x12/0x20 10:01:16 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047"}], 0x0, 0x0, &(0x7f0000000080), 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000080)={0x0, 0x8}, &(0x7f0000000240)=0x8) rt_sigsuspend(&(0x7f0000000340)={0x2}, 0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000280)={r4, 0xe9, 0x1efc, 0x2, 0x0, 0x4}, &(0x7f0000000300)=0x14) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000001e00fb034d564b0000000001"]) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="20000000000000000009a5df009f6a4ac9c3d0741b0000f5ffffff0b04000013fbb220a5347629cb708336790d096d29a0dac8b5eddacc0bbe8712881c9fd4668096"], 0x1}, 0x1}, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4400ae8f, &(0x7f00000001c0)) [ 260.110966] ? kmem_cache_alloc+0x12e/0x760 [ 260.110983] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 260.110999] ? kvm_mmu_load+0x21/0x10e0 [ 260.111020] ? vcpu_enter_guest+0x3a83/0x6060 [ 260.116430] binder: 15571:15585 got reply transaction with no transaction stack [ 260.120149] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 260.120168] ? graph_lock+0x170/0x170 [ 260.120185] ? do_syscall_64+0x1b1/0x800 [ 260.120201] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 260.120219] ? find_held_lock+0x36/0x1c0 [ 260.120238] ? __lock_is_held+0xb5/0x140 [ 260.124409] binder: 15571:15585 transaction failed 29201/-71, size 0-0 line 2759 [ 260.128679] ? check_same_owner+0x320/0x320 [ 260.128700] ? rcu_note_context_switch+0x710/0x710 [ 260.133944] binder: 15571:15577 ioctl 40046207 0 returned -16 [ 260.137483] __should_failslab+0x124/0x180 [ 260.137500] should_failslab+0x9/0x14 [ 260.137514] kmem_cache_alloc+0x2af/0x760 [ 260.137530] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 260.137546] ? kvm_pfn_to_page+0x7a/0xa0 [ 260.137564] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 260.162947] binder: undelivered death notification, 0000000000000000 [ 260.167999] mmu_topup_memory_caches+0xf7/0x3a0 [ 260.168016] ? kvm_apic_has_interrupt+0xe1/0x210 [ 260.168037] kvm_mmu_load+0x21/0x10e0 [ 260.168054] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 260.168071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 260.168088] vcpu_enter_guest+0x3a83/0x6060 [ 260.168106] ? print_usage_bug+0xc0/0xc0 [ 260.264171] ? kvm_set_msr_common+0x2680/0x2680 [ 260.268827] ? vmx_vcpu_load+0xada/0xfe0 [ 260.272874] ? __lock_acquire+0x7f5/0x5140 [ 260.277090] ? vmx_vcpu_reset+0x1030/0x1030 [ 260.281392] ? graph_lock+0x170/0x170 [ 260.285176] ? graph_lock+0x170/0x170 [ 260.288956] ? __lock_acquire+0x7f5/0x5140 [ 260.293173] ? debug_check_no_locks_freed+0x310/0x310 [ 260.298350] ? __lock_is_held+0xb5/0x140 [ 260.302400] ? lock_acquire+0x1dc/0x520 [ 260.306371] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 260.311371] ? lock_release+0xa10/0xa10 [ 260.315327] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 260.320585] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 260.325068] ? preempt_notifier_dec+0x20/0x20 [ 260.329552] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 260.334384] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 260.339393] kvm_vcpu_ioctl+0x79d/0x12e0 [ 260.343439] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 260.349149] ? graph_lock+0x170/0x170 [ 260.352932] ? find_held_lock+0x36/0x1c0 [ 260.356979] ? lock_downgrade+0x8e0/0x8e0 [ 260.361114] ? kasan_check_read+0x11/0x20 [ 260.365243] ? rcu_is_watching+0x85/0x140 [ 260.369375] ? rcu_report_qs_rnp+0x790/0x790 [ 260.373771] ? __fget+0x40c/0x650 [ 260.377215] ? match_held_lock+0x871/0x8b0 [ 260.381443] ? expand_files.part.8+0x9a0/0x9a0 [ 260.386020] ? kasan_check_write+0x14/0x20 [ 260.390245] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 260.395156] ? wait_for_completion+0x870/0x870 [ 260.399721] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 260.404893] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 260.410586] do_vfs_ioctl+0x1cf/0x16f0 [ 260.414470] ? ioctl_preallocate+0x2e0/0x2e0 [ 260.418863] ? fget_raw+0x20/0x20 [ 260.422300] ? __sb_end_write+0xac/0xe0 [ 260.426273] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 260.431789] ? fput+0x130/0x1a0 [ 260.435061] ? ksys_write+0x1a6/0x250 [ 260.438858] ? security_file_ioctl+0x94/0xc0 [ 260.443271] ksys_ioctl+0xa9/0xd0 [ 260.446716] __x64_sys_ioctl+0x73/0xb0 [ 260.450586] do_syscall_64+0x1b1/0x800 [ 260.454456] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 260.459283] ? syscall_return_slowpath+0x5c0/0x5c0 [ 260.464194] ? syscall_return_slowpath+0x30f/0x5c0 [ 260.469109] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 260.474456] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 260.479284] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 260.484461] RIP: 0033:0x4559f9 [ 260.487636] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 260.506868] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 260.514559] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 260.521811] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 10:01:17 executing program 5 (fault-call:5 fault-nth:35): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 260.529061] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 260.536310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 260.543568] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000022 10:01:17 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xc2000000, [0x40000073, 0x1]}) [ 260.661351] FAULT_INJECTION: forcing a failure. [ 260.661351] name failslab, interval 1, probability 0, space 0, times 0 [ 260.672673] CPU: 0 PID: 15591 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 260.679594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.688935] Call Trace: [ 260.691522] dump_stack+0x1b9/0x294 [ 260.695135] ? dump_stack_print_info.cold.2+0x52/0x52 [ 260.700313] ? find_held_lock+0x36/0x1c0 [ 260.704361] should_fail.cold.4+0xa/0x1a [ 260.708409] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 260.713498] ? kasan_check_read+0x11/0x20 [ 260.717631] ? rcu_is_watching+0x85/0x140 [ 260.721760] ? rcu_pm_notify+0xc0/0xc0 [ 260.725636] ? find_held_lock+0x36/0x1c0 [ 260.729689] ? check_same_owner+0x320/0x320 [ 260.733992] ? mpi_read_raw_data+0x19f/0x490 [ 260.738387] ? rcu_note_context_switch+0x710/0x710 [ 260.743303] __should_failslab+0x124/0x180 [ 260.747525] should_failslab+0x9/0x14 [ 260.751308] __kmalloc+0x2c8/0x760 [ 260.754837] ? __keyctl_dh_compute+0xa98/0x1bc0 [ 260.759493] __keyctl_dh_compute+0xa98/0x1bc0 [ 260.763979] ? copy_overflow+0x30/0x30 [ 260.767874] ? proc_cwd_link+0x1d0/0x1d0 [ 260.771922] ? find_held_lock+0x36/0x1c0 [ 260.775971] ? lock_downgrade+0x8e0/0x8e0 [ 260.780104] ? check_same_owner+0x320/0x320 [ 260.784409] ? __lock_is_held+0xb5/0x140 [ 260.788470] ? __might_sleep+0x95/0x190 [ 260.792436] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 260.797954] ? _copy_from_user+0xdf/0x150 [ 260.802084] keyctl_dh_compute+0xb9/0x100 [ 260.806217] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 260.810958] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 260.816133] __x64_sys_keyctl+0x12a/0x3b0 [ 260.820268] do_syscall_64+0x1b1/0x800 [ 260.824137] ? syscall_return_slowpath+0x5c0/0x5c0 [ 260.829055] ? syscall_return_slowpath+0x30f/0x5c0 [ 260.833969] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 260.839340] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 260.844166] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 260.849337] RIP: 0033:0x4559f9 [ 260.852505] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 260.871688] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 260.879381] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 260.886631] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 260.893883] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 260.901137] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 10:01:17 executing program 6 (fault-call:7 fault-nth:13): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 260.908398] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 000000000000000c [ 261.126734] FAULT_INJECTION: forcing a failure. [ 261.126734] name failslab, interval 1, probability 0, space 0, times 0 [ 261.138129] CPU: 1 PID: 15614 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 261.145070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.154435] Call Trace: [ 261.157042] dump_stack+0x1b9/0x294 [ 261.160686] ? dump_stack_print_info.cold.2+0x52/0x52 [ 261.165889] ? __save_stack_trace+0x7e/0xd0 [ 261.170232] should_fail.cold.4+0xa/0x1a [ 261.174308] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 261.179420] ? kasan_kmalloc+0xc4/0xe0 [ 261.183320] ? kasan_slab_alloc+0x12/0x20 [ 261.187475] ? kmem_cache_alloc+0x12e/0x760 [ 261.191810] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 261.196665] ? kvm_mmu_load+0x21/0x10e0 [ 261.200652] ? vcpu_enter_guest+0x3a83/0x6060 [ 261.205158] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 261.210189] ? graph_lock+0x170/0x170 [ 261.214001] ? do_syscall_64+0x1b1/0x800 [ 261.218074] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 261.223457] ? find_held_lock+0x36/0x1c0 [ 261.227538] ? __lock_is_held+0xb5/0x140 [ 261.227884] FAULT_INJECTION: forcing a failure. [ 261.227884] name failslab, interval 1, probability 0, space 0, times 0 [ 261.231613] ? check_same_owner+0x320/0x320 [ 261.231633] ? rcu_note_context_switch+0x710/0x710 [ 261.231657] __should_failslab+0x124/0x180 [ 261.231677] should_failslab+0x9/0x14 [ 261.231690] kmem_cache_alloc+0x2af/0x760 [ 261.231710] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 261.231727] mmu_topup_memory_caches+0xf7/0x3a0 [ 261.231740] ? kvm_apic_has_interrupt+0xe1/0x210 [ 261.231758] kvm_mmu_load+0x21/0x10e0 [ 261.231772] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 261.231785] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 261.231801] vcpu_enter_guest+0x3a83/0x6060 [ 261.231822] ? kvm_set_msr_common+0x2680/0x2680 [ 261.231843] ? vmx_vcpu_load+0xada/0xfe0 [ 261.306340] ? __lock_acquire+0x7f5/0x5140 [ 261.310592] ? vmx_vcpu_reset+0x1030/0x1030 [ 261.314907] ? graph_lock+0x170/0x170 [ 261.318703] ? graph_lock+0x170/0x170 [ 261.322495] ? __lock_acquire+0x7f5/0x5140 [ 261.326729] ? debug_check_no_locks_freed+0x310/0x310 [ 261.331915] ? __lock_is_held+0xb5/0x140 [ 261.335972] ? lock_acquire+0x1dc/0x520 [ 261.339936] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 261.344948] ? lock_release+0xa10/0xa10 [ 261.348916] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 261.354185] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 261.358668] ? preempt_notifier_dec+0x20/0x20 [ 261.363165] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 261.367998] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 261.373025] kvm_vcpu_ioctl+0x79d/0x12e0 [ 261.377086] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 261.382791] ? graph_lock+0x170/0x170 [ 261.386586] ? find_held_lock+0x36/0x1c0 [ 261.390649] ? lock_downgrade+0x8e0/0x8e0 [ 261.394793] ? kasan_check_read+0x11/0x20 [ 261.398935] ? rcu_is_watching+0x85/0x140 [ 261.403075] ? rcu_report_qs_rnp+0x790/0x790 [ 261.407481] ? __fget+0x40c/0x650 [ 261.410931] ? match_held_lock+0x871/0x8b0 [ 261.415161] ? expand_files.part.8+0x9a0/0x9a0 [ 261.419733] ? kasan_check_write+0x14/0x20 [ 261.423963] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 261.428887] ? wait_for_completion+0x870/0x870 [ 261.433461] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 261.438645] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 261.444348] do_vfs_ioctl+0x1cf/0x16f0 [ 261.448239] ? ioctl_preallocate+0x2e0/0x2e0 [ 261.452640] ? fget_raw+0x20/0x20 [ 261.456086] ? __sb_end_write+0xac/0xe0 [ 261.460055] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 261.465582] ? fput+0x130/0x1a0 [ 261.468857] ? ksys_write+0x1a6/0x250 [ 261.472669] ? security_file_ioctl+0x94/0xc0 [ 261.477074] ksys_ioctl+0xa9/0xd0 [ 261.480523] __x64_sys_ioctl+0x73/0xb0 [ 261.484404] do_syscall_64+0x1b1/0x800 [ 261.488288] ? finish_task_switch+0x1ca/0x840 [ 261.492801] ? syscall_return_slowpath+0x5c0/0x5c0 [ 261.497735] ? syscall_return_slowpath+0x30f/0x5c0 [ 261.502658] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 261.508024] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 261.512861] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 261.518044] RIP: 0033:0x4559f9 [ 261.521216] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 261.540523] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 261.548226] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 261.555484] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 261.562741] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 261.570003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 261.577262] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000023 [ 261.584538] CPU: 0 PID: 15616 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 261.591470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.600836] Call Trace: [ 261.603430] dump_stack+0x1b9/0x294 [ 261.607061] ? dump_stack_print_info.cold.2+0x52/0x52 [ 261.612251] ? __save_stack_trace+0x7e/0xd0 [ 261.616585] should_fail.cold.4+0xa/0x1a [ 261.620650] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 261.625758] ? save_stack+0x43/0xd0 [ 261.629385] ? kasan_kmalloc+0xc4/0xe0 [ 261.633262] ? __kmalloc+0x14e/0x760 [ 261.636961] ? __keyctl_dh_compute+0xa98/0x1bc0 [ 261.641612] ? keyctl_dh_compute+0xb9/0x100 [ 261.645914] ? __x64_sys_keyctl+0x12a/0x3b0 [ 261.650218] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 261.655579] ? rcu_is_watching+0x85/0x140 [ 261.659716] ? rcu_pm_notify+0xc0/0xc0 [ 261.663605] ? find_held_lock+0x36/0x1c0 [ 261.667684] ? check_same_owner+0x320/0x320 [ 261.672011] ? rcu_note_context_switch+0x710/0x710 [ 261.676933] __should_failslab+0x124/0x180 [ 261.681150] should_failslab+0x9/0x14 [ 261.684934] __kmalloc+0x2c8/0x760 [ 261.688454] ? memset+0x31/0x40 [ 261.691717] ? sg_init_table+0x28/0x60 [ 261.695587] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 261.700585] ? __keyctl_dh_compute+0xb30/0x1bc0 [ 261.705234] ? sg_init_one+0x93/0x160 [ 261.709027] __keyctl_dh_compute+0xb30/0x1bc0 [ 261.713533] ? copy_overflow+0x30/0x30 [ 261.717405] ? proc_cwd_link+0x1d0/0x1d0 [ 261.721451] ? find_held_lock+0x36/0x1c0 [ 261.725501] ? lock_downgrade+0x8e0/0x8e0 [ 261.729645] ? check_same_owner+0x320/0x320 [ 261.733956] ? __lock_is_held+0xb5/0x140 [ 261.738006] ? __might_sleep+0x95/0x190 [ 261.741979] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 261.747505] ? _copy_from_user+0xdf/0x150 [ 261.751645] keyctl_dh_compute+0xb9/0x100 [ 261.755773] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 261.760526] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 261.765710] __x64_sys_keyctl+0x12a/0x3b0 [ 261.769849] do_syscall_64+0x1b1/0x800 [ 261.773716] ? finish_task_switch+0x1ca/0x840 [ 261.778219] ? syscall_return_slowpath+0x5c0/0x5c0 [ 261.783153] ? syscall_return_slowpath+0x30f/0x5c0 [ 261.788080] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 261.793429] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 261.798256] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 261.803436] RIP: 0033:0x4559f9 [ 261.806608] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 261.825827] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 261.833518] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 261.840768] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 261.848027] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 261.855286] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 261.862535] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 000000000000000d 10:01:18 executing program 4: mkdir(&(0x7f0000000000)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f", 0x0) rename(&(0x7f0000000080)='//.ile0\x00', &(0x7f00000000c0)='//.ile0\x00') r0 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x8, 0x2) recvfrom$unix(r0, &(0x7f0000000140)=""/8, 0x8, 0x100, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e24}, 0x6e) 10:01:18 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000040)=0xc09b, 0x4) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) r6 = syz_open_dev$dspn(&(0x7f00000001c0)='/dev/dsp#\x00', 0x7, 0x10000) ioctl$KVM_HAS_DEVICE_ATTR(r6, 0x4018aee3, &(0x7f0000000280)={0x0, 0x8, 0x3f, &(0x7f0000000240)=0xb0c0000000000000}) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x100, 0x1bc) 10:01:18 executing program 5 (fault-call:5 fault-nth:36): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:18 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x92, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:18 executing program 3: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fc9000)='/dev/sequencer2\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$KDGKBLED(r0, 0x8004510b, &(0x7f0000000140)) 10:01:18 executing program 7: r0 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x200103, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000080)={0x33, "d72f87a916284aa057429d83243774a29df08b4516b9e9674712700692b868801eb11280cb841c82c2f9f70a1bbb094d6c99b5"}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0x0, &(0x7f0000000040)) r3 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r3) r5 = mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000009, 0x11, r2, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r2, 0xc018620b, &(0x7f00000001c0)={r5}) r6 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f00003eb000)="b3", 0x1, r3) sync() keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r6, r4}, &(0x7f0000000200)=""/5, 0x126, &(0x7f0000c61fc8)={&(0x7f0000a3dffa)={'sha256\x00'}}) 10:01:18 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x1200, [0x40000073, 0x1]}) 10:01:18 executing program 6 (fault-call:7 fault-nth:14): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 262.235375] FAULT_INJECTION: forcing a failure. [ 262.235375] name failslab, interval 1, probability 0, space 0, times 0 [ 262.246836] CPU: 0 PID: 15635 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 262.253771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.263135] Call Trace: [ 262.265739] dump_stack+0x1b9/0x294 [ 262.269384] ? dump_stack_print_info.cold.2+0x52/0x52 [ 262.274158] FAULT_INJECTION: forcing a failure. [ 262.274158] name failslab, interval 1, probability 0, space 0, times 0 [ 262.274581] ? __save_stack_trace+0x7e/0xd0 [ 262.274609] should_fail.cold.4+0xa/0x1a [ 262.274635] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 262.299254] ? kasan_kmalloc+0xc4/0xe0 [ 262.303137] ? kasan_slab_alloc+0x12/0x20 [ 262.307278] ? kmem_cache_alloc+0x12e/0x760 [ 262.311594] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 262.316432] ? kvm_mmu_load+0x21/0x10e0 [ 262.320403] ? vcpu_enter_guest+0x3a83/0x6060 [ 262.324893] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 262.329903] ? graph_lock+0x170/0x170 [ 262.333697] ? do_syscall_64+0x1b1/0x800 [ 262.337750] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 262.343114] ? find_held_lock+0x36/0x1c0 [ 262.347176] ? __lock_is_held+0xb5/0x140 [ 262.351242] ? check_same_owner+0x320/0x320 [ 262.355558] ? rcu_note_context_switch+0x710/0x710 [ 262.360487] __should_failslab+0x124/0x180 [ 262.364720] should_failslab+0x9/0x14 [ 262.368511] kmem_cache_alloc+0x2af/0x760 [ 262.372657] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 262.377495] mmu_topup_memory_caches+0xf7/0x3a0 [ 262.382157] ? kvm_apic_has_interrupt+0xe1/0x210 [ 262.386913] kvm_mmu_load+0x21/0x10e0 [ 262.390707] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 262.396242] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 262.401779] vcpu_enter_guest+0x3a83/0x6060 [ 262.406097] ? print_usage_bug+0xc0/0xc0 [ 262.410157] ? kvm_set_msr_common+0x2680/0x2680 [ 262.414819] ? vmx_vcpu_load+0xada/0xfe0 [ 262.418875] ? __lock_acquire+0x7f5/0x5140 [ 262.423110] ? vmx_vcpu_reset+0x1030/0x1030 [ 262.427429] ? graph_lock+0x170/0x170 [ 262.431224] ? graph_lock+0x170/0x170 [ 262.435026] ? __lock_acquire+0x7f5/0x5140 [ 262.439260] ? debug_check_no_locks_freed+0x310/0x310 [ 262.444449] ? __lock_is_held+0xb5/0x140 [ 262.448508] ? lock_acquire+0x1dc/0x520 [ 262.452488] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 262.457506] ? lock_release+0xa10/0xa10 [ 262.461476] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 262.466747] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 262.471237] ? preempt_notifier_dec+0x20/0x20 [ 262.475738] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 262.480573] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 262.485594] kvm_vcpu_ioctl+0x79d/0x12e0 [ 262.489651] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 262.495361] ? graph_lock+0x170/0x170 [ 262.499165] ? find_held_lock+0x36/0x1c0 [ 262.503238] ? lock_downgrade+0x8e0/0x8e0 [ 262.507385] ? kasan_check_read+0x11/0x20 [ 262.511531] ? rcu_is_watching+0x85/0x140 [ 262.515688] ? rcu_report_qs_rnp+0x790/0x790 [ 262.520106] ? __fget+0x40c/0x650 [ 262.523563] ? match_held_lock+0x871/0x8b0 [ 262.527790] ? expand_files.part.8+0x9a0/0x9a0 [ 262.532366] ? kasan_check_write+0x14/0x20 [ 262.536597] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 262.541522] ? wait_for_completion+0x870/0x870 [ 262.546099] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 262.551286] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 262.556992] do_vfs_ioctl+0x1cf/0x16f0 [ 262.560881] ? ioctl_preallocate+0x2e0/0x2e0 [ 262.565282] ? fget_raw+0x20/0x20 [ 262.568731] ? __sb_end_write+0xac/0xe0 [ 262.572702] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 262.578232] ? fput+0x130/0x1a0 [ 262.581506] ? ksys_write+0x1a6/0x250 [ 262.585303] ? security_file_ioctl+0x94/0xc0 [ 262.589711] ksys_ioctl+0xa9/0xd0 [ 262.593159] __x64_sys_ioctl+0x73/0xb0 [ 262.597046] do_syscall_64+0x1b1/0x800 [ 262.600930] ? finish_task_switch+0x1ca/0x840 [ 262.605423] ? syscall_return_slowpath+0x5c0/0x5c0 [ 262.610347] ? syscall_return_slowpath+0x30f/0x5c0 [ 262.615275] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 262.620636] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 262.625476] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 262.630653] RIP: 0033:0x4559f9 [ 262.633828] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 262.653185] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 262.660890] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 262.668150] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 262.675418] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 262.682677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 262.689938] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000024 [ 262.697222] CPU: 1 PID: 15643 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 262.704156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.713512] Call Trace: [ 262.716112] dump_stack+0x1b9/0x294 [ 262.719752] ? dump_stack_print_info.cold.2+0x52/0x52 [ 262.724951] ? rcu_report_qs_rnp+0x790/0x790 [ 262.729379] should_fail.cold.4+0xa/0x1a [ 262.733451] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 262.738567] ? unwind_get_return_address+0x61/0xa0 [ 262.743497] ? __save_stack_trace+0x7e/0xd0 [ 262.747815] ? find_held_lock+0x36/0x1c0 [ 262.752661] ? check_same_owner+0x320/0x320 [ 262.756972] ? rcu_note_context_switch+0x710/0x710 [ 262.761896] __should_failslab+0x124/0x180 [ 262.766116] should_failslab+0x9/0x14 [ 262.769906] kmem_cache_alloc_trace+0x2cb/0x780 [ 262.774562] ? __raw_spin_lock_init+0x1c/0x100 [ 262.779133] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 262.784139] mpi_alloc+0x4b/0x230 [ 262.787580] dh_compute_value+0x82/0x3f0 [ 262.791636] ? __init_waitqueue_head+0x96/0x140 [ 262.796293] ? dh_exit_tfm+0x20/0x20 [ 262.799992] ? sg_init_table+0x28/0x60 [ 262.803868] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 262.808872] ? __keyctl_dh_compute+0xb30/0x1bc0 [ 262.813536] __keyctl_dh_compute+0xd9d/0x1bc0 [ 262.818034] ? copy_overflow+0x30/0x30 [ 262.821913] ? find_held_lock+0x36/0x1c0 [ 262.825970] ? lock_downgrade+0x8e0/0x8e0 [ 262.830108] ? check_same_owner+0x320/0x320 [ 262.834429] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 262.839949] ? _copy_from_user+0xdf/0x150 [ 262.844087] keyctl_dh_compute+0xb9/0x100 [ 262.848234] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 262.852980] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 262.857811] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 262.862986] __x64_sys_keyctl+0x12a/0x3b0 [ 262.867124] do_syscall_64+0x1b1/0x800 [ 262.870995] ? finish_task_switch+0x1ca/0x840 [ 262.875479] ? syscall_return_slowpath+0x5c0/0x5c0 [ 262.880398] ? syscall_return_slowpath+0x30f/0x5c0 [ 262.885316] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 262.890667] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 262.895496] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 262.900672] RIP: 0033:0x4559f9 [ 262.903840] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 262.923108] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 262.930801] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 10:01:19 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) sync_file_range(0xffffffffffffffff, 0x0, 0x0, 0x6000000) 10:01:19 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vcs\x00', 0x10000, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f0000000540)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") timer_create(0x7, &(0x7f0000000180)={0x0, 0x15}, &(0x7f00000001c0)=0x0) timer_gettime(r4, &(0x7f0000000240)) r5 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xfff, 0x10001) ioctl$TUNSETNOCSUM(r5, 0x400454c8, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r6 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r2) r7 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) keyctl$restrict_keyring(0x1d, r6, &(0x7f0000000300)='rxrpc_s\x00', &(0x7f0000000400)='cpuseteth0systemwlan1GPLuser\x00') r8 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r6) keyctl$dh_compute(0x17, &(0x7f0000000000)={r8, r8, r7}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:19 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0xbe, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:19 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x8501000000000000, [0x40000073, 0x1]}) [ 262.938070] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 262.945322] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 262.952574] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 262.959828] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 000000000000000e 10:01:19 executing program 6 (fault-call:7 fault-nth:15): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:19 executing program 5 (fault-call:5 fault-nth:37): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:19 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") setsockopt$inet_sctp_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000080), 0x4) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, 0x0}) fcntl$setownex(r0, 0xf, &(0x7f0000000140)={0x1, r1}) r2 = socket$inet6_sctp(0xa, 0x1000000000000001, 0x84) getsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x4) 10:01:19 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = gettid() r2 = getpid() kcmp(r1, r2, 0x4, r0, r0) r3 = socket(0x10, 0x802, 0x0) sendmsg$nl_route(r3, &(0x7f0000000440)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000700000000000000000000001302000000"], 0x1}, 0x1}, 0x8000000000) [ 263.298966] FAULT_INJECTION: forcing a failure. [ 263.298966] name failslab, interval 1, probability 0, space 0, times 0 [ 263.310299] CPU: 1 PID: 15669 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 263.317232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.327724] Call Trace: [ 263.329979] FAULT_INJECTION: forcing a failure. [ 263.329979] name failslab, interval 1, probability 0, space 0, times 0 [ 263.330319] dump_stack+0x1b9/0x294 [ 263.330342] ? dump_stack_print_info.cold.2+0x52/0x52 [ 263.330361] ? __save_stack_trace+0x7e/0xd0 [ 263.330390] should_fail.cold.4+0xa/0x1a [ 263.358697] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 263.363794] ? kasan_kmalloc+0xc4/0xe0 [ 263.367673] ? kasan_slab_alloc+0x12/0x20 [ 263.371814] ? kmem_cache_alloc+0x12e/0x760 [ 263.376131] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 263.380965] ? kvm_mmu_load+0x21/0x10e0 [ 263.384936] ? vcpu_enter_guest+0x3a83/0x6060 [ 263.389420] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 263.394428] ? graph_lock+0x170/0x170 [ 263.398223] ? do_syscall_64+0x1b1/0x800 [ 263.402288] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 263.407650] ? find_held_lock+0x36/0x1c0 [ 263.411710] ? __lock_is_held+0xb5/0x140 [ 263.416036] ? check_same_owner+0x320/0x320 [ 263.420355] ? rcu_note_context_switch+0x710/0x710 [ 263.425284] __should_failslab+0x124/0x180 [ 263.429513] should_failslab+0x9/0x14 [ 263.433306] kmem_cache_alloc+0x2af/0x760 [ 263.437449] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 263.442977] ? kvm_pfn_to_page+0x7a/0xa0 [ 263.447035] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 263.451873] mmu_topup_memory_caches+0xf7/0x3a0 [ 263.456536] ? kvm_apic_has_interrupt+0xe1/0x210 [ 263.461287] kvm_mmu_load+0x21/0x10e0 [ 263.465083] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 263.470613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 263.476149] vcpu_enter_guest+0x3a83/0x6060 [ 263.480476] ? print_usage_bug+0xc0/0xc0 [ 263.484539] ? kvm_set_msr_common+0x2680/0x2680 [ 263.489200] ? vmx_vcpu_load+0xada/0xfe0 [ 263.493257] ? __lock_acquire+0x7f5/0x5140 [ 263.497485] ? vmx_vcpu_reset+0x1030/0x1030 [ 263.501797] ? graph_lock+0x170/0x170 [ 263.505594] ? graph_lock+0x170/0x170 [ 263.509388] ? __lock_acquire+0x7f5/0x5140 [ 263.513619] ? debug_check_no_locks_freed+0x310/0x310 [ 263.518807] ? __lock_is_held+0xb5/0x140 [ 263.522870] ? lock_acquire+0x1dc/0x520 [ 263.526838] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 263.531854] ? lock_release+0xa10/0xa10 [ 263.535824] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 263.541125] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 263.545613] ? preempt_notifier_dec+0x20/0x20 [ 263.550107] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 263.554942] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 263.559959] kvm_vcpu_ioctl+0x79d/0x12e0 [ 263.564017] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 263.569724] ? graph_lock+0x170/0x170 [ 263.573519] ? find_held_lock+0x36/0x1c0 [ 263.577578] ? lock_downgrade+0x8e0/0x8e0 [ 263.581726] ? kasan_check_read+0x11/0x20 [ 263.585868] ? rcu_is_watching+0x85/0x140 [ 263.590010] ? rcu_report_qs_rnp+0x790/0x790 [ 263.594419] ? __fget+0x40c/0x650 [ 263.597866] ? match_held_lock+0x871/0x8b0 [ 263.602094] ? expand_files.part.8+0x9a0/0x9a0 [ 263.606669] ? kasan_check_write+0x14/0x20 [ 263.610899] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 263.615830] ? wait_for_completion+0x870/0x870 [ 263.620405] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 263.625590] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 263.631294] do_vfs_ioctl+0x1cf/0x16f0 [ 263.635179] ? ioctl_preallocate+0x2e0/0x2e0 [ 263.639580] ? fget_raw+0x20/0x20 [ 263.643028] ? __sb_end_write+0xac/0xe0 [ 263.646997] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 263.652525] ? fput+0x130/0x1a0 [ 263.655797] ? ksys_write+0x1a6/0x250 [ 263.659598] ? security_file_ioctl+0x94/0xc0 [ 263.664003] ksys_ioctl+0xa9/0xd0 [ 263.667454] __x64_sys_ioctl+0x73/0xb0 [ 263.671334] do_syscall_64+0x1b1/0x800 [ 263.675215] ? syscall_return_slowpath+0x5c0/0x5c0 [ 263.680137] ? syscall_return_slowpath+0x30f/0x5c0 [ 263.685062] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 263.690420] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 263.695263] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 263.700442] RIP: 0033:0x4559f9 [ 263.703620] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 263.722936] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 263.730639] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 263.737900] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 263.745158] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 263.752416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 263.759673] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000025 [ 263.766951] CPU: 0 PID: 15670 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 263.771987] sctp: [Deprecated]: syz-executor7 (pid 15671) Use of int in maxseg socket option. [ 263.771987] Use struct sctp_assoc_value instead [ 263.773875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.773881] Call Trace: [ 263.773903] dump_stack+0x1b9/0x294 [ 263.773927] ? dump_stack_print_info.cold.2+0x52/0x52 [ 263.803006] sctp: [Deprecated]: syz-executor7 (pid 15672) Use of int in maxseg socket option. [ 263.803006] Use struct sctp_assoc_value instead [ 263.807794] should_fail.cold.4+0xa/0x1a [ 263.807814] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 263.807831] ? rcu_is_watching+0x85/0x140 [ 263.807854] ? rcu_report_qs_rnp+0x790/0x790 [ 263.838679] ? rcu_report_qs_rnp+0x790/0x790 [ 263.843098] ? find_held_lock+0x36/0x1c0 10:01:20 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) getpeername(r2, &(0x7f0000000180)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @rand_addr}}}, &(0x7f0000000040)=0x80) ioctl$sock_ipx_SIOCAIPXITFCRT(r3, 0x89e0, &(0x7f0000000240)=0x3f) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:20 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1c4, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:20 executing program 5 (fault-call:5 fault-nth:38): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:20 executing program 7: r0 = memfd_create(&(0x7f0000001440)='\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000001400)='/dev/snd/seq\x00', 0x0, 0x20005) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000037000)={0x0, 0x0, 0x0, "9ede7a8c5ae95e48008000000000007f4f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa0500000074dbcfa6dc4d"}) write$evdev(r0, &(0x7f0000000040)=[{}, {{0x0, 0x7530}}, {{0x0, 0x7530}}, {{0x77359400}, 0x0, 0x0, 0x9}, {{}, 0x0, 0x8, 0xad01}, {{0x77359400}, 0x0, 0x0, 0x5}, {{}, 0x0, 0xff}], 0xa8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0x222, @time}) [ 263.847182] ? check_same_owner+0x320/0x320 [ 263.851508] ? save_stack+0xa9/0xd0 [ 263.855139] ? rcu_note_context_switch+0x710/0x710 [ 263.860072] ? kasan_kmalloc+0xc4/0xe0 [ 263.863961] ? kmem_cache_alloc_trace+0x152/0x780 [ 263.868807] ? mpi_alloc+0x4b/0x230 [ 263.872437] __should_failslab+0x124/0x180 [ 263.876673] should_failslab+0x9/0x14 [ 263.880472] __kmalloc+0x2c8/0x760 [ 263.884016] ? find_held_lock+0x36/0x1c0 [ 263.888085] ? mpi_resize+0x17a/0x207 [ 263.891885] mpi_resize+0x17a/0x207 [ 263.895504] mpi_powm+0x19b/0x1ed0 [ 263.899034] ? kasan_check_read+0x11/0x20 [ 263.903168] ? rcu_is_watching+0x85/0x140 [ 263.907302] ? rcu_pm_notify+0xc0/0xc0 [ 263.911182] ? mpihelp_mul_karatsuba_case+0xd80/0xd80 [ 263.916354] ? mpi_alloc+0x4b/0x230 [ 263.919968] ? rcu_read_lock_sched_held+0x108/0x120 [ 263.924967] ? kmem_cache_alloc_trace+0x616/0x780 [ 263.929791] ? __raw_spin_lock_init+0x1c/0x100 [ 263.934363] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 263.939364] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 263.944886] dh_compute_value+0x1b4/0x3f0 [ 263.949024] ? dh_exit_tfm+0x20/0x20 [ 263.952723] ? sg_init_table+0x28/0x60 [ 263.956594] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 263.961596] ? __keyctl_dh_compute+0xb30/0x1bc0 [ 263.966253] __keyctl_dh_compute+0xd9d/0x1bc0 [ 263.970744] ? copy_overflow+0x30/0x30 [ 263.974616] ? proc_cwd_link+0x1d0/0x1d0 [ 263.978698] ? find_held_lock+0x36/0x1c0 [ 263.982751] ? lock_downgrade+0x8e0/0x8e0 [ 263.986887] ? check_same_owner+0x320/0x320 [ 263.991220] ? __lock_is_held+0xb5/0x140 [ 263.995279] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 264.000804] ? _copy_from_user+0xdf/0x150 [ 264.004939] keyctl_dh_compute+0xb9/0x100 [ 264.009075] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 264.013822] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 264.018999] __x64_sys_keyctl+0x12a/0x3b0 [ 264.023140] do_syscall_64+0x1b1/0x800 [ 264.027013] ? finish_task_switch+0x1ca/0x840 [ 264.031495] ? syscall_return_slowpath+0x5c0/0x5c0 [ 264.036409] ? syscall_return_slowpath+0x30f/0x5c0 [ 264.041328] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 264.046679] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 264.051508] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 264.056678] RIP: 0033:0x4559f9 [ 264.059847] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 264.079095] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 264.086790] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 264.094043] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 264.101297] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 264.108549] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000014 [ 264.115801] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 000000000000000f [ 264.417972] FAULT_INJECTION: forcing a failure. [ 264.417972] name failslab, interval 1, probability 0, space 0, times 0 [ 264.429385] CPU: 0 PID: 15691 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 264.436318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 264.445673] Call Trace: [ 264.448277] dump_stack+0x1b9/0x294 [ 264.451919] ? dump_stack_print_info.cold.2+0x52/0x52 [ 264.457117] ? __save_stack_trace+0x7e/0xd0 [ 264.461445] should_fail.cold.4+0xa/0x1a [ 264.465492] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 264.470579] ? kasan_kmalloc+0xc4/0xe0 [ 264.474450] ? kasan_slab_alloc+0x12/0x20 [ 264.478586] ? kmem_cache_alloc+0x12e/0x760 [ 264.482892] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 264.487714] ? kvm_mmu_load+0x21/0x10e0 [ 264.491669] ? vcpu_enter_guest+0x3a83/0x6060 [ 264.496149] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 264.501153] ? graph_lock+0x170/0x170 [ 264.504939] ? do_syscall_64+0x1b1/0x800 [ 264.508982] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 264.514333] ? find_held_lock+0x36/0x1c0 [ 264.518380] ? __lock_is_held+0xb5/0x140 [ 264.522430] ? check_same_owner+0x320/0x320 [ 264.526736] ? rcu_note_context_switch+0x710/0x710 [ 264.531652] __should_failslab+0x124/0x180 [ 264.535870] should_failslab+0x9/0x14 [ 264.539655] kmem_cache_alloc+0x2af/0x760 [ 264.543788] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 264.548622] mmu_topup_memory_caches+0xf7/0x3a0 [ 264.553274] ? kvm_apic_has_interrupt+0xe1/0x210 [ 264.558027] kvm_mmu_load+0x21/0x10e0 [ 264.561821] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 264.567353] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 264.572877] vcpu_enter_guest+0x3a83/0x6060 [ 264.577184] ? print_usage_bug+0xc0/0xc0 [ 264.581231] ? kvm_set_msr_common+0x2680/0x2680 [ 264.585881] ? vmx_vcpu_load+0xada/0xfe0 [ 264.589924] ? __lock_acquire+0x7f5/0x5140 [ 264.594140] ? vmx_vcpu_reset+0x1030/0x1030 [ 264.598457] ? graph_lock+0x170/0x170 [ 264.602238] ? graph_lock+0x170/0x170 [ 264.606029] ? __lock_acquire+0x7f5/0x5140 [ 264.610259] ? debug_check_no_locks_freed+0x310/0x310 [ 264.615432] ? __lock_is_held+0xb5/0x140 [ 264.619475] ? lock_acquire+0x1dc/0x520 [ 264.623438] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 264.628445] ? lock_release+0xa10/0xa10 [ 264.632401] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 264.637672] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 264.642154] ? preempt_notifier_dec+0x20/0x20 [ 264.646636] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 264.651459] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 264.656465] kvm_vcpu_ioctl+0x79d/0x12e0 [ 264.660520] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 264.666218] ? graph_lock+0x170/0x170 [ 264.670017] ? find_held_lock+0x36/0x1c0 [ 264.674074] ? lock_downgrade+0x8e0/0x8e0 [ 264.678208] ? kasan_check_read+0x11/0x20 [ 264.682339] ? rcu_is_watching+0x85/0x140 [ 264.686470] ? rcu_report_qs_rnp+0x790/0x790 [ 264.690867] ? __fget+0x40c/0x650 [ 264.694305] ? match_held_lock+0x871/0x8b0 [ 264.698534] ? expand_files.part.8+0x9a0/0x9a0 [ 264.703099] ? kasan_check_write+0x14/0x20 [ 264.707316] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 264.712231] ? wait_for_completion+0x870/0x870 [ 264.716797] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 264.721979] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 264.727675] do_vfs_ioctl+0x1cf/0x16f0 [ 264.731548] ? ioctl_preallocate+0x2e0/0x2e0 [ 264.735939] ? fget_raw+0x20/0x20 [ 264.739375] ? __sb_end_write+0xac/0xe0 [ 264.743333] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 264.748852] ? fput+0x130/0x1a0 [ 264.752124] ? ksys_write+0x1a6/0x250 [ 264.755909] ? security_file_ioctl+0x94/0xc0 [ 264.760302] ksys_ioctl+0xa9/0xd0 [ 264.763739] __x64_sys_ioctl+0x73/0xb0 [ 264.767609] do_syscall_64+0x1b1/0x800 [ 264.771476] ? finish_task_switch+0x1ca/0x840 [ 264.775955] ? syscall_return_slowpath+0x5c0/0x5c0 [ 264.780866] ? syscall_return_slowpath+0x30f/0x5c0 [ 264.785780] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 264.791127] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 264.795956] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 264.801125] RIP: 0033:0x4559f9 10:01:21 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x19) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000000)={0x0, 0x3}) r2 = dup3(r1, r1, 0x80000) ioctl$EVIOCSABS3F(r2, 0x401845ff, &(0x7f0000000040)={0x0, 0x9, 0x1ff, 0xfffffffffffffff8, 0x3, 0x7}) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x9ac6, @mcast1={0xff, 0x1, [], 0x1}}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1c}}, @in={0x2, 0x4e24, @broadcast=0xffffffff}, @in6={0xa, 0x4e24, 0xed07, @mcast2={0xff, 0x2, [], 0x1}, 0x1b}, @in6={0xa, 0x4e23, 0xff, @local={0xfe, 0x80, [], 0xaa}, 0x6}, @in={0x2, 0x4e22, @rand_addr=0x42fd}, @in={0x2, 0x4e23, @rand_addr=0x6}], 0x94) 10:01:21 executing program 3: r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x3, 0x400) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000800aaaaaaaaaa14aaaaaaaaaaaaaaaaaaaaaac6aaffffffffffffaaaaaaaaaaaa0180c20000030180c20000000180c200000e"]) clock_nanosleep(0x2, 0x0, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000000)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) prctl$setmm(0x23, 0x2, &(0x7f0000990000/0x2000)=nil) mlockall(0x0) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000080)) 10:01:21 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xc000000000000000, [0x40000073, 0x1]}) 10:01:21 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:21 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sequencer\x00', 0x100, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r1, 0xc0505510, &(0x7f0000000540)={0x8, 0x1, 0x4, 0x1, &(0x7f0000000480)=[{}]}) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/qat_adf_ctl\x00', 0x103000, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000000240)={0x0, {{0xa, 0x4e21, 0x1, @loopback={0x0, 0x1}, 0x48f3746d}}}, 0x88) r3 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r4 = socket$inet6(0xa, 0x80803, 0x4000003) ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead) ioctl(r4, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, r3) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r3) r6 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r5) setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f0000000300)={0x0, 'teql0\x00', 0x2}, 0x18) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r6}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:21 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x19a, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:21 executing program 5 (fault-call:5 fault-nth:39): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:21 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000040)={&(0x7f0000000200)={0xe8, r1, 0x912, 0x70bd25, 0x25dfdbfb, {0x4}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7fff}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local={0xac, 0x14, 0x14, 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2=0xe0000002}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x7}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x11}}]}, @IPVS_CMD_ATTR_DAEMON={0x78, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x543e}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2=0xe0000002}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r1, 0x21, 0x0, 0x0, {0xc}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4}]}, 0x1c}, 0x1}, 0x0) [ 264.804295] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 264.823469] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 264.831161] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 264.838411] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 264.845664] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 264.852913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 264.860162] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000026 10:01:21 executing program 4: r0 = socket$inet6(0xa, 0xffffdffffffffffe, 0xfffffffffffffffe) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") r1 = perf_event_open(&(0x7f0000000100)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000080)={0x5, 0xfffffffffffffd95, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f00000001c0), 0x8}, 0x0, 0x9}) 10:01:21 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x12, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 265.093612] QAT: Invalid ioctl 10:01:21 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x7a010000, [0x40000073, 0x1]}) 10:01:21 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1d9, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:21 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x29, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000015c0)={&(0x7f0000000040)=@pppoe={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2}}}, 0x80, &(0x7f0000001380)=[{&(0x7f00000012c0)="97", 0x1}], 0x1, &(0x7f0000001400)}, 0x0) close(r0) r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x4, 0x40000) getsockname$unix(r1, &(0x7f00000000c0), &(0x7f00000001c0)=0x6e) [ 265.131460] QAT: Invalid ioctl [ 265.150872] FAULT_INJECTION: forcing a failure. [ 265.150872] name failslab, interval 1, probability 0, space 0, times 0 [ 265.162212] CPU: 1 PID: 15717 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 265.169140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.178495] Call Trace: [ 265.181092] dump_stack+0x1b9/0x294 [ 265.184732] ? dump_stack_print_info.cold.2+0x52/0x52 [ 265.189917] ? __save_stack_trace+0x7e/0xd0 [ 265.194235] should_fail.cold.4+0xa/0x1a [ 265.198291] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 265.203397] ? kasan_kmalloc+0xc4/0xe0 [ 265.207291] ? kasan_slab_alloc+0x12/0x20 [ 265.211446] ? kmem_cache_alloc+0x12e/0x760 [ 265.215777] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 265.220623] ? kvm_mmu_load+0x21/0x10e0 [ 265.224607] ? vcpu_enter_guest+0x3a83/0x6060 [ 265.229107] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 265.234137] ? graph_lock+0x170/0x170 [ 265.237946] ? do_syscall_64+0x1b1/0x800 [ 265.242017] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.247393] ? find_held_lock+0x36/0x1c0 [ 265.251471] ? __lock_is_held+0xb5/0x140 [ 265.255550] ? check_same_owner+0x320/0x320 [ 265.259879] ? rcu_note_context_switch+0x710/0x710 [ 265.264824] __should_failslab+0x124/0x180 [ 265.269068] should_failslab+0x9/0x14 [ 265.272879] kmem_cache_alloc+0x2af/0x760 [ 265.277038] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 265.282583] ? kvm_pfn_to_page+0x7a/0xa0 [ 265.286664] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 265.291517] mmu_topup_memory_caches+0xf7/0x3a0 [ 265.296195] ? kvm_apic_has_interrupt+0xe1/0x210 [ 265.300965] kvm_mmu_load+0x21/0x10e0 [ 265.304771] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 265.310308] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 265.315843] vcpu_enter_guest+0x3a83/0x6060 [ 265.320169] ? kvm_set_msr_common+0x2680/0x2680 [ 265.324828] ? vmx_vcpu_load+0xada/0xfe0 [ 265.328881] ? vmx_vcpu_reset+0x1030/0x1030 [ 265.333190] ? graph_lock+0x170/0x170 [ 265.336997] ? graph_lock+0x170/0x170 [ 265.340789] ? __lock_acquire+0x7f5/0x5140 [ 265.345020] ? debug_check_no_locks_freed+0x310/0x310 [ 265.350208] ? __lock_is_held+0xb5/0x140 [ 265.354262] ? lock_acquire+0x1dc/0x520 [ 265.358221] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 265.363231] ? lock_release+0xa10/0xa10 [ 265.367194] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 265.372459] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 265.376941] ? preempt_notifier_dec+0x20/0x20 [ 265.381432] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 265.386262] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 265.391277] kvm_vcpu_ioctl+0x79d/0x12e0 [ 265.395329] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 265.401032] ? graph_lock+0x170/0x170 [ 265.404827] ? find_held_lock+0x36/0x1c0 [ 265.408884] ? lock_downgrade+0x8e0/0x8e0 [ 265.413030] ? kasan_check_read+0x11/0x20 [ 265.417165] ? rcu_is_watching+0x85/0x140 [ 265.421301] ? rcu_report_qs_rnp+0x790/0x790 [ 265.425708] ? __fget+0x40c/0x650 [ 265.429151] ? match_held_lock+0x871/0x8b0 [ 265.433374] ? expand_files.part.8+0x9a0/0x9a0 [ 265.437943] ? kasan_check_write+0x14/0x20 [ 265.442166] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 265.447089] ? wait_for_completion+0x870/0x870 [ 265.451663] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 265.456842] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 265.462553] do_vfs_ioctl+0x1cf/0x16f0 [ 265.466433] ? ioctl_preallocate+0x2e0/0x2e0 [ 265.470831] ? fget_raw+0x20/0x20 [ 265.474277] ? __sb_end_write+0xac/0xe0 [ 265.478240] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 265.483762] ? fput+0x130/0x1a0 [ 265.487034] ? ksys_write+0x1a6/0x250 [ 265.490836] ? security_file_ioctl+0x94/0xc0 [ 265.495235] ksys_ioctl+0xa9/0xd0 [ 265.498680] __x64_sys_ioctl+0x73/0xb0 [ 265.502559] do_syscall_64+0x1b1/0x800 [ 265.506431] ? finish_task_switch+0x1ca/0x840 [ 265.510917] ? syscall_return_slowpath+0x5c0/0x5c0 [ 265.515836] ? syscall_return_slowpath+0x30f/0x5c0 [ 265.520755] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 265.526113] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 265.530949] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.536124] RIP: 0033:0x4559f9 [ 265.539295] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 265.558628] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 265.566325] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 265.573578] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 10:01:22 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x19, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 265.580835] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 265.588090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 265.595344] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000027 10:01:22 executing program 3: r0 = semget$private(0x0, 0x20000000104, 0x0) semop(r0, &(0x7f0000000040)=[{0x0, 0xfffffffffffffffb}, {0x0, 0x2, 0x1800}], 0x2) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x7fff, 0x1000}, {0x0, 0xf9a4}], 0x2, &(0x7f0000000100)={0x0, 0x989680}) r1 = shmget$private(0x0, 0x5000, 0x1000, &(0x7f0000ffa000/0x5000)=nil) shmctl$IPC_INFO(r1, 0x3, &(0x7f0000000140)=""/167) 10:01:22 executing program 7: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x101c00, 0x0) statx(r0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x800, &(0x7f0000000200)) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$sndctrl(&(0x7f0000000100)='/dev/snd/controlC#\x00', 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @broadcast}}}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000d40)=""/4096, 0xffd2}], 0x1, &(0x7f0000000080)=""/92, 0xfffffffffffffe56}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000100)=0x1, 0x0) r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x34, 0x0) ioctl$int_out(r1, 0xc0305710, &(0x7f0000000100)) 10:01:22 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x100c0, [0x40000073, 0x1]}) 10:01:22 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x53, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:22 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x6, 0x3) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") keyctl$unlink(0x9, r0, r0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) request_key(&(0x7f0000000040)='id_legacy\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000001c0)='wlan1mime_type[{\x00', r3) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:22 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x114, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:22 executing program 4: r0 = socket$inet6(0xa, 0x40000000000002, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x101000, 0x0) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000140)=0x8, 0x4) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000040)=0x3, 0x4) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0x7, 0x4) sendto$inet6(r0, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000080), 0x4) 10:01:22 executing program 5 (fault-call:5 fault-nth:40): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 266.001861] FAULT_INJECTION: forcing a failure. [ 266.001861] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 266.013831] CPU: 0 PID: 15761 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 266.020764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.030117] Call Trace: [ 266.032702] dump_stack+0x1b9/0x294 [ 266.036322] ? dump_stack_print_info.cold.2+0x52/0x52 [ 266.041509] should_fail.cold.4+0xa/0x1a [ 266.045558] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 266.050647] ? rcu_report_qs_rnp+0x790/0x790 [ 266.055043] ? graph_lock+0x170/0x170 [ 266.058834] ? find_held_lock+0x36/0x1c0 [ 266.062885] ? __lock_is_held+0xb5/0x140 [ 266.066941] ? check_same_owner+0x320/0x320 [ 266.071250] ? save_stack+0x43/0xd0 [ 266.074864] ? kasan_kmalloc+0xc4/0xe0 [ 266.078736] ? rcu_note_context_switch+0x710/0x710 [ 266.083652] ? vcpu_enter_guest+0x3a83/0x6060 [ 266.088134] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 266.093137] ? __might_sleep+0x95/0x190 [ 266.097105] __alloc_pages_nodemask+0x34e/0xd70 [ 266.101762] ? lock_downgrade+0x8e0/0x8e0 [ 266.105897] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 266.110902] ? graph_lock+0x170/0x170 [ 266.114687] ? __lock_is_held+0xb5/0x140 [ 266.118738] ? rcu_report_qs_rnp+0x790/0x790 [ 266.123139] ? __lock_is_held+0xb5/0x140 [ 266.127193] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 266.132722] alloc_pages_current+0x10c/0x210 [ 266.137121] __get_free_pages+0xf/0x40 [ 266.140995] mmu_topup_memory_caches+0x1f8/0x3a0 [ 266.145744] ? kvm_apic_has_interrupt+0xe1/0x210 [ 266.150487] kvm_mmu_load+0x21/0x10e0 [ 266.154276] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 266.159800] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 266.165633] vcpu_enter_guest+0x3a83/0x6060 [ 266.169946] ? print_usage_bug+0xc0/0xc0 [ 266.173998] ? kvm_set_msr_common+0x2680/0x2680 [ 266.178657] ? vmx_vcpu_load+0xada/0xfe0 [ 266.182706] ? __lock_acquire+0x7f5/0x5140 [ 266.186926] ? vmx_vcpu_reset+0x1030/0x1030 [ 266.191235] ? graph_lock+0x170/0x170 [ 266.195027] ? graph_lock+0x170/0x170 [ 266.198814] ? __lock_acquire+0x7f5/0x5140 [ 266.203042] ? debug_check_no_locks_freed+0x310/0x310 [ 266.208226] ? __lock_is_held+0xb5/0x140 [ 266.212274] ? lock_acquire+0x1dc/0x520 [ 266.216234] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 266.221240] ? lock_release+0xa10/0xa10 [ 266.225201] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 266.230460] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 266.234940] ? preempt_notifier_dec+0x20/0x20 [ 266.239428] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 266.244254] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 266.249262] kvm_vcpu_ioctl+0x79d/0x12e0 [ 266.253311] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 266.259007] ? graph_lock+0x170/0x170 [ 266.262799] ? find_held_lock+0x36/0x1c0 [ 266.266853] ? lock_downgrade+0x8e0/0x8e0 [ 266.270990] ? kasan_check_read+0x11/0x20 [ 266.275128] ? rcu_is_watching+0x85/0x140 [ 266.279262] ? rcu_report_qs_rnp+0x790/0x790 [ 266.283661] ? __fget+0x40c/0x650 [ 266.287104] ? match_held_lock+0x871/0x8b0 [ 266.291324] ? expand_files.part.8+0x9a0/0x9a0 [ 266.295891] ? kasan_check_write+0x14/0x20 [ 266.300114] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 266.305036] ? wait_for_completion+0x870/0x870 [ 266.309607] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 266.314783] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 266.320478] do_vfs_ioctl+0x1cf/0x16f0 [ 266.324354] ? ioctl_preallocate+0x2e0/0x2e0 [ 266.328750] ? fget_raw+0x20/0x20 [ 266.332190] ? __sb_end_write+0xac/0xe0 [ 266.336155] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 266.341675] ? fput+0x130/0x1a0 [ 266.344945] ? ksys_write+0x1a6/0x250 [ 266.348739] ? security_file_ioctl+0x94/0xc0 [ 266.353134] ksys_ioctl+0xa9/0xd0 [ 266.356578] __x64_sys_ioctl+0x73/0xb0 [ 266.360454] do_syscall_64+0x1b1/0x800 [ 266.364326] ? finish_task_switch+0x1ca/0x840 [ 266.368809] ? syscall_return_slowpath+0x5c0/0x5c0 [ 266.373725] ? syscall_return_slowpath+0x30f/0x5c0 [ 266.378643] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 266.383997] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 266.388835] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 266.394012] RIP: 0033:0x4559f9 [ 266.397189] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 266.416448] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 266.424142] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 266.431393] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 266.438647] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 266.445908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 266.453160] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000028 10:01:24 executing program 5 (fault-call:5 fault-nth:41): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:24 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x197, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:24 executing program 7: r0 = socket$inet_icmp(0x2, 0x2, 0x1) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000d1c000)=0x2c, 0x4) bind(r0, &(0x7f0000000000)=@in6={0xa, 0x4e20, 0x6, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x1}, 0x80) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f00000004c0)=0x1000000000000006, 0x4) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1c) ioctl$int_in(r2, 0x5473, &(0x7f00000000c0)=0x45bf) 10:01:24 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0xb, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:24 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x6) r1 = dup(r0) io_setup(0x20, &(0x7f0000000900)=0x0) clock_gettime(0x0, &(0x7f0000000a80)={0x0, 0x0}) io_pgetevents(r2, 0x86a, 0x9, &(0x7f0000000940)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000ac0)={r3, r4+30000000}, &(0x7f0000000b40)={&(0x7f0000000b00)={0x3}, 0x8}) write$binfmt_aout(r0, &(0x7f0000000080)={{0x0, 0xffffffff, 0x0, 0xfa, 0x163, 0x3, 0xea}, "4744c5d4d4e43c2a399113b534fb4e06722c1ce3649b5f407445c3d0504bd8d0ef01bc213042ba2ec4cb6bda00bd78797c686dcaf101878aee89bba52c6193f1b946170b5f5d7e207a29c15819d8", [[], [], [], [], [], [], [], []]}, 0x86e) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @rand_addr=0x7561a6b0}, @in6={0xa, 0x4e22, 0x237c, @loopback={0x0, 0x1}, 0x100}], 0x2c) ioctl$VHOST_SET_VRING_KICK(r1, 0x400448c8, &(0x7f0000000040)) 10:01:24 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x200, 0x0) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000180)={0x0, 0x3f}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000240)={0x0, 0x401}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f00000002c0)=@sack_info={r4, 0x4, 0xffff}, &(0x7f0000000380)=0x6) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r6 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r5) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r6}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:24 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x3, &(0x7f0000000080)="0047fc2f07d82cff240970") io_setup(0x6, &(0x7f00000012c0)=0x0) io_getevents(r1, 0x2, 0x80000000000005e, &(0x7f0000d83f60)=[{}, {}], &(0x7f00005cfff0)={0x4000000000001, 0x7}) r2 = memfd_create(&(0x7f0000000000)=':+lo#\x00', 0x0) io_submit(r1, 0x1, &(0x7f0000001280)=[&(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000100)}]) io_destroy(r1) 10:01:24 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x86010000, [0x40000073, 0x1]}) [ 267.424612] FAULT_INJECTION: forcing a failure. [ 267.424612] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 267.436583] CPU: 1 PID: 15793 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 267.443518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.452878] Call Trace: [ 267.455479] dump_stack+0x1b9/0x294 [ 267.459129] ? dump_stack_print_info.cold.2+0x52/0x52 [ 267.464329] ? lock_downgrade+0x8e0/0x8e0 [ 267.468492] should_fail.cold.4+0xa/0x1a [ 267.472566] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 267.477676] ? rcu_report_qs_rnp+0x790/0x790 [ 267.482093] ? graph_lock+0x170/0x170 [ 267.485904] ? is_bpf_text_address+0xd7/0x170 [ 267.490408] ? find_held_lock+0x36/0x1c0 [ 267.494479] ? __lock_is_held+0xb5/0x140 [ 267.498558] ? check_same_owner+0x320/0x320 [ 267.502880] ? rcu_note_context_switch+0x710/0x710 [ 267.507800] ? __might_sleep+0x95/0x190 [ 267.511769] __alloc_pages_nodemask+0x34e/0xd70 [ 267.516438] ? lock_downgrade+0x8e0/0x8e0 [ 267.520585] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 267.525590] ? graph_lock+0x170/0x170 [ 267.529377] ? __lock_is_held+0xb5/0x140 [ 267.533425] ? rcu_report_qs_rnp+0x790/0x790 [ 267.537829] ? __lock_is_held+0xb5/0x140 [ 267.541882] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 267.547405] alloc_pages_current+0x10c/0x210 [ 267.551802] __get_free_pages+0xf/0x40 [ 267.555674] mmu_topup_memory_caches+0x1f8/0x3a0 [ 267.560420] ? kvm_apic_has_interrupt+0xe1/0x210 [ 267.565164] kvm_mmu_load+0x21/0x10e0 [ 267.568950] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 267.574511] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 267.580036] vcpu_enter_guest+0x3a83/0x6060 [ 267.584404] ? print_usage_bug+0xc0/0xc0 [ 267.588457] ? kvm_set_msr_common+0x2680/0x2680 [ 267.593109] ? vmx_vcpu_load+0xada/0xfe0 [ 267.597157] ? __lock_acquire+0x7f5/0x5140 [ 267.601376] ? vmx_vcpu_reset+0x1030/0x1030 [ 267.605681] ? graph_lock+0x170/0x170 [ 267.609466] ? graph_lock+0x170/0x170 [ 267.613253] ? __lock_acquire+0x7f5/0x5140 [ 267.617475] ? debug_check_no_locks_freed+0x310/0x310 [ 267.622653] ? __lock_is_held+0xb5/0x140 [ 267.626700] ? lock_acquire+0x1dc/0x520 [ 267.630656] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 267.635658] ? lock_release+0xa10/0xa10 [ 267.639619] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 267.644879] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 267.649354] ? preempt_notifier_dec+0x20/0x20 [ 267.653838] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 267.658664] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 267.663668] kvm_vcpu_ioctl+0x79d/0x12e0 [ 267.667718] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 267.673412] ? graph_lock+0x170/0x170 [ 267.677200] ? find_held_lock+0x36/0x1c0 [ 267.681252] ? lock_downgrade+0x8e0/0x8e0 [ 267.685386] ? kasan_check_read+0x11/0x20 [ 267.689519] ? rcu_is_watching+0x85/0x140 [ 267.693654] ? rcu_report_qs_rnp+0x790/0x790 [ 267.698054] ? __fget+0x40c/0x650 [ 267.701492] ? match_held_lock+0x871/0x8b0 [ 267.705711] ? expand_files.part.8+0x9a0/0x9a0 [ 267.710275] ? kasan_check_write+0x14/0x20 [ 267.714494] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 267.719409] ? wait_for_completion+0x870/0x870 [ 267.723987] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 267.729162] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 267.734856] do_vfs_ioctl+0x1cf/0x16f0 [ 267.738731] ? ioctl_preallocate+0x2e0/0x2e0 [ 267.743126] ? fget_raw+0x20/0x20 [ 267.746567] ? __sb_end_write+0xac/0xe0 [ 267.750530] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 267.756048] ? fput+0x130/0x1a0 [ 267.759314] ? ksys_write+0x1a6/0x250 [ 267.763103] ? security_file_ioctl+0x94/0xc0 [ 267.767507] ksys_ioctl+0xa9/0xd0 [ 267.770945] __x64_sys_ioctl+0x73/0xb0 [ 267.774816] do_syscall_64+0x1b1/0x800 [ 267.778685] ? finish_task_switch+0x1ca/0x840 [ 267.783166] ? syscall_return_slowpath+0x5c0/0x5c0 [ 267.788082] ? syscall_return_slowpath+0x30f/0x5c0 [ 267.792996] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 267.798351] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 267.803181] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.808352] RIP: 0033:0x4559f9 10:01:24 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:24 executing program 7: r0 = socket$inet6(0xa, 0x2000000802, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@mcast1={0xff, 0x1, [], 0x1}, 0x0, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f000089b000)=0xffffffffffffffff, 0x4) sendmmsg(r0, &(0x7f000000f140)=[{{&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000002540)}}, {{&(0x7f0000000400)=@in6={0xa, 0x4e21, 0xac2, @remote={0xfe, 0x80, [], 0xbb}}, 0x80, &(0x7f00000004c0)}}], 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000)) mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='sockfs\x00', 0x20000, &(0x7f0000000180)) preadv(r1, &(0x7f00000023c0)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1, 0x0) 10:01:24 executing program 4: r0 = socket$packet(0x11, 0x804000005, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x5}, 0x4) r1 = socket$inet6(0xa, 0x2000000802, 0x0) socket$rds(0x15, 0x5, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x2, 0x40000) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f00000000c0)=""/181) sendto$inet6(r1, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @remote={0xfe, 0x80, [], 0xbb}}, 0x1c) 10:01:24 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x4, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:24 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x5, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:24 executing program 5 (fault-call:5 fault-nth:42): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 267.811523] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 267.830745] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 267.838444] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 267.845705] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 267.852956] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 267.860206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 267.867467] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000029 10:01:24 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x4800, [0x40000073, 0x1]}) 10:01:24 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0xb7, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:24 executing program 4: rt_sigprocmask(0x0, &(0x7f0000039ff8)={0xfffffffffffffffa}, 0x0, 0x8) r0 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x1, 0x40000) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000280)=0x5, 0x4) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x101000, 0x0) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000140)=0x3, 0x4) r2 = gettid() getitimer(0x2, &(0x7f0000000200)) timer_create(0x8, &(0x7f0000044000)={0x0, 0x17, 0x1000080000000004, @tid=r2}, &(0x7f00000000c0)=0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000180)={0x0, 0xf3}) timer_settime(r3, 0x0, &(0x7f0000000300)={{0x0, r4+10000000}}, &(0x7f00000001c0)) rt_sigtimedwait(&(0x7f0000000040)={0x6a657b14}, 0x0, &(0x7f0000000080)={0x77359400}, 0x8) 10:01:24 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x100000000, &(0x7f00000001c0)="21f89f3350") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x800, 0x0) ioctl$KVM_SET_CLOCK(r6, 0x4030ae7b, &(0x7f0000000180)={0xffff, 0x6}) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000000280)=@add_del={0x2, &(0x7f0000000240)='bcsh0\x00', 0x3}) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 268.120381] FAULT_INJECTION: forcing a failure. [ 268.120381] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 268.132356] CPU: 0 PID: 15822 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 268.139287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.148640] Call Trace: [ 268.151234] dump_stack+0x1b9/0x294 [ 268.154874] ? dump_stack_print_info.cold.2+0x52/0x52 [ 268.160080] ? lock_downgrade+0x8e0/0x8e0 [ 268.164539] should_fail.cold.4+0xa/0x1a 10:01:24 executing program 7: r0 = socket$inet6(0xa, 0x2000000802, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@mcast1={0xff, 0x1, [], 0x1}, 0x0, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f000089b000)=0xffffffffffffffff, 0x4) sendmmsg(r0, &(0x7f000000f140)=[{{&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000002540)}}, {{&(0x7f0000000400)=@in6={0xa, 0x4e21, 0xac2, @remote={0xfe, 0x80, [], 0xbb}}, 0x80, &(0x7f00000004c0)}}], 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000)) mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='sockfs\x00', 0x20000, &(0x7f0000000180)) preadv(r1, &(0x7f00000023c0)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1, 0x0) [ 268.168612] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 268.173721] ? rcu_report_qs_rnp+0x790/0x790 [ 268.178136] ? graph_lock+0x170/0x170 [ 268.181949] ? is_bpf_text_address+0xd7/0x170 [ 268.186452] ? find_held_lock+0x36/0x1c0 [ 268.190519] ? __lock_is_held+0xb5/0x140 [ 268.194583] ? check_same_owner+0x320/0x320 [ 268.198892] ? rcu_note_context_switch+0x710/0x710 [ 268.203809] ? __might_sleep+0x95/0x190 [ 268.207770] __alloc_pages_nodemask+0x34e/0xd70 [ 268.212423] ? lock_downgrade+0x8e0/0x8e0 [ 268.216557] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 268.221554] ? graph_lock+0x170/0x170 [ 268.225337] ? __lock_is_held+0xb5/0x140 [ 268.229432] ? rcu_report_qs_rnp+0x790/0x790 [ 268.233834] ? __lock_is_held+0xb5/0x140 [ 268.237889] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 268.243411] alloc_pages_current+0x10c/0x210 [ 268.247807] __get_free_pages+0xf/0x40 [ 268.251681] mmu_topup_memory_caches+0x1f8/0x3a0 [ 268.256419] ? kvm_apic_has_interrupt+0xe1/0x210 [ 268.261164] kvm_mmu_load+0x21/0x10e0 [ 268.264948] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 268.270473] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 268.275995] vcpu_enter_guest+0x3a83/0x6060 [ 268.280307] ? print_usage_bug+0xc0/0xc0 [ 268.284354] ? kvm_set_msr_common+0x2680/0x2680 [ 268.289010] ? vmx_vcpu_load+0xada/0xfe0 [ 268.293061] ? __lock_acquire+0x7f5/0x5140 [ 268.297278] ? vmx_vcpu_reset+0x1030/0x1030 [ 268.301584] ? graph_lock+0x170/0x170 [ 268.305371] ? graph_lock+0x170/0x170 [ 268.309155] ? __lock_acquire+0x7f5/0x5140 [ 268.313379] ? debug_check_no_locks_freed+0x310/0x310 [ 268.318557] ? __lock_is_held+0xb5/0x140 [ 268.322609] ? lock_acquire+0x1dc/0x520 [ 268.326566] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 268.331569] ? lock_release+0xa10/0xa10 [ 268.335527] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 268.340787] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 268.345264] ? preempt_notifier_dec+0x20/0x20 [ 268.349749] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 268.354577] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 268.359584] kvm_vcpu_ioctl+0x79d/0x12e0 [ 268.363633] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 268.369330] ? graph_lock+0x170/0x170 [ 268.373116] ? find_held_lock+0x36/0x1c0 [ 268.377166] ? lock_downgrade+0x8e0/0x8e0 [ 268.381300] ? kasan_check_read+0x11/0x20 [ 268.385433] ? rcu_is_watching+0x85/0x140 [ 268.389590] ? rcu_report_qs_rnp+0x790/0x790 [ 268.393988] ? __fget+0x40c/0x650 [ 268.397429] ? match_held_lock+0x871/0x8b0 [ 268.401647] ? expand_files.part.8+0x9a0/0x9a0 [ 268.406212] ? kasan_check_write+0x14/0x20 [ 268.410431] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 268.415348] ? wait_for_completion+0x870/0x870 [ 268.419918] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 268.425091] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 268.430788] do_vfs_ioctl+0x1cf/0x16f0 [ 268.434662] ? ioctl_preallocate+0x2e0/0x2e0 [ 268.439057] ? fget_raw+0x20/0x20 [ 268.442493] ? __sb_end_write+0xac/0xe0 [ 268.446451] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 268.451970] ? fput+0x130/0x1a0 [ 268.455233] ? ksys_write+0x1a6/0x250 [ 268.459033] ? security_file_ioctl+0x94/0xc0 [ 268.463430] ksys_ioctl+0xa9/0xd0 [ 268.466873] __x64_sys_ioctl+0x73/0xb0 [ 268.470746] do_syscall_64+0x1b1/0x800 [ 268.474615] ? finish_task_switch+0x1ca/0x840 [ 268.479098] ? syscall_return_slowpath+0x5c0/0x5c0 [ 268.484014] ? syscall_return_slowpath+0x30f/0x5c0 [ 268.488935] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 268.494284] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 268.499111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 268.504281] RIP: 0033:0x4559f9 10:01:25 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x8, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 268.507450] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 268.526672] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 268.534364] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 268.541615] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 268.548873] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 268.556127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 268.563381] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000002a 10:01:26 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000180)="0047fc2f07d82c99240970") r1 = socket$inet6(0xa, 0x2000000802, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000000)) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x90000, 0x0) ioctl$KDENABIO(r2, 0x4b36) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000f68000)={@loopback={0x0, 0x1}, 0x800, 0x0, 0xff, 0x1, 0x0, 0xfc}, 0x20) r3 = socket(0x15, 0x8080f, 0xa8d) getsockopt$inet_sctp_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) 10:01:26 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x174, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:26 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xc200, [0x40000073, 0x1]}) 10:01:26 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x100) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) pipe2(&(0x7f0000000180), 0x0) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xf32e, 0xc440) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:26 executing program 5 (fault-call:5 fault-nth:43): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:26 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYRES64=r2]) epoll_pwait(r0, &(0x7f0000000040)=[{}, {}, {}, {}, {}], 0x5, 0x53b18f1, &(0x7f0000000080)={0x5}, 0x8) 10:01:26 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x15, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:26 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, &(0x7f000000a000)) r0 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0x6857b21ff1155d93) iopl(0x2) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) write$binfmt_script(r0, &(0x7f0000000300)=ANY=[@ANYBLOB='#'], 0x1) ftruncate(r0, 0x0) 10:01:26 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) getsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000240)=""/156, &(0x7f0000000040)=0x9c) r2 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r3 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x180) ioctl$KDGKBTYPE(r3, 0x4b33, &(0x7f00000001c0)) r4 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, 0x0) keyctl$dh_compute(0x17, &(0x7f0000000000)={r4, r4, r2}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 269.694558] FAULT_INJECTION: forcing a failure. [ 269.694558] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 269.706542] CPU: 1 PID: 15866 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 269.713470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.722822] Call Trace: [ 269.725418] dump_stack+0x1b9/0x294 [ 269.729055] ? dump_stack_print_info.cold.2+0x52/0x52 [ 269.734262] ? lock_downgrade+0x8e0/0x8e0 [ 269.738426] should_fail.cold.4+0xa/0x1a 10:01:26 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1cd, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 269.742500] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 269.747613] ? rcu_report_qs_rnp+0x790/0x790 [ 269.752028] ? graph_lock+0x170/0x170 [ 269.755839] ? is_bpf_text_address+0xd7/0x170 [ 269.760343] ? find_held_lock+0x36/0x1c0 [ 269.764419] ? __lock_is_held+0xb5/0x140 [ 269.768496] ? check_same_owner+0x320/0x320 [ 269.772828] ? rcu_note_context_switch+0x710/0x710 [ 269.777757] ? __might_sleep+0x95/0x190 [ 269.781720] __alloc_pages_nodemask+0x34e/0xd70 [ 269.786374] ? lock_downgrade+0x8e0/0x8e0 [ 269.790513] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 269.795515] ? graph_lock+0x170/0x170 [ 269.799298] ? __lock_is_held+0xb5/0x140 [ 269.803346] ? rcu_report_qs_rnp+0x790/0x790 [ 269.807747] ? __lock_is_held+0xb5/0x140 [ 269.811803] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 269.817325] alloc_pages_current+0x10c/0x210 [ 269.821721] __get_free_pages+0xf/0x40 [ 269.825593] mmu_topup_memory_caches+0x1f8/0x3a0 [ 269.830334] ? kvm_apic_has_interrupt+0xe1/0x210 [ 269.835104] kvm_mmu_load+0x21/0x10e0 [ 269.838891] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 269.844415] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 269.849941] vcpu_enter_guest+0x3a83/0x6060 [ 269.854254] ? print_usage_bug+0xc0/0xc0 [ 269.858303] ? kvm_set_msr_common+0x2680/0x2680 [ 269.862955] ? vmx_vcpu_load+0xada/0xfe0 [ 269.867004] ? __lock_acquire+0x7f5/0x5140 [ 269.871257] ? vmx_vcpu_reset+0x1030/0x1030 [ 269.875560] ? graph_lock+0x170/0x170 [ 269.879345] ? graph_lock+0x170/0x170 [ 269.883128] ? __lock_acquire+0x7f5/0x5140 [ 269.887349] ? debug_check_no_locks_freed+0x310/0x310 [ 269.892528] ? __lock_is_held+0xb5/0x140 [ 269.896574] ? lock_acquire+0x1dc/0x520 [ 269.900531] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 269.905534] ? lock_release+0xa10/0xa10 [ 269.909493] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 269.914753] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 269.919236] ? preempt_notifier_dec+0x20/0x20 [ 269.923719] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 269.928545] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 269.933553] kvm_vcpu_ioctl+0x79d/0x12e0 [ 269.937599] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 269.943294] ? graph_lock+0x170/0x170 [ 269.947079] ? find_held_lock+0x36/0x1c0 [ 269.951130] ? lock_downgrade+0x8e0/0x8e0 [ 269.955266] ? kasan_check_read+0x11/0x20 [ 269.959403] ? rcu_is_watching+0x85/0x140 [ 269.963537] ? rcu_report_qs_rnp+0x790/0x790 [ 269.967937] ? __fget+0x40c/0x650 [ 269.971377] ? match_held_lock+0x871/0x8b0 [ 269.975595] ? expand_files.part.8+0x9a0/0x9a0 [ 269.980163] ? kasan_check_write+0x14/0x20 [ 269.984385] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 269.989301] ? wait_for_completion+0x870/0x870 [ 269.993868] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 269.999417] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 270.005115] do_vfs_ioctl+0x1cf/0x16f0 [ 270.008993] ? ioctl_preallocate+0x2e0/0x2e0 [ 270.013398] ? fget_raw+0x20/0x20 [ 270.016836] ? __sb_end_write+0xac/0xe0 [ 270.020800] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 270.026321] ? fput+0x130/0x1a0 [ 270.029588] ? ksys_write+0x1a6/0x250 [ 270.033377] ? security_file_ioctl+0x94/0xc0 [ 270.037770] ksys_ioctl+0xa9/0xd0 [ 270.041207] __x64_sys_ioctl+0x73/0xb0 [ 270.045085] do_syscall_64+0x1b1/0x800 [ 270.048955] ? finish_task_switch+0x1ca/0x840 [ 270.053435] ? syscall_return_slowpath+0x5c0/0x5c0 [ 270.058349] ? syscall_return_slowpath+0x30f/0x5c0 [ 270.063267] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 270.068617] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 270.073455] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.078626] RIP: 0033:0x4559f9 10:01:26 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x16, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:26 executing program 3: r0 = memfd_create(&(0x7f0000000200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) write$binfmt_misc(r0, &(0x7f00000000c0)={'syz1'}, 0x4) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000100)=0xc) ptrace$pokeuser(0x6, r1, 0xfffffffffffffffb, 0x100000000) setrlimit(0x7, &(0x7f0000000080)) execveat(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0), &(0x7f0000000240), 0x1000) 10:01:26 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xff02000000000000, [0x40000073, 0x1]}) [ 270.081794] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 270.101026] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 270.108720] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 270.115973] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 270.123225] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 270.130480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 270.137731] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000002b 10:01:26 executing program 7: clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000080)={0x100000000, 0xffffffff, 0x1f8a91be, 0x7ff, 0x3, 0xffffffff, 0x20, 0x3}, &(0x7f00000000c0)={0xffffffffffffff9f, 0x0, 0x8, 0x8001, 0x8}, &(0x7f0000000100)={0xe3, 0x2, 0x81, 0x6, 0x10001, 0x5, 0x5efb, 0x4}, &(0x7f0000000180)={r0, r1+30000000}, &(0x7f0000000200)={&(0x7f00000001c0)={0x984}, 0x8}) r2 = syz_open_dev$admmidi(&(0x7f0000004900)='/dev/admmidi#\x00', 0x4, 0x40) getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000004940), &(0x7f0000004980)=0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0xffffffffffffffcf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0xffffffff00000001, 0x8, 0x4}, 0x2f) 10:01:26 executing program 5 (fault-call:5 fault-nth:44): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:26 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = timerfd_create(0x7, 0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) shutdown(r1, 0x1) timerfd_settime(r0, 0x0, &(0x7f0000000140)={{0x4000000000000000}, {0x0, 0x989680}}, &(0x7f0000000100)) [ 270.462640] FAULT_INJECTION: forcing a failure. [ 270.462640] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 270.474573] CPU: 1 PID: 15905 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 270.481502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.490858] Call Trace: [ 270.493460] dump_stack+0x1b9/0x294 [ 270.497101] ? dump_stack_print_info.cold.2+0x52/0x52 [ 270.502313] should_fail.cold.4+0xa/0x1a [ 270.506390] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 270.511509] ? rcu_report_qs_rnp+0x790/0x790 [ 270.515936] ? graph_lock+0x170/0x170 [ 270.519758] ? find_held_lock+0x36/0x1c0 [ 270.523872] ? __lock_is_held+0xb5/0x140 [ 270.527954] ? check_same_owner+0x320/0x320 [ 270.532284] ? rcu_note_context_switch+0x710/0x710 [ 270.537210] ? __might_sleep+0x95/0x190 [ 270.541179] __alloc_pages_nodemask+0x34e/0xd70 [ 270.545836] ? lock_downgrade+0x8e0/0x8e0 [ 270.549974] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 270.554978] ? graph_lock+0x170/0x170 [ 270.558766] ? __lock_is_held+0xb5/0x140 [ 270.562820] ? rcu_report_qs_rnp+0x790/0x790 [ 270.567229] ? __lock_is_held+0xb5/0x140 [ 270.571290] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 270.576820] alloc_pages_current+0x10c/0x210 [ 270.581219] __get_free_pages+0xf/0x40 [ 270.585097] mmu_topup_memory_caches+0x1f8/0x3a0 [ 270.589843] ? kvm_apic_has_interrupt+0xe1/0x210 [ 270.594589] kvm_mmu_load+0x21/0x10e0 [ 270.598396] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 270.603921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 270.609449] vcpu_enter_guest+0x3a83/0x6060 [ 270.613773] ? kvm_set_msr_common+0x2680/0x2680 [ 270.618437] ? perf_trace_lock+0x900/0x900 [ 270.622657] ? __lock_acquire+0x7f5/0x5140 [ 270.626910] ? vmx_vcpu_reset+0x1030/0x1030 [ 270.631219] ? graph_lock+0x170/0x170 [ 270.635038] ? graph_lock+0x170/0x170 [ 270.638830] ? __lock_acquire+0x7f5/0x5140 [ 270.643057] ? perf_trace_lock_acquire+0xe3/0x980 [ 270.647895] ? __lock_is_held+0xb5/0x140 [ 270.651950] ? lock_acquire+0x1dc/0x520 [ 270.655910] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 270.660916] ? lock_release+0xa10/0xa10 [ 270.664880] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 270.670147] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 270.674633] ? preempt_notifier_dec+0x20/0x20 [ 270.679137] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 270.683972] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 270.688988] kvm_vcpu_ioctl+0x79d/0x12e0 [ 270.693043] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 270.698743] ? graph_lock+0x170/0x170 [ 270.702551] ? find_held_lock+0x36/0x1c0 [ 270.706613] ? lock_downgrade+0x8e0/0x8e0 [ 270.710754] ? kasan_check_read+0x11/0x20 [ 270.714891] ? rcu_is_watching+0x85/0x140 [ 270.719036] ? rcu_report_qs_rnp+0x790/0x790 [ 270.723440] ? __fget+0x40c/0x650 [ 270.726886] ? match_held_lock+0x871/0x8b0 [ 270.731107] ? expand_files.part.8+0x9a0/0x9a0 [ 270.735675] ? kasan_check_write+0x14/0x20 [ 270.739898] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 270.744819] ? wait_for_completion+0x870/0x870 [ 270.749391] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 270.754568] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 270.760266] do_vfs_ioctl+0x1cf/0x16f0 [ 270.764148] ? ioctl_preallocate+0x2e0/0x2e0 [ 270.768547] ? fget_raw+0x20/0x20 [ 270.771987] ? __sb_end_write+0xac/0xe0 [ 270.775954] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 270.781477] ? fput+0x130/0x1a0 [ 270.784746] ? ksys_write+0x1a6/0x250 [ 270.788537] ? security_file_ioctl+0x94/0xc0 [ 270.792934] ksys_ioctl+0xa9/0xd0 [ 270.796378] __x64_sys_ioctl+0x73/0xb0 [ 270.800257] do_syscall_64+0x1b1/0x800 [ 270.804134] ? finish_task_switch+0x1ca/0x840 [ 270.808624] ? syscall_return_slowpath+0x5c0/0x5c0 [ 270.813541] ? syscall_return_slowpath+0x30f/0x5c0 [ 270.818491] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 270.823849] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 270.828681] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.833857] RIP: 0033:0x4559f9 [ 270.837033] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 270.856368] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 10:01:27 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) r6 = fcntl$getown(r2, 0x9) r7 = syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x3ff, 0x101000) ioctl$KVM_GET_EMULATED_CPUID(r7, 0xc008ae09, &(0x7f0000000800)=""/4096) timer_create(0x7, &(0x7f0000000040)={0x0, 0x35, 0x0, @tid=r6}, &(0x7f0000000180)) 10:01:27 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x3) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = open(&(0x7f0000000080)='./file0\x00', 0x2040, 0x3) fcntl$setlease(r1, 0x400, 0x1) getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f0000000040)={'NETMAP\x00'}, &(0x7f00000000c0)=0x1e) rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) ioctl$PERF_EVENT_IOC_REFRESH(r1, 0x2402, 0xbb) recvfrom$unix(r1, &(0x7f0000000140)=""/150, 0x96, 0x10000, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e) rt_sigtimedwait(&(0x7f00005a1000)={0xfffffffffffffffd}, &(0x7f0000d31ff0), &(0x7f00007adff0)={0x77359400}, 0x8) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) 10:01:27 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x36, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:27 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='stack\x00') preadv(r1, &(0x7f0000000440)=[{&(0x7f00000013c0)=""/4096}, {&(0x7f0000000140)=""/225}, {&(0x7f0000000280)=""/111}, {&(0x7f0000000300)=""/207}, {&(0x7f0000000400)=""/41}], 0x10000000000001b3, 0x0) 10:01:27 executing program 7: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x4, 0x4000) ioctl$KDENABIO(r1, 0x4b36) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) getpgid(r2) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000480)={0xaa, 0x80}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = creat(&(0x7f0000000180)='./control/file1\x00', 0x0) r4 = getpgid(0xffffffffffffffff) rt_sigqueueinfo(r4, 0x1a, &(0x7f0000000040)={0x32, 0x23, 0x4, 0x40}) write$sndseq(r3, &(0x7f0000000000), 0x378988c7) [ 270.864066] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 270.871320] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 270.878575] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 270.885829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 270.893082] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000002c 10:01:27 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x20100c000000000, [0x40000073, 0x1]}) 10:01:28 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0xe, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:28 executing program 5 (fault-call:5 fault-nth:45): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:28 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in=@multicast1, @in6=@ipv4={[], [], @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000000040)=0xe8) setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f0000000180)={r3, 0x1, 0x6}, 0x10) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:28 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1c9, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:28 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = fcntl$getown(r1, 0x9) sched_setattr(r2, &(0x7f0000000140)={0x30, 0x1, 0x0, 0x6, 0x2, 0x8, 0x1fa7, 0x5f1100}, 0x0) r3 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0xfffffffffffffffa, 0x1, 0x7, 0x7, 0x684b}, 0xc) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r4 = dup2(r0, r1) getsockopt$inet6_tcp_int(r4, 0x6, 0x14, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 10:01:28 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xa01000000000000, [0x40000073, 0x1]}) 10:01:28 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="295ed277a4200100360070") clock_getres(0x28830449895648d5, &(0x7f0000000140)) 10:01:28 executing program 7: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f00000000c0)=ANY=[@ANYBLOB="05000000000000000400000000000000ff030000000000000000000001000000a6e40000000000000600000000000000b5c201e33431efb76fdd337465d6413e3f4f59d7e308796a514fee9a9d20c5dec4f9da6aa8dfe4e6e077fc90322002b84f84f3144db9e4da1f77c1d237769f8eb5f08e8eddcc0dca617cf4af1d153933e62462c1b113e6372a5c45d1c3886e00f150caf6c1e3bb544973"]) socketpair(0x8000000000001e, 0x1, 0x0, &(0x7f000000dff8)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_SET_CAPACITY(r1, 0x4c07) r3 = fcntl$getown(r1, 0x9) r4 = getpid() kcmp$KCMP_EPOLL_TFD(r3, r4, 0x7, r1, &(0x7f0000000040)={r0, r2, 0x20}) 10:01:28 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x27, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 272.027753] FAULT_INJECTION: forcing a failure. [ 272.027753] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 272.039768] CPU: 0 PID: 15948 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 272.046701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.056058] Call Trace: [ 272.058681] dump_stack+0x1b9/0x294 [ 272.062317] ? dump_stack_print_info.cold.2+0x52/0x52 [ 272.067517] ? lock_downgrade+0x8e0/0x8e0 [ 272.071681] should_fail.cold.4+0xa/0x1a [ 272.075741] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 272.080832] ? rcu_report_qs_rnp+0x790/0x790 [ 272.085228] ? graph_lock+0x170/0x170 [ 272.089020] ? is_bpf_text_address+0xd7/0x170 [ 272.093511] ? find_held_lock+0x36/0x1c0 [ 272.097560] ? __lock_is_held+0xb5/0x140 [ 272.101625] ? check_same_owner+0x320/0x320 [ 272.105946] ? rcu_note_context_switch+0x710/0x710 [ 272.110873] ? __might_sleep+0x95/0x190 [ 272.114843] __alloc_pages_nodemask+0x34e/0xd70 [ 272.119507] ? lock_downgrade+0x8e0/0x8e0 [ 272.123663] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 272.128663] ? graph_lock+0x170/0x170 [ 272.132449] ? __lock_is_held+0xb5/0x140 [ 272.136494] ? rcu_report_qs_rnp+0x790/0x790 [ 272.140892] ? __lock_is_held+0xb5/0x140 [ 272.144944] ? sctp_make_heartbeat_ack+0x10/0x110 [ 272.149776] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 272.155301] alloc_pages_current+0x10c/0x210 [ 272.159696] __get_free_pages+0xf/0x40 [ 272.163833] mmu_topup_memory_caches+0x1f8/0x3a0 [ 272.168575] ? kvm_apic_has_interrupt+0xe1/0x210 [ 272.173329] kvm_mmu_load+0x21/0x10e0 [ 272.177127] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.182648] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.188171] vcpu_enter_guest+0x3a83/0x6060 [ 272.192482] ? print_usage_bug+0xc0/0xc0 [ 272.196546] ? kvm_set_msr_common+0x2680/0x2680 [ 272.201214] ? vmx_vcpu_load+0xada/0xfe0 [ 272.205271] ? __lock_acquire+0x7f5/0x5140 [ 272.209496] ? vmx_vcpu_reset+0x1030/0x1030 [ 272.213813] ? graph_lock+0x170/0x170 [ 272.217603] ? graph_lock+0x170/0x170 [ 272.221385] ? __lock_acquire+0x7f5/0x5140 [ 272.225617] ? debug_check_no_locks_freed+0x310/0x310 [ 272.230808] ? __lock_is_held+0xb5/0x140 [ 272.234865] ? lock_acquire+0x1dc/0x520 [ 272.238827] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 272.243841] ? lock_release+0xa10/0xa10 [ 272.247809] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 272.253073] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 272.257556] ? preempt_notifier_dec+0x20/0x20 [ 272.262050] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 272.266874] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 272.271876] kvm_vcpu_ioctl+0x79d/0x12e0 [ 272.275923] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 272.281620] ? graph_lock+0x170/0x170 [ 272.285413] ? find_held_lock+0x36/0x1c0 [ 272.289479] ? lock_downgrade+0x8e0/0x8e0 [ 272.293634] ? kasan_check_read+0x11/0x20 [ 272.297775] ? rcu_is_watching+0x85/0x140 [ 272.301907] ? rcu_report_qs_rnp+0x790/0x790 [ 272.306300] ? __fget+0x40c/0x650 [ 272.309746] ? match_held_lock+0x871/0x8b0 [ 272.313968] ? expand_files.part.8+0x9a0/0x9a0 [ 272.318543] ? kasan_check_write+0x14/0x20 [ 272.322766] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 272.327677] ? wait_for_completion+0x870/0x870 [ 272.332251] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 272.337431] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 272.343134] do_vfs_ioctl+0x1cf/0x16f0 [ 272.347028] ? ioctl_preallocate+0x2e0/0x2e0 [ 272.351436] ? fget_raw+0x20/0x20 [ 272.354890] ? __sb_end_write+0xac/0xe0 [ 272.358850] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 272.364368] ? fput+0x130/0x1a0 [ 272.367629] ? ksys_write+0x1a6/0x250 [ 272.371427] ? security_file_ioctl+0x94/0xc0 [ 272.375820] ksys_ioctl+0xa9/0xd0 [ 272.379270] __x64_sys_ioctl+0x73/0xb0 [ 272.383160] do_syscall_64+0x1b1/0x800 [ 272.387036] ? finish_task_switch+0x1ca/0x840 [ 272.391533] ? syscall_return_slowpath+0x5c0/0x5c0 [ 272.396444] ? syscall_return_slowpath+0x30f/0x5c0 [ 272.401357] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 272.406713] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 272.411557] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 272.416735] RIP: 0033:0x4559f9 [ 272.419910] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 272.439164] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 272.446869] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 272.454130] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 272.461386] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 272.468645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 10:01:29 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0xa, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:29 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000300)="29d7e1311f160577651070") r1 = socket$inet(0x2, 0x200000002, 0x88) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e21}, 0x10) r2 = accept4$ax25(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)=0x10, 0x800) accept4$ax25(r2, 0x0, &(0x7f00000011c0)=0xffffffffffffff17, 0x800) sendto$inet(r1, &(0x7f0000001200), 0x0, 0x0, &(0x7f0000000040)={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) r3 = add_key(&(0x7f0000001300)='pkcs7_test\x00', &(0x7f0000001340)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000001380)="8592e749ed6fd084634fe74ae52e5ecaca45e293ec673ca046b1f5fdc71d5738d554a0432dd9adc76707e5259b0f8aa82d35faa6dfbf9209cb96184c4e11b821a578a21583b8585517f7e3959d0ae7fddcbfcd8619371ec9379adab4ef82ac6f3f1105128f1d4e3388c1f50cac9867719a81a9ef83267cf15065f0c4a760b038640520156d7200a9fe09fee75f8e9b4b88af08224fe5f47523a3b27735d77fb6609066646a9f93407b686e401e487537f45d77c3916c7fb4393eab6a6ecce3736d71dc2bed031637663b3ba5d5faef8692e4832ea791bf3c0b68a071bb182a77ff2b2cb511a7bdea163fb702a57457b9bed7d988d3d5307cd8824f692e3739bb7e3bccdefbda9efba5aa38e3615d74e9f4bfc5ce6d4f3181974a8711a62aff21523846d3e4b75efe8301053e70ee9fff722f6cc5bf82b26163b94fad39a5ebcb4a6157a7d391e4820d4f3773a97bd40c6409259a1ace626bd5191426849cd36c15def6a4fb6c25cffc73106608321725c1c3c4637ab7597caf6a0cc35cbea343d73899b89fa78193e092e10b714236b6a37a16c39c538b72ba3fe092272aaa18fb18f27982b6d94033fd198c81b48e6938c799ffd7cf6551160973678b09a3e81a633ccf17e0551ac18f4e4a08cd024b858ad8cbfd2ed80b100828610269ddf69b8cfa31541d2bd1c4bfe23ce65315eb2b339150f51180421f219612de0fe67afbe34b4659249e35c4527c3f8b3f689623f467cf11fe0fea7edca2005f8219172ee316fdb5c65220b7b7b5b1a18109666f4450132726eeb9cfa62e7c05f88c741fab7f4de1eda150d6ad70c515bdad870a736ca4b8f26b81f08f34a038745a5a9e4c521309ea52c6bbbc63f955e3669db2f872e30c380c6b80f171d7835f6aed7a6106f13c287fc1839590a7d2e667d079d1df787832b04c29f9de301d2964dc2e468f997bf4a8a26a9ed47d9d0e2787d8c99e0bb0a07f10db0eb2080e2d23cd7a3dd9281d2502ed120b161f00f27a3e6ac453c0f694d1a57fb154f6abb9066650a59f463dfed7d7150fef87f09eb465a5a3ae4a1749924e75773717146609757c9198fbef8951fbab8e61b55a5347dad873a6dcb3d8d9d7736fbcea0b6eb3d607001f54d328357625ba8278fb4f08abfbb212be8e75025e89582970cacbf809919cf962bbe51105f987a8d4f05cb14a4bf8335323116a7ad226169ffd4f782cc3d752687f57ed102b297396fdac5d4f1a641abf633b6cea1042ce0a245405b9d6f8cc569b6a36906d8630e1c6235edd1ce626c674ee89e27bd242c94dbeb2b131d179b30a5cb4be9c606d87abf236c8e554e0aa68dd607ebc7fc4591a707a3d66cf6d9978d66f7c84eb74ba3b2653e4913fa154e076a2b2581ece73dea3365277037cf3687727b23861bdc538e16fa9e066683c99c8719116f5a116b29ab6b07d981d3000f08ac64c8e03b9cca2cf413d159170cb54da67051ef5edbffe3c613e1543bebc08f39a67c2bac5b70db93860e0cb1d83ab33467e4d1b84e1d845a438f6e467dbba46c71e6b950fc4dfb7243d23ecee733b2730278f9987e3d7d7ad2d973f8c77c1472ecc4e65a1de65e59c202aa664668e416cecce2ad21816c38c323162d085b65c24a1c5f46f8b2dba74fd270cf37d892405369c0335da52987e889c3408b4163f6090ec985886fb46bc249e7532a575dea54dd101a5fc064dd5153767ea95bba31b3b20791a3d800e2c36d8b279d18441f06df5c3f81aa513ce469730de7c5f382547e8c6a1594573b023567cf42518c450ab1691dbef9dbe9def7000e431426adb2feb733e24da228f791ca4ced1800165d4fe9712e7ef6f4a7f163eae95ce42ec721c3ef6e03a3da72591d639528eae734cbbb8657ebd740ade0026081b5a8349556dd50c22963eeb48e640fcb06e09bb3f5583a975cd5533b5d51edb77c437d2bf8845f4da2ab2af21d474f2645199ba9d89397010923bed9c407f798c9b0466266e46252121c2bf3e44eff0458814e57cca36be3b84374c11f689c7d88f8f1d8cdf70f3928c9ce477bbef571a1e901286a68b95a7ff2809947606f48993860acec067fe515a5567392ff7cb2501a5b45e092b9d6e4239e525022f4ee30815ae769ed7891c788330b46d5ea5cd0642b3f88ab1145f0cf6a5819d0a8651dad660b1199e3dcd2565a3f2cf1a69c292c1265af4448daf9f17885ee6b51ca441fc855148b9d2383bd40089206b1e2537809b0b418f1d99178cb4aba2843eb07940e6d40981f147ee675571473dc0d18cec9a3ff78387a6d946bc83651640ec3b34554a420f504c450f92484645e930512c3df1b57604f3178bf0c4649331fb58ec007c584ef17ec9ca9bcd675d0225bfe183b442f327fe67c5fab523accbab8c50325112dafa9ef2a8746ffde4fd0300bfb6ad266653cb6939ca7cb6476719614c5d61ec486afb8c9b48343ada6c83caff72d8f993801515e688989b007d81812547795279b6cb29b7360c31f5add7080e4c4a79d4b1dbb5f70bcce97612bb0c67d29f91e2380fa5c91b44f7cfb0fc307f2431b2bf9a441afb7bdb59baaf2466aefc46d30e810ebecc4d61105f87a1e5316a7b1441d3784c091b98bafee87e5d5dc883d1e3e9620dc7b00b2797aa5774caecfd66e5708e058b56c5722b6f033c681c85b236a861c868c0d82833e8c0eea10953e255f63fbb908fa986f5dbb7723e9f5930ab563e30beb1829a9de6c0a9cb38bb34bdccaff2d4a89cf470795da90937f0894e15bd3d520de1f51f5d3ab4488f88d5bc50c8f3255e4a8ed85cc13bd37f3ff21a417d7d185a9ff1a9acb9b31ceae69a5d59fc36793789b3b46608873126e11f1fb5a2d8d425cd888c46059567a212b011b53b0276c82d95f9ce3c66259a2bba6d663d789a6ec7bc4190304c1eee792b26893737af5d914beb5843823a4ee599b010f49a8234aad324e0b1ca1a0c0671707dc447a3f150905e4390b794a808529e5d4cfb7cbe88f65fcbefc011565234e543f559b3484d15aee8842ed57b069ba4b296f4a97d26e0dbee01c463c211ca40e5487951c6a78e44d829bc74f3520db48e3214bc19af14a51a13380d49e0e94d446dcae4695307d94d600190a0423d2505ba164745efd9b542064a43482e7411f5ef04f9d673f7350c986e0992d298250896d8856ea5907808adee78c434b5f70d58096eddbf3222a404a5b39842348cdb23c6d2479fe6b6da26ea0be668d5471e1d67d28948795337d256c8b9b5ecaaafa7e477e5c51192fccefc1dd2c1920d39d0774316240f235af27da97fdac2952116d280e3986cb86e2343f513477919c626db221bd0ab50a662d711945f80283ca77b7eaf23453e364b9e03df22dc047913430749a7fe091bd85693b0e7356df5e9bf74f73f1dc6aa180352062dc535e8cd916f85d7e090ff55afc1aa96204c4ea314c7b2d70715e6bd5b26ef0893e02dda3b3055d4aefc23777000911ac4d3af52347bef91eab130c22aed8d0727aeb40b466c0db71b48b87e6e66c9fa641d73be57c4d1fea7dff5fa3a785d75278e65c426672ef49a6c307beb8dd2f5df0b353d17baf0785c19e24dd0de6fcd00013bcef76f6e3b106013832f21fb6fb7eb045b7075b47e68d68dec1be5518f713d73a3cd43c2739d6e5437a17b5cc5dbd48bb7e9d1e207cdbcdc0e0e67901a381b91588f0a09974cd2c0f65469d632662ebb9efa01f0a35df1563cca7a23447035643e1e44ab451c147a9d71392f99904341f2adb2cf06e88f3a67f6450cdc0dbfa42d981c05432b76092c5351379fded62a824fc61a58fcc141c96fbcc81c079e109546061743364aa69d52042f42a6f12c2857fab84c347aebe489c753c60007c909057dc9053fd3365e97a5f428abda44a8b4c492ed9209497de23178943b4965ed0f1e6b5f437f09b26f2dca6a29b5c17a8140174399b57f6888346dbc4224780021800df851aa79e4de7021adf306bc51153c5e48f152665ec6774f6f81acda095446e9abb4746ffcf5adb7e9b479d34b293be852eba61b42b066af11bce82c9425c791152a72c182c2a6aac5a6133e582bd7aaf04e26f9aa013ad2ac79844c2371834a69f795c4ac05832f10ef20dd49b60309bdd718e376ba44fac1a7c914b935c3d6de294381b7117620ce712fd577ad7cb472fb9a994d216699b0b9a4fc06a56b97c5a8a22319db041b494543468c14f6295d816c9644a031260c471f047030a0a2b7554f5242773aae8933f5f0887dfdbde6cbe9eb39b09ed2ba5e94a7d617399c737e925ef93f8cc799e089ed79b4c1f572752a3d64d95e355e4b578ffdaad614c540bd2df0691a4f328ff276ad7b1111f8a9816da3d26b78495ba71102be23f47a90aad1d5c59072b38cf46b32cd2645908ba96faa755323df781a3df9b3583083be1c2107d0825b8f1cf226434e163fed2e0dc091613173abc7e1e135c79a13ba5161a929ccfdaa8a977edfbc992502b2408581df915612a04d63c3aa8c7877a72b2c5084f21609d5953381fd8b17cba49a0652901ea19058ea03886582b7140144bb90eeb7f899ffdf7542f607950ff4b7fedeee93ff498b7ea98264d0c03b4572fb0a087dd0cbb74f8912b122ffa68b478fb649878416bc48d82288a48340e85cd5153f8be83eb0908917f79d31919835bf5cceb508a8ce37f11f347fcc042bbd1bc78f6808a1dc4f777fe6f7632249402ba1b6b7bde04f3958fb7c2a451751cbe0df0448c69423239f50c5c751118784da27b3063d24adfdf2e17b503985890f955cded73fbe4d953a94be39ca9bca383e84aa3b3e3e9eb394f348c45c0e9097a7f19e0282de67b18333f77226e2040cb7c070a01b6d2c377288340382d1b626af82778d4940c71a20afece674cb634d476f00eba228c6bec2c7a6c41c2cf5175b891437c967366b285cb33d2ca862283e66922989a413842b98b37a51ff06897cabe471c30f38ac5cf23868da7d135e5572c54c7892728164424775f9ded0cec946c8bfa75387ec1e50d00559f53b82f52237a52499f7548d8fbc6334f73a3b59d937d2d051ed127e7e342aa82a8698546068c08f14e9fc53e8b087991a7898926e18f06646134429e07879e72be23ab71990a31b80f2b8cb7667ff63c58f19e2d4673fced60537eb6c963c45acfbb34cf9353d0d9d09a425373e954e90db87652feec48a70cd902a426f59d654b811054ac3097acb3a0ec286f21a66a073aede8d850113cffa21a2a4565a48135c609659f7cab029b9e1571a624517f88a7f6f4e3f83473144b8e40616bd04095a03d7edea46ab742e184d5e234d50e6f9c3d167328fd3143c9264e732d97c043f8c0a5c3d3a84635d9c70067eb1df82a93faeda64dc564d27a50261cd5f409e78d72159656a50003d8b7484d288195b3af713e4d92f3f24796d978497527229af391a476d361b5cd09795e24ff465ee9c81a25cde388b4764720e050ab02e2462084fdcf69c06228eeb67b285fcbad088b850f6a579e1cc117ccfc3139990fcfa4f75b1896fe89d0ef7571feb6341716a177bdc623ddfe9ed81240c2ea1b897d007291ce6aba4d9a9268ba76cb470272098f109938a9d9eefd95e884d432cee244dd69193c226c1cdec031df48fe0d222f1bc74313689fdbef37516542ce0e130c80319897dc1e5e5d9ab2dcb72cc94a102f475f06c251226b14c44d04a2f54f3b18342084efc004bae1a98ebb5aa322bef0e81e9867b4c7d7e4b5dedf37c42d0f0aeafc507041c0cea6da926e98b36", 0x1000, 0xffffffffffffffff) keyctl$clear(0x7, r3) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0x669, 0xb744}, &(0x7f0000001180)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000001200)={r4, 0x99, "7265c6bdd68e0af84bea5b73e26fdf57544ee89b0c55109f9e5e3667111c67eed241d4f5d9a1ed265c93e20615f915ae26769a1188b4799b7498fcc1b33466233fffd884340a575adb6972224125746dd151c8044879f9ef2111305c68752b023302344b8336f8c77b20bca345ef5737e75802ef361f6b2a8fdadf664df118cd5342365ad0222d77c6879dd420384fe11c2e1f9e754ab77667"}, &(0x7f00000012c0)=0xa1) recvmmsg(r1, &(0x7f0000001140)=[{{&(0x7f0000002d40)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000140)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000003ec0)) 10:01:29 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 272.475902] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000002d 10:01:29 executing program 5 (fault-call:5 fault-nth:46): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 272.790440] FAULT_INJECTION: forcing a failure. [ 272.790440] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 272.802418] CPU: 0 PID: 15983 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 272.809347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.818694] Call Trace: [ 272.821287] dump_stack+0x1b9/0x294 [ 272.824924] ? dump_stack_print_info.cold.2+0x52/0x52 [ 272.830127] ? lock_downgrade+0x8e0/0x8e0 [ 272.834278] should_fail.cold.4+0xa/0x1a [ 272.838327] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 272.843414] ? rcu_report_qs_rnp+0x790/0x790 [ 272.847804] ? graph_lock+0x170/0x170 [ 272.851590] ? is_bpf_text_address+0xd7/0x170 [ 272.856072] ? find_held_lock+0x36/0x1c0 [ 272.860134] ? __lock_is_held+0xb5/0x140 [ 272.864194] ? check_same_owner+0x320/0x320 [ 272.868502] ? rcu_note_context_switch+0x710/0x710 [ 272.873415] ? __might_sleep+0x95/0x190 [ 272.877379] __alloc_pages_nodemask+0x34e/0xd70 [ 272.882042] ? lock_downgrade+0x8e0/0x8e0 [ 272.886187] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 272.891188] ? graph_lock+0x170/0x170 [ 272.894971] ? __lock_is_held+0xb5/0x140 [ 272.899024] ? rcu_report_qs_rnp+0x790/0x790 [ 272.903446] ? __lock_is_held+0xb5/0x140 [ 272.907498] ? sctp_make_heartbeat_ack+0x10/0x110 [ 272.912334] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 272.917886] alloc_pages_current+0x10c/0x210 [ 272.922283] __get_free_pages+0xf/0x40 [ 272.926158] mmu_topup_memory_caches+0x1f8/0x3a0 [ 272.930899] ? kvm_apic_has_interrupt+0xe1/0x210 [ 272.935641] kvm_mmu_load+0x21/0x10e0 [ 272.939437] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.944975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.950519] vcpu_enter_guest+0x3a83/0x6060 [ 272.954829] ? print_usage_bug+0xc0/0xc0 [ 272.958874] ? kvm_set_msr_common+0x2680/0x2680 [ 272.963532] ? vmx_vcpu_load+0xada/0xfe0 [ 272.967586] ? __lock_acquire+0x7f5/0x5140 [ 272.971800] ? vmx_vcpu_reset+0x1030/0x1030 [ 272.976190] ? graph_lock+0x170/0x170 [ 272.979972] ? graph_lock+0x170/0x170 [ 272.983764] ? __lock_acquire+0x7f5/0x5140 [ 272.987981] ? debug_check_no_locks_freed+0x310/0x310 [ 272.993158] ? __lock_is_held+0xb5/0x140 [ 272.997203] ? lock_acquire+0x1dc/0x520 [ 273.001171] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 273.006172] ? lock_release+0xa10/0xa10 [ 273.010131] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 273.015388] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 273.019875] ? preempt_notifier_dec+0x20/0x20 [ 273.024355] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 273.029180] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 273.034184] kvm_vcpu_ioctl+0x79d/0x12e0 [ 273.038228] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 273.043923] ? graph_lock+0x170/0x170 [ 273.047705] ? find_held_lock+0x36/0x1c0 [ 273.051753] ? lock_downgrade+0x8e0/0x8e0 [ 273.055885] ? kasan_check_read+0x11/0x20 [ 273.060034] ? rcu_is_watching+0x85/0x140 [ 273.064171] ? rcu_report_qs_rnp+0x790/0x790 [ 273.068566] ? __fget+0x40c/0x650 [ 273.072001] ? match_held_lock+0x871/0x8b0 [ 273.076227] ? expand_files.part.8+0x9a0/0x9a0 [ 273.080788] ? kasan_check_write+0x14/0x20 [ 273.085008] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 273.089927] ? wait_for_completion+0x870/0x870 [ 273.094494] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 273.099668] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 273.105361] do_vfs_ioctl+0x1cf/0x16f0 [ 273.109234] ? ioctl_preallocate+0x2e0/0x2e0 [ 273.113623] ? fget_raw+0x20/0x20 [ 273.117066] ? __sb_end_write+0xac/0xe0 [ 273.121039] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 273.126563] ? fput+0x130/0x1a0 [ 273.129824] ? ksys_write+0x1a6/0x250 [ 273.133611] ? security_file_ioctl+0x94/0xc0 [ 273.138004] ksys_ioctl+0xa9/0xd0 [ 273.141450] __x64_sys_ioctl+0x73/0xb0 [ 273.145328] do_syscall_64+0x1b1/0x800 [ 273.149208] ? syscall_return_slowpath+0x5c0/0x5c0 [ 273.154122] ? syscall_return_slowpath+0x30f/0x5c0 [ 273.159048] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 273.164399] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 273.169241] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.174420] RIP: 0033:0x4559f9 10:01:29 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1a0, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:29 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x2000000, [0x40000073, 0x1]}) 10:01:29 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) r1 = dup2(r0, r0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0xfffffffffffffffd, 0x31, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000000)={'syzkaller0\x00', 0x3}) r2 = dup2(r1, r1) getsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 10:01:29 executing program 7: ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000000)=0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='io.stat\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000140), &(0x7f0000000180)=0xb) sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x10001) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000200)=@assoc_value, &(0x7f0000000240)=0x8) ioctl$UFFDIO_COPY(r2, 0x406855c9, &(0x7f0000000080)={&(0x7f0000ffd000/0x2000)=nil, 0x2000}) connect$nfc_raw(r2, &(0x7f00000000c0)={0x27, 0x0, 0x1, 0x7}, 0x10) 10:01:29 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, r0) 10:01:29 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x100000000000e000, 0x1, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb64c86d6b66732e66617400020441000500077008f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000180)='./file0/file0\x00', 0x3fffa, 0x0) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'vlan0\x00', 0x61}) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)) 10:01:29 executing program 5 (fault-call:5 fault-nth:47): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:29 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0xc, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 273.177601] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 273.196775] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.204463] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 273.211724] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 273.218978] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 273.226228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 273.233477] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000002e 10:01:30 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x76010000, [0x40000073, 0x1]}) 10:01:30 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x102d}, 0x2c) fremovexattr(r0, &(0x7f00000001c0)=@known='system.sockprotoname\x00') r1 = bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0xd, 0xe, &(0x7f0000000140)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x40}, @generic={0x7, 0x9, 0x6, 0x1800}, @jmp={0x5, 0x80, 0x8, 0x4, 0xf, 0x13c}, @jmp={0x5, 0x5, 0x0, 0xa, 0x8, 0x20, 0x8}, @jmp={0x5, 0x643, 0xa, 0x7, 0x3, 0xfffffffe, 0xfffffffffffffff0}, @alu={0x7, 0x1400, 0x0, 0x3, 0x9, 0xffffffff, 0xffffffffffffffff}, @generic={0x8000, 0x80000000, 0x5, 0x1}], &(0x7f0000f6bffb)='GPL\x00', 0x1, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000000)={{{@in6=@ipv4={[], [], @local}, @in6=@dev}}, {{@in6}, 0x0, @in=@local}}, &(0x7f0000000100)=0xe8) [ 273.569446] FAULT_INJECTION: forcing a failure. [ 273.569446] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 273.581383] CPU: 1 PID: 16012 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 273.588308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.597649] Call Trace: [ 273.600233] dump_stack+0x1b9/0x294 [ 273.603856] ? dump_stack_print_info.cold.2+0x52/0x52 [ 273.609042] should_fail.cold.4+0xa/0x1a [ 273.613091] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 273.618180] ? rcu_report_qs_rnp+0x790/0x790 [ 273.622574] ? graph_lock+0x170/0x170 [ 273.626365] ? find_held_lock+0x36/0x1c0 [ 273.630416] ? __lock_is_held+0xb5/0x140 [ 273.634472] ? check_same_owner+0x320/0x320 [ 273.638779] ? rcu_note_context_switch+0x710/0x710 [ 273.643696] ? __might_sleep+0x95/0x190 [ 273.647658] __alloc_pages_nodemask+0x34e/0xd70 [ 273.652313] ? lock_downgrade+0x8e0/0x8e0 [ 273.656449] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 273.661454] ? graph_lock+0x170/0x170 [ 273.665239] ? __lock_is_held+0xb5/0x140 [ 273.669285] ? rcu_report_qs_rnp+0x790/0x790 [ 273.673685] ? __lock_is_held+0xb5/0x140 [ 273.677730] ? sctp_make_heartbeat_ack+0x10/0x110 [ 273.682564] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 273.688092] alloc_pages_current+0x10c/0x210 [ 273.692488] __get_free_pages+0xf/0x40 [ 273.696364] mmu_topup_memory_caches+0x1f8/0x3a0 [ 273.701107] ? kvm_apic_has_interrupt+0xe1/0x210 [ 273.705850] kvm_mmu_load+0x21/0x10e0 [ 273.709638] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 273.715161] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 273.720690] vcpu_enter_guest+0x3a83/0x6060 [ 273.725010] ? kvm_set_msr_common+0x2680/0x2680 [ 273.729678] ? perf_trace_lock+0x900/0x900 [ 273.733899] ? __lock_acquire+0x7f5/0x5140 [ 273.738119] ? vmx_vcpu_reset+0x1030/0x1030 [ 273.742424] ? graph_lock+0x170/0x170 [ 273.746210] ? graph_lock+0x170/0x170 [ 273.749993] ? __lock_acquire+0x7f5/0x5140 [ 273.754223] ? perf_trace_lock_acquire+0xe3/0x980 [ 273.759054] ? __lock_is_held+0xb5/0x140 [ 273.763101] ? lock_acquire+0x1dc/0x520 [ 273.767067] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 273.772072] ? lock_release+0xa10/0xa10 [ 273.776037] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 273.781297] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 273.785774] ? preempt_notifier_dec+0x20/0x20 [ 273.790261] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 273.795088] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 273.800096] kvm_vcpu_ioctl+0x79d/0x12e0 [ 273.804147] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 273.809842] ? graph_lock+0x170/0x170 [ 273.813632] ? find_held_lock+0x36/0x1c0 [ 273.817688] ? lock_downgrade+0x8e0/0x8e0 [ 273.821824] ? kasan_check_read+0x11/0x20 [ 273.825956] ? rcu_is_watching+0x85/0x140 [ 273.830093] ? rcu_report_qs_rnp+0x790/0x790 [ 273.834493] ? __fget+0x40c/0x650 [ 273.837936] ? match_held_lock+0x871/0x8b0 [ 273.842159] ? expand_files.part.8+0x9a0/0x9a0 [ 273.846735] ? kasan_check_write+0x14/0x20 [ 273.850959] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 273.855879] ? wait_for_completion+0x870/0x870 [ 273.860447] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 273.865621] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 273.871315] do_vfs_ioctl+0x1cf/0x16f0 [ 273.875194] ? ioctl_preallocate+0x2e0/0x2e0 [ 273.879586] ? fget_raw+0x20/0x20 [ 273.883029] ? __sb_end_write+0xac/0xe0 [ 273.886995] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 273.892517] ? fput+0x130/0x1a0 [ 273.895782] ? ksys_write+0x1a6/0x250 [ 273.899570] ? security_file_ioctl+0x94/0xc0 [ 273.903964] ksys_ioctl+0xa9/0xd0 [ 273.907408] __x64_sys_ioctl+0x73/0xb0 [ 273.911282] do_syscall_64+0x1b1/0x800 [ 273.915153] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 273.919983] ? syscall_return_slowpath+0x5c0/0x5c0 [ 273.924897] ? syscall_return_slowpath+0x30f/0x5c0 [ 273.929813] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 273.935168] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 273.939998] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.945178] RIP: 0033:0x4559f9 [ 273.948348] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:01:30 executing program 7: getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0), &(0x7f0000000200)=0x8) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x1}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000028000)={r0, &(0x7f0000000040), &(0x7f0000000080)="f252c8e54169d493c8bc30306375410c4df1b81ed207032054df5361d8b282adae0a9056bb50c687b109bb0707213dd162992bf9b858995a3a3cdc856febf2b23fd492a1e42ab4aca3bdbb6996f7f2de14ed8f76101b1a86a1c784a6a64cb87f6a385f20e9373f5f37eba203d13e08441b1df721ed5270f333c80793c149054c9ab0352dd599ada204eb06c13f3eed320d3848d4f1f183"}, 0x20) [ 273.967605] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.975302] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 273.982554] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 273.989805] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 273.997446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 274.004698] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000002f 10:01:30 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x136, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:30 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) keyctl$dh_compute(0x17, &(0x7f0000000000)={0x0, 0x0, r3}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:30 executing program 4: syz_emit_ethernet(0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="2b000000000005000000000000002382dd3e5c3b025c4048c31d18504c8c3281430af8736dfdb986405b74bae554d126451b2af8d0bc18f8e1bbeacff36770bdc4a82c61ba0482f3bc682445c70ee47aab12eb1c47f676ab98e260339ec03f29d07c406db28f2abeaa8c68c115dd58792f3874555d2449a3e2ac040a88d572332021b50a1dc03a7b1ef3b7670b3c8b81800c8c997c67169549ca69e951ff94901b263ee711c24a9fcc2dc5ec031bc23013a02985f4fe33dbf3446f931caefac3b919b84d9d4e42597b3f5f9a90fddc2687e909810baf4df91c1e86aa184c0fb04f"], &(0x7f0000000000)) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x14d) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000100), &(0x7f0000000140)=0x4) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x7, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, &(0x7f0000000080), &(0x7f00000000c0)=0x30) 10:01:30 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000300)="29d7e1311f160577651070") r1 = memfd_create(&(0x7f0000000580)='dev ', 0x3) write(r1, &(0x7f0000000040)="16", 0x1) sendfile(r1, r1, &(0x7f0000001000), 0xffff) fcntl$addseals(r1, 0x409, 0x8) pwrite64(r1, &(0x7f00000001c0), 0x0, 0x0) ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000080)={0x0, 0xcd55, 0x3223, 0x2, 0x12, 0x87}) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000000140), &(0x7f0000000180)) ioctl$sock_inet_SIOCDELRT(r1, 0x890c, &(0x7f0000000240)={0x1000, {0x2, 0x4e22}, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, {0x2, 0x4e24, @multicast1=0xe0000001}, 0x80, 0x2, 0x0, 0x3, 0x4, &(0x7f00000000c0)='bond_slave_0\x00', 0x7fff, 0xe6e, 0x101}) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000180)="841eb6c342283198e6d8484be9d0488f39b3b7faf17160890f438e631a78ff4272ab74344b2a261ae4df418c499f26438e20de9b238f3ed65edab497980505ccc17165f4ee71b5d4957bd50a4314bf0f55d4d99618d2f90567ffeb15db33379bf5e6cb708acc36d3b1e0e7b7c5c7d67cf4198a415f77d1c60861fda3459512bc560d8148ad6c52127cbdc707", 0x8c) 10:01:32 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x13, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:32 executing program 5 (fault-call:5 fault-nth:48): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:32 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xb0000040, [0x40000073, 0x1]}) 10:01:32 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e24}, 0x1c) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_ifreq(r1, 0x8930, &(0x7f0000000040)={'syz_tun\x00', @ifru_mtu=0x1b69}) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x1c) sendto$inet6(r2, &(0x7f0000000040), 0x113, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r3 = fcntl$dupfd(r0, 0x406, r0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r3, 0xc0bc5351, &(0x7f0000000080)={0x80, 0x0, 'client0\x00', 0xffffffff80000007, "ed6762b5b6dcee8c", "a3df99714004519b95e39fb6916d446ec57fb0832a49ad1b551c2839b63af346", 0x100, 0x2}) 10:01:32 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x3, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:32 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = dup3(r2, r2, 0x80000) ioctl$DRM_IOCTL_AUTH_MAGIC(r3, 0x40046411, &(0x7f0000000040)=0x10001) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) clock_gettime(0x1, &(0x7f0000000180)) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:32 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) readv(r1, &(0x7f0000000080)=[{&(0x7f0000000300)=""/208, 0xd0}], 0x1) ioctl$TCSETSW(r1, 0x5403, &(0x7f0000002000)={0x0, 0x0, 0x0, 0xffffffff}) write(r0, &(0x7f0000c34fff), 0xffffff0b) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x7ffd, 0x0) ioctl$EVIOCRMFF(r2, 0x40044581, &(0x7f0000000040)=0x6) 10:01:32 executing program 4: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x80) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x6, 0x0, 0x1, 0x9}) ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f00000000c0)={r1, 0x80}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x2, 0x0) write$binfmt_script(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="2321202e2f66686c6530202f6465762f70746d7800202f6465762f70746d780020776c616e3073656c662d747275a2e36564657468312d2c9476626f786e657431656d312b287e626f786e6574315d62646576276d696d655f747970657573657220202f6465762f70746d7800202c2a776c616e30766d2d240ac3b98b13"], 0x7e) ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b9fdc)) r3 = syz_open_pts(r2, 0x0) ioctl$TCSETSF(r3, 0x5412, &(0x7f0000000000)) 10:01:32 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1df, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:32 executing program 4: r0 = socket$inet(0x2, 0x200000002, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) syz_emit_ethernet(0x2a, &(0x7f00003f3fd5)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004500001c000000000011907800000000e07800000000000000000000"], 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x22000, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x8001, 0x30}, &(0x7f0000000140)=0xc) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000180)={r2, 0x80000001}, 0x8) ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f00000000c0)={0x4, 0x400, 0xfffffffffffffffd, 0x3, 0x8, 0xfffffffffffffffd}) 10:01:32 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="a60fc9"]) r2 = open(&(0x7f0000000000)='./file0\x00', 0x620800, 0x2) ioctl$KVM_S390_VCPU_FAULT(r2, 0x4008ae52, &(0x7f0000000040)=0x8) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 275.517634] FAULT_INJECTION: forcing a failure. [ 275.517634] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 275.529587] CPU: 1 PID: 16068 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 275.536513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.545865] Call Trace: [ 275.548458] dump_stack+0x1b9/0x294 [ 275.552098] ? dump_stack_print_info.cold.2+0x52/0x52 [ 275.557294] ? lock_downgrade+0x8e0/0x8e0 [ 275.561444] should_fail.cold.4+0xa/0x1a 10:01:32 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = accept$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, @rand_addr}, &(0x7f0000000180)=0x10) ioctl$sock_inet_tcp_SIOCATMARK(r2, 0x8905, &(0x7f00000001c0)) r3 = socket$inet6(0xa, 0x1, 0x2) ioctl(r3, 0x4000008916, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340)=@sack_info={0x0}, &(0x7f0000000380)=0xc) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000580)='/dev/autofs\x00', 0x40, 0x0) ioctl$SIOCGIFMTU(r5, 0x8921, &(0x7f0000000600)) r6 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000800)={"ef3fccdf4702e6bad4b380855ad317103931bf72df5ee1c0c054ba73b34d8274748fb108c061db84c4286f479328239d3fb6c4715ced5b3eba140267ee7c1cb7e4e0cdc1dbe5ada88ec23167dfb3e4fcd16d41def166cc4e543380914819c9a558c833c016282612370f21351b59d8078dcebe145aac35a0de9edb6642d7a91e7b5cb0990e0fcb9328303653ceaa73602075a816a45445a4a52f3a09ece23cdd985e749d3ee23f52ee263ff9135d6ccad866490266b34efada1ae5413d13638f83d24bbd2946dc7572d8979a0791cc5e20f7df20665246c13aa3a78581bfbe5b0eaec299395e2789087f908d65ac0d556fae237c26947d1bb062d2698a84333492d2952806f655479c5970ab35dc05d1c94735aba6b72978edaefa20ac3241c303de7e69d7bd69d90996f3f5a845441690c84b1975810f6da20b390f717bab15f549fb8496b0e3000c531f3d52f303262cad22d180bd6e4c5027d4710a73397f800e0173119d914540e9d1d1d2f81bbd21b68b21f8ec615e0ed86ff90e6deb44b4666f5bf80c210e3e7ad0db5c0fc7dab8c88671854cb33f6083a8d8abf681eebf0e4880089db6ed9ff638d2d903121bc34ad11d6d415df875e07f333164796643ec244b6900458fd98e6f369e44e55224a01de701ceba45c6cc218083efa641943d53ef9181a557aa737a938a6cdc383d50027900c162087faaf731953898ecc5f0923e2eee9474c5ac5d2b3e2804142502ff2e6dcb994d6ec882f8db8cf340f8cab2ce27491bc4d0a5d11d2844d73f377b3c74d2d84b726c131fa49f6ecc99bc13d146800598884b3d33facc408abd27fa6f12e8aff4e18f55b9797ececaf365f88d6ad467784300d1ac2e45228372b14080e1d1f25d5299fa5c841f546c904dd3bf4b83d47126877d200221320b2afa79d8cb49534bdb2341e2be5879c6abba8589625732f5410291eb878b8ff2525c00ec39e6d4eb0a21208881eca2a86be4f70ae7469354950897169a8c096c063501017ff89fa0232eb5f4b10e476360aed4392bf7cd62e275fd1fef2bf650c6b73c54f744d7254a86e57d6676c6497496b2ee405b3f13512ebea40a8e010370530ff3f9f17ce96f8fabee9a3ea2b787e771c028754a410b2606638989a8ea1337d7ea18206d0b5667782b52dde7a0e6edf91576d3fa6253f1fca08451acc43b47df8ff8dafd2049eb1ea7be7eff751d8fbd2375093ef6913a0001ee5584a0943a9ba43422fddf65f1fbf2586086e5875130aa579e3bcc67e88cef05c9636bfd5898ec35cd93411331c08c927ecd480074f5fd6e7c2c54572f437e35b25b9ff259dc560a20c57f4568d603f5fac40f73615d73fed7781a2bf4f2f25b79075fca22701903d4a7f2626d78912508774d216da45df98c19addf9eff9151c0d6221b293546bf78aa0cc2661dd5cbe5ade50f"}) r7 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) socketpair(0x5, 0x1, 0x1, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCGWINSZ(r9, 0x5413, &(0x7f0000000280)) r10 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r6) getpeername$packet(r8, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000300)=0x14) setsockopt$inet6_IPV6_PKTINFO(r3, 0x29, 0x32, &(0x7f0000000400)={@dev={0xfe, 0x80, [], 0x1c}, r11}, 0x14) keyctl$dh_compute(0x17, &(0x7f0000000000)={r10, r10, r7}, &(0x7f0000000740)=""/132, 0x84, 0x0) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r9, 0x84, 0x13, &(0x7f0000000480)={r4, 0x81}, &(0x7f0000000540)=0x8) [ 275.565506] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 275.570615] ? rcu_report_qs_rnp+0x790/0x790 [ 275.575032] ? graph_lock+0x170/0x170 [ 275.578842] ? is_bpf_text_address+0xd7/0x170 [ 275.583339] ? find_held_lock+0x36/0x1c0 [ 275.587406] ? __lock_is_held+0xb5/0x140 [ 275.591470] ? check_same_owner+0x320/0x320 [ 275.595789] ? rcu_note_context_switch+0x710/0x710 [ 275.600724] ? __might_sleep+0x95/0x190 [ 275.604705] __alloc_pages_nodemask+0x34e/0xd70 [ 275.609379] ? lock_downgrade+0x8e0/0x8e0 [ 275.613515] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 275.618519] ? graph_lock+0x170/0x170 [ 275.622310] ? __lock_is_held+0xb5/0x140 [ 275.626372] ? rcu_report_qs_rnp+0x790/0x790 [ 275.630783] ? __lock_is_held+0xb5/0x140 [ 275.634850] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 275.640389] alloc_pages_current+0x10c/0x210 [ 275.644818] __get_free_pages+0xf/0x40 [ 275.648722] mmu_topup_memory_caches+0x1f8/0x3a0 [ 275.653497] ? kvm_apic_has_interrupt+0xe1/0x210 [ 275.658263] kvm_mmu_load+0x21/0x10e0 [ 275.662070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.667619] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.673166] vcpu_enter_guest+0x3a83/0x6060 [ 275.677500] ? print_usage_bug+0xc0/0xc0 [ 275.681568] ? kvm_set_msr_common+0x2680/0x2680 [ 275.686243] ? vmx_vcpu_load+0xada/0xfe0 [ 275.690315] ? __lock_acquire+0x7f5/0x5140 [ 275.694553] ? vmx_vcpu_reset+0x1030/0x1030 [ 275.698878] ? graph_lock+0x170/0x170 [ 275.702686] ? graph_lock+0x170/0x170 [ 275.706492] ? __lock_acquire+0x7f5/0x5140 [ 275.710736] ? debug_check_no_locks_freed+0x310/0x310 10:01:32 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x5, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:32 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x20100c0, [0x40000073, 0x1]}) [ 275.715938] ? __lock_is_held+0xb5/0x140 [ 275.720006] ? sctp_ulpq_renege_list+0x540/0x620 [ 275.724770] ? lock_acquire+0x1dc/0x520 [ 275.728746] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 275.733771] ? lock_release+0xa10/0xa10 [ 275.737756] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 275.743041] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 275.747539] ? preempt_notifier_dec+0x20/0x20 [ 275.752047] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 275.756897] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 275.761934] kvm_vcpu_ioctl+0x79d/0x12e0 [ 275.766006] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 275.771735] ? graph_lock+0x170/0x170 [ 275.775549] ? find_held_lock+0x36/0x1c0 [ 275.779627] ? lock_downgrade+0x8e0/0x8e0 [ 275.783788] ? kasan_check_read+0x11/0x20 [ 275.787945] ? rcu_is_watching+0x85/0x140 [ 275.792098] ? rcu_report_qs_rnp+0x790/0x790 [ 275.796519] ? __fget+0x40c/0x650 [ 275.799980] ? match_held_lock+0x871/0x8b0 [ 275.804225] ? expand_files.part.8+0x9a0/0x9a0 [ 275.808811] ? kasan_check_write+0x14/0x20 [ 275.813052] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 275.817990] ? wait_for_completion+0x870/0x870 [ 275.822579] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 275.827778] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 275.833494] do_vfs_ioctl+0x1cf/0x16f0 [ 275.837395] ? ioctl_preallocate+0x2e0/0x2e0 [ 275.841810] ? fget_raw+0x20/0x20 [ 275.845266] ? __sb_end_write+0xac/0xe0 [ 275.849247] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 275.854785] ? fput+0x130/0x1a0 [ 275.858071] ? ksys_write+0x1a6/0x250 [ 275.861883] ? security_file_ioctl+0x94/0xc0 10:01:32 executing program 7: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(r2, 0xc008240a, &(0x7f0000000000)={0x7, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000f6bfe8)={0xaa}) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_REGISTER(r3, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x730000}, 0x200000}) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in={{0x2, 0x0, @multicast1=0xe0000001}}}}, &(0x7f0000000100)=0xb0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) close(r0) [ 275.866301] ksys_ioctl+0xa9/0xd0 [ 275.869764] __x64_sys_ioctl+0x73/0xb0 [ 275.873658] do_syscall_64+0x1b1/0x800 [ 275.877554] ? finish_task_switch+0x1ca/0x840 [ 275.882061] ? syscall_return_slowpath+0x5c0/0x5c0 [ 275.887001] ? syscall_return_slowpath+0x30f/0x5c0 [ 275.891940] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 275.897314] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 275.902172] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 275.907360] RIP: 0033:0x4559f9 [ 275.910545] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 275.929908] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 275.937630] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 275.944903] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 275.952174] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 275.959444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 275.966717] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000030 10:01:32 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000fd0000), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x3, @loopback=0x7f000001}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000116ff8)=0x39) readv(r0, &(0x7f0000001000)=[{&(0x7f0000000000)=""/4096, 0x1000}], 0x1) shutdown(r0, 0x1) r1 = syz_open_dev$mice(&(0x7f0000001040)='/dev/input/mice\x00', 0x0, 0x40) ioctl$sock_bt_hci(r1, 0x400448c9, &(0x7f0000001080)="fbfc5bf8b7b6945998b728fd0559f7512f2857e4f7eeeb043c0172511aecffc787379a209453ce13577c17ba129e6c4d2cf822c5f5cd5a5bd3138bae31a1dbf496fcd0093bd4fd42157a5cd53c0e1da6080a6025dec633fa48d3dc0a8ebf8a73e7805369c74b100bd34f5c17e9aa059f5e0370c9689f8f6ebac36aef9505a983b14b38fbe42f1866c5baece6b8d66138f39c2ecfbbeafda202d15b55701336cb4b1b9dc022103c1069ac6e7a97e779d15b6947555214be2ebe423a936c80d8433131846681deb6f440d59142d7017d1a0537d1af99b99f75e29eb356c54bc7aeb6") 10:01:33 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x78, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:33 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$nfc_llcp(r0, &(0x7f0000000100)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "8811e78754fe8a427be2784032d1b714a23f86cdc834bc921c0525fec2021e21cc027f1d28fc5ba98c513afc8ce465aa9a9d325ebac7627ffe7a55cdbd77b3"}, 0x60) getpeername$llc(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000000c0)=0x10) syz_mount_image$bfs(&(0x7f0000000040)='bfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x5, &(0x7f0000000600)=[{&(0x7f0000000200)="0aa980919605663e6d38beb3e6cbb51246df6c08ca1aa89ceb22d902ceed401fd566e8675540baeabfa1961e200c33ab4aa05f3484c5ecf8f5d0f1d0897aff0d0d54b474831d753c5235309123b43734ae4676d9e7f44f7ba1447a6c44dee7fc659957fb3c29273ca674083ce3920c252255f2675d803dd210e58203f906032f4d2d8164c858709e9f7064e96439ef", 0x8f, 0x52}, {&(0x7f00000002c0)="72b7e8b224302eca9747ab3449c4400fe9fbcdf97fffc911433a7b204ce991292436d3bc82ae09b7be3d8b5e8a30973930a488e22f489266b20ce68beedb222f25cf3a6a833c4340fdf07330515c182f9a1111f15e887c8460e89061de79cedacd7ec9737e91ffea418e3aa975ff7f105eb5e8b895c6ed6fd07c83bd14dc00dcbac664c0041570cac633382b807b4d7806f25650c1f2aa262e40937b9667485756640a0fdfbe8f22180384b630a0fb1cb577d4e809c1f45c06aaf2e6b0524fafa46473668421", 0xc6, 0xffffffff}, {&(0x7f00000003c0)="5f9babd9ac3a5c684139e0b41b2db193f3522542006b5a6b0be9f01c1041f7a35ef28eecfce5498b31a124c4a0fb94bc45702ab13dddb2165c5cb4f6194a4b5cac7a74a359c4a7ba2dffd3d31ba8765e3f9ce42509eba0880a29372201af1b95bd6d34b3f55d2f6a2e5c2186899c6a5e7ff350194e8d818d4c02301aab75f9a89e8c1ebbd5e3ee35877b3be2208b971716041553e8", 0x95, 0x6}, {&(0x7f0000000480)="1bd38e04e14a29303d91003fc9ad9dab639e77b9deacee8bf69d618af02f35c4229142ebd31e3b7027463c043647f5314712ee20c051debbddf4d46ac62a7bd5c8fa33f07805fbae1cb0d1be95108e63bc074a", 0x53}, {&(0x7f0000000500)="25ec7477108366b02b847db5b88d1ddd22274c4fd61341e740e7cdd93efb86cdb3af0949a8610f469c8283f24edd12c6d91e8c669eb634907c45c5bc9057e85fddcc6fc48b3eaf7979157fb23182c260e1cf01674d910afb6cf3313fac271bb91ec60985a229646d2b16e4a0867c43582e45ce33942f4c8c15680d9cd38f7d1935f957366e5eaa4e07ee64c2ce1d93c07e38f2bb7c4d4f200a340ee86f1144076df9141c001fc3e6166950d727ffffe34c6771f36368e5cf3c1f77950a6f5f03fa14ae48806bda37c229a75017dc9214d8ccaa1c57e242aaae7f1e0d02440aab91ca78487644e6a577644b39f0ecefcccf525ce74b8a6466", 0xf8, 0x6}], 0x4080, 0x0) r1 = memfd_create(&(0x7f0000000680)='bfs\x00', 0x1) ioctl$TIOCLINUX2(r1, 0x541c, &(0x7f00000006c0)={0x2, 0x3, 0x80, 0x5, 0x2, 0x1}) 10:01:33 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xc0000080, [0x40000073, 0x1]}) 10:01:33 executing program 5 (fault-call:5 fault-nth:49): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:33 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x14, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:33 executing program 3: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) setsockopt$inet_tcp_buf(r1, 0x6, 0xb, &(0x7f0000000080)="26f98faaa61b8b515d8fd28c79", 0xd) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="d5750700000000000100090000002000030008000100000000000400022125152500faffffff0000000000000000354af179491b4c40599bf82c85238056c04794e3a51ff96a88f100336d0fe337"], 0x34}, 0x1}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 10:01:33 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)="2e2f6367726f75702e63707500eac5bea7af575a45fddd5af3a7709295a69e7bc5fd0592bf2a4dc8ace908be8842141ca2a714ed0163d4afd8ac48123d4869e05556a93347d6a7430e03a5f2beb186f16bacf2e4dcdcf3b9ff1d99165ce38d996e7798fe471d9a0d81acd08788fcc9892a2487efcde7a649614b14ba1c18", 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000400)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0) sendfile(r2, r2, &(0x7f00000000c0)=0xfffffffffffffffd, 0x7ffff000) 10:01:33 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") ioctl(r2, 0x2, &(0x7f0000000240)="d66e0868465d785a5cf9370cc3fdffe28cdf23f4dc270458c2f72f8f08d84787e67930ea7e518bc77c9ac5c5b5c9e10bb6beb91fdd37ef7215383502e1fee82d36bde999892cda1dbee76f72e6f64849e5e683149b1f8eeb9041a28c6559bcf8dc7a48c4985eec69cb7d3dc1b00bc3191a9c38c51d038ea47c30eaad397b08318f7395fc28102adf6d3a661c8d5065bb58d2088a6ffae407e61d710de4ace9bcfd047d4f05ebe6472a7198088016150448187e37c0b4e13f44f135cab326507611b0e597ac9de1bc9cd745cd79e08e7bb35713a2489a4570a64dd7f5d02180bee9ca8782dca0b3989ef26dec0e5451a561") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 277.075296] netlink: 16 bytes leftover after parsing attributes in process `syz-executor3'. [ 277.102911] FAULT_INJECTION: forcing a failure. [ 277.102911] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 277.114902] CPU: 0 PID: 16134 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 277.121836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.131187] Call Trace: [ 277.133786] dump_stack+0x1b9/0x294 [ 277.137428] ? dump_stack_print_info.cold.2+0x52/0x52 [ 277.142626] ? lock_downgrade+0x8e0/0x8e0 [ 277.146786] should_fail.cold.4+0xa/0x1a [ 277.150857] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 277.155971] ? rcu_report_qs_rnp+0x790/0x790 [ 277.160386] ? graph_lock+0x170/0x170 [ 277.164200] ? is_bpf_text_address+0xd7/0x170 [ 277.168702] ? find_held_lock+0x36/0x1c0 [ 277.172767] ? __lock_is_held+0xb5/0x140 [ 277.176822] ? check_same_owner+0x320/0x320 [ 277.181140] ? rcu_note_context_switch+0x710/0x710 [ 277.186080] ? __might_sleep+0x95/0x190 [ 277.190066] __alloc_pages_nodemask+0x34e/0xd70 [ 277.194720] ? lock_downgrade+0x8e0/0x8e0 [ 277.198853] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 277.203864] ? graph_lock+0x170/0x170 [ 277.207670] ? __lock_is_held+0xb5/0x140 [ 277.211733] ? rcu_report_qs_rnp+0x790/0x790 [ 277.216140] ? __lock_is_held+0xb5/0x140 [ 277.220191] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 277.225714] alloc_pages_current+0x10c/0x210 [ 277.230114] __get_free_pages+0xf/0x40 [ 277.233988] mmu_topup_memory_caches+0x1f8/0x3a0 [ 277.238732] ? kvm_apic_has_interrupt+0xe1/0x210 [ 277.243474] kvm_mmu_load+0x21/0x10e0 [ 277.247268] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.252797] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.258325] vcpu_enter_guest+0x3a83/0x6060 [ 277.262641] ? print_usage_bug+0xc0/0xc0 [ 277.266698] ? kvm_set_msr_common+0x2680/0x2680 [ 277.271349] ? vmx_vcpu_load+0xada/0xfe0 [ 277.275405] ? __lock_acquire+0x7f5/0x5140 [ 277.279639] ? vmx_vcpu_reset+0x1030/0x1030 [ 277.283953] ? graph_lock+0x170/0x170 [ 277.287749] ? graph_lock+0x170/0x170 [ 277.291542] ? __lock_acquire+0x7f5/0x5140 [ 277.295772] ? debug_check_no_locks_freed+0x310/0x310 [ 277.300987] ? __lock_is_held+0xb5/0x140 [ 277.305057] ? lock_acquire+0x1dc/0x520 [ 277.309020] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 277.314040] ? lock_release+0xa10/0xa10 [ 277.318026] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 277.323303] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 277.327783] ? preempt_notifier_dec+0x20/0x20 [ 277.332267] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 277.337097] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 277.342109] kvm_vcpu_ioctl+0x79d/0x12e0 [ 277.346165] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 277.351861] ? graph_lock+0x170/0x170 [ 277.355654] ? find_held_lock+0x36/0x1c0 [ 277.359707] ? lock_downgrade+0x8e0/0x8e0 [ 277.363851] ? kasan_check_read+0x11/0x20 [ 277.367982] ? rcu_is_watching+0x85/0x140 [ 277.372120] ? rcu_report_qs_rnp+0x790/0x790 [ 277.376536] ? __fget+0x40c/0x650 [ 277.379989] ? match_held_lock+0x871/0x8b0 [ 277.384215] ? expand_files.part.8+0x9a0/0x9a0 [ 277.388788] ? kasan_check_write+0x14/0x20 [ 277.393010] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 277.397938] ? wait_for_completion+0x870/0x870 [ 277.402503] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 277.407675] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 277.413369] do_vfs_ioctl+0x1cf/0x16f0 [ 277.417244] ? ioctl_preallocate+0x2e0/0x2e0 [ 277.421635] ? fget_raw+0x20/0x20 [ 277.425080] ? __sb_end_write+0xac/0xe0 [ 277.429057] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 277.434586] ? fput+0x130/0x1a0 [ 277.437866] ? ksys_write+0x1a6/0x250 [ 277.441659] ? security_file_ioctl+0x94/0xc0 [ 277.446065] ksys_ioctl+0xa9/0xd0 [ 277.449510] __x64_sys_ioctl+0x73/0xb0 [ 277.453382] do_syscall_64+0x1b1/0x800 [ 277.457251] ? finish_task_switch+0x1ca/0x840 [ 277.461732] ? syscall_return_slowpath+0x5c0/0x5c0 [ 277.466651] ? syscall_return_slowpath+0x30f/0x5c0 [ 277.471569] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 277.476929] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 277.481765] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.486936] RIP: 0033:0x4559f9 [ 277.490104] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 277.509318] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 277.517015] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 10:01:34 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x24, &(0x7f0000000080)=0x1, 0x4) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x4}, 0x68) sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffc3, 0x20020007, &(0x7f0000e97fcf)={0x2, 0x1, @loopback=0x7f000001}, 0x10) recvmmsg(r0, &(0x7f0000004680)=[{{&(0x7f00000000c0)=@generic, 0x80, &(0x7f0000004540), 0x0, &(0x7f0000004600)=""/93, 0x5d}, 0x40000000000}], 0x1, 0x0, &(0x7f00000047c0)={0x77359400}) 10:01:34 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x3, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:34 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1b4, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:34 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) ftruncate(0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r7, 0x0) setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r6, &(0x7f0000000140)={0xa}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x1, &(0x7f0000000100)={0x303, 0x33}, 0x28) sendto$inet6(r6, &(0x7f0000000180)="9a", 0x1, 0x8000, 0x0, 0x0) sendto$inet6(r6, &(0x7f00000005c0), 0xfffffdef, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}, 0x1c) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 277.524280] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 277.531538] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 277.538789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 277.546044] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000031 [ 277.562635] netlink: 16 bytes leftover after parsing attributes in process `syz-executor3'. 10:01:34 executing program 5 (fault-call:5 fault-nth:50): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:34 executing program 3: syz_emit_ethernet(0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="525582de49a576356cd12ed7cdcaa95a8bd011606d6dedf3230c978893692cbb6ce0ce07424060c2df8a09617ce69b20a8cb19e7b2195320069b3d9fcb4c1d976e918d4bfdf2119f82ac876f2a7baf2381f2334250ece6ba8aaa0b9b267a814a45f24b31876fd674e1a7eda52c56822bc78e1633abea87f728a3ad169c5920c224cf9b35846536ee103370b02f0e91e67e449851965e621ef56b2cdbb80a4237190370c57b8bf842b571c159c2a7c39b3183bc5a4dcb3ea0900e6400000070a617188feb7f9f19229382f7c6d4c320a57d4873b14421ed7235e02218b403502a0f592e04a311e5f3e7683f355726bee2d92341548a91b12fcec906e7bf7a47baa321162c1f88b9fd5ba3716a523905cf851a22d13318af2fa2637032ea22ff1e87da533cfc938c8bd860601aabb4868eb90bfd00ab20b1d786c58be7b25a62fb0e4e39758fa6140927487f5b8e4bc753080407fe5b5d2f9c025730130d27"], &(0x7f0000000000)={0x0, 0x10000, [0x0, 0x5cf, 0xa47]}) r0 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$sock_int(r0, 0x1, 0x2b, &(0x7f0000000040)=0x4, 0x4) 10:01:34 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x8000000000000, [0x40000073, 0x1]}) 10:01:34 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x0, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000280)=@getsadinfo={0x10c, 0x23, 0x20, 0x70bd2a, 0x25dfdbfb, 0x0, [@algo_crypt={0xec, 0x2, {{'ecb(cast5)\x00'}, 0x510, "602968ce61d6e636c666f001625564e9fe2b8991db5701c8f37a2e4bbf82de7f9bdcaad8f3abbe43c488b0da1d844c5ccd0d0b6c8f627b7aff7f8588d892234b4a9caaaa32f9ced19e314e4e173143696a5591ba63e4b49dcc14b4411bd4f3de8f8dc890740b2509cfecf07c1c9a8ae67f58b535023e2255612a7edda5a2f264d32c87264468f6e1a15a59f61f87fdee20a728bc9921ffe08f7f0000c4b12606300f"}}, @mark={0xc, 0x15, {0x350759, 0x891}}]}, 0x10c}, 0x1, 0x0, 0x0, 0x4000}, 0x40040) socket(0x10, 0x2, 0x0) ioctl$BLKDISCARD(r0, 0x1277, &(0x7f00000003c0)=0x2) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d03010000000000950000000000000071260000000000006706000002000000bf25000000000000070500000e0000000f65000000000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf250000000000000f65000000000000070500000e000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf25000000000000070500000e0000000f6500000000000007050000040000000f65000000000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000400)) ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000200)={r1, 0x31}) [ 277.641952] BFS-fs: bfs_fill_super(): No BFS filesystem on loop4 (magic=048ed31b) [ 277.911842] FAULT_INJECTION: forcing a failure. [ 277.911842] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 277.923750] CPU: 1 PID: 16177 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 277.930689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.940040] Call Trace: [ 277.942640] dump_stack+0x1b9/0x294 [ 277.946278] ? dump_stack_print_info.cold.2+0x52/0x52 [ 277.951479] ? lock_downgrade+0x8e0/0x8e0 [ 277.955639] should_fail.cold.4+0xa/0x1a [ 277.959692] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 277.964784] ? rcu_report_qs_rnp+0x790/0x790 [ 277.969180] ? graph_lock+0x170/0x170 [ 277.972976] ? is_bpf_text_address+0xd7/0x170 [ 277.977461] ? find_held_lock+0x36/0x1c0 [ 277.981511] ? __lock_is_held+0xb5/0x140 [ 277.985563] ? check_same_owner+0x320/0x320 [ 277.989868] ? rcu_note_context_switch+0x710/0x710 [ 277.994784] ? __might_sleep+0x95/0x190 [ 277.999074] __alloc_pages_nodemask+0x34e/0xd70 [ 278.003732] ? lock_downgrade+0x8e0/0x8e0 [ 278.007867] ? __sched_text_start+0x8/0x8 [ 278.012000] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 278.017008] ? graph_lock+0x170/0x170 [ 278.020798] ? __lock_is_held+0xb5/0x140 [ 278.024865] ? rcu_report_qs_rnp+0x790/0x790 [ 278.029265] ? __lock_is_held+0xb5/0x140 [ 278.033346] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 278.038870] alloc_pages_current+0x10c/0x210 [ 278.043268] __get_free_pages+0xf/0x40 [ 278.047143] mmu_topup_memory_caches+0x1f8/0x3a0 [ 278.051884] ? kvm_apic_has_interrupt+0xe1/0x210 [ 278.056626] kvm_mmu_load+0x21/0x10e0 [ 278.060411] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 278.065946] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 278.071469] vcpu_enter_guest+0x3a83/0x6060 [ 278.075782] ? print_usage_bug+0xc0/0xc0 [ 278.079834] ? kvm_set_msr_common+0x2680/0x2680 [ 278.084488] ? vmx_vcpu_load+0xada/0xfe0 [ 278.088559] ? __lock_acquire+0x7f5/0x5140 [ 278.092777] ? vmx_vcpu_reset+0x1030/0x1030 [ 278.097081] ? graph_lock+0x170/0x170 [ 278.100865] ? graph_lock+0x170/0x170 [ 278.104652] ? __lock_acquire+0x7f5/0x5140 [ 278.108873] ? debug_check_no_locks_freed+0x310/0x310 [ 278.114054] ? __lock_is_held+0xb5/0x140 [ 278.118101] ? __kprobes_text_end+0x1d0828/0x1d8368 [ 278.123101] ? lock_acquire+0x1dc/0x520 [ 278.127058] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 278.132089] ? lock_release+0xa10/0xa10 [ 278.136051] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 278.141312] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 278.145788] ? preempt_notifier_dec+0x20/0x20 [ 278.150271] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 278.155097] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 278.160102] kvm_vcpu_ioctl+0x79d/0x12e0 [ 278.164155] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 278.169849] ? graph_lock+0x170/0x170 [ 278.173636] ? find_held_lock+0x36/0x1c0 [ 278.177689] ? lock_downgrade+0x8e0/0x8e0 [ 278.181823] ? kasan_check_read+0x11/0x20 [ 278.185956] ? rcu_is_watching+0x85/0x140 [ 278.190093] ? rcu_report_qs_rnp+0x790/0x790 [ 278.194493] ? __fget+0x40c/0x650 [ 278.197934] ? match_held_lock+0x871/0x8b0 [ 278.202152] ? expand_files.part.8+0x9a0/0x9a0 [ 278.206719] ? kasan_check_write+0x14/0x20 [ 278.210940] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 278.215856] ? wait_for_completion+0x870/0x870 [ 278.220423] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 278.225600] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 278.231294] do_vfs_ioctl+0x1cf/0x16f0 [ 278.235169] ? ioctl_preallocate+0x2e0/0x2e0 [ 278.239560] ? fget_raw+0x20/0x20 [ 278.243000] ? __sb_end_write+0xac/0xe0 [ 278.246966] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 278.252483] ? fput+0x130/0x1a0 [ 278.255748] ? ksys_write+0x1a6/0x250 [ 278.259534] ? security_file_ioctl+0x94/0xc0 [ 278.263931] ksys_ioctl+0xa9/0xd0 [ 278.267370] __x64_sys_ioctl+0x73/0xb0 [ 278.271244] do_syscall_64+0x1b1/0x800 [ 278.275116] ? syscall_return_slowpath+0x5c0/0x5c0 [ 278.280034] ? syscall_return_slowpath+0x30f/0x5c0 [ 278.284950] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 278.290300] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 278.295128] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.300319] RIP: 0033:0x4559f9 [ 278.303486] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 278.322710] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 278.330402] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 278.337654] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 278.344905] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 278.352156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 278.359407] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000032 10:01:35 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000100), &(0x7f0000000140)) clone(0x0, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000180)) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000040)=0x0) prlimit64(r0, 0xf, &(0x7f0000000180)={0x80000001, 0x100}, 0x0) 10:01:35 executing program 7: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0x39e8c2cfef4dc904) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x7, @dev={0xfe, 0x80, [], 0xe}, 0x200}, 0x1c) 10:01:35 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="080000000000000000000000028000007a0a00fffffffffd630148"], &(0x7f0000000000)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000300)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000200)='syzkaller\x00', 0x84000001, 0x3342, &(0x7f0000000300)=""/187}, 0x48) 10:01:35 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x11, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:35 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0xd, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:35 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = dup3(r2, r2, 0x80000) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r3, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000600)={0x114, r4, 0x400, 0x70bd2b, 0x25dfdbfb, {0xc}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DEST={0x30, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast1=0xe0000001}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffffff}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xffffffffffffffff}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x6}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0xc}}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x60}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}]}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x16}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x16, 0x20}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6d}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0xff}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x200}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e22}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x40}]}, 0x114}, 0x1, 0x0, 0x0, 0x20000000}, 0x48000) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r6 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r5) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r6}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:35 executing program 5 (fault-call:5 fault-nth:51): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:35 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x7b010000, [0x40000073, 0x1]}) 10:01:35 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x40, 0x0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0x4008ae48, &(0x7f0000000080)) r3 = accept4(r0, &(0x7f00000003c0)=@in={0x0, 0x0, @multicast1}, &(0x7f0000000380)=0x3e, 0x0) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) r4 = socket$inet6(0xa, 0x1, 0x0) ioctl(r4, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x802, 0x0) write$binfmt_misc(r5, &(0x7f0000000140)={'syz1', "1197ea688dd571228d2c2416ee386216f4a4164f78814822d824fd43fa1d33adf92f9e1be05191d9c578aeca09ae1ab49d769d529ea4a5223cc7c369e06ae51ef2d0da06803ffb54eefa7feafedbc820620d3fb3f71d9bb3cf70e5adc13bd8820509290fcece10bad4d4e6f87625097accf79ad6b5eda19cbe05eab89eed3dcb317cc1a04d8a4fb1454c301ba03778d42611467e1b9e4abe49c01ef5dda9068783d6b201fc7fbb91ace3423827a2e75310525edb048f715d2104d66b6ad3d6bb22de13ab4aee559746ba7f45a2158db1ceed424c6f7613f698e556a3fe61da6dbe859d64e4c1ef9eb4dfdb1053f12f04f3fb2444f1495bd0c83cd054f8570ae2465ea12e2258fff45bacc9214224c7461716e931879c5b43ea92ebfad3d72289823f9879d657e75a9e007cf127d7061d9080af5c50c40120c98695de8d92821fa6c1f890a6c76d470dc87510887c7ac4c1d9df7a5efe777b77398e54c5508da923bbdaecdb6409e626e6d94a37226a7e8466cce96ff8ea3094118048c540a458da205c6a84363d49e1db4b42866f7f6b0f6cade34d198a6e15a585bf07093cbb19774c2ffdde86624010c198679efb15af0ad7515f3c682acef94851e3bdde25dce27baa575a37835c58e8cb9300f95dd48ba37e0e0d6f87920d56968e5c9b778753a4a08e1a0cac2ea98373ecb2ac50aa0d09ddc65d63d0e0afcd2dc19778cdac1abfc09eadec761ebdae6f702cd75f8c19c8f5f0a4ad6042d2433bb819e17304ec18375ad0151a074936b9d0a616f9deea7e3c97f48919dea519947f8c165bcaedf6958134e219ee45042eacf039294d837f73b4b18b55cad714b1844e478c5bac426c4fd02104a79b507d8c2867814e3a0b526d2387e10b242ad4686ad063ad2282ad3a01d2b0a943db89f6e0f442cf7772fa0f2a597911a4442bac6c8d713bea732e22486d78689590849acf299fc9592b434c989156d225be82d34020011fd91aa61f70f73cfeb5f2bf76ed38ab1c77b93098f8f6f689471087b9d0cb2bda962cf1095dbeb5d3c329f7cd0731c289ced1c03fd9d9566d4d9e601cf23a2f265d0f065c82ee0fb423e8f4cfa8ea891f0af6c44f0f0b0d7bf529194246e8fa3e9fc512e3463cf31ac117e55146cbaf61473887ad6ec7ae005dec341baa13d57f7c4f63fe87933ef8b9b56c86af900a57ef32e7dedc04aa55be99fc86b6d38087eeb1a2cbb4a6e70293f857d64b945fa245ddc909ab140b9793962355aeb2e9c1e7b3e1a9547e25e1881652ac6e8860e35d7ed3713c229b363f21691c79009b03c70819c27d71664286b5cda827304f4b1a65d12d9ac4e5b1f7e955d527794d5aa34507a8567fb83dac70f5a53dbfa568ebc28a9e0aa08c4e7efeb7ff1b4612cb79e23e67d642d7d2d48996f6383bdb988879790a93ccd45a598230000ac34b39d5fecf9fc63c19662ee506ff1808e93afdae6f43c5adbd08fd74ccb1aecdc76c9bb54d1e8793676664c0bc193ca4bc85e21ed31f53cdce017158a642ecbd530205e7c7a2b91bf55883d1d8e7c7fabee2885915c0615873eec6e67604ff7d3d2416b0d095cb532268042d0a295d165f9a4fe4a2467814e8b945cfb171b7bf994cba7c389a1fc61b55ce4c66ca6ba890d43f234bd6336e5dcbfb1c95dec3ca524edaf20007545510e13b6dcd5a56a24e1e833abdca4ed23c3d5638391bf0b38bfb8d87b4a24e9e6b800174767d3ca9c78765f6b32b2f388bdc6781d86075a16cc7ea98fc8b71ba4acf2908f498f35d158a3e74f169c04f537c1600360284a976c50bb69bc2780b356aebde1c002aaa8ca465194b67311c0f3f25b1b9461f1a28c355a4cedf3a01ab73fabcebb9ea59ea3f25cc4e45157e1cae76eb7a8de5677f53b1d32731de09a1912a6826ad74ae4622d4c626a07b0f8843f7e4eecb21f7211bf28fb598af700c96d6bab61fee889d481bdb00e0a0d9cf18911e6f50115755ff5f62c8e8826c2faad12b20f83c6720e0854229a761cec67941026710dd40270d23a221d2697167178068a3456ecd224280c1d1dc0cfeabce7b38f3842dd6293cd02506717035d4d036ad0e85b04f56d1d9569060b65a36ff1725c9252f266aae3b47a008aa551a13f2b92d47e8d684ca46be0a38ad0df189f093246e998f60dc9257366edb2791da31e4a85d32d4f5912adde335865dbd2c5440b3447a780430ea6dc1a1e7e95abbb01b56f706c5821485df43d880c6502a71b2bb06fffc24632164332488ec50f1380de2b3c8c0ff07cc2bddbafdb364fa135b693071bfe81b20a365eddd9576b729fde306d40b311fca61d27a456d79090ba26c64edb6f438fd68f98773073f33d84e37acf5cedd371e32821cb5506da102776e0db58f6926c84ce4e3c257264a4b1ae92e0b9c23b0663963832adc602dfdf76ca2c2abf238f251579d302e66b0fc8561519a8d707921726b7e8659ef1a9fe81ec544499b104d12f0b026d2af044b7def35cdc0faaad2871dd477072015308898f0123b245fbd46c55e8ebdee2cf7bded7a10e7aee4174f2284411864e8126aff9810bed08219df7f32d4f2debfa0cabef0ed42ff6a269e98f1d972c6c13c887bcc98738c6dac816ab493ca957932664baf63148763d712cef474db6967f16f0f665c3f860bbe68ee55c6321d4fd9305c93dafe644e346b0b9709ecd59c68e2440320fcce86c398410c7cf1e074c5f65b56bdd7f51a044bae0e0690b6b51e53db1d1375218e0a4563612557e298092825e3bcfcb13eecefed60f34b9a1d2e39e50b252cb7163f1cd112f4377236e7b4175b2a5ff30d13f331f776ff47f8ce6cd673a8f08dcfdcea5aeeeab503c046c0e05b2c652a205376b9527eec4cf007b28ecd76f5cd1d4cf4598645de1ea17dd3cd06be347ea5218e23d15d398c6a64eb411b513a247e091dc193ba16e89b9521f0b0e8668fa9d9aa3f368c0bf1f5e46aefee1658f03bb1c7a74246f386b97b6ad064a31d3dd32bb7ba18c18454850c56d4e43ec4f119bb0e81a91b06b69a4b9acc423b52d1b0e8a29e75b3845e72908d74d60bdf2e4ebbf60cf38164a885b7bfda4ac8a31053650671c1d3cc1b512680fd5b52e23b167f387037fb5681efc30006a4de137ceebae80061148952f6f4735997a2a417d2e152dccaf56902c31b1240ba16574b81771297177f6d407dd8531804111f98f1760d7aa4feb53320470618cc418527ab025e06103e58560638b5ce96ea968bf36d375a7ca9a537970bf1e199699aa63456b0778462a60c1c98e9758fb1b16d70f6782b5400c4ea89efc53cdca9c2b446f0759b47eca9308883b4e634fa8377ddbcca5a66083b103d73d49fbdaf1002c2c2ce9b1e4a6708b641135ae2a0c77dfb1af01648d5b0b04c43fad1e5cceca90869dd92c3c280eec9054b32dc010bd4ea8f67d473679143ff3c4f7d62180b4955ed53e7e6654726e40d338b73bd5510bdd5d0ba048c68464db772306170da4613294d2ce41364be725ed26763e3641e3b56a83dc79332d92b265007349506f24c3deceae6b6ca066ba65f1560b7e4dd0e1ab81f140860e2067434aad6dc073a9d3d251b8134b56b517322232c41631432f166bf2c6821f0602e5e988a929cd478e25a974dc843c265d0f0fc07c521b0e65028c26cbbd5dcf3d0b044a0efa5bf8163276fa25447bdb9f5c638e5cc369290304b6386fdf06a7748640f139a24a4ca54751cd953542c18ef01a216b37c2e4fb71c55e1fd690886890f1a19161e6d9e893ec27382621a15378415231ff06ab2262a704cd9aa1c84eaf6fb1a4391b5ad95cf9d607e5986286a2c3d93bb0947fb1c94962edaec01a14fde982e91fb293c7590e87b89e1ed53a48c566e2661f40121abf748eac9ff090c2a15a2b5b51407ddf41ef04bf2a469b89b271313c455ae434adf6b4a5f4fbd2a80aade04c83843148b7af2e023b108877290fdb8181eb9d5ad5c16d8b6a52e5279c70240bd51cf1af1c7d3b6ba17e4d388f53a2eaa6fb6cbbf248db7cb07dd7810ab125f11a327f8e74042d9fc53b547e9b456c08796358edecc6e57876704bf0e927a6af4e194ee365ca2de53f6a32c16fafaaa25171102aef2c57e8aec3709d19b0bb059b184ff2ea0b8870985a16fff9fccca838f6316b592c2386ceb0adb7461bee5d3365b28c2725df609329f38d12bf59ebb6e7177f035a69c8f96f9fc0aeaeca3bdcc09c9b8b3e195e3a243b5a9c138f60ef6432d8bd8be2c3a2d304d7671235bcf6a5edfb36eb9c9d99204543f0716ae8aa0a46eb16785828ef2e1b835fe401e5d1943012a3145b370435df1b5f4683414850e14cf90065a2771697ab7d400d7fe2b480702926f7b96280301baddab665ff8a87858b85b068fe53d35dbbc8b4121f7aca3b5a5db58bd36ad3d8e7162f73d20bde017fb49a3bc02c8e9f2bf915dfa24d45aaa600124c3d9db27e33bd3de7f26d3fbad62c4c3cfb42501c4a18c977e9efa6c9afbba0841efbc2806d9612d603f01adc29a5c8d64fd5651b4a08f718904f38b8558e60af526e1d013592ef5776467a78b486f4d61817b0447e5c51a4386c2e793c988fac8a786fb9f209d69d10c83261f99b14a9e692c52cfc2d75763ac8081efff5b21464f65b562999114c68290884f004764e55d7cfb505a4ba8633735730c12e6df08b65d0df6c9b94a655836d898590b31b412923c89e485635d51fb9efc4b1ae7487a15f5d126fb61cbff4cf3ff4b7d387a9f352e165c92607a66d69c9649044eaaf99ed95deed04f97cf3af78320f03aa87b602ee86c752a308035485a0adc6d54c4893a79ef77a97cb4fa81b7c138b7c9f12c55eee57b91304e41c4c381187edab488adf7ffd03706346aba9128b2850f1f68cdd3193872d08738e9ed057458e019453f060a601608bf93d258f4af6e72f9e5f0628ec323d70b529d042e27c34304ad92ff428feb32548871d9594712e600b05896abd0f61a560cb2c7d721bacf3fd92cf29c8d5be6c7c33614b237c80d512ad917217e654a21aa53fbadf7519785964e2645f90616d4af25a8b2ae757602b367f7e36d77166f22ef8b79eeeed4f7c83cfdc1db935aa07e8777bb77541579c78b67f581cacc29de0062b91456cb7ff475362d0a1c001ed487041ccb92418bb2d4d79e0c2d69dad16528c8d4607e066c162250a08ab03e9404d9606404debe3f410f7ac676d5c4bbfd13263ccee0ccf3e632994bda8ad8c6997d1f87a86418e963698241f12eb3d81f5f6c8070bbbd5cf63e361075928d6850e536a8305aa90337fe98685b3bdc1a3d32591872474d20c92b366d4349aa070000c8f1f677680672338cd90e892cc0226c93618902a328b631f7d830361c04ce4d236485b826918dcc810d1660da53488efbbc2ceeee213e324616f5c9b2c9369c6afa58d21289de33eb603c8cd9bc43ef31ad771cfcfd5287954c3f849a9641883dc48d58004a98ffd5183f40da226d86d2dcbea47a2f2a24f809474d5db22e01aa1df9b4487a44cf81d56e543691e19aeafbd4489e99a89d90e87286a0b26abe34fa88731142f5fba7b3fedbacdd914ff348ad7ef4b311670adb917621b7bb48915fb66d16fb0942c4fac64060745ce2816d32a102f1475139d2d8c168aa5b4050a729eb1cec4463b46141f6c7d6c25ac1a3fdf5e4e47c267642e40f365ed1fe6a11e16473a20fafa6c79d918a6eca821947ccaa0016fd7203c3df43f4e6514a1f1971a86a70fcd06969a8b86f05f1d4c27b459efe6598982d"}, 0x1000) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2}}, 0x0, 0x0, 0x0, 0x1, 0x100000000002d}, 0x98) 10:01:35 executing program 3: socketpair(0x9, 0x6, 0x100, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) socket$netlink(0x10, 0x3, 0x1f) bind$alg(r2, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(twofish-generic)\x00'}, 0x58) fcntl$getown(r2, 0x9) getpgrp(0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000140), &(0x7f0000000180)=0x14) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f00000001c0)=0x1000, 0x4) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(0xffffffffffffffff, 0x28, 0x2, &(0x7f0000000040)=0x100000000, 0x8) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000000)=0x8, 0x4) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000200)="0ae41565823ef281e5b3360ced5c54dbb70000000000", 0x16) [ 278.676574] FAULT_INJECTION: forcing a failure. [ 278.676574] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 278.688582] CPU: 0 PID: 16209 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 278.695518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.704874] Call Trace: [ 278.707471] dump_stack+0x1b9/0x294 [ 278.711115] ? dump_stack_print_info.cold.2+0x52/0x52 [ 278.716325] should_fail.cold.4+0xa/0x1a [ 278.720401] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 278.725512] ? rcu_report_qs_rnp+0x790/0x790 [ 278.729939] ? graph_lock+0x170/0x170 [ 278.733756] ? find_held_lock+0x36/0x1c0 [ 278.737835] ? __lock_is_held+0xb5/0x140 [ 278.741904] ? check_same_owner+0x320/0x320 [ 278.746219] ? rcu_note_context_switch+0x710/0x710 [ 278.751137] ? __might_sleep+0x95/0x190 [ 278.755101] __alloc_pages_nodemask+0x34e/0xd70 [ 278.759756] ? lock_downgrade+0x8e0/0x8e0 [ 278.763897] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 278.768900] ? graph_lock+0x170/0x170 [ 278.772687] ? __lock_is_held+0xb5/0x140 [ 278.776734] ? rcu_report_qs_rnp+0x790/0x790 [ 278.781136] ? __lock_is_held+0xb5/0x140 [ 278.785189] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 278.790714] alloc_pages_current+0x10c/0x210 [ 278.795114] __get_free_pages+0xf/0x40 [ 278.798988] mmu_topup_memory_caches+0x1f8/0x3a0 [ 278.803732] ? kvm_apic_has_interrupt+0xe1/0x210 [ 278.808478] kvm_mmu_load+0x21/0x10e0 [ 278.812265] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 278.817787] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 278.823313] vcpu_enter_guest+0x3a83/0x6060 [ 278.827625] ? kvm_set_msr_common+0x2680/0x2680 [ 278.832284] ? perf_trace_lock+0x900/0x900 [ 278.836503] ? __lock_acquire+0x7f5/0x5140 [ 278.840724] ? vmx_vcpu_reset+0x1030/0x1030 [ 278.845036] ? graph_lock+0x170/0x170 [ 278.848822] ? graph_lock+0x170/0x170 [ 278.852648] ? __lock_acquire+0x7f5/0x5140 [ 278.856875] ? perf_trace_lock_acquire+0xe3/0x980 [ 278.861711] ? __lock_is_held+0xb5/0x140 [ 278.865759] ? lock_acquire+0x1dc/0x520 [ 278.869719] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 278.874723] ? lock_release+0xa10/0xa10 [ 278.878681] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 278.883944] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 278.888424] ? preempt_notifier_dec+0x20/0x20 [ 278.892913] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 278.897739] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 278.902748] kvm_vcpu_ioctl+0x79d/0x12e0 [ 278.906798] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 278.912492] ? graph_lock+0x170/0x170 [ 278.916278] ? find_held_lock+0x36/0x1c0 [ 278.920330] ? lock_downgrade+0x8e0/0x8e0 [ 278.924468] ? kasan_check_read+0x11/0x20 [ 278.928604] ? rcu_is_watching+0x85/0x140 [ 278.932772] ? rcu_report_qs_rnp+0x790/0x790 [ 278.937172] ? __fget+0x40c/0x650 [ 278.940614] ? match_held_lock+0x871/0x8b0 [ 278.944834] ? expand_files.part.8+0x9a0/0x9a0 [ 278.949402] ? kasan_check_write+0x14/0x20 [ 278.953627] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 278.958546] ? wait_for_completion+0x870/0x870 [ 278.963112] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 278.968285] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 278.973979] do_vfs_ioctl+0x1cf/0x16f0 [ 278.977854] ? ioctl_preallocate+0x2e0/0x2e0 [ 278.982246] ? fget_raw+0x20/0x20 [ 278.985685] ? __sb_end_write+0xac/0xe0 [ 278.989646] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 278.995168] ? fput+0x130/0x1a0 [ 278.998435] ? ksys_write+0x1a6/0x250 [ 279.002223] ? security_file_ioctl+0x94/0xc0 [ 279.006621] ksys_ioctl+0xa9/0xd0 [ 279.010062] __x64_sys_ioctl+0x73/0xb0 [ 279.013937] do_syscall_64+0x1b1/0x800 [ 279.017808] ? finish_task_switch+0x1ca/0x840 [ 279.022287] ? syscall_return_slowpath+0x5c0/0x5c0 [ 279.027202] ? syscall_return_slowpath+0x30f/0x5c0 [ 279.032118] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 279.037469] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 279.042300] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.047474] RIP: 0033:0x4559f9 [ 279.050644] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 279.069907] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 10:01:35 executing program 4: r0 = syz_open_dev$midi(&(0x7f00000001c0)='/dev/midi#\x00', 0x854a, 0x101042) ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000000)={0x3}) poll(&(0x7f0000000080)=[{r0}], 0x1, 0x40009) write(r0, &(0x7f0000000040)='(', 0x1) 10:01:35 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xc0010004, [0x40000073, 0x1]}) 10:01:35 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1e9, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:35 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) socketpair$inet(0x2, 0xa, 0x2, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000180)={0x1, [0x0]}, &(0x7f00000001c0)=0x8) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 279.077604] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 279.084855] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 279.092110] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 279.099370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 279.106625] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000033 10:01:35 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x10, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:35 executing program 5 (fault-call:5 fault-nth:52): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 279.315894] FAULT_INJECTION: forcing a failure. [ 279.315894] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 279.327913] CPU: 0 PID: 16240 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 279.334850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.344212] Call Trace: [ 279.346815] dump_stack+0x1b9/0x294 [ 279.350466] ? dump_stack_print_info.cold.2+0x52/0x52 [ 279.355673] ? lock_downgrade+0x8e0/0x8e0 [ 279.359832] should_fail.cold.4+0xa/0x1a [ 279.363912] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 279.369019] ? rcu_report_qs_rnp+0x790/0x790 [ 279.373439] ? graph_lock+0x170/0x170 [ 279.377251] ? is_bpf_text_address+0xd7/0x170 [ 279.381746] ? find_held_lock+0x36/0x1c0 [ 279.385797] ? __lock_is_held+0xb5/0x140 [ 279.389854] ? check_same_owner+0x320/0x320 [ 279.394160] ? rcu_note_context_switch+0x710/0x710 [ 279.399074] ? __might_sleep+0x95/0x190 [ 279.403041] __alloc_pages_nodemask+0x34e/0xd70 [ 279.407693] ? lock_downgrade+0x8e0/0x8e0 [ 279.411826] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 279.416829] ? graph_lock+0x170/0x170 [ 279.420615] ? __lock_is_held+0xb5/0x140 [ 279.424661] ? rcu_report_qs_rnp+0x790/0x790 [ 279.429058] ? __lock_is_held+0xb5/0x140 [ 279.433104] ? sctp_make_heartbeat_ack+0x10/0x110 [ 279.437937] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 279.443462] alloc_pages_current+0x10c/0x210 [ 279.447862] __get_free_pages+0xf/0x40 [ 279.451739] mmu_topup_memory_caches+0x1f8/0x3a0 [ 279.456478] ? kvm_apic_has_interrupt+0xe1/0x210 [ 279.461221] kvm_mmu_load+0x21/0x10e0 [ 279.465007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.470531] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.476055] vcpu_enter_guest+0x3a83/0x6060 [ 279.480367] ? print_usage_bug+0xc0/0xc0 [ 279.484417] ? kvm_set_msr_common+0x2680/0x2680 [ 279.489070] ? vmx_vcpu_load+0xada/0xfe0 [ 279.493116] ? __lock_acquire+0x7f5/0x5140 [ 279.497333] ? vmx_vcpu_reset+0x1030/0x1030 [ 279.501640] ? graph_lock+0x170/0x170 [ 279.505427] ? graph_lock+0x170/0x170 [ 279.509210] ? __lock_acquire+0x7f5/0x5140 [ 279.513457] ? debug_check_no_locks_freed+0x310/0x310 [ 279.518636] ? __lock_is_held+0xb5/0x140 [ 279.522685] ? lock_acquire+0x1dc/0x520 [ 279.526641] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 279.531643] ? lock_release+0xa10/0xa10 [ 279.535601] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 279.540860] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 279.545337] ? preempt_notifier_dec+0x20/0x20 [ 279.549828] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 279.554656] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 279.559663] kvm_vcpu_ioctl+0x79d/0x12e0 [ 279.563710] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 279.569405] ? graph_lock+0x170/0x170 [ 279.573190] ? find_held_lock+0x36/0x1c0 [ 279.577242] ? lock_downgrade+0x8e0/0x8e0 [ 279.581380] ? kasan_check_read+0x11/0x20 [ 279.585517] ? rcu_is_watching+0x85/0x140 [ 279.589649] ? rcu_report_qs_rnp+0x790/0x790 [ 279.594048] ? __fget+0x40c/0x650 [ 279.597489] ? match_held_lock+0x871/0x8b0 [ 279.601707] ? expand_files.part.8+0x9a0/0x9a0 [ 279.606272] ? kasan_check_write+0x14/0x20 [ 279.610491] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 279.615405] ? wait_for_completion+0x870/0x870 [ 279.619971] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 279.625144] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 279.630841] do_vfs_ioctl+0x1cf/0x16f0 [ 279.634718] ? ioctl_preallocate+0x2e0/0x2e0 [ 279.639109] ? fget_raw+0x20/0x20 [ 279.642548] ? __sb_end_write+0xac/0xe0 [ 279.646511] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 279.652034] ? fput+0x130/0x1a0 [ 279.655299] ? ksys_write+0x1a6/0x250 [ 279.659084] ? security_file_ioctl+0x94/0xc0 [ 279.663477] ksys_ioctl+0xa9/0xd0 [ 279.666918] __x64_sys_ioctl+0x73/0xb0 [ 279.670790] do_syscall_64+0x1b1/0x800 [ 279.674662] ? syscall_return_slowpath+0x5c0/0x5c0 [ 279.679575] ? syscall_return_slowpath+0x30f/0x5c0 [ 279.684490] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 279.689841] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 279.694670] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.699843] RIP: 0033:0x4559f9 10:01:36 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1c3, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 279.703026] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 279.722250] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 279.729942] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 279.737192] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 279.744452] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 279.751703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 279.758958] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000034 10:01:36 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x79, [0x40000073, 0x1]}) 10:01:36 executing program 7: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x40000, 0x0) setsockopt$ax25_int(r0, 0x101, 0xa, &(0x7f0000000080)=0x53c, 0x4) r1 = inotify_init1(0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f00000000c0)={0x0, 0x0}) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(r4, 0x0, 0x0) setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000100)='tls\x00', 0x4) ptrace$setopts(0x4206, r2, 0x0, 0x0) 10:01:36 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) keyctl$get_keyring_id(0x0, r1, 0x4) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce572a922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:36 executing program 5 (fault-call:5 fault-nth:53): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:36 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x105082) r1 = memfd_create(&(0x7f0000000140)="00000058b0efd5e338ee3b9bd97d89", 0x3) pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, &(0x7f0000000040), 0x1b7889b2) r2 = semget(0x3, 0x3, 0x4) ioctl$IOC_PR_RELEASE(r1, 0x401070ca, &(0x7f0000000000)={0xfffffffffffffff8, 0x1}) semctl$SETVAL(r2, 0x5, 0x10, &(0x7f00000000c0)=0x280000000) 10:01:36 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x6, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:36 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1a3, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:36 executing program 4: clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x40, 0x0) faccessat(r0, &(0x7f00000000c0)='./file0\x00', 0x100, 0x1000) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000000), &(0x7f00000088c0)) r1 = inotify_init1(0x0) r2 = getpid() fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r3, r2, 0x4, 0xffffffffffffffff, &(0x7f0000000100)) execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000680), 0x0) write$binfmt_misc(r0, &(0x7f0000000140)={'syz1', "99566a80411ef5742d4e0cb764534f9e2084ab6826a04f8cf489c48058584fb860ec3c4ff1f95238ef5643d82974199315d6436ea807222e9097cede296ddaa39c001f87973d6f81e7a2613de98b40b0ed07e9776fe2566cc4c46748870a1f2617787c356278e4bc7073d134734e70c15803c4da55b1104a6616c4c3ae2b6536ebd3c899f05dbdb46c70a0e8daf2350f70875693abcb748471fec1417051215152cf3fc68ad93e4c2f4387175beeaf5b1e447ee671b054885b7294af0151309ad1cf655b1d4f6433e7560c7b3f442a19b033af4e728a"}, 0xda) open$dir(&(0x7f0000296ff8)='./file0\x00', 0x27e, 0x0) 10:01:36 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x810000c0, [0x40000073, 0x1]}) [ 280.338790] FAULT_INJECTION: forcing a failure. [ 280.338790] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 280.350898] CPU: 0 PID: 16284 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 280.357830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.367170] Call Trace: [ 280.369751] dump_stack+0x1b9/0x294 [ 280.373377] ? dump_stack_print_info.cold.2+0x52/0x52 [ 280.378564] should_fail.cold.4+0xa/0x1a [ 280.382615] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 280.387703] ? rcu_report_qs_rnp+0x790/0x790 [ 280.392107] ? graph_lock+0x170/0x170 [ 280.395901] ? find_held_lock+0x36/0x1c0 [ 280.399949] ? __lock_is_held+0xb5/0x140 [ 280.404007] ? check_same_owner+0x320/0x320 [ 280.408319] ? rcu_note_context_switch+0x710/0x710 [ 280.413237] ? __might_sleep+0x95/0x190 [ 280.417203] __alloc_pages_nodemask+0x34e/0xd70 [ 280.421860] ? lock_downgrade+0x8e0/0x8e0 [ 280.425999] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 280.431012] ? graph_lock+0x170/0x170 [ 280.434805] ? __lock_is_held+0xb5/0x140 [ 280.438855] ? rcu_report_qs_rnp+0x790/0x790 [ 280.443258] ? __lock_is_held+0xb5/0x140 [ 280.447316] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 280.452842] alloc_pages_current+0x10c/0x210 [ 280.457239] __get_free_pages+0xf/0x40 [ 280.461115] mmu_topup_memory_caches+0x1f8/0x3a0 [ 280.465857] ? kvm_apic_has_interrupt+0xe1/0x210 [ 280.470601] kvm_mmu_load+0x21/0x10e0 [ 280.474386] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.479908] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.485435] vcpu_enter_guest+0x3a83/0x6060 [ 280.489746] ? kvm_set_msr_common+0x2680/0x2680 [ 280.494408] ? perf_trace_lock+0x900/0x900 [ 280.498628] ? __lock_acquire+0x7f5/0x5140 [ 280.502851] ? vmx_vcpu_reset+0x1030/0x1030 [ 280.507159] ? graph_lock+0x170/0x170 [ 280.510948] ? graph_lock+0x170/0x170 [ 280.514735] ? __lock_acquire+0x7f5/0x5140 [ 280.518961] ? perf_trace_lock_acquire+0xe3/0x980 [ 280.523793] ? __lock_is_held+0xb5/0x140 [ 280.527845] ? lock_acquire+0x1dc/0x520 [ 280.531803] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 280.536808] ? lock_release+0xa10/0xa10 [ 280.540771] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 280.546037] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 280.550523] ? preempt_notifier_dec+0x20/0x20 [ 280.555010] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 280.559841] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 280.564853] kvm_vcpu_ioctl+0x79d/0x12e0 [ 280.568902] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 280.574598] ? graph_lock+0x170/0x170 [ 280.578385] ? find_held_lock+0x36/0x1c0 [ 280.582439] ? lock_downgrade+0x8e0/0x8e0 [ 280.586574] ? kasan_check_read+0x11/0x20 [ 280.590707] ? rcu_is_watching+0x85/0x140 [ 280.594843] ? rcu_report_qs_rnp+0x790/0x790 [ 280.599247] ? __fget+0x40c/0x650 [ 280.602690] ? match_held_lock+0x871/0x8b0 [ 280.606909] ? expand_files.part.8+0x9a0/0x9a0 [ 280.611475] ? kasan_check_write+0x14/0x20 [ 280.615708] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 280.620634] ? wait_for_completion+0x870/0x870 [ 280.625202] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 280.630378] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 280.636072] do_vfs_ioctl+0x1cf/0x16f0 [ 280.639951] ? ioctl_preallocate+0x2e0/0x2e0 [ 280.644344] ? fget_raw+0x20/0x20 [ 280.647782] ? __sb_end_write+0xac/0xe0 [ 280.651749] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 280.657271] ? fput+0x130/0x1a0 [ 280.660539] ? ksys_write+0x1a6/0x250 [ 280.664328] ? security_file_ioctl+0x94/0xc0 [ 280.668724] ksys_ioctl+0xa9/0xd0 [ 280.672168] __x64_sys_ioctl+0x73/0xb0 [ 280.676043] do_syscall_64+0x1b1/0x800 [ 280.679913] ? finish_task_switch+0x1ca/0x840 [ 280.684393] ? syscall_return_slowpath+0x5c0/0x5c0 [ 280.689307] ? syscall_return_slowpath+0x30f/0x5c0 [ 280.694224] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 280.699576] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 280.704445] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.709617] RIP: 0033:0x4559f9 [ 280.712788] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 280.732055] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 10:01:37 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) r6 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0xe0, 0x101000) ioctl$KVM_DEASSIGN_DEV_IRQ(r6, 0x4040ae75, &(0x7f0000000240)={0x4, 0x7, 0x2, 0x501}) r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x402202, 0x0) ioctl$TUNGETVNETHDRSZ(r7, 0x800454d7, &(0x7f0000000180)) 10:01:37 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1f6, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 280.739750] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 280.747001] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 280.754261] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 280.761527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 280.768779] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000035 10:01:37 executing program 7: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/group.stat\x00', 0x2761, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086607, 0x800000) 10:01:37 executing program 5 (fault-call:5 fault-nth:54): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:37 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x9, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:37 executing program 3: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, &(0x7f0000facfff)="06", 0x1, r1) r3 = add_key$user(&(0x7f0000000500)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a}, &(0x7f0000000580)="b3", 0x1, r1) r4 = socket$inet6(0xa, 0x1, 0x0) r5 = accept$inet(r4, &(0x7f0000000140)={0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x10) ioctl$sock_inet_SIOCADDRT(r5, 0x890b, &(0x7f0000000240)={0x7ff, {0x2, 0x4e21, @multicast2=0xe0000002}, {0x2, 0x4e23, @rand_addr=0x5}, {0x2, 0x4e20}, 0x1, 0x5, 0x2, 0x800, 0x9, &(0x7f0000000200)='teql0\x00', 0x7, 0x8, 0x7fff}) ioctl(r4, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") keyctl$update(0x2, r3, &(0x7f0000000340)="df02754677212dfc3e2abcb244e22773e8e1cfef09742258cbae7b26fdc3ffa615d9da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa0238014e3293535d1c0066d28e0f275188b4b4c187e18774fc2227cbb6610fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f2525100400000003e7dc2f8fd85adcd88ca30e75b1e143262d94defa187e482a9b9a9a387353df7a21affce4e9149e040000000000000065afd9", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r2, r3, r2}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000a3dffa)={'crc32-pclmul\x00'}}) 10:01:37 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x803, [0x40000073, 0x1]}) 10:01:37 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = accept4$unix(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000040)=0x6e, 0x80000) getsockopt$IP_VS_SO_GET_TIMEOUT(r2, 0x0, 0x486, &(0x7f0000000240), &(0x7f0000000280)=0xc) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:37 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0xdb, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 281.101547] FAULT_INJECTION: forcing a failure. [ 281.101547] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 281.113647] CPU: 0 PID: 16313 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 281.120572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.129913] Call Trace: [ 281.132490] dump_stack+0x1b9/0x294 [ 281.136122] ? dump_stack_print_info.cold.2+0x52/0x52 [ 281.141309] ? lock_downgrade+0x8e0/0x8e0 [ 281.145447] should_fail.cold.4+0xa/0x1a [ 281.149506] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 281.154600] ? rcu_report_qs_rnp+0x790/0x790 [ 281.158994] ? graph_lock+0x170/0x170 [ 281.162789] ? is_bpf_text_address+0xd7/0x170 [ 281.167291] ? find_held_lock+0x36/0x1c0 [ 281.171357] ? __lock_is_held+0xb5/0x140 [ 281.175419] ? check_same_owner+0x320/0x320 [ 281.179743] ? rcu_note_context_switch+0x710/0x710 [ 281.184683] ? __might_sleep+0x95/0x190 [ 281.188652] __alloc_pages_nodemask+0x34e/0xd70 [ 281.193307] ? lock_downgrade+0x8e0/0x8e0 [ 281.197473] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 281.202488] ? graph_lock+0x170/0x170 [ 281.206279] ? __lock_is_held+0xb5/0x140 [ 281.210327] ? rcu_report_qs_rnp+0x790/0x790 [ 281.214728] ? __lock_is_held+0xb5/0x140 [ 281.218776] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 281.224314] alloc_pages_current+0x10c/0x210 [ 281.228735] __get_free_pages+0xf/0x40 [ 281.232618] mmu_topup_memory_caches+0x1f8/0x3a0 [ 281.237364] ? kvm_apic_has_interrupt+0xe1/0x210 [ 281.242111] kvm_mmu_load+0x21/0x10e0 [ 281.245906] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.251426] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.256961] vcpu_enter_guest+0x3a83/0x6060 [ 281.261295] ? print_usage_bug+0xc0/0xc0 [ 281.265353] ? kvm_set_msr_common+0x2680/0x2680 [ 281.270015] ? vmx_vcpu_load+0xada/0xfe0 [ 281.274076] ? __lock_acquire+0x7f5/0x5140 [ 281.278301] ? vmx_vcpu_reset+0x1030/0x1030 [ 281.282606] ? graph_lock+0x170/0x170 [ 281.286403] ? graph_lock+0x170/0x170 [ 281.290190] ? __lock_acquire+0x7f5/0x5140 [ 281.294410] ? debug_check_no_locks_freed+0x310/0x310 [ 281.299584] ? __lock_is_held+0xb5/0x140 [ 281.303640] ? lock_acquire+0x1dc/0x520 [ 281.307603] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 281.312619] ? lock_release+0xa10/0xa10 [ 281.316587] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 281.321844] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 281.326321] ? preempt_notifier_dec+0x20/0x20 [ 281.330803] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 281.335638] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 281.340646] kvm_vcpu_ioctl+0x79d/0x12e0 [ 281.344706] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 281.350409] ? graph_lock+0x170/0x170 [ 281.354201] ? find_held_lock+0x36/0x1c0 [ 281.358269] ? lock_downgrade+0x8e0/0x8e0 [ 281.362419] ? kasan_check_read+0x11/0x20 [ 281.366549] ? rcu_is_watching+0x85/0x140 [ 281.370692] ? rcu_report_qs_rnp+0x790/0x790 [ 281.375105] ? __fget+0x40c/0x650 [ 281.378546] ? match_held_lock+0x871/0x8b0 [ 281.382776] ? expand_files.part.8+0x9a0/0x9a0 [ 281.387351] ? kasan_check_write+0x14/0x20 [ 281.391579] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 281.396511] ? wait_for_completion+0x870/0x870 [ 281.401083] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 281.406264] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 281.411969] do_vfs_ioctl+0x1cf/0x16f0 [ 281.415849] ? ioctl_preallocate+0x2e0/0x2e0 [ 281.420241] ? fget_raw+0x20/0x20 [ 281.423687] ? __sb_end_write+0xac/0xe0 [ 281.427672] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 281.433192] ? fput+0x130/0x1a0 [ 281.436463] ? ksys_write+0x1a6/0x250 [ 281.440250] ? security_file_ioctl+0x94/0xc0 [ 281.444641] ksys_ioctl+0xa9/0xd0 [ 281.448081] __x64_sys_ioctl+0x73/0xb0 [ 281.451955] do_syscall_64+0x1b1/0x800 [ 281.455825] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 281.460662] ? syscall_return_slowpath+0x5c0/0x5c0 [ 281.465572] ? syscall_return_slowpath+0x30f/0x5c0 [ 281.470490] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 281.475857] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 281.480694] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.485863] RIP: 0033:0x4559f9 10:01:38 executing program 7: r0 = socket(0xa, 0x1, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000000000)={0x0, {{0xa, 0x4e23, 0x4, @mcast2={0xff, 0x2, [], 0x1}}}}, 0x88) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000100)) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000001c0)=0x0) r2 = syz_open_procfs(r1, &(0x7f00000000c0)='net/ip_tables_matches\x00') r3 = semget$private(0x0, 0x3, 0x429) semctl$SEM_INFO(r3, 0x3, 0x13, &(0x7f0000001300)=""/209) readv(r2, &(0x7f00000015c0)=[{&(0x7f0000000280)=""/91, 0x5b}, {&(0x7f0000000300)=""/4096, 0x1000}], 0x2) [ 281.489037] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.508221] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 281.515916] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 281.523184] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 281.530444] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 281.537697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 281.544958] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000036 10:01:38 executing program 5 (fault-call:5 fault-nth:55): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:38 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x2, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 281.839945] FAULT_INJECTION: forcing a failure. [ 281.839945] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 281.851910] CPU: 0 PID: 16340 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 281.858839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.868189] Call Trace: [ 281.870781] dump_stack+0x1b9/0x294 [ 281.874412] ? dump_stack_print_info.cold.2+0x52/0x52 [ 281.879602] ? lock_downgrade+0x8e0/0x8e0 [ 281.883755] should_fail.cold.4+0xa/0x1a [ 281.887804] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 281.892900] ? rcu_report_qs_rnp+0x790/0x790 [ 281.897314] ? graph_lock+0x170/0x170 [ 281.901110] ? is_bpf_text_address+0xd7/0x170 [ 281.905589] ? find_held_lock+0x36/0x1c0 [ 281.909640] ? __lock_is_held+0xb5/0x140 [ 281.913690] ? check_same_owner+0x320/0x320 [ 281.917997] ? rcu_note_context_switch+0x710/0x710 [ 281.922916] ? __might_sleep+0x95/0x190 [ 281.926877] __alloc_pages_nodemask+0x34e/0xd70 [ 281.931539] ? lock_downgrade+0x8e0/0x8e0 [ 281.935690] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 281.940692] ? graph_lock+0x170/0x170 [ 281.944480] ? __lock_is_held+0xb5/0x140 [ 281.948541] ? rcu_report_qs_rnp+0x790/0x790 [ 281.952939] ? __lock_is_held+0xb5/0x140 [ 281.956992] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 281.962534] alloc_pages_current+0x10c/0x210 [ 281.966939] __get_free_pages+0xf/0x40 [ 281.970812] mmu_topup_memory_caches+0x1f8/0x3a0 [ 281.975549] ? kvm_apic_has_interrupt+0xe1/0x210 [ 281.980306] kvm_mmu_load+0x21/0x10e0 [ 281.984092] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.989619] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.995152] vcpu_enter_guest+0x3a83/0x6060 [ 281.999467] ? print_usage_bug+0xc0/0xc0 [ 282.003517] ? kvm_set_msr_common+0x2680/0x2680 [ 282.008167] ? vmx_vcpu_load+0xada/0xfe0 [ 282.012211] ? __lock_acquire+0x7f5/0x5140 [ 282.016429] ? vmx_vcpu_reset+0x1030/0x1030 [ 282.020740] ? graph_lock+0x170/0x170 [ 282.024524] ? graph_lock+0x170/0x170 [ 282.028305] ? __lock_acquire+0x7f5/0x5140 [ 282.032530] ? debug_check_no_locks_freed+0x310/0x310 [ 282.037705] ? __lock_is_held+0xb5/0x140 [ 282.041748] ? lock_acquire+0x1dc/0x520 [ 282.045708] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 282.050712] ? lock_release+0xa10/0xa10 [ 282.054681] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 282.059948] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 282.064431] ? preempt_notifier_dec+0x20/0x20 [ 282.068918] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 282.073753] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 282.078756] kvm_vcpu_ioctl+0x79d/0x12e0 [ 282.082802] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 282.088495] ? graph_lock+0x170/0x170 [ 282.092282] ? find_held_lock+0x36/0x1c0 [ 282.096341] ? lock_downgrade+0x8e0/0x8e0 [ 282.100476] ? kasan_check_read+0x11/0x20 [ 282.104609] ? rcu_is_watching+0x85/0x140 [ 282.108739] ? rcu_report_qs_rnp+0x790/0x790 [ 282.113133] ? __fget+0x40c/0x650 [ 282.116571] ? match_held_lock+0x871/0x8b0 [ 282.120787] ? expand_files.part.8+0x9a0/0x9a0 [ 282.125349] ? kasan_check_write+0x14/0x20 [ 282.129569] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 282.134482] ? wait_for_completion+0x870/0x870 [ 282.139057] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 282.144238] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 282.149934] do_vfs_ioctl+0x1cf/0x16f0 [ 282.153807] ? ioctl_preallocate+0x2e0/0x2e0 [ 282.158198] ? fget_raw+0x20/0x20 [ 282.161633] ? __sb_end_write+0xac/0xe0 [ 282.165737] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 282.171256] ? fput+0x130/0x1a0 [ 282.174519] ? ksys_write+0x1a6/0x250 [ 282.178306] ? security_file_ioctl+0x94/0xc0 [ 282.182700] ksys_ioctl+0xa9/0xd0 [ 282.186149] __x64_sys_ioctl+0x73/0xb0 [ 282.190028] do_syscall_64+0x1b1/0x800 [ 282.193910] ? finish_task_switch+0x1ca/0x840 [ 282.198403] ? syscall_return_slowpath+0x5c0/0x5c0 [ 282.203325] ? syscall_return_slowpath+0x30f/0x5c0 [ 282.208245] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 282.213598] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 282.218426] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.223598] RIP: 0033:0x4559f9 [ 282.226765] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 282.245938] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 282.253627] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 282.260875] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 282.268128] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 282.275388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 282.282638] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000037 10:01:39 executing program 4: mkdir(&(0x7f0000f4eff8)='./file0\x00', 0x0) chdir(&(0x7f0000000780)='./file0\x00') creat(&(0x7f0000000000)='./file1\x00', 0x0) 10:01:39 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x4, [0x40000073, 0x1]}) 10:01:39 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast=0xffffffff}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0xe6, &(0x7f00006dc000)}, 0x189) sendto$inet(r0, &(0x7f00000001c0), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x3, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f00000002c0)="20d6dac772b6f65cc7c3fc9bf8d917fbd5bd28cd6ad9243ec3c3fc41fe4295b32b630b3e888a8d0eb1abd9d081c0c6655507c293ed17dcc8e25f2cb85d0e732ff34d9f574cdd31597a5e3a688fff4a8f31474711e4b8f7ab05068770f885c03286fadc1d0fd02098bd981aaf152f2da86443cc605a5cb9a63475b63d354cb1f158bd", 0x82, 0x1, &(0x7f0000000100)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) write(r0, &(0x7f0000000440)="296280b8159c702cdeb04dd6b61961e48af730adb43eed042483fada8b5f67e0efd6460000e1782116cb428273bfe8c301570a71722ad21ce53803eb66614587dcc473b150d938a904a31411605d0b0fee7ccd5e7efdaaa4defd9bdad7c2ae3247cdcce64241b3f48487bec2525a89647801b5711e75875c5eb1da576df7ad023ec8", 0x82) sendto$inet(r0, &(0x7f0000000280)='7', 0x1, 0x0, &(0x7f0000000180)={0x2, 0x0, @multicast1=0xe0000001}, 0x10) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") readv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/226, 0xe2}], 0x1) close(r0) 10:01:39 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x2000, 0x0) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r6, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x6c, r7, 0x100, 0x70bd28, 0x25dfdbfd, {0x4}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}]}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x3d}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2}]}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@dev={0xac, 0x14, 0x14, 0xa}}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x4) 10:01:39 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x14a, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:39 executing program 7: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="021300000200d6a43bbd650000400000000000000059e542e8ba10683a5353579991973e4fb3dab737dd5883692e3d9ba55dbdb7653b35e7811cefff6eb4e92b5ecc414669ab19ccdb04fb2a02b0107099acb5d6"], 0x10}, 0x1}, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') write$cgroup_type(r1, &(0x7f0000000040)='threaded\x00', 0x9) 10:01:39 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x7, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:39 executing program 5 (fault-call:5 fault-nth:56): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 282.591625] FAULT_INJECTION: forcing a failure. [ 282.591625] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 282.603651] CPU: 0 PID: 16371 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 282.610578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.619918] Call Trace: [ 282.622493] dump_stack+0x1b9/0x294 [ 282.626108] ? dump_stack_print_info.cold.2+0x52/0x52 [ 282.631284] ? lock_downgrade+0x8e0/0x8e0 [ 282.635425] should_fail.cold.4+0xa/0x1a [ 282.639474] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 282.644567] ? rcu_report_qs_rnp+0x790/0x790 [ 282.648962] ? graph_lock+0x170/0x170 [ 282.652750] ? is_bpf_text_address+0xd7/0x170 [ 282.657235] ? find_held_lock+0x36/0x1c0 [ 282.661282] ? __lock_is_held+0xb5/0x140 [ 282.665334] ? check_same_owner+0x320/0x320 [ 282.669639] ? rcu_note_context_switch+0x710/0x710 [ 282.674557] ? __might_sleep+0x95/0x190 [ 282.678516] __alloc_pages_nodemask+0x34e/0xd70 [ 282.683166] ? lock_downgrade+0x8e0/0x8e0 [ 282.687302] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 282.692302] ? graph_lock+0x170/0x170 [ 282.696085] ? __lock_is_held+0xb5/0x140 [ 282.700130] ? rcu_report_qs_rnp+0x790/0x790 [ 282.704533] ? __lock_is_held+0xb5/0x140 [ 282.708592] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 282.714116] alloc_pages_current+0x10c/0x210 [ 282.718512] __get_free_pages+0xf/0x40 [ 282.722384] mmu_topup_memory_caches+0x1f8/0x3a0 [ 282.727122] ? kvm_apic_has_interrupt+0xe1/0x210 [ 282.731865] kvm_mmu_load+0x21/0x10e0 [ 282.735653] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.741176] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.746699] vcpu_enter_guest+0x3a83/0x6060 [ 282.751008] ? print_usage_bug+0xc0/0xc0 [ 282.755062] ? kvm_set_msr_common+0x2680/0x2680 [ 282.759716] ? vmx_vcpu_load+0xada/0xfe0 [ 282.763761] ? __lock_acquire+0x7f5/0x5140 [ 282.767980] ? vmx_vcpu_reset+0x1030/0x1030 [ 282.772284] ? graph_lock+0x170/0x170 [ 282.776068] ? graph_lock+0x170/0x170 [ 282.779851] ? __lock_acquire+0x7f5/0x5140 [ 282.784074] ? debug_check_no_locks_freed+0x310/0x310 [ 282.789254] ? __lock_is_held+0xb5/0x140 [ 282.793304] ? lock_acquire+0x1dc/0x520 [ 282.797260] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 282.802273] ? lock_release+0xa10/0xa10 [ 282.806237] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 282.811496] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 282.815972] ? preempt_notifier_dec+0x20/0x20 [ 282.820465] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 282.825288] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 282.830294] kvm_vcpu_ioctl+0x79d/0x12e0 [ 282.834343] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 282.840038] ? graph_lock+0x170/0x170 [ 282.843822] ? find_held_lock+0x36/0x1c0 [ 282.847875] ? lock_downgrade+0x8e0/0x8e0 [ 282.852011] ? kasan_check_read+0x11/0x20 [ 282.856147] ? rcu_is_watching+0x85/0x140 [ 282.860279] ? rcu_report_qs_rnp+0x790/0x790 [ 282.864687] ? __fget+0x40c/0x650 [ 282.868125] ? match_held_lock+0x871/0x8b0 [ 282.872346] ? expand_files.part.8+0x9a0/0x9a0 [ 282.876910] ? kasan_check_write+0x14/0x20 [ 282.881131] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 282.886047] ? wait_for_completion+0x870/0x870 [ 282.890620] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 282.895793] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 282.901488] do_vfs_ioctl+0x1cf/0x16f0 [ 282.905363] ? ioctl_preallocate+0x2e0/0x2e0 [ 282.909753] ? fget_raw+0x20/0x20 [ 282.913193] ? __sb_end_write+0xac/0xe0 [ 282.917151] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 282.922669] ? fput+0x130/0x1a0 [ 282.925945] ? ksys_write+0x1a6/0x250 [ 282.929733] ? security_file_ioctl+0x94/0xc0 [ 282.934135] ksys_ioctl+0xa9/0xd0 [ 282.937580] __x64_sys_ioctl+0x73/0xb0 [ 282.941454] do_syscall_64+0x1b1/0x800 [ 282.945325] ? finish_task_switch+0x1ca/0x840 [ 282.949805] ? syscall_return_slowpath+0x5c0/0x5c0 [ 282.954719] ? syscall_return_slowpath+0x30f/0x5c0 [ 282.959634] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 282.964984] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 282.969814] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.974984] RIP: 0033:0x4559f9 [ 282.978164] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 282.997384] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 283.005078] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 283.012328] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 283.019576] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 283.026827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 283.034079] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000038 10:01:39 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = dup(r2) setsockopt$IPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x41, &(0x7f0000000540)={'raw\x00', 0x4, [{}, {}, {}, {}]}, 0x68) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000600)="05e88edb1a36960cff6b1c4cf598c5fe2719b66e766f8ad6cff7012910583dd33e4e165f477767a2830cceb16545062f1e2c9431b53208a270907e31a68088a9119f550a43195f604ad9a453b669dddfd7aa7ad359838935aa14de7b208b0ac7c35a1ef2359adb08ded28b337d65a8c768f1265f79891e6163e6", 0x7a, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) r7 = fcntl$dupfd(r2, 0x406, r2) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) futimesat(r7, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)={{r8, r9/1000+10000}, {0x77359400}}) 10:01:39 executing program 4: socketpair(0x0, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000000)="a2e191350840d5d264a2b0296cc6c999b0b2132b201691a0faf2440a2adbe62c7096e447914d922159d848ffdcfba04c21facbfa29db00783d08f8c5f4ad5af984eb40fa58d7d440387f5f9b3b96fde2214f12a9c7", &(0x7f0000000080)="e22c0786d7125db4e9f37b837cf6818ee4b8d4136627ca37125bae8647b878302c0aa1735eee3a0ca1c6038a9de9349d04bd1a6e9a36a56ce2b5dbc81515a9cab7778bc1c8765938070038c4a43dab6537af84ef9f216c3816aa76dfc119ecd9900227fcca9ffa2e"}, 0x20) socket$kcm(0xa, 0x1, 0x0) getresgid(&(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0xf, 0x4, 0x4, 0x70}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r1, &(0x7f0000000000), &(0x7f0000000140)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r1, &(0x7f0000000000), &(0x7f0000000140), 0x1}, 0x20) 10:01:39 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x7a, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:39 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x308, [0x40000073, 0x1]}) 10:01:39 executing program 7: syz_mount_image$xfs(&(0x7f0000000440)='xfs\x00', &(0x7f0000000480)='./file0\x00', 0x1f, 0x6, &(0x7f0000000880)=[{&(0x7f00000004c0)="9fe84571e23846df5e12616a06813b3c1f3f0107bc078f67cab776040fee9a9d1a5b6d04913f9ef92e5cd909abf3401686fab3cc5299ae5cc0c1f55295c89c1d7c519b0d15d43a2f2756cf8141ec6271ea765d24ab48e7406412fd2bb03076f836e1866acffdc34b35d3298cc1bb803622b39aa93b996e9e95c2f275e655c89643f58e4ef553f8d7c1c1f6278d0070286c327c74e7bd7de28c5ad589f8f0406b232bb2080d070feec6edaa3d96c4d74b49fd9181b9ff8bfe5100d88c9bf867af8522da1cbbfaf370dd3efe", 0xcb, 0x1000}, {&(0x7f00000005c0)="5dd76be6ec412854eb14cb6db5a5548dec71872f94ba73f96cf51f2b8045f014508a5404da436948712851b4069f48cb53ad3548e9e1a722e589ebdc", 0x3c, 0x7ff}, {&(0x7f0000000600)="407a26e121fd3e9875f34611", 0xc, 0x200}, {&(0x7f0000000640)="8fed61543eb46400e450173c602c4e01143aca5d8a71c81ab0a90b24f841e29aa471d4c250f0745102d7f4efa0e295902bba9ba5fc1d3767767aa72dd94ccafb46f1515fbc3b9c4dadd0db05b176548dcb9596339052a9254c4b", 0x5a, 0x9}, {&(0x7f00000006c0)="1b4272c2d5dcef669a77c9a6a5e248f7deb70bd5d3c6bf4b0da8b7600454aad012f09442d2b9275e5cc8597bf6b6904499c87d3d1e2d7c06d797434a177ed09b9a11051bf88b96fcc12471aea368767ce70150d784849318f822dbb647e38cb0d537b2afb6474128e26ca3a2ca4389ad5881387a705c4c336c0f8d4e05690db2ff3b0650905282334b88280c2b9a3e1bd8e09d33a6a3b0cb4b69acc9292c3533be135d60e0", 0xa5, 0x9}, {&(0x7f0000000780)="fea6c84df9febe2f914a09e199afc557229c0f06808ae0bc95989290f86db83fea2bc1e105a136359f623936e5333a1dd44eb3430097acf6d8c43b1e3f237d090ff891c3cf0b348bee7a18a8a0dfed6fd4340d4f5e38bfd5adb98b067578e6facd5e9918cb3be3de903e2778fd7b6eb2f8cefbb2c939cb1a7dbf4a24e4f6568ff7c41752d68143668c79b43f922e5a8ba4b0cadf1c065549b45fd1c726427105e2dfd9714582f0da9b5fed19e5f1151c4870645f9d0ae8727943b70008ffb59fbe42a2b916a8c5771dd2e2fa4935ea7b9169", 0xd2, 0x80000001}], 0x1000, &(0x7f0000000cc0)=ANY=[@ANYBLOB="6e6f757569642c83a00c0067726f7570732c75737271756f74612c7377696474683d34372c00af0868b798abb5f144ac061e63248a7bad3551b936d51768ad7cfa085ecf3caf3a35aeaa1bd0180b1854901ecd51c11d3b71b6e1dad2dd944a6a648d6a874942640d7e6ffb6b816e771e23bb706684f1d6f04ccf220eb28abedd82940970937d9063e7f96440aedabb65c2f40f6dc981fe178c6eb09d33163b271604dbd976ba487867b6366b12046f2660"]) munmap(&(0x7f00003ff000/0x1000)=nil, 0x1000) mremap(&(0x7f000031d000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000382000/0x3000)=nil) munmap(&(0x7f00004c0000/0x4000)=nil, 0x4000) r0 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x7, 0x100) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000080)={&(0x7f00004bf000/0x4000)=nil, 0x4000}) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000100)="5cb5ad6380c001117a39940249f11f460e31cdeb31a4b3d39b0edf92ee4a05b3011658dd8f2715ec0a69ba8563eda612e39051aad1bec5ed330cb9267c80bb012de4a48ca5337279e3d17c0043acadfdcc2501e266a555bacbee396ae5c66a9d26a5d4fdeb152a9e251838ed266eaeeaf25137420eeb9746e1e60d26bb57716eb2a0cf910f445561a4c8125bd4a9c4fa0a05d2f41513bfd192b7b371c18b8b0e3bf3105be44f37669d5304ffc1ec61c26accf64faa6cb777325359134a3772f64a92432c2064b23e1c6bf1210e11fe8e4f1818", 0xd3}, {&(0x7f0000000000)="79f8a2df00b8dd42f9de3e6f6ff5cd3fe2206c39b18fbcab52fb6f5b65c208eeb8b57a76a6ccfb57fe48c252419dd186478d39d07bbef6065b4d4bfd2bd1ec78456ce9387cb8844c0a683107ee7b55820cae8276193cbf502cb7f7847afc3f16fb482454a523d338099997f5c8e883d50ec3347de2", 0x75}, {&(0x7f0000000200)="02a0594565e4490f718d74f5d3f2d4fa9bc7cec09237163ab626d1e3f5d858f770bda218e95266a41749a5774c85fcc13320a53b311f694a5a421ffcdcb88a49e421d9ae1f3efab4d3f7ff66c9df1b66b36d3a", 0x53}, {&(0x7f0000000280)="5ab899ab4df01855fce5f10c66e848c5a02e4543656c27650b08ed2a1fb9a209d4770f1b8671b2a135046984e3e328cc8c6c0d45ac700b28d3", 0x39}, {&(0x7f00000002c0)="0b8636e7907dd4639d53189133cfa387721d753d669c52924e0432a9bf4c74e7c8c956ef8ae77846e2320946158a4a8b807f9bc2856a2390db10d9e707b5b3aff7983ee858dff6b884d208bcc4044a61f74a88814b9ee349919bd3557f321b9baece3a5f14425b44db064258bf03f9018fca49b7c9defedb4ce3ea7f347ad6e2b15d73b5fa1347cad0739eee2e67f51debba0ddcf1602248df6afa6df2d46a47417571a42f412ff5cb2c35af", 0xac}, {&(0x7f0000000380)="0a5faed93288", 0x6}], 0x6) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000bc0)={0x0, 0x6f, "a0dcac53149a406cafeec360f31f0160e581e8dd90312187cdd8307e6d987c98025558fa393659475cc5b654a8d1a942c71a3c27985b0d236e8a41b153ce9a72b856b3af2b2415b614a96dceaf2cc309efbca72cc0b9ab8d5ae0dbd6d2718984a853785a3625c1294bcadb0eb58357"}, &(0x7f0000000c40)=0x77) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000c80)={r1, 0xfffffffffffffffc}, 0xc) getsockname$packet(r0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f00000009c0)=0x14) lstat(&(0x7f0000000a00)='./file0\x00', &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000ac0)={{{@in=@multicast2=0xe0000002, @in=@broadcast=0xffffffff, 0x4e23, 0x0, 0x4e20, 0x7, 0xa, 0x80, 0x20, 0x7f, r2, r3}, {0x3f, 0x7fffffff, 0x5, 0x1000, 0x6, 0x1, 0xff, 0x5dc}, {0x8c, 0x8, 0x0, 0x5}, 0xcfb, 0x6e6bbc, 0x2, 0x0, 0x1, 0x1}, {{@in=@multicast2=0xe0000002, 0x4d4, 0xff}, 0x0, @in6=@local={0xfe, 0x80, [], 0xaa}, 0x3502, 0x5, 0x3, 0x8247, 0x2, 0x6, 0x1}}, 0xe8) 10:01:39 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0xf, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:39 executing program 5 (fault-call:5 fault-nth:57): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:39 executing program 3: mmap(&(0x7f0000011000/0xc000)=nil, 0xc000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000002ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x800, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000002c80)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@remote}}, &(0x7f0000000080)=0xfffffffffffffcd9) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000540)=0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000580)={{{@in6=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast1}}, &(0x7f0000000680)=0xe8) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000006c0)={{{@in=@dev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@rand_addr}}, &(0x7f00000007c0)=0xe8) r6 = getpgid(0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000b00)={{{@in6=@mcast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@dev}}, &(0x7f0000000c00)=0xe8) getresuid(&(0x7f0000000c40), &(0x7f0000000c80)=0x0, &(0x7f0000000cc0)) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000d00)={{{@in=@multicast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@mcast1}}, &(0x7f0000000e00)=0xe8) r10 = getpgrp(0xffffffffffffffff) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002580)={0x0, 0x0}, &(0x7f00000025c0)=0xc) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002600)={0x0, 0x0, 0x0}, &(0x7f0000002640)=0xc) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002680)={0x0}, &(0x7f00000026c0)=0xc) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000140)={{{@in=@broadcast, @in=@broadcast}}, {{@in=@rand_addr}}}, &(0x7f0000002d80)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002700)={{{@in6=@mcast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@local}}, &(0x7f0000002800)=0xe8) getgroups(0x5, &(0x7f0000002840)=[0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff]) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000002880)=0x0) r17 = syz_genetlink_get_family_id$fou(&(0x7f0000003040)='fou\x00') sendmsg$FOU_CMD_GET(r1, &(0x7f0000003100)={&(0x7f0000003000)={0x10, 0x0, 0x0, 0x9000}, 0xc, &(0x7f00000030c0)={&(0x7f0000003080)={0x40, r17, 0x708, 0x70bd27, 0x25dfdbfc, {0x3}, [@FOU_ATTR_TYPE={0x8, 0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x5d}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e22}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e24}]}, 0x40}, 0x1}, 0x8000) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f00000028c0)={{{@in=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@multicast2}}, &(0x7f00000029c0)=0xe8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002a00)={0x0, 0x0, 0x0}, &(0x7f0000002a40)=0xc) r20 = gettid() getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002a80)={0x0, 0x0}, &(0x7f0000002ac0)=0xc) ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000002dc0)=0x80000001) getgroups(0x1, &(0x7f0000002b00)=[0xffffffffffffffff]) sendmsg$netlink(r1, &(0x7f0000002c40)={&(0x7f0000000040)=@kern={0x10, 0x0, 0x0, 0x150000}, 0xc, &(0x7f0000002540)=[{&(0x7f0000000240)={0x2d8, 0x2b, 0x309, 0x70bd2c, 0x25dfdbff, "", [@nested={0x3c, 0x41, [@generic="2badbf73568b07b48bb22e6f66307418206acc4a7a02a0ee", @typed={0x4, 0x2}, @typed={0x14, 0x4a, @ipv6=@mcast2={0xff, 0x2, [], 0x1}}, @typed={0x8, 0x24, @uid=r2}]}, @generic="8c5395a924903279f9e42cf6dda9636abb6376101339116f25300ef92d81244732e1a8878f1bd0cf84350010b3ebee5b02068b6457cfdd4bf468f157d17ca7659e7a6d60789494491e000e3c49b7ddf066c2a4ace1215257454626f154b78106b060761aacac33794b4a4cc8d1b7cd37c337448c186188bec8bd7abb96fbb52e69636761b482bd0b49218e5ac1b0f98a8c555402f4f1659cdd8214656e092dbccb65583224a2", @typed={0x8, 0xc, @u32=0x80}, @nested={0x11c, 0x87, [@typed={0xc, 0x3e, @u64}, @generic="b07bbc9f1ff2b6368d60ccfa083ce912a094cb21c2a5aa0421d735e9b8ae74506201a5349ce8916c230f596969c7caa27e061cd369795ed1521df4725ada07ad6b894b15f15817549374ae9faed10ee25fc6ed167dbd5ed90ab2c859b5357f23fd1023316a9916e46b7940153c16f78d8800dcf23d542f813e5b7c236e5d8fb6e05beec777560b5fb66ba27d8342a02c79236327fae7e3476dfcbe4f8cb4a3623043fb4983d9387b445800457b853210ee47c831e6741e4a27183bfa7956ad55006e8013086e20740dc98caabdf6f3ff73489ed4a512851ea42a22320addb87177a883c5bbd5803017d46d2dab86decf51fa13ec2a447f1d035c2e877e52d8", @typed={0x4, 0x2c}, @typed={0x8, 0x68, @str='\x00'}]}, @typed={0xc, 0x5b, @u64=0x7}, @generic="c4923178d5311238e8abd2f53828aaf45a759fe1448701f4e85ce7c5325a42ec94261e45a8a9fc26e68c351cd2b9c02e11c3e39f0d764f8e64e5493ab2f8f6f0d4dea69e49cf37b6852b2f26c924aaa193c7bab73ee01ff2c479df375d41eac308057b0ba086742970e2d9afd8d29454caebb483479d1b77686f96092287cde25d5ef35aa70d2e74bcc39d8fb267437b6482bf0b6028d0c9b08542c3d9352434ed0082a1f7f687eee14704277d15e5b183db81"]}, 0x2d8}, {&(0x7f0000000800)={0x2ec, 0x3c, 0x40a, 0x70bd2b, 0x25dfdbfe, "", [@typed={0xc, 0x3b, @u64=0x80000000}, @generic="3ccc939552c92fb1d03b5af76cc7cb14f5cef31ad6c4e1e27df07c59bc2609ff7c028d042294d864181dc5561a7d89b3536c4751e3ba779b9bfd5d7e9420472c9612855cc148ea03df3e5d383bcda944", @nested={0x120, 0x33, [@generic="087f8b777685dd06d4bb9c9bd8007ed33287e52ad68d31ccfec19332ffebca10a84ae6bc66f8e65431aa6322d958990012e14e301d4d62fbeec3ed6b1f7f2832e64bed854acf5df739058b413768a62300c263f4e0c1aeb3e4d2dd9249ee394b7565e6c13e0e43a0cc7278", @generic="de1d1b64e57d98276015448d3cbce291ec901fe1186aea7e53ac5320761eaf242ebf150a2e1bb334ecc178ad63ae9890f3de09836cab07c1ed693aaebfcdab", @generic="5e5e43fd91cd021665d29dd2444924841785c108f4423cb8ab6af4689c94a77cee31e7b7ed793687e850ade5493499c448290f9123be4265cfe5bb1ab901baac1b9f9a059569995d09b4befb222767f806a1e9def70c08082e98752c491210b18d036db30d8eecfaa087802ecd50d5afe66a"]}, @typed={0x10, 0x6d, @binary="d1e03051129d3343a3"}, @nested={0x150, 0x23, [@typed={0x8, 0x18, @pid=r3}, @typed={0x8, 0x94, @uid=r4}, @typed={0x8, 0x29, @uid=r5}, @generic="470032a99958287066d88aac96498700f4a1db7a357ed4120acb3ced89c6f1b843e65405f412e66ea4f01baed233f2edca9b228e6f9bc0504da81bf94d408b02b84a18fc1755785432eb8259e143c6383d6d6247e6d2ab", @typed={0xc, 0x27, @u64=0x7}, @typed={0x8, 0x6f, @u32}, @generic="09b07f474427ef65a09a6cdb66992bbc638dbb84fa561a932fc31a96b7d212e2cce9111666a8a2ce37ba8c7f704011b181d305a09df4236b533899beddd94faf81d0118e19664f7550993e3446c9ffed732b99fd7de7795acfec41d8ad19171391f56d011c00932a951e0dec2659ad8c551189c5b16a66a9e4fd40e11e1b55d38994f0b865901712d5645124905886c99d2feeb154d6797af246e176f215b942eef6970578a89898bfd6991c93565eebdbe00576b53db82ecbff507ea7b266f6cb27e3875cd4a7"]}]}, 0x2ec}, {&(0x7f0000000e40)={0x1504, 0x25, 0x7743f709c999887f, 0x70bd27, 0x25dfdbfd, "", [@typed={0xc, 0x47, @u64=0x7fff}, @nested={0x1290, 0x1e, [@typed={0xc, 0x7f, @u64}, @typed={0x8, 0x68, @u32=0x1}, @typed={0x8, 0x44, @pid=r6}, @generic="8bf90ecb8e36de7ab2fb4f1fbc68a2446de9769999d281eae9d18de7b37c482be19b1bb47e668c2c471a21fc91f03343caaf635df727ea9520a54e726170d620d0ba211f422a6b994a2f1144b7998bc0f9b545a82cdc91b8920240158f4f6dd1deeae2ae497cb0f98a46c16924729794c7bd83c860bb6f79f274d8bc772b0ebcdc2d35d6fd0bca47543735371a34856ceb19d8b3d905b96f5e8bee2e898148dea2ae3d3954508d88d45d01c15acdaaf534e76cb5f5f71085b383de93fd0855a52220b3967828fe61439de2cb6ea0acf94c22e76764f60192188c9a0649faf5163a7a06a27b16215b7baa798fb3d3570a59f23e49bd70532f9d409d685b1140696d257eb33e398aa3e2fb2efcf88cf84c5bc8677013750989154f56741523eb8da52192d7aaf73f7a6b10c92e93749d2a63a6622564feadd0533780c196fdcb9adcf56cc6eab3abe4eb3a387e357c068df2e39cee095340d242edfe48ff4318fc010b66c77b327c2eacb66e934e290d4bab2e99637f5a0bca60d9bb110263a6de5dc7abf6f3f9b8ec616ccfa7a9b904bcd6f440c6cc6b0ce747e761cb562720acc699a52ec562ca6bdac434d32bc96266faf781c6ce4509f219ec6fd626acf13b4ebbb109e5e4a8655c2cfed1dade7e47badb63a28c0f2d760adc36a2a108bc404faa0dc247696cb6cfd0bb660699789cc9a170d1ca5e9d7d2f239adf104867c90a8a5da6dec3445d2fccab60e839dc191dd1f30e59770cc2ad23bd39606ad72592e7b327f3d17a8b58dfabc6a33ba422acf397b4e620044504df15cb52abe0c4ce89d463ddd44ba0c5a09944c0746838ce78388efc1541742866d9e332bb9f918700ae2b25e8cdf2ce920cbbb0a18786e678a5ff99fd1c66003a9d22109754eee6c6e318c90c8753e582d64c0236a6708dc024a21dde8ed891afde30177fd9d576f71382f137055617592c1864e2e71a610b41d20b561b5d6e1adac422999b4151dca6ca437f3e9339da559449bd40b9f9d18311c4545d9bd934e975fce89b5b75efb261ad575682ad3f1450d62775a85a285ee6c701d9cb42befe44e74e781a4b07dac42257e671da31e5f5adbb3e9cb17740529def48f7e10e60a9683ddefe39d1676b3657d9506090ee2cd90d642447794f171ef4649218f3e6f5c09852df9cb29612ca077b80f07d6fc89eaab63ab60dd291d43104e8e06208f45601ded55e4d2b76c786b9246f5763d26f2a08fb5aee71c1a02e71e241240622de9b2e2da8784f4ff7d8788876ca683096adc2b89448eb481677dcda8a65436d4acdd08366f9870f55c9c37a13ca2e14ac1e0dcbb813e51dd6310a474315a12b5c7ddee826c7d2bd048884c813dcad29ed2fe44670ea3f26254e499f6df4ec57f7ef9c9e80a4c8770b7d40be08a8dc922f00a4724fb5b67eccba3f9e6a0e0b6a77f6d33b42ff562349926db38f77912a0d4ab57212cccda9092b4a005e4a070ba29ff78c57628025374654a423dfdf3a87e78599da9d73f47b64cee32c96329034964db3ce553c96818aab3363d359ec8f39351b800d8460706884aba48b5d80110673c1c514b4b155198f33b58cc2f12d321afba6525b85eed34966472d90c33d47509ae30d1565921bbacac2edeba95d83bddb203f2d366ffc1e7c688b95bbdc7772904169acc91c6117a27a24aa04e1b2069ffc9e878325973debe1edae60d04cb094cc663e0b05a324d8d950d052cde404c461cbc66cba21ee8502b1ffbdc0421ecb0d53030932aca12e214341ee8e9e60295fa546e6559a56d26ee6d8f41208d61a696338a8b5d11056f796276f4d5f11344683d2617965f0dbcd6a3cb4c4a98c064fb997112848be83dab3de50c9e358f05edb74457994e22dd90c55db232342fa898cfe214bd1e77b2341e609b7a93fa7dc2c3b04985a56edf26218413b075380225bd1a6b857da5fdc8a810b3c4fa22538056651a09e10704116352b2e0c3154cd0ebe92dcc723a9f7365a6ad0a16b981432253359f6aed2bda8e2ac41af625a8db752f83deb7c0ffad854336592b2299e14fb81fa214af80483190005c08864ed28154f0adebbad4344bf1e8ad8470a823e28df39778666fce072afedfc11ac3db01abd4433aa644f6ae2966b82fab213f99b1a800f872c9465b08bbc5e21c723e7b49caf18146a9d9cfb851220d48e2d4f800ed9bf19546c99c284ed2b4737fb1941d7e9fe2d03b87b9329e3a9f0fcf18fdfbc5f72e82b78c70bd5406582d89426527fc3ba52ead5b59f84dcc79591b0400acbdb8a6f518a2eac5d008be481a732508597050ee565848c268cf17a664cf004dbd1025838a9e49523aa33dbf988b92a9e98f54333502151bd12b3a60bf1400239f7aaab50402ac68e011e543aed50c9a6be052a11a6179471e577cbe2671118c360c296219b5758653ad953773d52c6509a8a540085c774473320bc2fb749ad0422544503dbd407fc65db732b1898a3bbfaf3414853e889d032abd732ec6ae78aba63af12f0e426be0ddd133c1cc0c2b87b98b102503f6a923ec2fe1d66ab6bda34ed04f6574bfccbd1c2b4a1f56c5a86b1fe97f3a53deb9068f1efa902c286fcf8d7832fb5b739536c0174fd4ff598116900a10a6fb9b59973a18fe17edb0da819198cc1d1aeaab28db2e2fff4e8e8c09dece167e7b29df9bc11bf2b057a93caea87e1db50a13951cf18f8ca1fe3012d24908532eb87345f06032339d5fcfea3327a221d40a5fc74e154ae2f97f0624d0ade26ce9226337e3840c631662955610015f21d73bf58d07939f7ee3d39b8d01b3a2173ab1c6394b4dcfe8b7ca4a467efaafa9616baf3a3536474893d75db89cc46fd3d39353ed89ed073875d3dccfdb2a8c6fff03694cb7f940565e93e6224763673a9ea44188b51bf06b2501741bdd9c691b685693f7052c727eb457cfa75b8ef9b473a176987a419cd37df1d4b94fd386494d317ecd98c799d2d591d80ca2fa33cd39a974da4d666b488f6eb0f1920f02c356f1f4571f89569b3c93277bdc02e842a5dcc34bcd26241104f75f6c27fb7414d00a9368b240448bb4546517dc8178b9a57e3cb1cfabf15e959fea0619f0dbbfef9f75c75c588dcb760287cc25d8565f8d2e02ad93c77e65e6fa1bb3dd87a30b1fc3e8433091dc26e63b7aeec670efa58a200e5e5c1f49f44df421489d27373ca57403f0ec890d68644a7423d5c33de4bb867780557fa6f66ca40aed33477973d6700c440f6f20a61d826e38b02ddba6d1685a879434b776d770202c3e60d570e0143aa5265a43744041768dc472ec6167df9b172900ff6de34f3801dc9fef2771b4214cf631745e5d083d846883f80b87d5de81e8464ab8a9741a83a2edeb52db7c0565b82e9a2d048b9a38bb2d2f27d74dab18433f6b2cf5e340dacabc524dc755a98057f8703367caafba8c017aae68aeb3a9e7c14ad4b7ecb434a554c4740529037371e6ebd64dff210096140172bb8af90d017546a5a936ed096dcea4636a67d92b88c1e76da4758625929b9e117639a384145c849c7e8f781997448ea4bf9db52b4fdb9bebe28e06f391958a65f518ca04611ebcaab83434a74b77e501ff0b5dc595a052907572c8eb9b25b4529649b7efd81bc24718a2e88e3a0f5fa2e2c6f5521b33a39b5a62fd21dfe0880032a64d85e2f6430b3e8a97e578742c5ddd1719c05d605993453107d4c64c73b2cad5a1ab2a0d69fa2229c808bef4e3e71ee112967b38aca95c8fa651e71a188a072d04ca71b899cf3e88a767c52448878e7b44a044b5ae2f84b59aac59b470c5ff4dfe23c1f4cbfe354c83ef9e025ac7efe76c4c6181a420769ff9672ed911fe1d8a0350d9ed3f6b450ef0c31fa8e76874afe2089658007338d0b2b90c46014a402da39651acd2fc6503d1ae1106b06e1c199255d468e848f0e3a744ab0ffe3412ec4f84c7413a317bdc8420e46d556a056ae0165cfeda32ad3ff05a8fa1c7723ff1b8e18d0416499a913696633e20c4268e9cf871a432b8729391aeff29b4d9d2f11541715527f18f7bbb9a59071d2d7446a72a0ee05ea755a2ae6da8a668d7d454977f3ff466c637401e4b1c3fb05a32c719a11a5ab3877c905288268a9bb55f6968b6cb32af74197cbbd4c2cc9af89e31c22b14c52cea00b5066beaa185b06719826db14423817eccc7773c48ebe28a108af455364318f672d0ec63861dd29dce695492bc4a4da481139c551a3bfd7a22ffbb8f740a43f6df37abf03ed0cea61fc825480184f66689ab7d655e93c8aff9ae0b8ed1e04ab704ce6dbf9ba5190cdfb38a272f4d9025b5285c996f74035d266fc17bb3178820aced2a34e5e010f4fe77f19ba39483698a495e19340521da092d41b37461cabf20b6c932015fa6fdca02a1450640b137eaad28e38dde6477881c652d0d411a7f966f4d3fd37d02464e4b1848cb8b16eb8a59f9e59db857e3221a2d2f9284dc39003bb970d0925693eaa6f1bcec91dc2a652e9c87862d8e8c44cb83ea7ecdf9d716ae8bc54acccdaeebc7b52157c06b64a89a8ee006ff62c770e9dfde0ad768c286918db3bffba6b83bcbb4f1cf307542be7b8fd1576d2cc3b054e48d4f55a6dd4ae30ab67da4332a7eed6174293348cc9e46fcc038c65f39fac01cdaf62119bc01260521d6248306ae1d70005ac025973ae45c700a639500792c251bcb4fc4201f1c5735bb6d918d508739aeab2e5c87116ffcd32c4e54b0d7070e499c16dd541c4355a42a8e555f8d9f8eee9660d6ce90ced7cff26f7bc0902fd71a2d5f31a4ef2f4828e1b1e150b70ce3a6574eccf703b753ba954d727d3654980722fe3856dbe4e99bbd0fe8599c13a72135dc2f6d6fa69ee79194b8d520d32895ff95146fcc041db64c50007f91963ce912605d7582b0f792d27841044605c6a5700f161e1316433548dec3b76ee029c434d11eb8d0c1bdcd640a2e7dd1dcd61fa546ad159546a20a7d1ccc963c6720173cc37f23892fb5c751663274ec9a0226910343fdd30a21ae55f92d78cc687160fe77afd67378624e1dc8bea3919272b65373b698782757d29ded015379cdced15618e45543bb716171a8d7b48d1c06bdb8ff153bbecd503ba3eaf47488fc4f0fde828d570f89b8b437e33e4f0d992e50ded127db8cfe8e63751b7c4b842a46f657cd84e6cd4bc8b7ace50f17b0888896cddf6f69d43dfc499aa63260e527e03baba667c2a03a0e2da0eee9e186ddc71b92f09b401438d89037489282d7d2183ed6b0dcff1ce4f7ab84a0c7889c06c33a2a3cdfe3e4dfe0db0fe4be8f5f5e4e922096eaa0680cfbd0eda0b1f5d19c0fcc59110a1ee48a428e6fbaae0924c399c2a18171124431ce28380b991151b0519ee536aa95c214e500841f051e3ca1bb69f70c67fc9851ea28adc8b09e629c368c38673a2668013c1249c480ea6f469441e6d8b67513f808af4fbaa0b1b86e5b0e370cf63f484e71ef05a4c346a1ee802ff101bbb372bb9d98f20324ff34a5d73530e84e9e8d04bb9ed8caf9ec5c8da98921047852cfe96e88d70a1bf577a93612462bfda403247174154e725f9efa2723c52a6680d9c1012897ff670967e3718c52790a7405f5de28abf63e778105cc5d8c69bf2c1eebf8db0fa30922a2beec458e1855bc2e651de95d75f18e957fbd2a78e723e3ab389a86187251f4e3e755618068fdc69551a8a8e0c5fa5e0978cd35a8887e79b58371d413189fdeec4d699957b5e13d1651f80a88387b3aa78ea9640f32ac3d46c9a7c778d5235b2403473b691d1a8", @generic="7230761802f8e8c607b6d57201af815dea02c683252c74556499893fe5bbbb60285cc0c50dd28d88597d1a6208f6efe15c3554829bfe0a415213344ff9ecd9459f3821f7be157b606d5bcd0cec216ef52d957876e9b7edf33fcfcd79ce08a17bbfc65d86d95c3368a9c2b2a71316f7485e32cfd02ff6ba5a7d012ea56155e39fcb5139c63f005b6f3501eefd00a0dceaa161bea354c10af66ab3ea4454c2a9d5f6de68bfe9d5cf9b5440302ff22f7e71cbade6c9db2071e167", @generic="0f811a772252c5ae3372cd422f117e83b9e00937f4987daa7813bc094603633c892a29e23b92ca59b77a1048c404a34b50e221e0d8cbb5fc117317ac8c390ef26910d3794a7ac376472b9729577d253bd82980ebc74c3c96751bb9e58c98c676604a53a943e5ada715726510807cb09a6328d89ee4a81551db29d7a776ace7c3bf29453fea", @generic="66661ac1e0c2d9b3197e0a7ccf7bc42bdde8d8e424f3cf70726c343019c9dd871dde213111ad5a35ca0e882c70bb7168a15f41e44b1992169b98fd1639b97f043a4edfbd5a8d1deadd8c0fbc2eeb8388ba895dcec24385d7e5d1eb95d82e115c691c9ba3887afa70705259916267802716636830c0b6000a70247796b320950bc2cac3e41eba560792ac922c01a2493544b2a9e50857a126c4193decc2b4fc6422887082e10c", @typed={0x8, 0x28, @ipv4=@loopback=0x7f000001}, @typed={0x8, 0x6e, @uid=r7}, @generic="dbd29fe2c486a0ee425d0d02a52d430a79d4ace1760da78d3f141fae12b98171eb746faa96da48ffa6fcdbc46cc94758466830c9fc53136ee76ad7aa972bc4c1b677f05b59a69a8e777293816346387dac4694c724c6afdf9af965d020f4c91e33e04c03b3913385ca9bec3ff0866fb08931817f3a2fe79a61657b"]}, @typed={0x4, 0x41}, @nested={0x220, 0x40, [@generic="50e3429d36e9ca29905071f854c7192a50a4fa145610da7256f4c97812ce1958c0ed59834acc12f3725e1420686dd6c883f0c5027d2541e64c5fb75d754b5d7d3a6888359f21dfe6f654a2c6a003df4d805751252d7fda35cc51f318a74de195fbf5ac32537ebe15d1d57c2e8da8ffad5b7906ef5749d699f2a1bbcd4794bccea080d25492c9d0ffc1e1c7e2ae6538a3f77f24f53317ed90a251a9d93b9cbd03b5ce2625a6220d0349482ba68da91f24fc65413c1300a0a7f55d40bb6aa50f3c7aed3886f0d0f10c9dae6cabe331ffcae8dc09e2ddab3b786170c61b739e0c04e088627519a2b4027b354f67c82454599e825ca812", @generic="49293ac351ca63f87134a2811e0671f3aa41f695e033a12aba7bc12b761b0ebef800c3de2c84e1e208d8c2d835882188cd8bbfd8013f3ed5c9298fb8c52e172b8589faac1e7ea7", @typed={0x8, 0x49, @uid=r8}, @generic="4901c22311926ee3236cce3a74b235db0d5fdcc16dc1d10855303cc1467139b04915230b0f9b833e7515db45a0a6235b1f42673cd0b23c6890effa33675f73955e17d5c584fe77d128a1e7a5e0209b27ed9f5ba2ad65b5f9fa30f84f21c3f22ff2c61252098e7ac2b28d485661da8d1ecf4fca4ba9abfc54bc53", @generic="55e680e1db5cb2be27de124f1aa0539aeeeeabd477ca53178a6aeb4f971082809de58981738a1e3cbe1849b1dd40a118af216bbc89677fb0bc80bec81ef3c066881381dbe9cd8d491bad7ee3872ba53dce5ee0e7bf819f88da56b50823"]}, @typed={0x8, 0x60, @uid=r9}, @typed={0x2c, 0x6d, @binary="78ca35cb638b70a3130a0dac1b0df4161b28ca2c44605afb5d977473ddc68e3bcb602cb259f0"}]}, 0x1504}, {&(0x7f0000002380)={0x1c0, 0x15, 0x400, 0x70bd29, 0x25dfdbfd, "", [@typed={0x8, 0x8, @str='\x00'}, @nested={0x1a8, 0x5c, [@typed={0x8, 0x4b, @str=':}\x00'}, @generic="872ae77345a5884d9094880977e30ad93b7a4855baa3f38295475d0f10d1f211b42161aeb14488f8ded330e18202ff2791a2539bbf862e78fb8da040e9be1c5ae93e4f99afc45ecb1c93f909e72fc1ce466822cba492b05d28b3255faf2b0c974ffbc921537e190dba1c91f4d7896ece28c8c4c8647d3315ce1778eae49455b44f984a9181a5f7c1bdcef2c374456a9b0b67f2b3f17695fda7d9a6e2e4e7518a703b6a6ee5", @typed={0x8, 0x15, @u32=0x7}, @generic="6fd6750a1b907436bbf3131cae68047431269f9f2410ea09d2b514545f5b9ac6276b84f4d9fd3bced61a2cb50b34663a1b4cf374c227eb2decc3dc2d06f392ebb19ed28901ca96b7b8617abf0d4785065e43a035961b010d6a822f1fee9d4ef382e029c6c2a570cda91d0665f97de184266ddf5c12854191766f458770ccf72633b0bb5a2080bbd6c2a29d271431fef549253b28722b86ef62adb14b4cb051a2a33e3f217ea9dc506bc1bde09d95336d754f8f05197bf6b0bc04118c782b587be07b5d2c5dd4bce48ec5771aa2a09317e0eee81f656627fb6a817ade35c32268ce3fbd40729b0f94dc2367d65895"]}]}, 0x1c0}], 0x4, &(0x7f0000002b40)=[@cred={0x20, 0x1, 0x2, r10, r11, r12}, @rights={0x38, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r13, r14, r15}, @rights={0x18, 0x1, 0x1, [r0, r0]}, @cred={0x20, 0x1, 0x2, r16, r18, r19}, @cred={0x20, 0x1, 0x2, r20, r21, r22}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0]}], 0xf8}, 0x0) sendmsg$rds(r0, &(0x7f0000000100)={&(0x7f00000000c0)={0x2, 0x0, @multicast1=0xe0000001}, 0x10, &(0x7f0000004000), 0x0, &(0x7f0000003fb8)=ANY=[@ANYBLOB="480000000000000014010000010000000000000000000000", @ANYPTR=&(0x7f0000012f46)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="ba000000000000d4", @ANYPTR=&(0x7f000001a000)=ANY=[@ANYPTR=&(0x7f0000012fe5)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="1b00000000000000"], @ANYBLOB="010000000000000000000000000000000000000000000000"], 0x48}, 0x0) execveat(r1, &(0x7f0000002e00)='./file0\x00', &(0x7f0000002ec0)=[&(0x7f0000002e40)=':}\x00', &(0x7f0000002e80)='/dev/vsock\x00'], &(0x7f0000002f80)=[&(0x7f0000002f00)='\x00', &(0x7f0000002f40)='ppp0)cgroup\x00'], 0x100) [ 283.197102] Unknown ioctl 1074270833 [ 283.246060] Unknown ioctl 1074270833 10:01:39 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x15e, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 283.267238] FAULT_INJECTION: forcing a failure. [ 283.267238] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 283.279361] CPU: 0 PID: 16401 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 283.286293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.295649] Call Trace: [ 283.298248] dump_stack+0x1b9/0x294 [ 283.301887] ? dump_stack_print_info.cold.2+0x52/0x52 [ 283.307084] ? lock_downgrade+0x8e0/0x8e0 [ 283.311243] should_fail.cold.4+0xa/0x1a 10:01:40 executing program 1: r0 = syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0xb, 0xa8000) getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000001c0), &(0x7f0000000240)=0x4) r1 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r2) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r1) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) setsockopt$inet6_opts(r3, 0x29, 0x37, &(0x7f0000000040)=@fragment={0x3b, 0x0, 0x9, 0x2, 0x0, 0x3, 0x66}, 0x8) [ 283.315315] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 283.320427] ? rcu_report_qs_rnp+0x790/0x790 [ 283.324844] ? graph_lock+0x170/0x170 [ 283.328657] ? is_bpf_text_address+0xd7/0x170 [ 283.333163] ? find_held_lock+0x36/0x1c0 [ 283.337234] ? __lock_is_held+0xb5/0x140 [ 283.341300] ? check_same_owner+0x320/0x320 [ 283.345610] ? rcu_note_context_switch+0x710/0x710 [ 283.350529] ? __might_sleep+0x95/0x190 [ 283.354495] __alloc_pages_nodemask+0x34e/0xd70 [ 283.359151] ? lock_downgrade+0x8e0/0x8e0 [ 283.363287] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 283.368286] ? graph_lock+0x170/0x170 [ 283.372070] ? __lock_is_held+0xb5/0x140 [ 283.376161] ? rcu_report_qs_rnp+0x790/0x790 [ 283.380563] ? __lock_is_held+0xb5/0x140 [ 283.384617] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 283.390140] alloc_pages_current+0x10c/0x210 [ 283.394536] __get_free_pages+0xf/0x40 [ 283.398408] mmu_topup_memory_caches+0x1f8/0x3a0 [ 283.403147] ? kvm_apic_has_interrupt+0xe1/0x210 [ 283.407891] kvm_mmu_load+0x21/0x10e0 [ 283.411676] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.417200] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.422724] vcpu_enter_guest+0x3a83/0x6060 [ 283.427035] ? print_usage_bug+0xc0/0xc0 [ 283.431086] ? kvm_set_msr_common+0x2680/0x2680 [ 283.435740] ? vmx_vcpu_load+0xada/0xfe0 [ 283.439786] ? __lock_acquire+0x7f5/0x5140 [ 283.444006] ? vmx_vcpu_reset+0x1030/0x1030 [ 283.448318] ? graph_lock+0x170/0x170 [ 283.452105] ? graph_lock+0x170/0x170 [ 283.455889] ? __lock_acquire+0x7f5/0x5140 [ 283.460112] ? debug_check_no_locks_freed+0x310/0x310 [ 283.465290] ? __lock_is_held+0xb5/0x140 [ 283.469343] ? lock_acquire+0x1dc/0x520 [ 283.473299] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 283.478299] ? lock_release+0xa10/0xa10 [ 283.482260] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 283.487534] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 283.492015] ? preempt_notifier_dec+0x20/0x20 [ 283.496505] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 283.501331] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 283.506336] kvm_vcpu_ioctl+0x79d/0x12e0 [ 283.510412] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 283.516106] ? graph_lock+0x170/0x170 [ 283.519894] ? find_held_lock+0x36/0x1c0 [ 283.523946] ? lock_downgrade+0x8e0/0x8e0 [ 283.528083] ? kasan_check_read+0x11/0x20 [ 283.532217] ? rcu_is_watching+0x85/0x140 [ 283.536351] ? rcu_report_qs_rnp+0x790/0x790 [ 283.540749] ? __fget+0x40c/0x650 [ 283.544191] ? match_held_lock+0x871/0x8b0 [ 283.548409] ? expand_files.part.8+0x9a0/0x9a0 [ 283.552977] ? kasan_check_write+0x14/0x20 [ 283.557198] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 283.562113] ? wait_for_completion+0x870/0x870 [ 283.566680] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 283.571853] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 283.577548] do_vfs_ioctl+0x1cf/0x16f0 [ 283.581421] ? ioctl_preallocate+0x2e0/0x2e0 [ 283.585814] ? fget_raw+0x20/0x20 [ 283.589254] ? __sb_end_write+0xac/0xe0 [ 283.593217] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 283.598735] ? fput+0x130/0x1a0 [ 283.602001] ? ksys_write+0x1a6/0x250 [ 283.605795] ? security_file_ioctl+0x94/0xc0 [ 283.610188] ksys_ioctl+0xa9/0xd0 [ 283.613627] __x64_sys_ioctl+0x73/0xb0 [ 283.617502] do_syscall_64+0x1b1/0x800 [ 283.621380] ? finish_task_switch+0x1ca/0x840 [ 283.625859] ? syscall_return_slowpath+0x5c0/0x5c0 [ 283.630772] ? syscall_return_slowpath+0x30f/0x5c0 [ 283.635687] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 283.641038] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 283.645955] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 283.651135] RIP: 0033:0x4559f9 10:01:40 executing program 3: getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000100)={0x0}, &(0x7f0000000140)=0xc) perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x5, 0x6, 0xfffffffffffffffe, 0x1, 0x0, 0x0, 0xc, 0xa, 0x6, 0x7, 0x0, 0x5, 0x5, 0x3ff, 0x4, 0x7, 0x2, 0x3, 0x5, 0x0, 0x51, 0xffff, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x800, 0x2, 0x9, 0x7fff, 0x8, 0x10000, 0x6, 0x1f, 0xf1b9, 0x8ab, 0x10000, 0x0, 0x0, 0x2, 0x2, @perf_bp={&(0x7f0000000040), 0x5}, 0x340, 0x1, 0x4, 0x0, 0x1, 0x40, 0x7}, r0, 0xb, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000200)="0e7426bd00", &(0x7f0000000280)='/\x00', 0x0, 0x0, &(0x7f0000000240), 0x25, &(0x7f00000002c0)=ANY=[@ANYBLOB='\b']) syz_mount_image$ext4(&(0x7f0000000180)='ext3\x00', &(0x7f00000001c0)='./file0\x00', 0x9, 0x8, &(0x7f00000006c0)=[{&(0x7f0000000300)="6bf5531c3b1b4f6862dc68cb9cc961038c179c71f971506f6fca7d5ca34a3fdb57a6ae3927d78267e1b9720505136ae5459350130b2d209dfc88a82dbbf3d5e8d826432aa3fe8ebdfea88de64995e5328126801e840a855b5d3db0fbdd0025985fcbdcda11a5495d37056f2c9d3d04903503ef85537ada762e60fa3e95b8669c25041d90976b9057503169c44c10fefb9c0d55", 0x93, 0x800}, {&(0x7f0000000240)="bd1e3076cb097a411a9c093ed2b058be6a41ccd4dedfc7a8d7", 0x19, 0x1}, {&(0x7f00000003c0)="2ce2508977755f3a13027100471bda98c4cf8d0529557a4c4442bfa922bff8148a4250f12855809333dbdf1f881728aeb5bd111c7128f8a493f4b746174e8d589d8ebda0d3de4cbd3d5f291fd2acc43e3a10345fe3e5a65edc9dd860028f8a09a52283b4c3d4aef069f681d4b540a443673ad8a63fbec53e12a40d94f4ad53141940596db11e", 0x86, 0x100}, {&(0x7f0000000480)="e09d20d9bedf1dd21af2825a81d72978df1c49eb49d87a9e88fef2168434d9dabadd0116a7d942146419e4f2cc527b0d86dd7ce11eecb22a6491752a61e7f116e03fbbeb047a63f4a5267ae4c71cfd35595eece587e1cdba5f15eeda556c3ae4d0d72ff3f5f840a9c11238adedc51dadfab06a2cb9cb50849af07f2a57370543723e4abffc7623751141bbb8e4ee766ec5367199cdfaebf8c48cc93bacafbf863ba6ccd70c165392dd1453d8fd2c720fa865e4a8be8357420c3159a885c54f2a765b9d08fd47d9915ef92b", 0xcb, 0xd04b}, {&(0x7f0000000580)="005577ac99d110ef338a4eb522fa9b094e0a18dd46b8fa1b708d6dc1a154e4eab24252a4ff3fe677", 0x28, 0xffffffffffffff81}, {&(0x7f00000005c0)="566da2048d3698d730176acefd1809d17389c76e0fbd75d13f8b5447e8e6", 0x1e, 0x9}, {&(0x7f0000000600)="6feb87d5a448a5373aa461e7b599ba13530cc94eb95dc7f8e382f588d1f7beb5a581588185", 0x25, 0x80}, {&(0x7f0000000640)="3b1ae9501de355dafcdee644357b6c144ee0df3473e5dbc7982181d30df41a90a0749ded4a53362254b26adc0769bd5b85878976d3a431ad34a36d7de0786313497a2ed252247445c7a02ffbbdaacbf58805192c343bd494113d5564ea0782e15c0c1e", 0x63, 0x80000000000}], 0x0, &(0x7f0000000780)={[{@bsdgroups='bsdgroups', 0x2c}, {@oldalloc='oldalloc', 0x2c}, {@barrier='barrier', 0x2c}, {@debug='debug', 0x2c}]}) 10:01:40 executing program 7: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)="2f007e574d7a0f30809022cfde26555dc9ecfe1974406edad38364782d63b6612854b2e49dbdcaef718197e37e870a308b1e3a798fa788a46d3025ef933e51828ab675064e2adbe9126423b49c6db2f160d49cb6cce76c27289a4f9d097354aaa5860d2383df87526baa184d90bb7729366c17bc33d765e9bc2f882a13f3a9c1f60660bd4fd2fa31d2c0a775242289eb8e140377", 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x800001) [ 283.654303] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 283.673528] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 283.681221] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 283.688480] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 283.695730] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 283.702984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 283.710235] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000039 10:01:40 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x1c0, [0x40000073, 0x1]}) 10:01:40 executing program 5 (fault-call:5 fault-nth:58): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:40 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000080)="295ee1311f16f477671070") getsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000004f40), &(0x7f0000000000)=0x1) write(r0, &(0x7f00000000c0)="2a5b3db6ef82779d09670815752e4abff48e1e841b4ab48683e5e7e0642e5ef2cd67e5df784fea493d58dcb21160ec0fdd9f2c15647b0e0ed7e59067481f85dec49e73b8ebe5c4514aa5eaf52f661d8934cc59b59e2fe9dbf7dfaebad2bb9abe8e116ace28a1c302fbca9903266c635d7aca", 0x72) 10:01:40 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x1d, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:40 executing program 4: mbind(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000000000)=0x84, 0x550, 0x0) r0 = socket$inet6(0xa, 0x1, 0x8) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc\x00', 0x0, 0x0) preadv(r2, &(0x7f0000f85000)=[{&(0x7f000018bf12)=""/4, 0x7ffff000}], 0x1, 0x0) r3 = gettid() timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000fd7000)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x6, 0x31, 0xffffffffffffffff, 0x0) tkill(r3, 0x1000000000016) fchmod(r0, 0x44) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000300)=ANY=[@ANYBLOB="03000000040004000500140533825f0500000007e86f7ecdd9245aaff6df61e71d0ba771eaf7c2c49f958c233af05588c83e2193203eef3c72231a5fcdaf569ef382b20d60306e6bdbef544d5b0728187fa30e3539e3e3f29f5d9519d9a6187ea531b74d23059bbe11bb7f4e0ede36ba351100c4d83f44191d9a595e121adb6288b1baaaa373ee75bc9838f32dfbe81980ea0d3db597cfd5bdd139bcc20774b381a540b5bac1e2ce099fa847feea50b6123836cce3988beaa781be46259f8edd4b585a57b30dc5013b6a9c43f746b5ae8afe2f18e431f7e581ecd7851a2dad84f76e40f3100a14f4ac4d7d9313d23e1ee9dc1b2bf6f6eaf9eac258bb8cbff070b6917d6105152d8fe6d6bd2c13aa51"], &(0x7f0000000080)=0xa) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x4200, 0x0) r4 = add_key(&(0x7f0000000040)='pkcs7_test\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000001c0)="d8cb163a163890779ad27416fb9e80e2bb8daceff0acdc428ab708c6410233f6be9ae99304ce2cbd1fbd6908e369c9cb99f598e8579253c8fca6d264a9521d814462f7d30f7a778a536b6d7c3b4168ae95c5f240ccffa534bdd826f03455f2c99534444b7939b5ddbd9d5e5b3aeef895eb40ec4e6ab780e7d965db94a2443afd30b02d3f817cd6a6ea8e949ba34ee3c460cdbcfa8032229d4e39dbb8f3", 0x9d, 0xfffffffffffffffc) keyctl$set_timeout(0xf, r4, 0x8) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000180)) [ 284.056405] FAULT_INJECTION: forcing a failure. [ 284.056405] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 284.068387] CPU: 0 PID: 16437 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 284.075327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.084679] Call Trace: [ 284.087283] dump_stack+0x1b9/0x294 [ 284.090925] ? dump_stack_print_info.cold.2+0x52/0x52 [ 284.096130] ? zap_class+0x720/0x720 [ 284.099858] should_fail.cold.4+0xa/0x1a 10:01:40 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x167, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:40 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x11, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x5, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:40 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) accept4$inet(r3, &(0x7f0000000180)={0x0, 0x0, @rand_addr}, &(0x7f00000001c0)=0x10, 0x80800) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) keyctl$dh_compute(0x17, &(0x7f0000000000)={0x0, 0x0, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:40 executing program 7: capset(&(0x7f00000fc000)={0x19980330}, &(0x7f000047efe8)) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/sockstat\x00') fstat(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r0, 0x0, r1) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x8200, 0x0) [ 284.103931] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 284.109040] ? rcu_report_qs_rnp+0x790/0x790 [ 284.113457] ? graph_lock+0x170/0x170 [ 284.117274] ? is_bpf_text_address+0xd7/0x170 [ 284.121783] ? find_held_lock+0x36/0x1c0 [ 284.125858] ? __lock_is_held+0xb5/0x140 [ 284.129940] ? check_same_owner+0x320/0x320 [ 284.134269] ? rcu_note_context_switch+0x710/0x710 [ 284.139209] ? __might_sleep+0x95/0x190 [ 284.143194] __alloc_pages_nodemask+0x34e/0xd70 [ 284.147860] ? lock_downgrade+0x8e0/0x8e0 [ 284.152000] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 284.157018] ? graph_lock+0x170/0x170 [ 284.160809] ? __lock_is_held+0xb5/0x140 [ 284.165047] ? rcu_report_qs_rnp+0x790/0x790 [ 284.169453] ? __lock_is_held+0xb5/0x140 [ 284.173519] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 284.179063] alloc_pages_current+0x10c/0x210 [ 284.183483] __get_free_pages+0xf/0x40 [ 284.187358] mmu_topup_memory_caches+0x1f8/0x3a0 [ 284.192104] ? kvm_apic_has_interrupt+0xe1/0x210 [ 284.196851] kvm_mmu_load+0x21/0x10e0 [ 284.200637] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 284.206161] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 284.211685] vcpu_enter_guest+0x3a83/0x6060 [ 284.215993] ? perf_trace_lock+0xd6/0x900 [ 284.220128] ? print_usage_bug+0xc0/0xc0 [ 284.224182] ? kvm_set_msr_common+0x2680/0x2680 [ 284.228832] ? vmx_vcpu_load+0xada/0xfe0 [ 284.232891] ? __lock_acquire+0x7f5/0x5140 [ 284.237117] ? vmx_vcpu_reset+0x1030/0x1030 [ 284.241427] ? graph_lock+0x170/0x170 [ 284.245211] ? graph_lock+0x170/0x170 [ 284.248995] ? __lock_acquire+0x7f5/0x5140 [ 284.253219] ? debug_check_no_locks_freed+0x310/0x310 [ 284.258394] ? __lock_is_held+0xb5/0x140 [ 284.262444] ? lock_acquire+0x1dc/0x520 [ 284.266574] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 284.271574] ? lock_release+0xa10/0xa10 [ 284.275530] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 284.280788] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 284.285289] ? preempt_notifier_dec+0x20/0x20 [ 284.289771] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 284.294594] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 284.299598] kvm_vcpu_ioctl+0x79d/0x12e0 [ 284.303643] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 284.309337] ? graph_lock+0x170/0x170 [ 284.313144] ? find_held_lock+0x36/0x1c0 [ 284.317203] ? lock_downgrade+0x8e0/0x8e0 [ 284.321339] ? rcu_is_watching+0x85/0x140 [ 284.325471] ? rcu_report_qs_rnp+0x790/0x790 [ 284.329876] ? __fget+0x40c/0x650 [ 284.333318] ? match_held_lock+0x871/0x8b0 [ 284.337539] ? expand_files.part.8+0x9a0/0x9a0 [ 284.342104] ? kasan_check_write+0x14/0x20 [ 284.346329] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 284.351245] ? wait_for_completion+0x870/0x870 [ 284.355809] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 284.360985] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 284.366683] do_vfs_ioctl+0x1cf/0x16f0 [ 284.370569] ? ioctl_preallocate+0x2e0/0x2e0 [ 284.374982] ? fget_raw+0x20/0x20 [ 284.378430] ? __sb_end_write+0xac/0xe0 [ 284.382393] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 284.387912] ? fput+0x130/0x1a0 [ 284.391177] ? ksys_write+0x1a6/0x250 [ 284.394963] ? security_file_ioctl+0x94/0xc0 [ 284.399359] ksys_ioctl+0xa9/0xd0 [ 284.402798] __x64_sys_ioctl+0x73/0xb0 [ 284.406671] do_syscall_64+0x1b1/0x800 [ 284.410538] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 284.415363] ? syscall_return_slowpath+0x5c0/0x5c0 [ 284.420276] ? syscall_return_slowpath+0x30f/0x5c0 [ 284.425189] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 284.430541] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 284.435383] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 284.440559] RIP: 0033:0x4559f9 [ 284.443726] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 284.462939] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 284.470650] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 284.477922] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 284.485178] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 284.492430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 284.499680] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000003a 10:01:41 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x34, [0x40000073, 0x1]}) 10:01:41 executing program 5 (fault-call:5 fault-nth:59): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 284.583180] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 284.612543] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 284.821450] FAULT_INJECTION: forcing a failure. [ 284.821450] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 284.833377] CPU: 1 PID: 16477 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 284.840312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.849669] Call Trace: [ 284.852265] dump_stack+0x1b9/0x294 [ 284.855910] ? dump_stack_print_info.cold.2+0x52/0x52 [ 284.861108] ? preempt_notifier_register+0x1e0/0x1e0 [ 284.866228] should_fail.cold.4+0xa/0x1a [ 284.870298] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 284.875406] ? graph_lock+0x170/0x170 [ 284.879222] ? find_held_lock+0x36/0x1c0 [ 284.883294] ? __lock_is_held+0xb5/0x140 [ 284.887370] ? check_same_owner+0x320/0x320 [ 284.891699] ? rcu_note_context_switch+0x710/0x710 [ 284.896625] ? __might_sleep+0x95/0x190 [ 284.900585] __alloc_pages_nodemask+0x34e/0xd70 [ 284.905236] ? lock_downgrade+0x8e0/0x8e0 [ 284.909371] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 284.914370] ? graph_lock+0x170/0x170 [ 284.918153] ? __lock_is_held+0xb5/0x140 [ 284.922199] ? rcu_report_qs_rnp+0x790/0x790 [ 284.926600] ? __lock_is_held+0xb5/0x140 [ 284.930654] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 284.936177] alloc_pages_current+0x10c/0x210 [ 284.940576] __get_free_pages+0xf/0x40 [ 284.944447] mmu_topup_memory_caches+0x1f8/0x3a0 [ 284.949190] ? kvm_apic_has_interrupt+0xe1/0x210 [ 284.953932] kvm_mmu_load+0x21/0x10e0 [ 284.957719] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 284.963241] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 284.968778] vcpu_enter_guest+0x3a83/0x6060 [ 284.973087] ? print_usage_bug+0xc0/0xc0 [ 284.977135] ? kvm_set_msr_common+0x2680/0x2680 [ 284.981790] ? vmx_vcpu_load+0xada/0xfe0 [ 284.985843] ? __lock_acquire+0x7f5/0x5140 [ 284.990066] ? vmx_vcpu_reset+0x1030/0x1030 [ 284.994373] ? graph_lock+0x170/0x170 [ 284.998158] ? graph_lock+0x170/0x170 [ 285.001942] ? __lock_acquire+0x7f5/0x5140 [ 285.006163] ? debug_check_no_locks_freed+0x310/0x310 [ 285.011345] ? __lock_is_held+0xb5/0x140 [ 285.015394] ? lock_acquire+0x1dc/0x520 [ 285.019353] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 285.024355] ? lock_release+0xa10/0xa10 [ 285.028312] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 285.033577] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 285.038057] ? preempt_notifier_dec+0x20/0x20 [ 285.042574] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 285.047401] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 285.052408] kvm_vcpu_ioctl+0x79d/0x12e0 [ 285.056456] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 285.062153] ? graph_lock+0x170/0x170 [ 285.065940] ? find_held_lock+0x36/0x1c0 [ 285.070027] ? lock_downgrade+0x8e0/0x8e0 [ 285.074162] ? kasan_check_read+0x11/0x20 [ 285.078293] ? rcu_is_watching+0x85/0x140 [ 285.082424] ? rcu_report_qs_rnp+0x790/0x790 [ 285.086822] ? __fget+0x40c/0x650 [ 285.090267] ? match_held_lock+0x871/0x8b0 [ 285.094484] ? expand_files.part.8+0x9a0/0x9a0 [ 285.099052] ? kasan_check_write+0x14/0x20 [ 285.103272] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 285.108188] ? wait_for_completion+0x870/0x870 [ 285.112759] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 285.117933] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 285.123628] do_vfs_ioctl+0x1cf/0x16f0 [ 285.127503] ? ioctl_preallocate+0x2e0/0x2e0 [ 285.131895] ? fget_raw+0x20/0x20 [ 285.135336] ? __sb_end_write+0xac/0xe0 [ 285.139297] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 285.144817] ? fput+0x130/0x1a0 [ 285.148272] ? ksys_write+0x1a6/0x250 [ 285.152061] ? security_file_ioctl+0x94/0xc0 [ 285.156457] ksys_ioctl+0xa9/0xd0 [ 285.159924] __x64_sys_ioctl+0x73/0xb0 [ 285.163801] do_syscall_64+0x1b1/0x800 [ 285.167676] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 285.172505] ? syscall_return_slowpath+0x5c0/0x5c0 [ 285.177418] ? syscall_return_slowpath+0x30f/0x5c0 [ 285.182336] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 285.187687] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 285.192515] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 285.197685] RIP: 0033:0x4559f9 [ 285.200853] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 285.220090] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 285.227782] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 285.235035] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 285.242286] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 285.249536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 285.256790] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000003b 10:01:42 executing program 4: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) ioctl$sock_ipx_SIOCAIPXITFCRT(r0, 0x89e0, &(0x7f0000000040)=0x1a8e) syz_read_part_table(0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="000000000000000000000000000000000000000000000000e0e51532000000000200880126000100000064000000000127008e030c00650000006400000000030d00f0043100c90000006400000000043200422020002d010000d306000055aa", 0x60, 0x1a0}]) 10:01:42 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x48, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:42 executing program 7: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x400100, 0x0) ioctl$KVM_GET_DEBUGREGS(r0, 0x8080aea1, &(0x7f0000000240)) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c832, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000002c0)='\'vboxnet1\x00') socketpair$ax25(0x3, 0x2, 0xf0, &(0x7f0000000340)) syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x0, 0x0) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x200000) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000000)=0x20000, 0x4) ioctl$SNDRV_TIMER_IOCTL_STATUS(0xffffffffffffffff, 0x80605414, &(0x7f00000001c0)=""/127) 10:01:42 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x174, [0x40000073, 0x1]}) 10:01:42 executing program 5 (fault-call:5 fault-nth:60): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:42 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x2, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:42 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="025cc83d6d345f8f760070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = socket$inet6(0xa, 0x1, 0x0) ioctl(r4, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") userfaultfd(0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000013ff4)={@dev={0xac, 0x14}, @rand_addr, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0xc) ioctl$sock_inet_SIOCSIFBRDADDR(r5, 0x8917, &(0x7f0000000000)={'ip_vti0\x00', {0x2, 0x0, @rand_addr}}) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x2, 0x32, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f0000000140)=ANY=[@ANYBLOB="4ae300000000000002000000000000000200e4004000000000b1ee00000001000000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000008ac00000000000000000000000000000000000000000000800000000100000000000000000000000101000000000000010001000000000009000000000000000000000000000000000000000000000004010000000000000000000000000000000000000000000000000000000000000000000000000000000088df4f0f2b75bd39cb72fc9cf21f3158a7bf924a345256d0c3f1dc90b911f283623f644a8c31a48bab1122971aa487b61c765f66015cda3bf638f3f72d8ef3460f7454cbe6f9fca32ae064b6566a84f455a5df3178edb719e8a40be71e7860c995fa6a6b"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10:01:42 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r4 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r4, r4, r4}, &(0x7f0000000740)=""/132, 0xfffffffffffffe93, 0x0) 10:01:42 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x7) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r3 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x8, 0x42000) getsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x3}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000340)=@assoc_value={r4, 0x100000000}, &(0x7f0000000380)=0x9) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r6 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000180)="df0002000000a020961d602c6890760600000078ce574b00", 0xffffffffffffff49, r0) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r5) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r6}, &(0x7f0000000740)=""/132, 0x84, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) [ 285.659657] FAULT_INJECTION: forcing a failure. [ 285.659657] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 285.671570] CPU: 0 PID: 16504 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 285.678503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.687856] Call Trace: [ 285.690454] dump_stack+0x1b9/0x294 [ 285.694092] ? dump_stack_print_info.cold.2+0x52/0x52 [ 285.699291] ? lock_downgrade+0x8e0/0x8e0 [ 285.703448] should_fail.cold.4+0xa/0x1a [ 285.707508] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 285.712596] ? rcu_report_qs_rnp+0x790/0x790 [ 285.716992] ? graph_lock+0x170/0x170 [ 285.720781] ? is_bpf_text_address+0xd7/0x170 [ 285.725264] ? find_held_lock+0x36/0x1c0 [ 285.729313] ? __lock_is_held+0xb5/0x140 [ 285.733367] ? check_same_owner+0x320/0x320 [ 285.737674] ? rcu_note_context_switch+0x710/0x710 [ 285.742587] ? __might_sleep+0x95/0x190 [ 285.746547] __alloc_pages_nodemask+0x34e/0xd70 [ 285.751199] ? lock_downgrade+0x8e0/0x8e0 [ 285.755333] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 285.760330] ? graph_lock+0x170/0x170 [ 285.764113] ? __lock_is_held+0xb5/0x140 [ 285.768158] ? rcu_report_qs_rnp+0x790/0x790 [ 285.772558] ? __lock_is_held+0xb5/0x140 [ 285.776608] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 285.782130] alloc_pages_current+0x10c/0x210 [ 285.786526] __get_free_pages+0xf/0x40 [ 285.790397] mmu_topup_memory_caches+0x1f8/0x3a0 [ 285.795138] ? kvm_apic_has_interrupt+0xe1/0x210 [ 285.799880] kvm_mmu_load+0x21/0x10e0 [ 285.803666] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 285.809190] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 285.814714] vcpu_enter_guest+0x3a83/0x6060 [ 285.819026] ? print_usage_bug+0xc0/0xc0 [ 285.823075] ? kvm_set_msr_common+0x2680/0x2680 [ 285.827730] ? vmx_vcpu_load+0xada/0xfe0 [ 285.831780] ? __lock_acquire+0x7f5/0x5140 [ 285.835999] ? vmx_vcpu_reset+0x1030/0x1030 [ 285.840306] ? graph_lock+0x170/0x170 [ 285.844094] ? graph_lock+0x170/0x170 [ 285.847878] ? __lock_acquire+0x7f5/0x5140 [ 285.852103] ? debug_check_no_locks_freed+0x310/0x310 [ 285.857281] ? __lock_is_held+0xb5/0x140 [ 285.861328] ? lock_acquire+0x1dc/0x520 [ 285.865286] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 285.870307] ? lock_release+0xa10/0xa10 [ 285.874273] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 285.879534] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 285.884015] ? preempt_notifier_dec+0x20/0x20 [ 285.888504] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 285.893330] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 285.898337] kvm_vcpu_ioctl+0x79d/0x12e0 [ 285.902384] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 285.908079] ? graph_lock+0x170/0x170 [ 285.911864] ? find_held_lock+0x36/0x1c0 [ 285.915915] ? lock_downgrade+0x8e0/0x8e0 [ 285.920050] ? kasan_check_read+0x11/0x20 [ 285.924181] ? rcu_is_watching+0x85/0x140 [ 285.928315] ? rcu_report_qs_rnp+0x790/0x790 [ 285.932714] ? __fget+0x40c/0x650 [ 285.936154] ? match_held_lock+0x871/0x8b0 [ 285.940372] ? expand_files.part.8+0x9a0/0x9a0 [ 285.944937] ? kasan_check_write+0x14/0x20 [ 285.949156] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 285.954069] ? wait_for_completion+0x870/0x870 [ 285.958637] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 285.963813] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 285.969511] do_vfs_ioctl+0x1cf/0x16f0 [ 285.973384] ? ioctl_preallocate+0x2e0/0x2e0 [ 285.977776] ? fget_raw+0x20/0x20 [ 285.981217] ? __sb_end_write+0xac/0xe0 [ 285.985178] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 285.990695] ? fput+0x130/0x1a0 [ 285.993961] ? ksys_write+0x1a6/0x250 [ 285.997759] ? security_file_ioctl+0x94/0xc0 [ 286.002158] ksys_ioctl+0xa9/0xd0 [ 286.005600] __x64_sys_ioctl+0x73/0xb0 [ 286.009472] do_syscall_64+0x1b1/0x800 [ 286.013342] ? finish_task_switch+0x1ca/0x840 [ 286.017823] ? syscall_return_slowpath+0x5c0/0x5c0 [ 286.022735] ? syscall_return_slowpath+0x30f/0x5c0 [ 286.027651] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 286.033002] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 286.037835] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.043010] RIP: 0033:0x4559f9 10:01:42 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1a, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 286.046186] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 286.065412] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.073106] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 286.080356] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 286.087615] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 286.094866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 286.102116] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000003c 10:01:42 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x4, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 286.163999] ldm_validate_privheads(): Disk read failed. [ 286.169541] loop4: p1 p2 p3 p4 [ 286.173088] loop4: partition table partially beyond EOD, truncated [ 286.180143] loop4: p1 start 1 is beyond EOD, truncated [ 286.185542] loop4: p2 start 101 is beyond EOD, truncated [ 286.191049] loop4: p3 start 201 is beyond EOD, truncated [ 286.196538] loop4: p4 start 301 is beyond EOD, truncated [ 286.222485] ldm_validate_privheads(): Disk read failed. [ 286.228066] loop4: p1 p2 p3 p4 [ 286.231375] loop4: partition table partially beyond EOD, truncated [ 286.241365] loop4: p1 start 1 is beyond EOD, truncated [ 286.246709] loop4: p2 start 101 is beyond EOD, truncated [ 286.252209] loop4: p3 start 201 is beyond EOD, truncated [ 286.257730] loop4: p4 start 301 is beyond EOD, truncated 10:01:43 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0xec0f0000000000, [0x40000073, 0x1]}) 10:01:43 executing program 7: r0 = socket$inet6(0xa, 0x3, 0x80) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x1, &(0x7f0000001fe8)=ANY=[@ANYBLOB="00000000000004000c"], &(0x7f0000003ff6)='syzkaller\x00', 0x0, 0xc3, &(0x7f0000009f3d)=""/195}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000001fd8)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffff9f}, [@ldst={0x2000d045, 0x3, 0xa}], {0x95}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x437, &(0x7f000000cf3d)=""/195}, 0x48) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x401, 0x0) ioctl$TCSBRKP(r1, 0x5425, 0x0) 10:01:43 executing program 5 (fault-call:5 fault-nth:61): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:43 executing program 3: r0 = socket$inet6(0xa, 0x8000000000000008, 0x4) ioctl(r0, 0x8912, &(0x7f0000000040)="295ed277a4200100360070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha512\x00'}, 0x58) getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000000)={@loopback}, &(0x7f0000000080)=0x14) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000100), 0x0) dup2(r0, r1) 10:01:43 executing program 4: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) ioctl$sock_ipx_SIOCAIPXITFCRT(r0, 0x89e0, &(0x7f0000000040)=0x1a8e) syz_read_part_table(0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="000000000000000000000000000000000000000000000000e0e51532000000000200880126000100000064000000000127008e030c00650000006400000000030d00f0043100c90000006400000000043200422020002d010000d306000055aa", 0x60, 0x1a0}]) 10:01:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x162, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:43 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x401, 0x0) ioctl$EVIOCGBITKEY(r3, 0x80404521, &(0x7f0000000180)=""/20) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:43 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x3, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) [ 286.580730] ldm_validate_privheads(): Disk read failed. [ 286.586236] loop4: p1 p2 p3 p4 [ 286.589556] loop4: partition table partially beyond EOD, truncated [ 286.611982] FAULT_INJECTION: forcing a failure. [ 286.611982] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 286.614322] loop4: p1 start 1 is beyond EOD, [ 286.623868] CPU: 0 PID: 16552 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 286.623880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.623885] Call Trace: [ 286.623908] dump_stack+0x1b9/0x294 [ 286.623930] ? dump_stack_print_info.cold.2+0x52/0x52 [ 286.628430] truncated [ 286.635326] ? lock_downgrade+0x8e0/0x8e0 [ 286.635351] should_fail.cold.4+0xa/0x1a [ 286.635372] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 286.644736] loop4: p2 start 101 is beyond EOD, [ 286.647276] ? rcu_report_qs_rnp+0x790/0x790 [ 286.647293] ? graph_lock+0x170/0x170 [ 286.647315] ? is_bpf_text_address+0xd7/0x170 [ 286.650926] truncated [ 286.656084] ? find_held_lock+0x36/0x1c0 [ 286.656101] ? __lock_is_held+0xb5/0x140 [ 286.656125] ? check_same_owner+0x320/0x320 [ 286.658523] loop4: p3 start 201 is beyond EOD, [ 286.662657] ? rcu_note_context_switch+0x710/0x710 [ 286.662687] ? __might_sleep+0x95/0x190 [ 286.662715] __alloc_pages_nodemask+0x34e/0xd70 [ 286.666768] truncated [ 286.671834] ? lock_downgrade+0x8e0/0x8e0 [ 286.671852] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 286.671868] ? graph_lock+0x170/0x170 [ 286.676532] loop4: p4 start 301 is beyond EOD, [ 286.680900] ? __lock_is_held+0xb5/0x140 [ 286.680917] ? rcu_report_qs_rnp+0x790/0x790 [ 286.680938] ? __lock_is_held+0xb5/0x140 [ 286.680962] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 286.684746] truncated [ 286.689215] alloc_pages_current+0x10c/0x210 [ 286.689233] __get_free_pages+0xf/0x40 [ 286.689251] mmu_topup_memory_caches+0x1f8/0x3a0 [ 286.775517] ? kvm_apic_has_interrupt+0xe1/0x210 [ 286.780262] kvm_mmu_load+0x21/0x10e0 [ 286.784050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 286.789572] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 286.795094] vcpu_enter_guest+0x3a83/0x6060 [ 286.799401] ? print_usage_bug+0xc0/0xc0 [ 286.803450] ? kvm_set_msr_common+0x2680/0x2680 [ 286.808104] ? vmx_vcpu_load+0xada/0xfe0 [ 286.812149] ? __lock_acquire+0x7f5/0x5140 [ 286.816383] ? print_usage_bug+0xc0/0xc0 [ 286.820428] ? vmx_vcpu_reset+0x1030/0x1030 [ 286.824736] ? graph_lock+0x170/0x170 [ 286.828521] ? graph_lock+0x170/0x170 [ 286.832304] ? __lock_acquire+0x7f5/0x5140 [ 286.836525] ? debug_check_no_locks_freed+0x310/0x310 [ 286.841704] ? mark_held_locks+0xc9/0x160 [ 286.845836] ? __lock_is_held+0xb5/0x140 [ 286.849884] ? lock_acquire+0x1dc/0x520 [ 286.853843] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 286.858848] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 286.863589] ? lock_release+0xa10/0xa10 [ 286.867547] ? retint_kernel+0x10/0x10 [ 286.871424] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 286.876250] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 286.881255] kvm_vcpu_ioctl+0x79d/0x12e0 [ 286.885301] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 286.890995] ? graph_lock+0x170/0x170 [ 286.894785] ? find_held_lock+0x36/0x1c0 [ 286.898846] ? lock_downgrade+0x8e0/0x8e0 [ 286.902981] ? kasan_check_read+0x11/0x20 [ 286.907125] ? rcu_is_watching+0x85/0x140 [ 286.911261] ? rcu_report_qs_rnp+0x790/0x790 [ 286.915743] ? __fget+0x40c/0x650 [ 286.919186] ? match_held_lock+0x871/0x8b0 [ 286.923405] ? expand_files.part.8+0x9a0/0x9a0 [ 286.927973] ? kasan_check_write+0x14/0x20 [ 286.932191] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 286.937105] ? wait_for_completion+0x870/0x870 [ 286.941674] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 286.946859] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 286.952556] do_vfs_ioctl+0x1cf/0x16f0 [ 286.956429] ? ioctl_preallocate+0x2e0/0x2e0 [ 286.960824] ? fget_raw+0x20/0x20 [ 286.964262] ? __sb_end_write+0xac/0xe0 [ 286.968224] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 286.973742] ? fput+0x130/0x1a0 [ 286.977007] ? ksys_write+0x1a6/0x250 [ 286.980798] ? security_file_ioctl+0x94/0xc0 [ 286.985193] ksys_ioctl+0xa9/0xd0 [ 286.988632] __x64_sys_ioctl+0x73/0xb0 [ 286.992506] do_syscall_64+0x1b1/0x800 [ 286.996376] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 287.001206] ? syscall_return_slowpath+0x5c0/0x5c0 [ 287.006121] ? syscall_return_slowpath+0x30f/0x5c0 [ 287.011038] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 287.016388] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.021219] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.026392] RIP: 0033:0x4559f9 [ 287.029558] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 287.048784] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 287.056478] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 287.063729] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 287.070979] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 10:01:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x65, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:43 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x3a000000, [0x40000073, 0x1]}) [ 287.078233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 287.085485] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000003d 10:01:43 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) syz_mount_image$xfs(&(0x7f00000000c0)='xfs\x00', &(0x7f0000000140)='./file0\x00', 0x10001, 0x8, &(0x7f0000001540)=[{&(0x7f0000000180)="3d187f3567c2dc0e", 0x8, 0x8}, {&(0x7f00000001c0)="df9f540627a196d7eb314084a4744f9cad01b5e7241af00559aaa220", 0x1c, 0x80000001}, {&(0x7f0000000200)="930b5b9e3ec0578bae8f476274b8b95a63f0a66d87311963e20869fb7bdeda590786eb3c3c63cb7c04c4eb76c55ffdeb172fc783b6682a5279b41fb264342a90a158a9f97e7bf84e21ea15f0848c335b9efc2f83aafa00ef669d4943f9565f0121c02519f2df0498866dd917c9f0fbbb30f4a8a28b699882427750c877d06c08892cf0e9731d51f0f1ca80e61af112532b3bdb163e1d32fb5f3d1280f67fcfd27a1fffbd3cfa2012842d68ab526f458217afd8e7ac1716ae4665a3fbc7ecccdd87cfcb034de3dfc255a525b980233d50eaa6178b41ae8844ecb5c03613c778a49c700c580eab31bc0d4a60b09e73a8c499a531fabfe59680327e2fb55fa11022b1a6190792c85b40542bdf56228cf973434d54d305f5f7c29e451bc31798853f4ad67800be2735f90c468ccaf96b4834b1db6f0ecb0af19bb9b4fe2025707bcd0322481b1448185c388b3eb6bc706cc03afe22a5ebd972d58c14bef1fd8bdc89c1a0d571daaee9e9560032a63475ccb4cbd62fb0b4f07730076430e3bdb9cdf4286d4e4b17893a7af8b11469b7e0d869a55f3be1a00feb6d6a6f95b566c764ea6cf8d12ca95fd4a3819947ac38cce1d64d06b7fde6ffae1d62174e042eb369156990ef77a41fa30aa7da628956e37824faeccb2001f5bbe46433bc7e877db6c438526a224edfa18ea27c656b1174928e3ba2145bc32febb21d9a39ab6ba6dd224bc71a74f9057d7f2a26e7feb4e968c3b2433d1a0b833f6c1ba3477229ea2d5e26c1119460de5f3e0bb63526cc55b00475b299540f6c82f59cdf636b6a4d7170d547b35b3f0c8e950f0950ac22da579fe8f328a2c5b6692cff6796c6d4563dffcb959c606643642064d37633aab6e53f79670d5ca3f311ccf2bffbae850ecfd33ab6126c13806c7cf4f2daf643bba4e524eff005b441dbb32e1764799ee2707ac14f59ba5d985e0c587f601942992303e79b7c7c26aa4f3a40cbdc410297cd03977220a9ddeb97358a3b2f17f42a6e990a12337ae03da2e682f7a3da59c2ec0150ebd53e3e52e5acaee419d66f99d1e2ff1469a94081da01cbb5fd5ceae0470dad3a5f5156e4416fe086458b1bb028f4d224afc78b0fb4c3e4ce21afeb81c6ef937e468bfdeb459511405cc895663b17043e4c5243e9234bf4ccec48ee44f94d74810aa70041288f40fd8f02de13120b1507427240d68cc1133fbeb04e32fc094501fabb6a21f7be57debdb852ceca814d2069a2555e0502657f978ecb2ff62f15f268cb84d8ed1d137e8af519cd4380afaac5de77041b2530f313ff66be88a8076d0b044ecc9d143e6dce20e90aa2ab78e3f44493cf6eea2117715da41f22e4a3bc0d562a1093a53b737210b6ce4b99d9c723d49a541b9f99bb1fedd1c21f9707595d4a041ab89a9896615bba322c91618ccd764e29c0501c449a809dd4843ddbd140130914255c9a12613528ccb79414653846500501a4872f8a743e84c59285c19b54e72f195b9e4757779263a5c1db5e9e4880b9cfa9c8cdbfe4454c2a746a6f609b32e477c6c85937fdbd80d335ef89ddced7ebf4462a79a9faa8bc365dd3307c3b78bd55b7e7fa3d7399b6f6af4c831c063eaa8e12619f50e6a37f2cf0435eb5ca81b59d11b99aa663e47c346be1af46773807cd8afd76e9f5438b3d19c8620505ea069a2a2e81a035d9be5e719c300fd1bbb8f99d7cd533a377270a6e4115445b87f8f0d2be974b1b148a5e9c4bb118b04a3bdc85653721f81f86a28650ec34365406d0109273b163a875a74487f75e128cdfcde7b2fc10ff3e2bacede1ba462a0fac3618d07c5ddd19c0d86bd9574d67bd584f6528765364cdf6cf4e06340e1531e83a8cdfb7467f9fad1ed0a4b83c7c9289169c524221b13a7f65f6adb19cdc9b66667d8ee2a42e7e172e2a88d319a01d0ce5437bc5b522de048d816f4fda33b2195bd5cc7005c4abd0b1088182f8084b2d803a8509aa28f460a6892d930e1af1843f9f53be67e64ddf97312e8fb1f8b3a40191dea5e394a8dec9a8edec5746b961960e878c79c808559653210bd546db77c7ad69ed31ee68d6c7a47296ec79f2b276517b398d867141a9578faab899b98dfb56525626174b0bba748eb37d9d893759f003f02d3bc56207513115caab3b702c0104a5731822311eafb192fcaddf2af40c54801df909e0d725d1d6ffd9fa7d96573041da02fc3ca57c27e7ae777750fe8ad99b870a32188fa8152909a9694d87d347ffa41842bf442529020340964a23ae32b39ddce46611c6827a27ea065bb682c128624203025509fcc9e622b542697f55ddfbddee9598a2e6a7962a38b3bde20457e54349716236c91dd7df3865891f82dd803d8b992282e7ccdb8ed3c02e086d12a2ad32775401a08e2ae3dc2a6ac9eb15a2a0157b13b832caba2e32aea7c187318721843fb369849d464e03312eafa8a760cba55e8514278f9d2b2380c5d7f0cc2031059e32ecb64474394f569fb4f1f8b90a937f769b23d42bb5a457c25667ede570c6037bcfb4371ab5b1d59a5b83a4db4cd680a2bae0c063b765d8c770e188249421144f183b153187d1ea4f55ef7b5def8d5ad8f02d4098f8b354d663c2fa93a691d59fdf9549605eaf3a5e1946f9624d8dea03cb1c881490206431d5aa43b3db089054f281c8a437973d7486ff1f057c02db6e2e604930a47b04a891f6a941c8d4bde39ed6f5bdc71273409d9a4bd784f0674106ef069969684e01db61a38ebbbcf08fcf3383a977f53a3dbceb114121c460a2dcd5ba2f48f0c26de58fa03880a4a3fc82080cfe6d488d8374318df633f2354735ec7ca5927b846bb3b852cf542b4be7b3a735a98eaf6220199657b26d119dd0607c673c27dd50e77e59d58d61e95c2864887a1be5163b654ae3e0b5eec65d579dda897df62d79830448b49344239d241551cd3a566adc2a43aa6f0e96d6cb6cdec2f3afea14cd40a1ab1692a8fa47ce66a4aade21300d44da53ef3659089826d1f560f59bcedc3b62bfb912847eab99b55e1935f4ba15708656c73cbcbcdfb625c880a29eb42e94a4c8d92201b8a85795160fc1a7f5798f812c7db474e16366f9c8df9e27159a46889c3e631944358d6b08f34630b38cfc348ffe7f7321cdb712495b6eafd2abbdffe44e534423196a9ea5bbdce48a5942c3c38b7e27153d45e22a9f373721057087cc16d03fa4546c1153c35bddf704a3ed90398f5bee4dcecf8083c47d4fde6b8e2c3804e5e5659e70efa74b1952471ad294fb75a2ddfc155a2f42a84d93befced7b6b013a2d7ac7dc3a21d880275b282caba88039a2a9b24ca4eef85ed730b41a0fcba0143408b72223372cff40b481329a6521252771e3f23bd0608278f263abc7385ffc5c8467da081015a6716837be069b06e80520667a76c1d09bcc8185510e7a5c5ed10cf7f13bf90774890383841f25c8af5c919985d6ae0775fccbdc517cc02345498143fb42293d4e6173b48d82ff8bf0044800a9f31d836795e561a67742da880476c038dbed9206ed4732bc1eeaca56209148cbe8d56058e933eb386d045352e4f9dc1bd8e8664aaa61a30ad2a39bc1a7e65b5c18ec2cc42bf8e005911ff44c4b7e1d025229fab9b88d9a569f6e59c9468842732b1eef3bdcbf2daa73cc7c1a45d97f1e672daff1db16322d7a729ef47075afb358e0b35405930fe17f7afdac858a5c5a814e7da8c0f74a4a72c238b2b10469338a605e0a502832da0727c70a814fd56b6c57b677bdde3c478b7d272659b32142648506421ff56d7f739adf2a862a36b747b0173b77f7c530c01c1032293deabae4ebe41c41caa52e9bb1cec2f62bf83e30b4d0378240a63040b2192cdd7052385b38c50b2a9dd5734794830a9c9dfd5fc328113d7c056bb86eb4ff9767ba9b88b87e8c473481ebfa9640ec83fe77275edaaa7d55d178b518b5227935b64bf2a4fb760f7ce4f1e9404935bddff63451644f5e1de050282c7003119216190290665ec1d9cd64758c7fa4f3b27de2b027e72f070379951e83f035f2f392578abcaabd9e65d0f64b9efe434bb14248dc870377b4bdaa59a981a01a0ed5ecfa5359dddd46cbcc862b86768277a81e17507558dbd679b1516afbc6d67dc9a40796a904ae15a54935bacbb8b28db754a021905c643d062d9e48221828f4d381d33876daa5400fef6c2b11d5fb6131453be1600ef211ea24d1c2fc3f93bcd7f534da1d340e90374929e6ec6e699faf75b0454b5a4871de3674615cdc0e4e7d892b0218742094c4debf02577933ca12d1a35fabd782c0f2154ab8060b205ff0481597fdfe0de11f7921aec931d8d967c2b6f94735cd38c471ef987e6b3fd526c128f7de4482d2c6b2c5b2cea3b3de99968cda3b6b54f0c7c6149732ab696f4ad20e2b7b0fbd9060ecad8057f1f58945d88c33a6959223e90f329a5571a2df0c5829a4389fefa379e9a33aae12c00e5b216a1755ac07d8ff8359208226e4dc40eea659c4a077ca1256717f156e9352970f7e86b411325e06806068e7462a508128c950d4e83c18910bc1ad29a19326a0580c3092f82822e8cfe6b67583983414e24aa415ea6e501b3a4d039d03665bc7584509458a8bc508f527662e78ec90c60929d288b0df4fb4fe2ce1e1cf77ed7803b361ba5f2538cf3cd58432189644fc3c0e8e1990c366dc34dfefe6a1bdee22e7740dd62db3de19a2bac7df09e4f10545330832a36d9244ef0ec50cc5ffc3dfc35f2556a16d930f42b8316a3d57b37500512863f3e9e037fb480091c9ec55f2494a368955ba3be5316562990d136ebefb247ed8a10ba19fcd011bda9fa760be028c7a0988fe0d84c911cfabb22453247424fa7db36de0a664f9e69f26199759239ecd41f4a87b44a774f46f4a6086e5ef993b3071af982efdcbff672b91db93ca0550534b9df9c3eab4424e43b069129aac660d703ef4ef6ffb6d2cf8fb40522b33c0fcf0c0e8026da548ca73802fffceefef0ef3a0300f3daff21ee005a4e5662ab92eedede57d52464efa0ac34a6f4b3c293c5fa034273c68e75a2d7ac889371d6e9c0ca2ae8badf7dc2e7a5e94e456c19242e4beea274289a63648a99467b68b7e637b144cc9b9516ba11b147d4c0ac6779977353271cf4510aa9d076a841860fdffe5b3dcf682b34f0bb228dc9e08e148359737d9b506e02e9471e67b3174f56bb4a6dad0138f667f871974cd21e6fa6abf8b5ac4bf497be0735e90bdeab14f5f66d1a435a7bbfb2c910995646a684e19ddff840868f128cbe565d3a55f712340d0c29598a861972170090a9d34bc6f3ef043ef17e3662462550e520b8b7cb1011314493e7848907e9311d53b2ef985f76174bad23e73ecbab65dc6183e7d54a4004152a7b170a59738483187ccafb6ffa26a057ef13e006ff08e3064a37c7bcf22658289040ef2de6bf2618eabd4db32590a5cbee8d8b194df95d525ec295f061cceaac6e04ea9b71e22d96f9d9189142e42cbc94af69b323a18088c80ff6c80d7bfb0056e4754772841e203a693a67a8dc24c9011d6729af1c9a04ac31215b775e875507c70cebf377963ecc0647d280f22391fc02154734587dc5391810c500c2c1e6a07787ae61dcb1206be3bd9b2534fb2dc30f0bc8df57d5e88adb59fd86f973a693acd53c1d9f9d491a183f0fbe2dc643566a97c72c0176ac9a0c13678c6ee5073e0f536cf147a617780af772fb581f5efa3712f30a4aca82f5fccc7c7eb0aefff7ab3685c0517e4ab07d8b98516b0d980a47c6f0dc3ca24c452d100094a40", 0x1000, 0x5}, {&(0x7f0000001200)="b3a0f742fe50e38940605971f8ff7b1fd66632b4bade95d8221af35f2c8e217b0860c5d5f4dc186efabcfeb9049041c79724c7bed5c84bb8011c28481b9145963cfe6378d8bd29a8e077f3d841d6", 0x4e, 0x8}, {&(0x7f0000001280)="3bc30243863071d83e08b2a1154f5d84a084a4589c34d39c9305160508e10dcaa34ce3e0a4236e02d9118df68e5904295e58f8a6c7415e90394c8825842535971f1e38d897062ca85fe43fc83f1e5afd908efdd46fa671f0701bfbe832bf74050697efa5a1bcac78c5cd28", 0x6b, 0x2}, {&(0x7f0000001300)="9a2cf60320b210bd5cd6a92ea5374c28cf0fdd005ab69cab9f9dc0393a101398ade6a5c6701358f0a37f4ec2d8bd431d2a188948ab4981e13c9de016ce675980c10ff04d3a57482e8e08d65d06ab82bfb051f69e899fd1ba897d0e30aca160ad40d6f64ddded31d21949d7d9ce790453498018af4c63af29aa277a10c8ab936d8cc7ee22079b19861c0035246d6307f5548c4b0d6200f7e733b499a00732b54017f65b4de3ee5ab1ef9d9236eb7549ae", 0xb0, 0x1000}, {&(0x7f00000013c0)="3cbd3528e150aa5c2c6112226fedb9f97443c70f97e68429cad8d0657746ccd88dc3b1676629dc2ac598c69be4973d7ed17f3091e0681d0fa64573bce5f6ee603fda336196ac356a83bffec7dbdc6c9a19406e8a6888760dbdeb3822228ab9883743f47541abf6870181622cb336e78d672c933e98c3bec83785553c01da4e2544645847966a5fc70d26fb65ade1af2a5eae5ef78097081ab73ad5de9dad383d655e1d50bf7e2c3236df077793794243e9b922bbd9db002c7507c2003cdc67e53a754eefbe7a80dc0cce96c989cd082c99b7eb44358dfd656d96112e87cf04bf076bb4d51bb06157d8ddcc", 0xeb, 0x9}, {&(0x7f00000014c0)="528bffd2bbec93d5f0187540421ae8d26ba6f2fbc16926c66e867d25fffe432c045559efa02572a7e5622e4bb7084a3e0a80c67210be425272b847585087a3063c695471d264a02d091ef60cbcd5453072957fee6509a2b4fee2a7908189f47744e3", 0x62, 0x9}], 0x18000, &(0x7f0000001600)={'nouuid,', {[{@grpid='grpid', 0x2c}, {@bsdgroups='bsdgroups', 0x2c}]}}) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, r0, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) syz_emit_ethernet(0xfed1, &(0x7f0000000040)=ANY=[@ANYBLOB="ffe0ffffffffffffffffffff080045000076293e3a0000009078ac14ffbbe000000100000000000890012e7542fe4698e8a9f369cefe8ac6b29092970104f07710db"], 0x0) close(r1) 10:01:43 executing program 5 (fault-call:5 fault-nth:62): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:43 executing program 4: r0 = syz_open_dev$tun(&(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00', 0x103}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'syzkaller1\x00', 0x400}) r1 = userfaultfd(0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x200000, 0x0) ioctl$SG_GET_ACCESS_COUNT(0xffffffffffffffff, 0x2289, &(0x7f00000000c0)) r2 = request_key(&(0x7f0000000140)='.dead\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000001c0)='N\x00', 0x0) keyctl$assume_authority(0x10, r2) dup2(r1, r0) 10:01:43 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0xfffffffffffffffc) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:43 executing program 3: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000000)='./file0/file1\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='tmpfs\x00', 0x0, &(0x7f000000a000)) mkdir(&(0x7f00000001c0)='./file0/file1\x00', 0x0) mkdir(&(0x7f0000001340)='./file0/file1/file0\x00', 0x0) rmdir(&(0x7f0000000040)='./file0/file1\x00') [ 287.393975] FAULT_INJECTION: forcing a failure. [ 287.393975] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 287.405946] CPU: 1 PID: 16597 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 287.412876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.422227] Call Trace: [ 287.424831] dump_stack+0x1b9/0x294 [ 287.428477] ? dump_stack_print_info.cold.2+0x52/0x52 [ 287.433673] ? lock_downgrade+0x8e0/0x8e0 [ 287.437836] should_fail.cold.4+0xa/0x1a [ 287.441916] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 287.447030] ? rcu_report_qs_rnp+0x790/0x790 [ 287.451466] ? graph_lock+0x170/0x170 [ 287.455284] ? is_bpf_text_address+0xd7/0x170 [ 287.459792] ? find_held_lock+0x36/0x1c0 [ 287.463861] ? __lock_is_held+0xb5/0x140 [ 287.467944] ? check_same_owner+0x320/0x320 [ 287.472261] ? rcu_note_context_switch+0x710/0x710 [ 287.477190] ? __might_sleep+0x95/0x190 [ 287.481175] __alloc_pages_nodemask+0x34e/0xd70 [ 287.485849] ? lock_downgrade+0x8e0/0x8e0 [ 287.490093] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 287.495109] ? graph_lock+0x170/0x170 [ 287.498916] ? __lock_is_held+0xb5/0x140 [ 287.503001] ? rcu_report_qs_rnp+0x790/0x790 [ 287.507416] ? __lock_is_held+0xb5/0x140 [ 287.511475] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 287.517014] alloc_pages_current+0x10c/0x210 [ 287.521425] __get_free_pages+0xf/0x40 [ 287.525301] mmu_topup_memory_caches+0x1f8/0x3a0 [ 287.530053] ? kvm_apic_has_interrupt+0xe1/0x210 [ 287.534809] kvm_mmu_load+0x21/0x10e0 [ 287.538608] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 287.544133] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 287.549660] vcpu_enter_guest+0x3a83/0x6060 [ 287.553967] ? print_usage_bug+0xc0/0xc0 [ 287.558023] ? kvm_set_msr_common+0x2680/0x2680 [ 287.562680] ? vmx_vcpu_load+0xada/0xfe0 [ 287.566731] ? __lock_acquire+0x7f5/0x5140 [ 287.570950] ? vmx_vcpu_reset+0x1030/0x1030 [ 287.575260] ? graph_lock+0x170/0x170 [ 287.579049] ? graph_lock+0x170/0x170 [ 287.582840] ? __lock_acquire+0x7f5/0x5140 [ 287.587069] ? debug_check_no_locks_freed+0x310/0x310 [ 287.592245] ? __lock_is_held+0xb5/0x140 [ 287.596289] ? lock_acquire+0x1dc/0x520 [ 287.600248] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 287.605248] ? lock_release+0xa10/0xa10 [ 287.609202] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 287.614457] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 287.618934] ? preempt_notifier_dec+0x20/0x20 [ 287.623414] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 287.628246] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 287.633256] kvm_vcpu_ioctl+0x79d/0x12e0 [ 287.637302] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 287.642998] ? graph_lock+0x170/0x170 [ 287.646789] ? find_held_lock+0x36/0x1c0 [ 287.650835] ? lock_downgrade+0x8e0/0x8e0 [ 287.654967] ? kasan_check_read+0x11/0x20 [ 287.659102] ? rcu_is_watching+0x85/0x140 [ 287.663252] ? rcu_report_qs_rnp+0x790/0x790 [ 287.667658] ? __fget+0x40c/0x650 [ 287.671095] ? match_held_lock+0x871/0x8b0 [ 287.675311] ? expand_files.part.8+0x9a0/0x9a0 [ 287.679874] ? kasan_check_write+0x14/0x20 [ 287.684093] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 287.689017] ? wait_for_completion+0x870/0x870 [ 287.693591] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 287.698763] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 287.704454] do_vfs_ioctl+0x1cf/0x16f0 [ 287.708327] ? ioctl_preallocate+0x2e0/0x2e0 [ 287.712715] ? fget_raw+0x20/0x20 [ 287.716152] ? __sb_end_write+0xac/0xe0 [ 287.720111] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 287.725626] ? fput+0x130/0x1a0 [ 287.728886] ? ksys_write+0x1a6/0x250 [ 287.732670] ? security_file_ioctl+0x94/0xc0 [ 287.737065] ksys_ioctl+0xa9/0xd0 [ 287.740503] __x64_sys_ioctl+0x73/0xb0 [ 287.744374] do_syscall_64+0x1b1/0x800 [ 287.748244] ? finish_task_switch+0x1ca/0x840 [ 287.752720] ? syscall_return_slowpath+0x5c0/0x5c0 [ 287.757648] ? syscall_return_slowpath+0x30f/0x5c0 [ 287.762587] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 287.767934] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.772767] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.777946] RIP: 0033:0x4559f9 [ 287.781114] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 287.800309] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 287.808020] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 287.815284] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 287.822544] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 287.829800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 287.837063] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000003e 10:01:44 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0xdf, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:44 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x8, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:44 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x9e00, [0x40000073, 0x1]}) 10:01:44 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = getpgrp(0xffffffffffffffff) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000040)=0x0) kcmp(r5, r6, 0x4, r2, r2) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:44 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047"}], 0x0, 0x0, &(0x7f0000000080), 0x0) r4 = socket(0x9, 0x800, 0xdf) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000000)={0x0, 0xd, "873aeafcc2c2bbbf7d8d4c075b"}, &(0x7f0000000080)=0x15) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000200)={r5, 0x5}, &(0x7f0000000280)=0x8) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYPTR=&(0x7f0000000040)=ANY=[@ANYRES32=r1], @ANYBLOB="79972e292e167160dfc381a0ffea1fc48cb32f1c011f1de9589fe76d4fe079bc7cb96aa1ad7d5113c08a5b9d55d23ccdd4797eb712d30732ce6563b3b9b4fa1a"]) ioctl$KVM_X86_SET_MCE(r3, 0xc008ae88, &(0x7f0000000140)={0x2000002, 0xda0, 0xff}) 10:01:44 executing program 7: r0 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000080)=0x1c, 0x80800) setsockopt$inet6_tcp_int(r0, 0x6, 0x1f, &(0x7f00000000c0)=0x617, 0x4) r1 = dup(0xffffffffffffffff) getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f0000000100)={'ipvs\x00'}, &(0x7f0000000140)=0x1e) setsockopt$inet6_tcp_int(r1, 0x6, 0x10, &(0x7f0000000040)=0xffc, 0x4) 10:01:44 executing program 4: r0 = gettid() socketpair$ax25(0x3, 0x0, 0xcf, &(0x7f0000000000)) exit(0x0) tgkill(r0, r0, 0x2) 10:01:44 executing program 5 (fault-call:5 fault-nth:63): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 288.061560] FAULT_INJECTION: forcing a failure. [ 288.061560] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 288.073498] CPU: 1 PID: 16632 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 288.080424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.089775] Call Trace: [ 288.092374] dump_stack+0x1b9/0x294 [ 288.096012] ? dump_stack_print_info.cold.2+0x52/0x52 [ 288.101213] ? lock_downgrade+0x8e0/0x8e0 [ 288.105377] should_fail.cold.4+0xa/0x1a 10:01:44 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000180)={0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x58, r2, 0x604, 0x70bd26, 0x25dfdbfc, {0xd}, [@IPVS_CMD_ATTR_DAEMON={0x18, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0xe}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3f}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote={0xac, 0x14, 0x14, 0xbb}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2f}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000100)=[@cr4={0x1}], 0x1) fcntl$getownex(r3, 0x10, &(0x7f00000000c0)={0x0, 0x0}) sched_setscheduler(r5, 0x3, &(0x7f0000000140)=0x7) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000000)=0x3) ioctl$KVM_RUN(r4, 0xae80, 0x0) 10:01:44 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x1800, [0x40000073, 0x1]}) 10:01:44 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x2, 0x0) getsockopt$inet_dccp_buf(r5, 0x21, 0xd, &(0x7f00000001c0)=""/18, &(0x7f0000000240)=0x12) get_thread_area(&(0x7f0000000040)={0x20, 0x0, 0x1000, 0x5, 0x20, 0x7, 0xdd, 0x8, 0x0, 0x20}) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:44 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x13a, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 288.109447] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 288.114549] ? rcu_report_qs_rnp+0x790/0x790 [ 288.118959] ? graph_lock+0x170/0x170 [ 288.122771] ? is_bpf_text_address+0xd7/0x170 [ 288.127276] ? find_held_lock+0x36/0x1c0 [ 288.131352] ? __lock_is_held+0xb5/0x140 [ 288.135430] ? check_same_owner+0x320/0x320 [ 288.139751] ? rcu_note_context_switch+0x710/0x710 [ 288.144683] ? __might_sleep+0x95/0x190 [ 288.148668] __alloc_pages_nodemask+0x34e/0xd70 [ 288.153345] ? lock_downgrade+0x8e0/0x8e0 [ 288.157506] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 288.162524] ? graph_lock+0x170/0x170 [ 288.166318] ? __lock_is_held+0xb5/0x140 [ 288.170372] ? rcu_report_qs_rnp+0x790/0x790 [ 288.174776] ? __lock_is_held+0xb5/0x140 [ 288.178835] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 288.184362] alloc_pages_current+0x10c/0x210 [ 288.188767] __get_free_pages+0xf/0x40 [ 288.192642] mmu_topup_memory_caches+0x1f8/0x3a0 [ 288.197380] ? kvm_apic_has_interrupt+0xe1/0x210 [ 288.202127] kvm_mmu_load+0x21/0x10e0 [ 288.205912] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 288.211435] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 288.216957] vcpu_enter_guest+0x3a83/0x6060 [ 288.221265] ? print_usage_bug+0xc0/0xc0 [ 288.225313] ? kvm_set_msr_common+0x2680/0x2680 [ 288.229965] ? vmx_vcpu_load+0xada/0xfe0 [ 288.234017] ? __lock_acquire+0x7f5/0x5140 [ 288.238238] ? vmx_vcpu_reset+0x1030/0x1030 [ 288.242547] ? graph_lock+0x170/0x170 [ 288.246334] ? graph_lock+0x170/0x170 [ 288.250119] ? __lock_acquire+0x7f5/0x5140 [ 288.254340] ? debug_check_no_locks_freed+0x310/0x310 [ 288.259516] ? __lock_is_held+0xb5/0x140 [ 288.263567] ? lock_acquire+0x1dc/0x520 [ 288.267523] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 288.272527] ? lock_release+0xa10/0xa10 [ 288.276493] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 288.281781] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 288.286260] ? preempt_notifier_dec+0x20/0x20 [ 288.290745] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 288.295572] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 288.300577] kvm_vcpu_ioctl+0x79d/0x12e0 [ 288.304624] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 288.310320] ? graph_lock+0x170/0x170 [ 288.314104] ? find_held_lock+0x36/0x1c0 [ 288.318155] ? lock_downgrade+0x8e0/0x8e0 [ 288.322290] ? kasan_check_read+0x11/0x20 [ 288.326425] ? rcu_is_watching+0x85/0x140 [ 288.330557] ? rcu_report_qs_rnp+0x790/0x790 [ 288.334954] ? __fget+0x40c/0x650 [ 288.338395] ? match_held_lock+0x871/0x8b0 [ 288.342614] ? expand_files.part.8+0x9a0/0x9a0 [ 288.347179] ? kasan_check_write+0x14/0x20 [ 288.351398] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 288.356316] ? wait_for_completion+0x870/0x870 [ 288.360881] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 288.366055] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 288.371750] do_vfs_ioctl+0x1cf/0x16f0 [ 288.375627] ? ioctl_preallocate+0x2e0/0x2e0 [ 288.380026] ? fget_raw+0x20/0x20 [ 288.383466] ? __sb_end_write+0xac/0xe0 [ 288.387426] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 288.392945] ? fput+0x130/0x1a0 [ 288.396209] ? ksys_write+0x1a6/0x250 [ 288.399998] ? security_file_ioctl+0x94/0xc0 [ 288.404396] ksys_ioctl+0xa9/0xd0 [ 288.407837] __x64_sys_ioctl+0x73/0xb0 [ 288.411710] do_syscall_64+0x1b1/0x800 [ 288.415581] ? finish_task_switch+0x1ca/0x840 [ 288.420065] ? syscall_return_slowpath+0x5c0/0x5c0 [ 288.424978] ? syscall_return_slowpath+0x30f/0x5c0 [ 288.429895] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 288.435246] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 288.440078] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 288.445249] RIP: 0033:0x4559f9 10:01:45 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x9, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:45 executing program 5 (fault-call:5 fault-nth:64): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) [ 288.448426] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 288.467664] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 288.475355] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 288.482606] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 288.489856] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 288.497106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 288.504357] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 000000000000003f 10:01:45 executing program 3: r0 = memfd_create(&(0x7f00000000c0)=',cpuset\x00', 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000080)='cgroup.max.descendants\x00', 0x2, 0x0) write$cgroup_int(r2, &(0x7f0000000000)={[0x2d, 0x31]}, 0x2) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000040)=0x4) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000240)) 10:01:45 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x37, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:45 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) pipe(&(0x7f0000000180)={0xffffffffffffffff}) ioctl$EVIOCGSND(r2, 0x8040451a, &(0x7f00000001c0)=""/22) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) syz_mount_image$hfs(&(0x7f0000000300)='hfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000000600)="d25f5ecb9f27b8481f409a909d9c595a90b34fbad2085dfac50de88629efb4537c6611f85b0c9412abc1cc6ed54f4407f8b5bbd44a69015e2bbd365607ea54056c4a3208bc2291c5b5da7e6235f6734474bec93bc8f9a6a9de8881f531455214f674cb61f835667e77d86077e814178746f8e444de002c79ae973eaea7a36c5e87227093", 0x84, 0xb5a}], 0x2000, &(0x7f0000000540)={[{@umask={'umask', 0x3d, [0x32, 0x35, 0x31, 0x35, 0x32, 0x36, 0x37, 0x32, 0x30, 0x33]}, 0x2c}, {@iocharset={'iocharset', 0x3d, 'cp932'}, 0x2c}, {@type={'type', 0x3d, "07965021"}, 0x2c}, {@iocharset={'iocharset', 0x3d, 'cp932'}, 0x2c}]}) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) r7 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x7, 0x0) ioctl$KDSKBSENT(r7, 0x4b49, &(0x7f0000000240)="bc913bbbd529987c45de3a3b701696851b1e0c8bbf16d2e5ef768521d1b1129d28791dc4c7a58e24101ebed2d7c5e43db3f312942ecf630e6bb848d779aa24f0f4a9492812ade7984946ad98f98f1d2aa64cad4e1fbd8de38b4294309fa66d6a0e87810b8d4e600a0e8ab70d7ab96b995919b1b2fe4f532e60273bf07c3ef84a55ebf7d0c6f762cdc8cee7677ec7d6d1aaabcda0") [ 288.793560] FAULT_INJECTION: forcing a failure. [ 288.793560] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 288.805624] CPU: 0 PID: 16665 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 288.812556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.821909] Call Trace: [ 288.824508] dump_stack+0x1b9/0x294 [ 288.828138] ? dump_stack_print_info.cold.2+0x52/0x52 [ 288.833316] ? lock_downgrade+0x8e0/0x8e0 [ 288.837454] should_fail.cold.4+0xa/0x1a [ 288.841506] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 288.846595] ? rcu_report_qs_rnp+0x790/0x790 [ 288.850994] ? graph_lock+0x170/0x170 [ 288.854785] ? is_bpf_text_address+0xd7/0x170 [ 288.859264] ? find_held_lock+0x36/0x1c0 [ 288.863311] ? __lock_is_held+0xb5/0x140 [ 288.867366] ? check_same_owner+0x320/0x320 [ 288.871674] ? rcu_note_context_switch+0x710/0x710 [ 288.876614] ? __might_sleep+0x95/0x190 [ 288.880575] __alloc_pages_nodemask+0x34e/0xd70 [ 288.885229] ? lock_downgrade+0x8e0/0x8e0 [ 288.889367] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 288.894367] ? graph_lock+0x170/0x170 [ 288.898150] ? __lock_is_held+0xb5/0x140 [ 288.902195] ? rcu_report_qs_rnp+0x790/0x790 [ 288.906596] ? __lock_is_held+0xb5/0x140 [ 288.910649] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 288.916201] alloc_pages_current+0x10c/0x210 [ 288.920601] __get_free_pages+0xf/0x40 [ 288.924477] mmu_topup_memory_caches+0x1f8/0x3a0 [ 288.929216] ? kvm_apic_has_interrupt+0xe1/0x210 [ 288.933957] kvm_mmu_load+0x21/0x10e0 [ 288.937744] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 288.943267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 288.948789] vcpu_enter_guest+0x3a83/0x6060 [ 288.953099] ? crash_vmclear_local_loaded_vmcss+0x170/0x170 [ 288.958797] ? print_usage_bug+0xc0/0xc0 [ 288.962843] ? kvm_set_msr_common+0x2680/0x2680 [ 288.967494] ? vmx_vcpu_load+0xada/0xfe0 [ 288.971541] ? vmx_vcpu_reset+0x1030/0x1030 [ 288.975846] ? graph_lock+0x170/0x170 [ 288.979632] ? graph_lock+0x170/0x170 [ 288.983416] ? __lock_acquire+0x7f5/0x5140 [ 288.987639] ? debug_check_no_locks_freed+0x310/0x310 [ 288.992817] ? __lock_is_held+0xb5/0x140 [ 288.996867] ? lock_acquire+0x1dc/0x520 [ 289.000825] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 289.005828] ? lock_release+0xa10/0xa10 [ 289.009785] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 289.015044] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 289.019520] ? preempt_notifier_dec+0x20/0x20 [ 289.024004] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 289.028833] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 289.033838] kvm_vcpu_ioctl+0x79d/0x12e0 [ 289.037887] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 289.043584] ? graph_lock+0x170/0x170 [ 289.047383] ? find_held_lock+0x36/0x1c0 [ 289.051435] ? lock_downgrade+0x8e0/0x8e0 [ 289.055571] ? kasan_check_read+0x11/0x20 [ 289.059702] ? rcu_is_watching+0x85/0x140 [ 289.063833] ? rcu_report_qs_rnp+0x790/0x790 [ 289.068234] ? __fget+0x40c/0x650 [ 289.071675] ? match_held_lock+0x871/0x8b0 [ 289.075893] ? expand_files.part.8+0x9a0/0x9a0 [ 289.080461] ? kasan_check_write+0x14/0x20 [ 289.084681] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 289.089596] ? wait_for_completion+0x870/0x870 [ 289.094167] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 289.099341] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 289.105039] do_vfs_ioctl+0x1cf/0x16f0 [ 289.108916] ? ioctl_preallocate+0x2e0/0x2e0 [ 289.113307] ? fget_raw+0x20/0x20 [ 289.116747] ? __sb_end_write+0xac/0xe0 [ 289.120707] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 289.126235] ? fput+0x130/0x1a0 [ 289.129501] ? ksys_write+0x1a6/0x250 [ 289.133287] ? security_file_ioctl+0x94/0xc0 [ 289.137680] ksys_ioctl+0xa9/0xd0 [ 289.141120] __x64_sys_ioctl+0x73/0xb0 [ 289.144995] do_syscall_64+0x1b1/0x800 [ 289.148867] ? finish_task_switch+0x1ca/0x840 [ 289.153346] ? syscall_return_slowpath+0x5c0/0x5c0 [ 289.158260] ? syscall_return_slowpath+0x30f/0x5c0 [ 289.163179] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 289.168529] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 289.173362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 289.178532] RIP: 0033:0x4559f9 [ 289.181700] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 289.200926] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 289.208624] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 289.215875] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 289.223128] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 289.230378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 289.237629] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000040 10:01:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x54, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:46 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000180)={0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x58, r2, 0x604, 0x70bd26, 0x25dfdbfc, {0xd}, [@IPVS_CMD_ATTR_DAEMON={0x18, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0xe}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3f}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote={0xac, 0x14, 0x14, 0xbb}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2f}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000100)=[@cr4={0x1}], 0x1) fcntl$getownex(r3, 0x10, &(0x7f00000000c0)={0x0, 0x0}) sched_setscheduler(r5, 0x3, &(0x7f0000000140)=0x7) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000000)=0x3) ioctl$KVM_RUN(r4, 0xae80, 0x0) 10:01:46 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0xf, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:46 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x2000, [0x40000073, 0x1]}) 10:01:46 executing program 5 (fault-call:5 fault-nth:65): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:46 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000cd0000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000f85000)={0x2, 0x1, 0x0, 0x2, 0xc, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}}}]}, 0x60}, 0x1}, 0x0) sendmsg$key(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x2, 0x8, 0x100000, 0x0, 0x2}, 0x10}, 0x1}, 0x0) 10:01:46 executing program 4: r0 = add_key(&(0x7f0000000180)='trusted\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$clear(0x7, r0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x488}]}) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)={&(0x7f0000000200)='./file0\x00', 0x0, 0x8}, 0x10) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r3, 0x800455d1, &(0x7f00000002c0)) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r5, 0x124, 0x70bd26, 0x25dfdbfc, {0x1}, [@FOU_ATTR_TYPE={0x8, 0x4}]}, 0x1c}, 0x1}, 0x14) 10:01:46 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r4 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r1) r5 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r3) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r5, r4}, &(0x7f0000000740)=""/132, 0x84, 0x0) [ 289.569016] FAULT_INJECTION: forcing a failure. [ 289.569016] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 289.581072] CPU: 0 PID: 16691 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 289.588003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.597369] Call Trace: [ 289.599976] dump_stack+0x1b9/0x294 [ 289.603617] ? dump_stack_print_info.cold.2+0x52/0x52 [ 289.608820] ? lock_downgrade+0x8e0/0x8e0 [ 289.612984] should_fail.cold.4+0xa/0x1a [ 289.617053] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 289.622161] ? rcu_report_qs_rnp+0x790/0x790 [ 289.626574] ? graph_lock+0x170/0x170 [ 289.630384] ? is_bpf_text_address+0xd7/0x170 [ 289.634875] ? find_held_lock+0x36/0x1c0 [ 289.638939] ? __lock_is_held+0xb5/0x140 [ 289.642999] ? check_same_owner+0x320/0x320 [ 289.647312] ? rcu_note_context_switch+0x710/0x710 [ 289.652232] ? __might_sleep+0x95/0x190 [ 289.656193] __alloc_pages_nodemask+0x34e/0xd70 [ 289.660848] ? lock_downgrade+0x8e0/0x8e0 [ 289.664983] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 289.669997] ? graph_lock+0x170/0x170 [ 289.673790] ? __lock_is_held+0xb5/0x140 [ 289.677843] ? rcu_report_qs_rnp+0x790/0x790 [ 289.682267] ? __lock_is_held+0xb5/0x140 [ 289.686346] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 289.691888] alloc_pages_current+0x10c/0x210 [ 289.696293] __get_free_pages+0xf/0x40 [ 289.700166] mmu_topup_memory_caches+0x1f8/0x3a0 [ 289.704911] ? kvm_apic_has_interrupt+0xe1/0x210 [ 289.709651] kvm_mmu_load+0x21/0x10e0 [ 289.713438] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 289.718958] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 289.724481] vcpu_enter_guest+0x3a83/0x6060 [ 289.728791] ? print_usage_bug+0xc0/0xc0 [ 289.732849] ? kvm_set_msr_common+0x2680/0x2680 [ 289.737509] ? vmx_vcpu_load+0xada/0xfe0 [ 289.741554] ? __lock_acquire+0x7f5/0x5140 [ 289.745772] ? vmx_vcpu_reset+0x1030/0x1030 [ 289.750072] ? graph_lock+0x170/0x170 [ 289.753858] ? graph_lock+0x170/0x170 [ 289.757649] ? __lock_acquire+0x7f5/0x5140 [ 289.761880] ? debug_check_no_locks_freed+0x310/0x310 [ 289.767066] ? __lock_is_held+0xb5/0x140 [ 289.771116] ? lock_acquire+0x1dc/0x520 [ 289.775087] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 289.780116] ? lock_release+0xa10/0xa10 [ 289.784092] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 289.789358] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 289.793839] ? preempt_notifier_dec+0x20/0x20 [ 289.798328] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 289.803154] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 289.808163] kvm_vcpu_ioctl+0x79d/0x12e0 [ 289.812211] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 289.817909] ? graph_lock+0x170/0x170 [ 289.821696] ? find_held_lock+0x36/0x1c0 [ 289.825746] ? lock_downgrade+0x8e0/0x8e0 [ 289.829882] ? kasan_check_read+0x11/0x20 [ 289.834026] ? rcu_is_watching+0x85/0x140 [ 289.838162] ? rcu_report_qs_rnp+0x790/0x790 [ 289.842564] ? __fget+0x40c/0x650 [ 289.846006] ? match_held_lock+0x871/0x8b0 [ 289.850232] ? expand_files.part.8+0x9a0/0x9a0 [ 289.854800] ? kasan_check_write+0x14/0x20 [ 289.859023] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 289.863938] ? wait_for_completion+0x870/0x870 [ 289.868506] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 289.873680] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 289.879413] do_vfs_ioctl+0x1cf/0x16f0 [ 289.883287] ? ioctl_preallocate+0x2e0/0x2e0 [ 289.887681] ? fget_raw+0x20/0x20 [ 289.891120] ? __sb_end_write+0xac/0xe0 [ 289.895079] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 289.900598] ? fput+0x130/0x1a0 [ 289.903863] ? ksys_write+0x1a6/0x250 [ 289.907652] ? security_file_ioctl+0x94/0xc0 [ 289.912045] ksys_ioctl+0xa9/0xd0 [ 289.915485] __x64_sys_ioctl+0x73/0xb0 [ 289.919360] do_syscall_64+0x1b1/0x800 [ 289.923231] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 289.928060] ? syscall_return_slowpath+0x5c0/0x5c0 [ 289.932977] ? syscall_return_slowpath+0x30f/0x5c0 [ 289.937900] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 289.943252] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 289.948082] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 289.953253] RIP: 0033:0x4559f9 10:01:46 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000140)="295ed277a4200100360070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000018000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f000000e000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000dc1d00ee2a7a05ffff20000000000000000500000057a0dc708626127c96885601e5666ec5e3c3a881f538130a2e752528a1436dc5b1ac6dc46519bd7ce36086d30ff0d72ac2ef1e66ad14bab1a7d5c92ac04e8b51cac2c42e42870390ad8676fe0096da674bfcc04d1ab6a5fa9239c9dbf29c528a44548d2dc4f007f4b6b47ba3947fbfc0bec1eda21b5419058d7fd060814a37a3d90783ce6e7e92a87da3"], 0x18}, 0x1}, 0x0) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000240)={@remote, @local, 0x0}, &(0x7f0000000280)=0xc) socketpair(0x1, 0x6, 0x20, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_GET_UNIQUE(r3, 0xc0106401, &(0x7f0000000200)={0x60, &(0x7f0000000180)=""/96}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000002c0)={@empty, 0x52, r2}) 10:01:46 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x20000, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000180)={0x0, 0x5, 0x5, 0x80000000, 0x0}, &(0x7f00000001c0)=0x10) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000240)={r3, 0x5}, 0x8) r4 = socket$inet6(0xa, 0x1, 0x0) ioctl(r4, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000280)=@sack_info={r3, 0xffffffffffffffff, 0x8}, &(0x7f0000000380)=0xff0c) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r6 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r7 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r5) keyctl$dh_compute(0x17, &(0x7f0000000000)={r7, r7, r6}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:46 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800c6a21ef58b0b5f9c0d56ab7e4100006800889100090000a283ffff01000148"], &(0x7f0000000040)='GPL\x00', 0x0, 0x8a, &(0x7f0000000480)=""/138}, 0x48) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x8953, &(0x7f0000000000)=0x2) r2 = dup2(r1, r0) ioctl$KVM_S390_UCAS_UNMAP(r2, 0x4018ae51, &(0x7f0000000080)={0xfffffffffffffff8, 0x9, 0x5}) [ 289.956424] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 289.975650] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 289.983343] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 289.990610] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 289.997869] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 290.005124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 290.012384] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000041 10:01:46 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket(0x1b, 0x3, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f00000001c0)=0x3, 0xffffffd8) ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa}, 0x1c) getsockopt$sock_buf(r1, 0x1, 0x1c, &(0x7f0000000280)=""/173, &(0x7f0000000100)=0xad) syz_open_dev$ndb(&(0x7f00000003c0)='/dev/nbd#\x00', 0x0, 0x4000) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$TIOCLINUX7(r2, 0x541c, &(0x7f0000000140)={0x7, 0x7}) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200)='/dev/hwrng\x00', 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x13a) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0, 0x0}, &(0x7f0000000380)=0xc) ioctl$TUNSETGROUP(r2, 0x400454ce, r4) unshare(0x20803fc) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000001680)=""/4096, &(0x7f0000000180)=0x1000) 10:01:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1a2, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:46 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x20a54000, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:46 executing program 5 (fault-call:5 fault-nth:66): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:46 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x830000c000000000, [0x40000073, 0x1]}) [ 290.363982] FAULT_INJECTION: forcing a failure. [ 290.363982] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 290.375926] CPU: 1 PID: 16728 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 290.382859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.392209] Call Trace: [ 290.394791] dump_stack+0x1b9/0x294 [ 290.398412] ? dump_stack_print_info.cold.2+0x52/0x52 [ 290.403599] should_fail.cold.4+0xa/0x1a [ 290.407651] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 290.412746] ? graph_lock+0x170/0x170 [ 290.416543] ? find_held_lock+0x36/0x1c0 [ 290.420596] ? __lock_is_held+0xb5/0x140 [ 290.424659] ? check_same_owner+0x320/0x320 [ 290.428974] ? rcu_note_context_switch+0x710/0x710 [ 290.433896] ? __might_sleep+0x95/0x190 [ 290.437862] __alloc_pages_nodemask+0x34e/0xd70 [ 290.442523] ? lock_downgrade+0x8e0/0x8e0 [ 290.446664] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 290.451671] ? graph_lock+0x170/0x170 [ 290.455460] ? __lock_is_held+0xb5/0x140 [ 290.459515] ? rcu_report_qs_rnp+0x790/0x790 [ 290.463923] ? __lock_is_held+0xb5/0x140 [ 290.467982] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 290.473517] alloc_pages_current+0x10c/0x210 [ 290.477919] __get_free_pages+0xf/0x40 [ 290.481794] mmu_topup_memory_caches+0x1f8/0x3a0 [ 290.486538] ? kvm_apic_has_interrupt+0xe1/0x210 [ 290.491285] kvm_mmu_load+0x21/0x10e0 [ 290.495077] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.500605] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.506133] vcpu_enter_guest+0x3a83/0x6060 [ 290.510450] ? kvm_set_msr_common+0x2680/0x2680 [ 290.515113] ? perf_trace_lock+0x900/0x900 [ 290.519337] ? __lock_acquire+0x7f5/0x5140 [ 290.523565] ? vmx_vcpu_reset+0x1030/0x1030 [ 290.527875] ? graph_lock+0x170/0x170 [ 290.531666] ? graph_lock+0x170/0x170 [ 290.535452] ? __lock_acquire+0x7f5/0x5140 [ 290.539684] ? perf_trace_lock_acquire+0xe3/0x980 [ 290.544522] ? __lock_is_held+0xb5/0x140 [ 290.548577] ? lock_acquire+0x1dc/0x520 [ 290.552538] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 290.557549] ? lock_release+0xa10/0xa10 [ 290.561517] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 290.566781] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 290.571264] ? preempt_notifier_dec+0x20/0x20 [ 290.575754] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 290.580586] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 290.585600] kvm_vcpu_ioctl+0x79d/0x12e0 [ 290.589653] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 290.595352] ? graph_lock+0x170/0x170 [ 290.599142] ? find_held_lock+0x36/0x1c0 [ 290.603204] ? lock_downgrade+0x8e0/0x8e0 [ 290.607348] ? kasan_check_read+0x11/0x20 [ 290.611486] ? rcu_is_watching+0x85/0x140 [ 290.615624] ? rcu_report_qs_rnp+0x790/0x790 [ 290.620038] ? __fget+0x40c/0x650 [ 290.623483] ? match_held_lock+0x871/0x8b0 [ 290.627708] ? expand_files.part.8+0x9a0/0x9a0 [ 290.632301] ? kasan_check_write+0x14/0x20 [ 290.636528] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 290.641472] ? wait_for_completion+0x870/0x870 [ 290.646044] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 290.651239] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 290.656940] do_vfs_ioctl+0x1cf/0x16f0 [ 290.660823] ? ioctl_preallocate+0x2e0/0x2e0 [ 290.665219] ? fget_raw+0x20/0x20 [ 290.668661] ? __sb_end_write+0xac/0xe0 [ 290.672625] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 290.678147] ? fput+0x130/0x1a0 [ 290.681417] ? ksys_write+0x1a6/0x250 [ 290.685213] ? security_file_ioctl+0x94/0xc0 [ 290.689611] ksys_ioctl+0xa9/0xd0 [ 290.693060] __x64_sys_ioctl+0x73/0xb0 [ 290.696939] do_syscall_64+0x1b1/0x800 [ 290.700820] ? syscall_return_slowpath+0x5c0/0x5c0 [ 290.705765] ? syscall_return_slowpath+0x30f/0x5c0 [ 290.710687] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 290.716044] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 290.720877] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 290.726054] RIP: 0033:0x4559f9 [ 290.729235] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 290.748569] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 290.756266] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 10:01:47 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r4 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x0, r1) keyctl$dh_compute(0x17, &(0x7f0000000000)={r4, r4, r3}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000080)="0047fc2f07d82c99240970") setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r1 = socket(0x11, 0x80002, 0x0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f00000000c0)=0x1, 0x4) setsockopt(r1, 0x107, 0xd, &(0x7f0000001000), 0xc5) getsockopt$bt_hci(r0, 0x0, 0x3, &(0x7f0000000140)=""/74, &(0x7f0000000040)=0x4a) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x40000, 0x0, 0x12, r1, 0x0) clone(0x0, &(0x7f0000000000), &(0x7f0000000640), &(0x7f0000000100), &(0x7f00000007c0)) r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x9, 0xa0800) ioctl$KDADDIO(r2, 0x4b34, 0x40) [ 290.763522] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 290.770780] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 290.778036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 290.785290] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000042 10:01:47 executing program 7: r0 = socket(0x8, 0x800, 0x9) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000140)={0x1, [0x0]}, 0x6) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000040)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e24, 0x8000, @empty, 0x1}, @in6={0xa, 0x4e23, 0x9, @loopback={0x0, 0x1}, 0x3}, @in6={0xa, 0x4e24, 0x2, @dev={0xfe, 0x80, [], 0x20}}, @in6={0xa, 0x4e20, 0x6, @mcast1={0xff, 0x1, [], 0x1}, 0x2670}, @in6={0xa, 0x4e20, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x6}, @in6={0xa, 0x4e23, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x5}, @in6={0xa, 0x4e24, 0x3}], 0xd4) r2 = socket$inet_smc(0x2b, 0x1, 0x0) listen(r2, 0x0) ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000001080)) 10:01:47 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0xec, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) 10:01:47 executing program 5 (fault-call:5 fault-nth:67): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000140)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, &(0x7f00000001c0)) 10:01:47 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='\x00', 0x1, r2) r4 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r2) keyctl$update(0x2, r4, &(0x7f0000000480)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r3}, &(0x7f0000a53ffb)=""/5, 0x53, &(0x7f0000c61fc8)={&(0x7f0000000140)={'sha384-avx2\x00'}}) 10:01:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$int_in(r0, 0x5473, &(0x7f0000000040)=0x100000000) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0xffffffffffff7f50) socket$can_bcm(0x1d, 0x2, 0x2) read(r1, &(0x7f00000001c0)=""/11, 0xb) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) poll(&(0x7f0000000000)=[{r1}, {r0, 0x3280}, {r1}], 0x3, 0x0) r2 = syz_open_pts(r1, 0x0) dup3(r2, r1, 0x0) ioctl$TCXONC(r2, 0x540a, 0x0) 10:01:47 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000140)="f3adbaa000ed660ff942a2baf80c66b86430148b66efbafc0cecba420066b8370f439666efb8e2008ee8ba4300ed0f201b670f08baf80c66b85841e48366efbafc0c66ed", 0x44}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x80ffff, [0x40000073, 0x1]}) 10:01:47 executing program 3: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000500)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000080)=0x0) r2 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x2, 0x4000) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r2, 0x2, 0x1, 0x7, &(0x7f0000000100)=[0x0, 0x0], 0x2}, 0x20) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, r1, 0x0, 0xffffffffffffffff, 0x0) ioctl$int_in(r0, 0xaf02, &(0x7f0000000040)) 10:01:47 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = geteuid() stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)) setreuid(r1, r1) r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r2) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:47 executing program 1: r0 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file0\x00') r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@loopback, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@dev}}, &(0x7f00000003c0)=0xe8) keyctl$get_persistent(0x16, r3, r1) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r5 = add_key$user(&(0x7f0000000440)='user\x00', &(0x7f0000000500)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000001c0)="dfb9e19b42d1a0206890767b585e8079ce574b922472b351", 0x18, r0) r6 = add_key$user(&(0x7f0000002cc0)='user\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280), 0x10c, r4) socket(0x4, 0x7, 0xa73) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r5}, &(0x7f0000000740)=""/132, 0x84, 0x0) 10:01:47 executing program 7: clock_gettime(0x0, &(0x7f0000000140)) mprotect(&(0x7f00007a5000/0x3000)=nil, 0x3000, 0x200000004) r0 = socket$can_raw(0x1d, 0x3, 0x1) fstat(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x2, &(0x7f0000000100)=[0xffffffffffffffff, 0x0]) syz_fuseblk_mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x6000, r1, r2, 0xa2f5, 0x100000000, 0x13004) [ 291.097500] FAULT_INJECTION: forcing a failure. [ 291.097500] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 291.109473] CPU: 1 PID: 16767 Comm: syz-executor5 Not tainted 4.17.0+ #93 [ 291.116406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.125758] Call Trace: [ 291.128360] dump_stack+0x1b9/0x294 [ 291.132408] ? dump_stack_print_info.cold.2+0x52/0x52 10:01:47 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x131) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) connect$inet(r1, &(0x7f0000d9dff0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x1a5, &(0x7f0000004bc0)}}], 0x400000000000284, 0x20004bc0) [ 291.132429] ? lock_downgrade+0x8e0/0x8e0 [ 291.132454] should_fail.cold.4+0xa/0x1a [ 291.132474] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 291.132490] ? rcu_report_qs_rnp+0x790/0x790 [ 291.132507] ? graph_lock+0x170/0x170 [ 291.132526] ? is_bpf_text_address+0xd7/0x170 [ 291.132544] ? find_held_lock+0x36/0x1c0 [ 291.132563] ? __lock_is_held+0xb5/0x140 [ 291.132588] ? check_same_owner+0x320/0x320 [ 291.132605] ? rcu_note_context_switch+0x710/0x710 [ 291.132622] ? __might_sleep+0x95/0x190 [ 291.132641] __alloc_pages_nodemask+0x34e/0xd70 [ 291.132656] ? lock_downgrade+0x8e0/0x8e0 [ 291.132675] ? __alloc_pages_slowpath+0x2d50/0x2d50 [ 291.132690] ? graph_lock+0x170/0x170 [ 291.132703] ? __lock_is_held+0xb5/0x140 [ 291.132720] ? rcu_report_qs_rnp+0x790/0x790 [ 291.132746] ? __lock_is_held+0xb5/0x140 [ 291.132770] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 291.132787] alloc_pages_current+0x10c/0x210 [ 291.132806] __get_free_pages+0xf/0x40 [ 291.132822] mmu_topup_memory_caches+0x1f8/0x3a0 [ 291.132837] ? kvm_apic_has_interrupt+0xe1/0x210 [ 291.132856] kvm_mmu_load+0x21/0x10e0 [ 291.132871] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.132888] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.132906] vcpu_enter_guest+0x3a83/0x6060 [ 291.132924] ? print_usage_bug+0xc0/0xc0 [ 291.132943] ? kvm_set_msr_common+0x2680/0x2680 [ 291.132957] ? vmx_vcpu_load+0xada/0xfe0 [ 291.132975] ? __lock_acquire+0x7f5/0x5140 [ 291.132990] ? vmx_vcpu_reset+0x1030/0x1030 [ 291.133004] ? graph_lock+0x170/0x170 [ 291.133020] ? graph_lock+0x170/0x170 [ 291.133035] ? __lock_acquire+0x7f5/0x5140 [ 291.133055] ? debug_check_no_locks_freed+0x310/0x310 [ 291.133077] ? __lock_is_held+0xb5/0x140 [ 291.133096] ? lock_acquire+0x1dc/0x520 [ 291.133110] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 291.133129] ? lock_release+0xa10/0xa10 [ 291.133145] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 291.133161] ? kvm_arch_dev_ioctl+0x5f0/0x5f0 [ 291.133174] ? preempt_notifier_dec+0x20/0x20 [ 291.133198] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 291.133212] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 291.133237] kvm_vcpu_ioctl+0x79d/0x12e0 [ 291.133256] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 291.133277] ? graph_lock+0x170/0x170 [ 291.133296] ? find_held_lock+0x36/0x1c0 [ 291.133323] ? lock_downgrade+0x8e0/0x8e0 [ 291.133344] ? kasan_check_read+0x11/0x20 [ 291.133361] ? rcu_is_watching+0x85/0x140 [ 291.133380] ? rcu_report_qs_rnp+0x790/0x790 [ 291.133405] ? __fget+0x40c/0x650 [ 291.133423] ? match_held_lock+0x871/0x8b0 [ 291.133440] ? expand_files.part.8+0x9a0/0x9a0 [ 291.133454] ? kasan_check_write+0x14/0x20 [ 291.133471] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 291.133489] ? wait_for_completion+0x870/0x870 [ 291.133505] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 291.133522] ? kvm_uevent_notify_change.part.30+0x440/0x440 [ 291.133538] do_vfs_ioctl+0x1cf/0x16f0 [ 291.133558] ? ioctl_preallocate+0x2e0/0x2e0 [ 291.133574] ? fget_raw+0x20/0x20 [ 291.133590] ? __sb_end_write+0xac/0xe0 [ 291.133608] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 291.133620] ? fput+0x130/0x1a0 [ 291.133638] ? ksys_write+0x1a6/0x250 [ 291.133656] ? security_file_ioctl+0x94/0xc0 [ 291.133674] ksys_ioctl+0xa9/0xd0 [ 291.133693] __x64_sys_ioctl+0x73/0xb0 [ 291.133710] do_syscall_64+0x1b1/0x800 [ 291.133723] ? finish_task_switch+0x1ca/0x840 [ 291.133740] ? syscall_return_slowpath+0x5c0/0x5c0 [ 291.133756] ? syscall_return_slowpath+0x30f/0x5c0 [ 291.133774] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 291.133794] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 291.133814] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.133825] RIP: 0033:0x4559f9 [ 291.133829] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 291.134119] RSP: 002b:00007fe13cb94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 291.134133] RAX: ffffffffffffffda RBX: 00007fe13cb956d4 RCX: 00000000004559f9 [ 291.134140] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 [ 291.134148] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 291.134154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 291.134160] R13: 00000000004bdb89 R14: 00000000004cba98 R15: 0000000000000043 [ 291.164542] ================================================================== [ 291.577076] BUG: KASAN: slab-out-of-bounds in sha512_finup+0x564/0x620 [ 291.583730] Write of size 8 at addr ffff8801ae416380 by task syz-executor6/16764 [ 291.591246] [ 291.592865] CPU: 1 PID: 16764 Comm: syz-executor6 Not tainted 4.17.0+ #93 [ 291.599772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.609111] Call Trace: [ 291.611687] dump_stack+0x1b9/0x294 [ 291.615308] ? dump_stack_print_info.cold.2+0x52/0x52 [ 291.620482] ? printk+0x9e/0xba [ 291.623757] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 291.628503] ? kasan_check_write+0x14/0x20 [ 291.632729] print_address_description+0x6c/0x20b [ 291.637566] ? sha512_finup+0x564/0x620 [ 291.641531] kasan_report.cold.7+0x242/0x2fe [ 291.645930] __asan_report_store8_noabort+0x17/0x20 [ 291.650930] sha512_finup+0x564/0x620 [ 291.654718] ? sha512_update+0x9f/0x260 [ 291.658687] sha512_avx2_final+0x28/0x30 [ 291.662739] crypto_shash_final+0x104/0x260 [ 291.667048] ? sha512_avx2_finup+0x40/0x40 [ 291.671280] __keyctl_dh_compute+0x1184/0x1bc0 [ 291.675866] ? copy_overflow+0x30/0x30 [ 291.679745] ? save_stack+0xa9/0xd0 [ 291.683372] ? find_held_lock+0x36/0x1c0 [ 291.687434] ? lock_downgrade+0x8e0/0x8e0 [ 291.691576] ? check_same_owner+0x320/0x320 [ 291.695886] ? trace_hardirqs_off+0xd/0x10 [ 291.700106] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 291.705211] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 291.710743] ? _copy_from_user+0xdf/0x150 [ 291.714882] keyctl_dh_compute+0xb9/0x100 [ 291.719026] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 291.723775] ? kzfree+0x28/0x30 [ 291.727046] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 291.732228] __x64_sys_keyctl+0x12a/0x3b0 [ 291.736376] do_syscall_64+0x1b1/0x800 [ 291.740250] ? finish_task_switch+0x1ca/0x840 [ 291.744733] ? syscall_return_slowpath+0x5c0/0x5c0 [ 291.749650] ? syscall_return_slowpath+0x30f/0x5c0 [ 291.754571] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 291.759928] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 291.764764] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.769937] RIP: 0033:0x4559f9 [ 291.773112] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 291.792454] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 291.800150] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 291.807403] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 291.814659] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 291.821916] R10: 0000000000000053 R11: 0000000000000246 R12: 00000000ffffffff [ 291.829172] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000000 [ 291.836437] [ 291.838051] Allocated by task 16764: [ 291.841755] save_stack+0x43/0xd0 [ 291.845192] kasan_kmalloc+0xc4/0xe0 [ 291.848893] __kmalloc+0x14e/0x760 [ 291.852422] __keyctl_dh_compute+0xfe9/0x1bc0 [ 291.856902] keyctl_dh_compute+0xb9/0x100 [ 291.861036] __x64_sys_keyctl+0x12a/0x3b0 [ 291.865169] do_syscall_64+0x1b1/0x800 [ 291.869041] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.874211] [ 291.875824] Freed by task 9: [ 291.878829] save_stack+0x43/0xd0 [ 291.882266] __kasan_slab_free+0x11a/0x170 [ 291.886485] kasan_slab_free+0xe/0x10 [ 291.890271] kfree+0xd9/0x260 [ 291.893362] rcu_process_callbacks+0xfc5/0x1760 [ 291.898018] __do_softirq+0x2e0/0xaf5 [ 291.901798] [ 291.903411] The buggy address belongs to the object at ffff8801ae416300 [ 291.903411] which belongs to the cache kmalloc-128 of size 128 [ 291.916051] The buggy address is located 0 bytes to the right of [ 291.916051] 128-byte region [ffff8801ae416300, ffff8801ae416380) [ 291.928255] The buggy address belongs to the page: [ 291.933181] page:ffffea0006b90580 count:1 mapcount:0 mapping:ffff8801da800640 index:0xffff8801ae416240 [ 291.942620] flags: 0x2fffc0000000100(slab) [ 291.946852] raw: 02fffc0000000100 ffffea0006caef88 ffffea000764a8c8 ffff8801da800640 [ 291.954722] raw: ffff8801ae416240 ffff8801ae416000 000000010000000c 0000000000000000 [ 291.962581] page dumped because: kasan: bad access detected [ 291.968270] [ 291.969879] Memory state around the buggy address: [ 291.974792] ffff8801ae416280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 291.982137] ffff8801ae416300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 291.989480] >ffff8801ae416380: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 291.997382] ^ [ 292.000740] ffff8801ae416400: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 292.008084] ffff8801ae416480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 292.015425] ================================================================== [ 292.022764] Disabling lock debugging due to kernel taint [ 292.028378] Kernel panic - not syncing: panic_on_warn set ... [ 292.028378] [ 292.035749] CPU: 1 PID: 16764 Comm: syz-executor6 Tainted: G B 4.17.0+ #93 [ 292.035762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.053395] Call Trace: [ 292.055987] dump_stack+0x1b9/0x294 [ 292.059620] ? dump_stack_print_info.cold.2+0x52/0x52 10:01:48 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000e5bef8)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) syz_emit_ethernet(0x66, &(0x7f0000015e15)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x3a, 0xffffffffffffffff, @remote={0xfe, 0x80, [0x28], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000], 0x1}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0xc], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3], 0x1}, @mcast2={0xff, 0x2, [], 0x1}}}}}}}}, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x4, 0x2fd, 0x9, 0x81, 0x5}, &(0x7f0000000040)=0x14) getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000080)={r2, 0xfff, 0x7, 0x1000}, &(0x7f00000000c0)=0x10) [ 292.064816] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 292.069563] ? sha512_finup+0x4b0/0x620 [ 292.073530] panic+0x22f/0x4de [ 292.076725] ? add_taint.cold.5+0x16/0x16 [ 292.080877] ? do_raw_spin_unlock+0x9e/0x2e0 [ 292.085287] ? do_raw_spin_unlock+0x9e/0x2e0 [ 292.089696] ? sha512_finup+0x564/0x620 [ 292.093679] kasan_end_report+0x47/0x4f [ 292.097670] kasan_report.cold.7+0x76/0x2fe [ 292.101994] __asan_report_store8_noabort+0x17/0x20 [ 292.107001] sha512_finup+0x564/0x620 [ 292.110791] ? sha512_update+0x9f/0x260 [ 292.114752] sha512_avx2_final+0x28/0x30 [ 292.118794] crypto_shash_final+0x104/0x260 [ 292.123096] ? sha512_avx2_finup+0x40/0x40 [ 292.127331] __keyctl_dh_compute+0x1184/0x1bc0 [ 292.131911] ? copy_overflow+0x30/0x30 [ 292.135779] ? save_stack+0xa9/0xd0 [ 292.139388] ? find_held_lock+0x36/0x1c0 [ 292.143439] ? lock_downgrade+0x8e0/0x8e0 [ 292.147571] ? check_same_owner+0x320/0x320 [ 292.151872] ? trace_hardirqs_off+0xd/0x10 [ 292.156087] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 292.161196] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 292.166735] ? _copy_from_user+0xdf/0x150 [ 292.170878] keyctl_dh_compute+0xb9/0x100 [ 292.175021] ? __keyctl_dh_compute+0x1bc0/0x1bc0 [ 292.179768] ? kzfree+0x28/0x30 [ 292.183036] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 292.188225] __x64_sys_keyctl+0x12a/0x3b0 [ 292.192377] do_syscall_64+0x1b1/0x800 [ 292.196268] ? finish_task_switch+0x1ca/0x840 [ 292.200767] ? syscall_return_slowpath+0x5c0/0x5c0 [ 292.205701] ? syscall_return_slowpath+0x30f/0x5c0 [ 292.210640] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 292.216000] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 292.220838] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.226015] RIP: 0033:0x4559f9 [ 292.229197] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 292.248507] RSP: 002b:00007f1a3095dc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 292.256222] RAX: ffffffffffffffda RBX: 00007f1a3095e6d4 RCX: 00000000004559f9 [ 292.263494] RDX: 0000000020a53ffb RSI: 0000000020000100 RDI: 0000000000000017 [ 292.270766] RBP: 000000000072bea0 R08: 0000000020c61fc8 R09: 0000000000000000 [ 292.278039] R10: 0000000000000053 R11: 0000000000000246 R12: 00000000ffffffff [ 292.285311] R13: 00000000004bfbb9 R14: 00000000004ce990 R15: 0000000000000000 [ 292.293113] Dumping ftrace buffer: [ 292.296643] (ftrace buffer empty) [ 292.300331] Kernel Offset: disabled [ 292.303944] Rebooting in 86400 seconds..